A Novel Defense Scheme against DDOS Attack in

VANET
Ayonija Pathre
P.G.scholar
Department of CSE
RITS Bhopal, India
ayo.pathre@gmail.com

Chetan Agrawal
Assistant professor
Department of CSE
RITS Bhopal, India
chetan.agrawal12@gmail.com

Anurag Jain
Assistant professor
Department of CSE
RITS Bhopal, India
anurag.akjain@gmail.com
Abstract Vehicular ad hoc network (VANET) has
extensively used to enhance protection of the passengers and
reduce occasion of traffic congestion. Consistent communication
in vehicular ad-hoc networks is important to provide functional
and reliable traffic safety and efficiency applications .Security is
the major issue in the network due to the mobile nature of the
vehicle. In this paper we proposed the novel traffic congestion
detection and removal scheme against DDOS attack. Here the
attacker behavior is broadcast the huge numbers of false
information packets in network i.e. the false information about
the traffic. The number of nodes or vehicles that receives the
false packet information are affected from attack are called
Abstract Node. Now if the traffic is jammed or congestion
occurring and their information goes to Roadside Unit (RSU)
then RSU must be detected and excluded permanently from the
network after applying proposed effective approach. Proposed
scheme against DDOS attack aims to identify and exclude
attackers from the network. In the presence of misbehaving in
network the false information is transferred in the network by
that the vehicles are deciding to do the routing according to false
information. Proposed security scheme recovers control
information and improves the performance of VANET in the
presence of an attacker.
Keywords Misbehavior, DDOS attack, False
information, RSU, VANET.
I. INTRODUCTION
Ad hoc Network (VANET) is the special class of Mobile
ad hoc Network (MANET). In VANET vehicle traffic
scenario has consisted of vehicles and Road Side Units
(RSU) that support in the administration of the network.
Security is acting an important role in the system design
with the development of VANETs. The communications in
VANETs are changeable means all vehicles are mobile in
nature. Security protocols need more deliberations, such as
privacy to protect the vehicles for transferring wrong
confirmation about traffic, and reliability of messages. The
intelligence system is proving to vehicles for loading them
with information sensors which will be controlled by a
"telematics box" use in the car. The box in term
communicates with the driver and will be its guide that
includes a future potential in terms of a chic set of
applications that will offer to its client. However, not
moving fake vehicles and vehicles with a probable mobility
model are not considered in other approaches. Fig. 1
represents the Vehicular Ad-hoc Network.
VANET can be visualized as the network of affecting
vehicles communicating in asynchronous and an
autonomous manner. Efficient and scalable information
distribution is a major challenge [1] due to the movement of
vehicles which causes unpredictable changes in the network
topology. The relevance of infrastructure and information
technologies for this reason opened a new range of
possibilities. The most promising area unit as of analysis are
the study of the communication with vehicles and road-side
units, or additional specifically the transport Ad-hoc
Network. Congestion control is a challenging area under
discussion in mobile ad hoc networks because no network
is totally congested free as usual in VANET not possible to
maintain traffic are completely congestion free. In VANET
due to the malicious node possibility of congestion is more
because here the vehicle has delivered the wrong
information about the status of traffic.
One of the most popular Ad hoc protocols which are used
in VANET is AODV. Unfortunately, AODV do not define
special security mechanisms. This problem existed in Ad hoc
previously and this lack of efficiency in securely migrates to
VANET and it can give a good situation to attackers to
perform attacks easily. The bad news is that there are only a
few proposed solutions to solve this problem because AODV
is not a source-based routing protocol and such solutions
would introduce a tremendous overhead [1]. In addition,
implementation of some of these methods which have good
security capabilities is difficult or expensive. Several
researchers tried to boost security weakness in AODV, like
SAODV [2] that is concentrated on security or different
strategies that attempt to improve AODV which can help
improving security too such as [3] that introduced PRAODV
and PRAODVM. These two methods improved AODV
based protocols for predicting route life time.
Fig. 1. Vehicular Ad hoc Network
978-1-4673-5999-3/13/$31.00 2013 IEEE
The paper organization is as follows: section 2 describes
DDOS attack and connected works are delineated in section
3. Proposed Work is described in section 4. Network
simulation results are given in section 5 followed by
conclusions in section 6.
II. DDOS ATTACK
A DDOS attack [4] is any event that eliminates a
networks capacity to perform its expected function. These
attacks area unit launched against server resources or
network information measure by preventing licensed users
from accessing resources.
An attacker sends multiple connection wrong requests to
a number of victims in a network, killing all of the victims
resources and preventing use by genuine users. Due to
unnecessary bandwidth conception the problem of
congestion is occurring. For example, a misbehaving
vehicle or a node that discards any packets passing through
it may end up in continual retransmission that successively
causes network congestions. Also, a wireless link does not
provide the same protection for data transmissions as does
its wired link counterpart. Hence, any user or receiver inside
the transmissions vary will listen in or interfere with
knowledge packets or routing info Since all nodes can be
mobile, changes in network connectivity and resource
availability also expose a network to various attacks.
III. RELATED WORK
Researchers are continuously working on Security in
VANET communication, finding ways out of this very
critical problem and a number of techniques are proposed
by the research community. Very few of them are described
here:
In paper [5] author presents a traffic information
aggregation and propagation scheme, which is suitable for
the Vehicular city environment and based on Vehicle Ad
hoc Network to improve the traffic condition. RSU can
gather, produce and distribute traffic messages,
victimization vehicle-to-vehicle communication and
vehicles common cooperation. The traffic messages can
help drivers to choose a better route and prepare against the
traffic events. But in this paper author not show the effect
of the attack by that the congestion occurs because to
identify attacker is a difficult issue that one is the main
cause of congestion.
In paper [6] author shows how security is one of the
safety traits in VANET. Network availability must be
obtained at all times since the availability of the network is
vitally needed when a node sends any life critical
information to other nodes. Due to this the network
availability is exposed many types of attacks. In this paper,
Distributed Denial of Service (DDOS) attack on network
availability is presented and its cruelty level in VANET
environment is complicated. A model to secure the VANET
from the DDOS attacks has been developed and some
possible solutions to overcome the attacks have been
discussed.
In paper [7] author proposes five different classes of
attacks and every class is expected to provide better point of
view for the VANET security. The main role of this paper is
to give information about proposed solutions for
classification and identification of different attacks in
VANET.
In paper [8] author present integrates mobile property
protocols to expedite information transfer between vehicles
additionally as between edge instrumentation and obtainable
traffic in network. In VANET, Wireless device sends info to
neighbor vehicles, and messages are usually transmit from
one vehicle to a distinct vehicle. Therefore, using VANET
can enhance safety and traffic optimization. In VANET also
there are some important and noticeable issues similar to
other technology. One of the most important of them is
Security. In this paper, I try to discuss security issues as one
of the most important problems in Vehicular Ad hoc
network.
In paper [9] author design a cross layer control system
where the objective is to not improve the efficiency of the
MAC but to improve the vehicle tracking accuracy. The
authors consider a lossy shared channel where increased
message frequency can increase the channel congestion and
effectively cause a loss in accuracy of other vehicles
positions. The proposed algorithm is a method to adapt the
periodicity of transmission to attain the optimal accuracy.
In paper [10] author proposed a congestion control
mechanism where the packet injection rate is controlled to
attain a given target channel load. However, the issues of
discovery performance as well as the choice of the optimal
channel load are not explicitly considered.
The black hole attack is one of the security attacks that
occur in MANETs which can occur in VANETs as well. A
black hole is formed when nodes refuse to participate in the
network or when an established node drops out. In this type
of attack, all network traffics area unit redirected to a
selected node, that doesn't exist the least bit that causes those
knowledge to be lost [11]. There are two proposed possible
solutions for this problem in MANETs. The protocol finds
more than one route to the destination. It is clear that this
solution may impose overload to network. In addition, this
solution may be useful in MANETs but for VANETs which
has several mobile nodes, finding extra nodes increases
unwanted parameters such as delay or cost of service. The
second solution is to exploit the packet sequence number
included in any packet header [12].
Some approaches [13, 14, 15] have been proposed which
are using publish/subscribe paradigm for information
dissemination in VANET like settings. These approaches
have contributed significantly towards understanding the
applicability of publish/subscribe over VANET. In these
approaches, a hybrid setup is assumed where there are
stationary info-stations and moving vehicles communicating
in a cooperative manner. The main goal is to design a P/S
middleware for vehicular networks that considers location a
time in its design objectives. This middleware enables the
application developers to easily publish notification in a
specific location by treating location as context. It takes
advantage of the information that can be extracted from the
vehicles navigation systems (location, map, destination of
the driver etc.) to generate subscriptions. Navigation system
decides if a vehicle is interested in receiving a specific
notification or not. The Proposed system is an opportunist
Publish/Subscribe system.
IV. PROPOSED ATTACK IDENTIFICATION AND
REMOVAL SCHEME
In this paper we proposed a novel scheme against traffic
congestion for VANET in [16]. The vehicles are moving in
a single path to providing the information about the traffic
to each other and the origin of the entire vehicle are same
clearly shown in figure 5. In normal scenario each vehicle
follows the rules and transferring right information in
infrastructure about the traffic but an attacker sends multiple
false requests to a number of victims in a network,
exhausting all of the victims resources and preventing use
by genuine users. In this paper we proposed a new scheme
for detecting the routing misbehavior of an attacker against
traffic congestion. Now if the conjunction occurs in a
particular portion then in that case every vehicular node will
generate the traffic jam signals called Congestion
announcement signals to their neighbor and by that the
vehicular node will change their route. But attacker node
will continuously transferred the right information about the
traffic by that conjunction will occur. The proposed models
are providing the solution from DDOS attacks, which is the
intention to ensure network availability for secure
communication among or between the nodes. We found that
network accessibility has been directly affected in the case
of DDOS attacks, where the attacks have led to most severe
impact by causing the network to break down. Now the
following steps are done by RSU to protect traffic from
congestion.
1. RSU monitors the communication between the
vehicles or infrastructure.
2. Identify the vehicle Generates False information
packets in traffic.
3. Check the information receives a message from
infrastructure.
4. Identify receives a safety message from another
vehicle.
5. The function of attacker is altering the content of
the message and passes this message to another
vehicle, means transferring the false information
continuously about the traffic jam i.e traffic is clear.
6. RSU identified that node on the basis of
continually false information rather than the other
vehicles attacker forwards the wrong message to
infrastructure.
7. RSU blocks the activity of attacker node or vehicle.
8. Manages the traffic schedule affected by an
attacker.
By that we identify detection and applying prevention of
DDOS attacks in the network.
Now here the two different scenarios represents the
information about the traffic at the time of traffic congestion
and the next scenario are shown the information about the
traffic clearance by disable the effect of the attacker. The
given scenarios are having the seven fields that show the
information about the attacker false packet information and
the next is a case of attacker identification and removal.
A. Traffic information in case of attack
This scenario represents the information about the
attack. In fig. 2 we clearly visualized the seven fields first is
written a single A which means "Abstract Node" represents
affected by attacker second presents the number of nodes or
vehicles i.e. 11, 12, 13 and so on third represents the
number of false packets are generated by an attacker node in
network i.e. here is 179908 then the fourth field represents
the number of false packets (1, 3, 5.) that are received by
nodes. Now the value 19990 is the total number of packets
that are broadcast on the network and the number of nodes
that receives those false information packets these numbers
of packets are less from the total number of false packets i.e.
fifth field. The last two fields represent the source port and
destination port. Now this one is all information about the
attack scenario. Some additional information is required
about the ANS and AN. Now here ANS are Abstract
Network Section and AN are abstract network. The
information about the ANS is one part of the network and
the AN is the whole network are infested from attack. Now
information is about probing node 7 means vehicle 7 is fully
effected from false packet information of the attacker. This
is all about the information about traffic affected from an
attacker.
B. Traffic information after identifying attack
The scenario in Fig 3 shows the false packets are
completely disable means the attacker vehicle will generate
the number of false information packets in the network, but
these packets are not received by any node in the network
(forth field information is showing that effect). Now the
Road Side Unit recognizes the misbehavior activity of
attacker node and broadcast their misbehavior activity
information in a network by that no vehicle in the network
will receive any control packet information deliver by an
attacker. Now in that case the attacker has increased the
packet broadcasting in the network (See field number 5).
But this is totally ineffective.


Fig. 2. Traffic behavior in presence of attacker.

V. SIMULATION ENVIRONMENT
NS2 (Network Simulator 2) [16] from Berkeley is an
open-source event-driven simulator specifically designed
for research in computer networks communication and
applications. The simulator we have used to create the
network environment for the ad-hoc routing protocols. To
simulate the mobile wireless radio atmosphere we've used a
quality extension to NS that's developed by the CMU
Monarch project at Carnegie altruist University. Since its
beginning in 1989, NS2 has endlessly gained tremendous
interest from business, academia, and government. On the
basis of simulation parameters given in Table 1 simulation
has been done in the NS-2 simulator (version NS -2.31).
A. Scenario in case of attack
Now fig. 4 represents the scenario of VANET in case of
an attacker or traffic congestion. Here the rounded dense
black circles represent the congestion occurrence in traffic.
Here because of congestion no vehicle is moving forward
on a road. The function of RSU only gathers the information
from nodes or vehicles that are in range of it and control the
traffic congestion if occur. And after some time RSU
identifies that the only attacker vehicles forward the wrong
information about the traffic i.e. traffic is clear, this one is
the main origin of congestion. The behavior of attacker
vehicle is clear by RSU also, that is generating the false
information about the traffic.
B. Scenario in after removal attack or congestion
Now after attack identification and removal scenario
represents the normal traffic condition in fig. 5. Here we
observe that traffic is normal under the vision of RSU units
means the occurrence of congestion is negligible. The
smooth movements of vehicle are shown the normal traffic
conditions. RSU is represented by arrow sing and others are
normal nodes.
C. Vehicle control packet Analysis
The graph is represented in fig. 6 shows the information
about the traffic in VANET. In this graph at the right of the top
three different color lines represents the information about the
control traffic in case of normal attack and defense. Here we
clearly see that the control packet information in case of normal
traffic and traffic after congestion removal are same means
after removing congestion equal number of control packets are
delivered which are delivered in before congestion. But in case
of attack only some control packets are delivering about on
time 37sec. But no information about their receiving presents in
the network because traffic network information are squashed
by an attacker.
VI. CONCLUSION AND FUTURE WORK
The traffic scenario in case of attack and identification is
clearly observed by Road Side Unit. In case of attack and
removal congestion the correct information about the
number of packets are present in different scenarios. The



Fig. 5. Scenario after removing traffic congestion

Fig. 4. Scenario of traffic congestion
Table1: Simulation Parameters
Number of nodes 100

Dimension of simulated area 800800

Routing Protocol AODV

Attacker Node 1

RSU unit 2
Simulation time (seconds) 100

Transmission Range 250m

Information Packet size (bytes) 512

Maximum Speed (m/s) 30

Nodes Mobility Random way point


Fig. 3. Traffic behavior after identifying attacker
proposed scheme will definitely improve the performance in
the presence of attack. The two different scenarios are really
clearly visualized how traffic was congested and after
identified and removal congestion the second scenario
presents why the traffic are normal. A potential solution for
traffic congestion problems control will be based on
connected vehicles using information dissemination to
exchange traffic in between the vehicles on the roads.
Information on traffic roads will help the drivers to take
appropriate actions such as real-time diversions to avoid
congested areas. Proposed scenarios considering the
optimization of routing protocols for VANET shows
potential benefits on connected vehicles for more efficient
congestion control scheme. The Road sides Units are really
very effective to control and watch the traffic behavior.
In future the same scheme is applied on two way road
scenario and analysis their effect in vehicle mobility. Now
present scenarios the origins of vehicles are single but in the
future we will use multiple origins of vehicles.
REFERENCES
[1] Sherali Zeadally, Ray Hunt, Yuh-Shyan Chen, Angela Irwin, and
Aamir Hassan, "Vehicular Ad Hoc Networks (VANETs): Status,
Results, and Challenges," Telecommunication System, Vol. 50, Issue
4, pp. 217-241, Aug. 2012.
[2] S. Y. Wang, C.C Lin Y.W Hwanq and K.C Toa,"A practical routing
protocol for vehicle-formed mobile Adhoc networks on the Roads.,"
in Proceedings of the Ash IEEE International Conference on
Intelligent Transportation, 2005, pp. 161-165.
[3] H. Fufler "Location based routing for vehicular ad hoc networks,"
presented at the ACM SIGMOBILE Mobile Computing and
Communication Review, 2003.
[4] A.K. Kunnel Aboobaker, Performance Analysis of Authentication
Protocols in Vehicular Ad Hoc Networks (VANET), Technical
Report, RHUL-MA2010-02, 31stMarch2010.
[5] Feng Zhang, Jianjun Hao and Shan Le "Traffic information
aggregation and propagation scheme for vanet in city environment "
3rd IEEE International Conference on Broadband Network and
Multimedia Technology (IC-BNMT),26-28 Oct. 2010,ieee
2010,pp.619-623.
[6] Halabi Hasbullah, Irshad Ahmed Soomro, Jamalul-lail Ab Manan,
"Denial of Service (DOS) Attack and Its Possible Solutions in
VANET", IEEE 2010, pg 411-415.
[7] Irshad Ahmed Sumra,Iftikhar Ahmad, Halabi Hasbullah, Jamalul-lail
bin Ab Manan,"Classes of Attacks in VANET" Electronics,
Communications and Photonics Conference (SIECPC), April 2011.
[8] Farzad Sabahi "The Security of Vehicular Adhoc Networks", Third
International Conference on Computational Intelligence,
Communication Systems and Networks (CICSyN),26-28-
July,2011,pp-338-342.
[9] C.-L. Huang, Y. Fallah, R. Sengupta, and H. Krishnan. Intervehicle
transmission rate control for cooperative active safety system. IEEE
Trans. On Intelligent Transportation Systems, 12(3):645 658,
12(3):645 658, Sep. 2011.
[10] J. B. Kenney, G. Bansal, and C. E. Rohrs "LIMERIC a linear
message rate control algorithm for vehicular DSRC systems", In
Proceedings of the Eighth ACM international workshop on Vehicular
inter-networking (VANET), pages 2130, 2011.
[11] S. Sharma and D. R. Gupta, "Simulation Study Of Black hole Attack
in the Mobile Ad hoc Networks," presented at the International
Conference on Network Applications, Protocols and Services 2008.
[12] M. Al-Shurman, Seong-Moo Yoo and Seungjin Park., "Black hole
attack in mobile Ad Hoc networks," presented at the ACM Southeast
Regional Conference'2004.
[13] Ilias Leontiadis, Publish/Subscribe Notification Middleware for
Vehicular networks , in Proceedings of the 4th on Middleware
doctoral symposium 2007, Newport Beach, California November 26 -
30, 2007.
[14] Ilias Leontiadis, Cecilia Mascolo"Opportunistic Spatio-Temporal
Dissemination System for Vehicular Networks", In Proceedings of
the First International Workshop on Mobile Opportunistic
Networking (ACM/SIGMOBILE MobiOpp 2007),Colocated with
Mobisys07, USA, June 2007
[15] Ilias Leontiadis, Cecilia Mascolo. "GeOpps: Opportunistic
Geographical Routing for Vehicular Networks ", In Proceedings of
the IEEE Workshop on Autonomic and
OpportunisticCommunications (Colocated with WOWMOM07). June
2007.Helsinki, Finland. IEEE Press.
[16] Web reference, http://www.isi.edu/nsnam/ns


Fig. 6. Control packet analysis in case of different traffic conditions