Professional Documents
Culture Documents
CHAPTER 1
INTRODUCTION
1
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
INTRODUCTION
1.1 Background
A Mobile Adhoc Network (MANET) is defined as collection of mobile nodes. In
MANET, nodes transfer data using multi-hop wireless links .It does not have any fixed
infrastructure. It is a self-configuring network, therefore the mobile nodes in the network
dynamically setup paths among themselves to transmit packets from the source to
destination. MANET has many important and potential applications, in commercial
environments, disaster area, and military operations. Since, wireless networks came into
existence, routing in mobile ad hoc networks has been a challenging task.. The security
issues like snooping attacks, wormhole attacks,hole attacks, packet replication, denial of
service (DoS) attacks, distributed DoS (DoS) attacks, et cetera have been studied in recent
years. Among these threats, the malicious node problem is one of the popularized security
threats such as black hole and grayhole attacks. In this paper, we tried to focus on various
black hole and grayhole detection and prevention methods.
1.2 Relevance
Mobile adhoc networks are vulnerable to several security issues due to their
inherent characteristics, like lack of centralized control, finite transmission bandwidth,
open medium, abusive broadcasting messages, dynamic link establishment and restricted
hardware caused processing capabilities.
Black Hole Attack is a type of DoS attack. In route discovery, the node (black hole)
responds to sources request with implying shortest path to the destination. In reality it is
not the case. The source believes and sends the data packet through this black hole node
and in turn, this black hole node drops all data packets. Due to this attack, the
performance of network humiliate completely since the data to be reached at destination
never accomplished.
Gray Hole Attack is another version of the black hole attack is a grayhole attack. In this
attack, the node (gray hole) acts as honest during the route discovery process and once the
source sends data packets it start dropping them all. The behaviour of grayhole attack is
uncertain and unexpected. For some time it is honest and some other time is behaving like
malicious by dropping the data packets. Therefore it is a big challenge to detect grayhole
attack compared to black hole attack. Also the data packets are not received at destination
because of congestion.
2
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
CHAPTER 2
LITERATURE SURVEY
3
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
LITERATURE SURVEY
RREQ accepted
RREP Unicast
Broadcast RREQ
with saved path to
source
A mobile node wishes to communicate with other node first broadcasts an RREQ (Route
Request) message to find a fresh route to a desired destination node. This process is called
route discovery. Every neighbouring node that receives RREQ broadcast first saves the
4
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
path the RREQ was transmitted along to its routing table. It subsequently checks its
routing table to see if it has a fresh enough route to the destination node provided in the
RREQ message. The freshness of a route is indicated by a destination sequence number
that is attached to it. If a node finds a fresh enough route, it unicasts an RREP (Route
Reply) message backalong the saved path to the source node or it re-broadcasts the RREQ
message otherwise. The same process continues until an RREP message from the
destination node or an intermediate node that has fresh route to the destination node is
received by the source node.
Gray holes changes own behaviour normal node to malicious and vice versa. So there is
chance of normal node switch to malicious even after path establishment. Detection of
gray holes is done locally instead of globally to reduce track overhead. In this literature,
False Reply count technique used to detect gray holes and TrueLink technique used for
cross check purpose.
5
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
CHAPTER 3
REQUIREMENT GATHERING
6
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
REQUIREMENT GATHERING
Hardware Requirements:
Software Requirements:
7
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
CHAPTER 4
PLAN OF THE PROJECT
8
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
In proposed system two techniques are used. False Reply count used for grayhole
detection and TrueLink used for cross checking purpose.
Every node in the network maintains a black list in local RAM. During the path
establishment i.e. during route request RREQ and route reply RREP procedure, every
node count false replies. If the false reply count of replying node greater than peak value
then replying node get blacklisted. If the reply is from black listed node, packet will
discard. And if replying node is not black listed and false reply count is less than peak
value, packet will proceed.
9
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
Figure 4.1.1.1.1 Flow chart for detection for gray holes using False Reply count
10
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
After the successfully path establishment cross checking is done, because in gray hole
attack normal node can switch to malicious even after path establishment. Cross checking
is done using TrueLink. TrueLink technique proceeds in between every two adjacent
nodes within the established path.
Step I: First each and every node maintains the DRI table this DRI table entry is based on
rendezvous phase by sharing nonce key (i.e two random numbers).
Step II: Based on the time constraints the next hop or adjacent node we can enter bit
information in the DRI table which have not received ACK as 0 and ACK as 1.
Step III: After getting entry into the DRI table we need to check the entry is correct or not
and make reliable communication for this we are using link verification method by
sending two nonce and signature. We are using simple nonce and ECC signature as
numbers. In this phase i and j each sign and transmit the message (j, i), mutually
authenticating themselves as the originator of their respective nonce. The timing
constraints of the rendezvous phase makes True-Link immune to capture the cooperative
gray hole attacks, and strictly limits the range of attacks based on bit-by-bit or cut-
through forwarding.
Step IV: Based upon the nonce key transmitted we are verifying the link based on both
proactive and reactive process according to mobility of nodes. Now thepackets will be
11
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
routed only with the good candidate and delivery will be high inside the network.The
rendezvous phase is implemented as a single RTSCTS-DATA-ACK exchange. We
describe the operation of the protocol for each of these frames. The rendezvous operation
includes following steps:
Request to Send (RTS): Node i called initiator, calls init ( ). Node i send an RTS to node j.
Clear to Send (CTS (j)): After receiving the RTS, node j calls Handle RTS ( ). A locally
generated value ?j is included in the CTS, which is sent after a delay of one Short Inter
Frame Space (SIFS), is the small time interval between the data frame and its
acknowledgment.
DATA (i): Having received the CTS, i generate valuei. After a SIFS delay, the nonce is
sent as the packet payload, together with a header, identifying the packet as rendezvous
packet.
ACK: When node j receives the payload packet containing values? i, the Handle RTS ( )
function sends the ACK frame, after a SIFS delay. The received packet and the locally
generated values j are handed to the upper layer for processing. When node i receives the
ACK, the init () function at i returns the pair ( j , i) to its caller.
Proposed Algorithm :
12
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
If yes go to step 3
If no go to step 4
Step 3: Black list the node, dont accept any RREP packet (discard) from this node
further.
Step 4: Check if routing table sequence number is less than reply packet sequence number.
If yes goto step 6 no goto step 5
Step 5: Skip detection engine and goto step10.
Step 6:Calculate difference between routing table sequence number and route reply
sequence(D).
R- Reply Forward Ratio
Peak = ([(D R) + No. of replies received by replying node + Current
Simulation Time])/3
Step 7: Check if peak < route reply sequence number
If yes go to 8
If no go to 10
Step 8: Add/Increment the false reply count to corresponding replying node.
Step 9: Free the packet (RREP)
Step 10: Follow the remaining aodvreceivereply() function
Step 11: Establish Path
[Apply TrueLink for cross check between every adjacent nodes in establishedpath]
Step 12: Send RTS to successor.
Step 13: Receive CTS with nonce j
Step 14: end i
Step 15: Receive ACK
Step 16: Send nonce pair to successor.
Step 17: Receive nonce pair of successor.
Step 18: Compare both pair for authentication.
Step 19: If both pairs are same then grayhole detection is negative.
Step 20: Else grayhole detection positive. Stop the communication and black listed node.
4.2Gantt Chart
13
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
14
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
CHAPTER 5
PROJECT ANALYSIS
15
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
PROJECT ANALYSIS
5.1 Use Case Diagram
Ause case diagramatitssimplestisa representationof a user'sinteraction
withthesystemanddepicting thespecifications ofausecase.Ausecasediagram canportray
thedifferenttypesofusersofasystemandthevariouswaysthatthey
interactwiththesystem.Thistypeofdiagramistypicallyusedinconjunction with the textual
use case and will often be accompanied by other types of diagrams as well.
16
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
the sequence of messages exchanged between the objects needed to carry out the
functionality of the scenario. Sequence diagrams typically (but not always), are associated
with use case realizations in the Logical View of the system under development.Sequence
diagrams are sometimes called event diagrams, event scenarios, and timing diagrams.
17
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
CHAPTER 6
PROJECT DESIGN
18
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
PROJECT DESIGN
6.1 Design Model.
6.1.1 Class Diagram:
Class Diagram is a typeofstatic structurediagram that describes the structureofasystem
byshowingthe system's classes, their attributes, andthe relationships between
theclasses.
19
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
Data flow diagrams are also known as bubble charts. DFD is a designing tool
used in the top-down approach to Systems Design. This context-level DFD is next
"exploded", to produce a Level 1 DFD that shows some of the detail of the system being
modelled. The Level 1 DFD shows how the system is divided into sub-systems
(processes), each of which deals with one or more of the data flows to or from an external
agent, and which together provide all of the functionality of the system as a whole. It also
identifies internal data stores that must be present in order for the system to do its job, and
shows the flow of data between the various parts of the system.
20
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
CHAPTER 7
IMPLEMENTATION
21
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
IMPLEMENTATION
The overall snapshot of this project are given below:
A existing user will directly login into the page and new user will register into the
Database.
22
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
23
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
24
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
Nodes a,b,c,d, e are created and further step is link the nodes.By entering Source Node
and Destination Node names, path is created between two nodes. Packet will be send
through this path only.
25
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
Path construction is done accordingly. Paths are created and further packets will be
transferred. When a is labelled as source node and b is labelled as destination node then
while transferring packets from node b (destination) to node a (source) is not possible.
Why because we already decided that which is source node and destination node. So if we
want to transfer packets from node b to node a we should have to make node b as a
source node and node a as destination node. Then only we able to transfer the packets.
Now open message tab to transfer packets from any source to any destination. Here we can
see that screen is divided into three sections namely Message Details, Message and
Network.Message details will show all the details of packet transferring like Source,
Destination, Path for transmission, Malicious node (if any malicious node occurred during
transmission), Time in MS(milliseconds).Second section is Message section where we
select required source and destination to transfer packets. Here in above screen initially
source and destination is a. But we cannot transfer packet from a to a, as we
mentioned a as source. Self-transmission is not possible here. And third section is Network
section which will show a created network graph.
26
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
27
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
Detected malicious node is denoted by Red color. The node can either be Black Hole or
Grey Hole which will show false shortest path to user and it will drop the packets. Hence
Message transmission get canceled.
28
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
The normal packet transmission is done where no attacks are detected and packet is
transferred through shortest path.Hence messageis delivered successfully
CHAPTER 8
29
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
8.1 CONCLUSION
30
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
In this proposed system we detect gray holes using false reply count. If false reply is
more than one then only we consider sender node as malicious node. So in future instead
of static value we can use dynamic value.
REFERENCES
[1] A. Kanthe, D. Simunic, R. Prasad , A Mechanism for Gray Hole Attack Detection in
Mobile Adhoc Networks International Journal of Computer Application (0975-8887)
Volume 53-No.16, September 2012.
[2] J. Eriksson, S. V. Krishnamurthy, M. Faloutsos, TrueLink: A practical countermeasure to
the wormhole attack in wireless networks, The Communications and Networks
Consortium sponsored by the U. S. Army Research Laboratory under the Collaborative
Technology Alliance Program, 2011.
[3] D. Lokare, A. Kanthe, D. Simunic, Cooperative Gray Hole Attack Discovery and
Elimination using Credit based Technique in MANET, International Journal of Computer
Applications (0975 8887) Volume 88 No.15, February 2014.
[4] J. Sen, S. Koilakonda and A. Ukil, A mechanism for detection of cooperative black hole
attack in mobile ad hoc networks. Second international conference on intelligent system,
31
MES's Pillai HOC College of Engineering and Technology, Rasayani
Recognizing Black hole and Gray hole Attacks in MANET
32
MES's Pillai HOC College of Engineering and Technology, Rasayani