DETECTION & PERVENTION OF

BLACKHOLE ATTACK IN AODV

PROTOCOL BASED MANET

Guided By- Mrs. Monika Dangore.

Projectees-
– RANJAN MUJUMDAR
– TOMY PALLISSERY
– UPENDRA BANGALE
– DARSHAN RATHI
 Keywords
1. AODV - Ad hoc On-Demand Distance Vector (AODV)

2. Blackhole

3. MANET - A mobile ad hoc network (MANET)

4. Malicious node

5. PDR – Packet delivery ratio

6. Routing protocol

7. Route Request (RREQ)

 Keywords(cont..)
8. Route Reply (RREP)

9. Routing Table or Routing Information Base (RIB)

10. Sequences number

Literature
Survey
Sr. Title of Paper Year Conferences Idea Result Future work
No of
pub.

1 Preventing May International Large The Intend to

AODV Routing 2011 Journal of difference PDR develop
simulation by
Protocol from Engineering between the decreases, the
Black Hole Science and sequence the performance of
Attack .[1] Technology number of percentage the proposed
(IJEST) source node or of packets solution based
intermediate dropped on the various
security
node who has increases parameters
sent back RREP mean delay
or not to find time, packet
weather it is a overhead,
malicious node memory usage,
mobility,
or not . increasing
number of
malicious node,
increasing
number of
nodes.
Sr. Title of Paper Year Conferences Idea Result Future work
No of
pub.

2 Black-Hole Feb International Watchdog During Try to

and 2012 Journal of Mechanism blackhole Improve the
Wormhole Computer Counter of data security
Attack in Science, dropped in mobile ad-
Routing Engineering packets was hoc network.
Protocol and noticed to
AODV in Applications decreases at
MANET[2] (IJCSEA) the node,
Vol.2, No.1. After watchdog
method
implementation
counter of
successfully
forwarded
packets are
been done, PDR
increases at an
marginal rate.
Sr. Title of Paper Year Conferences Idea Result Future work
No of
pub.

3 Risk July- IOSR Journal The route Presence of Try and

Mitigation of Aug. of Computer confirmatio malicious node reduces the
Black Hole 2012 Engineering n request is Detected and Time delay,
Attack for (IOSRJCE) (CREQ) and protect the much
AODV Routing ISSN: 2278- route network from network
Protocol[3] 0661 Volume confirmatio degradation. overheads
3, Issue 3 n reply PDR increases, because of
(July-Aug. (CREP) to End to end newly
2012), PP 12- avoid the delay introduced
15 black hole decreases, packets.
attack. throughput
increases.
Sr. Title of Paper Year Conferences Idea Result Future work
No of
pub.
4 Simulation of Feb International Source Packet Delivery Try and
AODV under 2012 Journal of sends a Ratio increases, increase
Black hole Advanced spoof Average end to prevention
end delivery
Attack in Research in packet to during a
increases.
MANET [4] Computer the blackhole
Science and destination Incase of and to
Software For blackhole - In improve data
Engineering detecting AODV the packet security.
Research malicious delivery ratio is
Paper node. reduced to 80%.

After prevention
- There is nearly
21% increase in
PDR .
Sr. Title of Paper Year Conferences Idea Result Future work
No of
pub.
5 Performance Aug- International Route The Try to
Analysis of 2011 Journal of discovery performance of improve the
Aodv Protocol Scientific & packet the network is performance
under Black Engineering method decreased. The in later
Hole Attack Research PDR and Stages.
[5] Volume 2, Throughput of
Issue 8 1 the network
ISSN 2229- has decreased
5518 drastically.
Sr. Title of Paper Year Conferences Idea Result Future work
No of
pub.

6 Black Hole Jan- International Using The throughput Propose a

Detection in 2012 Journal of promiscuous of network is more feasible
MANET Using Soft mode of the decreased, solution to
node.
AODV Routing Computing detect the
Protocol. [6] and proposed black hole
Engineering algorithm attack.
(IJSCE) giving the good
throughput
with black hole
attack. End to
End delay
decreases.
Sr. Title of Paper Year Conferences Idea Result Future work
No of
pub.

7 Securing and July - International Counter Significant Try to

Preventing 2012 Journal of algorithm or improvement improve the
AODV Routing Engineering prior of packet performance
Protocol from Research & Receive- delivery ratio in later
Black Hole Technology Reply (PDR) and an Stages.
Attack (IJERT) algorithm average End-
using Counter Vol. 1 Issue to-End
Algorithm[7] 5, ISSN: delay.
2278-0181
Sr. Title of Year Conferences Idea Result Future work
No Paper of
pub.

8 Discovering August Internationa Large difference Increase in Try to

a Secure 2012 l Journal of between the number of improve
Path in Recent sequence nodes performance
MANET by Technology number of Lesser the s with less
Avoiding and source node or End to End, number of
Black/Gray Engineering intermediate greater the nodes.
Holes [8] (IJRTE) ISSN: node who has PDR and
2277-3878, sent back RREP Throughput.
Volume-1, or not to find
Issue-3 weather it is a
malicious node
or not . Using
OPNET.
Sr. Title of Paper Year Location Idea Result Future work
No of
pub.

9 Detection and July International Adding an During Extended to

Prevention 2012 Journal of IDS node to blackhole other
from Black Computer AODV attack- PDR is proactive
Hole attack in Applications protocol. only 0.14%. and reactive
AODV (0975 – routing
protocol for 8887) Used IDS_AODV protocols.
MANET.[9] Volume 50 – in the same We can also
No.5, network, the extend this
packet delivery research to
fractioned is secure
increased up to routing
99 %. protocols
against other
attacks such
as Wormhole
attack,
Jellyfish
attack etc.
010010101001010111100100101001001010001010101101010
101010101010101010101010101010101010101011001010011
101001010101010101010101010101010101010101101010101
010101010101010101010101010101010101010101010101010
10101
Ad-hoc On-Demand
101010
010101
11110011
101 1001
100Distance Vector (AODV)
01010101010101010 100101111000100100
Routing
10101010101000001 1111100110101010
11101101001111101010111010011010101010100101010100
101010010101010110101010000010100000101101111111010
101001010100100101111110101100110010100110100100100
 When/Why do we need AODV?
• Basically when there is one node that wants to
communicate with another node that is not in range,
it finds a route through other nodes. In the example
below node 1 is not in range with node 3, so it simply
talks to node 3 through node 2.

Node 1 Node 2 Node 3

 How does it work?
• AODV Routing works by using Route Request Messages
(RREQ) and Route Reply Messages (RREP). If a node is not in
range with a node that it wants to talk to, it sends a RREQ to
its neighbors. The RREQ contains source IP address and
sequence number, and destination IP address and sequence
number, as well as the life span of the RREQ. If a neighbor of
the source doesn’t know a route to the destination, it
rebroadcasts the RREQ. If a neighbor does know a route to
the destination, it sends a RREP back to the source. Below,
Node 1 is trying to talk to node 5.
RREP

RREQ RREQ RREQ

Node 3 Node 2 Node 1 Node 4 Node 5

 How does it work? continued
• As seen in the last slide, node 4 had a route to
node 5, so it sent node 1 a RREP. Once node 1
receives the RREP, it notes the route to node 5
and sends the packet on that route.
• SUCCESS!!
NODE 5 received RREP

the packet. RREQ

Node 1 Node 4 Node 5

Packet Packet
 RREQ
Now we can see it
Node 1 all in action!

Node 2

Node 3

RREP

Node 4

Node 5
Flooding for Control Packet
Delivery - Example
Y

Z
S E
F
B C M L
J
A G
H D
K
I N

Represents a node that has received packet P

Represents that connected nodes are within each

other’s transmission range 4-13
 Flooding for Control Packet
Delivery
Y
Broadcast transmission

Z
S E
F
B C M L
J
A G
H D
K
I N

Represents a node that receives packet P for

the first time

Represents transmission of packet P

4-14
Flooding for Control Packet
Delivery
Y

Z
S E
F
B C M L
J
A G
H D
K
I N

 Node H receives packet P from two neighbors:

potential for collision

4-15
Flooding for Control Packet
Delivery
Y

Z
S E
F
B C M L
J
A G
H D
K
I N

 Node C receives packet P from G and H, but does not forward

it again, because node C has already forwarded packet P once

4-16
Flooding for Control packet
Delivery
Y

Z
S E
F
B C M L
J
A G
H D
K
I N

 Nodes J and K both broadcast packet P to node D

 Since nodes J and K are hidden from each other, their
transmissions may collide
=> Packet P may not be delivered to node D at all,
despite the use of flooding 4-17
Flooding for Control Packet
Delivery
Y

Z
S E
F
B C M L
J
A G
H D
K
I N

 Node D does not forward packet P, because node D

is the intended destination of packet P

4-18
 Flooding for Control Packet
Delivery
Y

Z
S E
F
B C M L
J
A G
H D
K
I N
 Flooding completed

 Nodes unreachable from S do not receive packet P (e.g., node Z)

 Nodes for which paths go through the destination D

also do not receive packet P (example: node N) 4-19
Flooding for Control Packet
Delivery
Y

Z
S E
F
B C M L
J
A G
H D
K
I N

 Flooding may deliver packets to too many nodes

(in the worst case, all nodes reachable from sender
may receive the packet)
4-20
 AODV Overview
• AODV is a packet routing protocol designed for use in
mobile ad hoc networks (MANET)

• Intended for networks that may contain thousands of

nodes

• One of a class of demand-driven protocols

• Each node maintains a routing table that contains

information about reaching destination nodes.
 Overview (continued)

• The basic message set consists of:

– RREQ – Route request
– RREP – Route reply
– RERR – Route error
– HELLO – For link status monitoring
AODV Operation – Message Types
• RREQ Messages

– A RREQ message is broadcasted when a node needs to

discover a route to a destination.

– The RREQ also contains the most recent sequence number

for the destination.

– A valid destination route must have a sequence number at

least as great as that contained in the RREQ.
 RREQ Message
A
B?

B?
B?
B?

B?
B? B?

B
 AODV Operation – Message Types
• RREP Messages
– When a RREQ reaches a destination node, the destination
route is made available by unicasting a RREP back to the
source route.

– A node generates a RREP if:

• It is itself the destination.
• It has an active route to the destination.

– As the RREP propagates back to the source node,

intermediate nodes update their routing tables (in the
direction of the destination node).
 RREP Message
A
A

A
B
 AODV Operation – Message Types
Route Error Message:
RERR are used mainly when nodes get moved
around and connections are lost. If a node
receives a RERR, it deletes all routes
associated with the new error. Error messages
are sent when a route becomes invalid, or if it
cannot communicate with one of its
neighbors.
 AODV Operation – Message Types
• HELLO Message:These are simple messages that
nodes send at certain time intervals to all its
neighbors to let them know that it is still there. If a
node stops receiving hello messages from one of its
neighbors, it knows that any routes through that
node no longer exist.
 Message routing
Source
G
A RREQ RREQ
RREQ
RREP RREQ
B D RREQ
RREP
RREQ
RREQ RREP
F Destination
C RREQ

RREQ
E
 RREQ Format

• Type: 1
• J: Join flag (reserved for multicast); R: Repair flag (for multicast)

36
• G: Gratuitous RREP flag; indicates whether a gratuitous RREP should be unicast
to the node specified in the Destination IP Address field
• Hop Count: The number of hops from the Source IP Address to the node
handling the request
• Broadcast ID: A sequence number uniquely identifying the particular RREQ
when taken in conjunction with the source node's IP address.
• Destination IP Address: The IP address of destination for which a route is desired.
• Destination Sequence Number: The last sequence number received in the past
by the source for any route towards the destination.
• Source IP Address: The IP address of the node which originated the Route
Request.
• Source Sequence Number: The current sequence number to be used for route
entries pointing to (and generated by) the source of the route request.

37
 RREP Format

• Lifetime: The time for which nodes receiving the RREP consider the
route to be valid.

38
 AODV Routing
• There are two phases
– Route Discovery.
– Route Maintenance.
• Each node maintains a routing table with knowledge
about the network.
• AODV deals with route table management.
• Route information maintained even for short lived
routes – reverse pointers.
 Discovery
• Broadcast RREQ messages.
• Intermediate nodes update their routing table
• Forward the RREQ if it is not the destination.
• Maintain back-pointer to the originator.
• Destination generates RREP message.
• RREP sent back to source using the reverse
pointer set up by the intermediate nodes.
• RREP reaches source, communication starts.
 Maintenance
• Hello messages broadcast by active nodes
periodically HELLO_INTERVAL.
• No hello message from a neighbor in
DELETE_PERIOD, link failure identified.
• A local route repair to that next hop initiated.
• After a timeout ,error propagated both to originator
and destination.
• Entries based on the node invalidated.
 Error Messages RERR
• RERR are used mainly when nodes get moved
around and connections are lost. If a node
receives a RERR, it deletes all routes
associated with the new error. Error messages
are sent either when a message (not RREQ or
RREP) is sent to a node that has no route to
the destination, or when a route becomes
invalid, or if it cannot communicate with one
of its neighbors.
 Limitation of AODV protocol
• AODV route discovery latency is high
• AODV lacks an efficient route maintenance
technique
• AODV lacks support for high throughput
routing metrics
 It gets complicated!
• Things get much more complicated with many
nodes. This is because nodes have many
neighbors so RREQ get rebroadcasted a lot!
That’s why sequence numbers and life spans
are so key.
 RERR Format

• N: No delete flag; set when a node has performed a local repair of a

link, and upstream nodes should not delete the route.

45
Conferences Where We Plan To
Participate In
Second International Conference on Security in
Computer Networks and Distributed Systems (snds-
2014),THIRUVANANTAPURAM
 Conference Date March 13 -14, 2014
International Conference on
Communication Network and Computing(CNC),CHENNAI
 Conference Date: Feb 21-22, 2014
2013
GANTT CHART MONTHLY PROJECT MANAGEMENT

#DAY
S
Jul Aug Sept Oct Nov Dec

165 
LITERATURE SURVEY days


 
15th Jul
LITERATURE SURVEY      
15 days
ON MANET
8th Aug.
LITERATURE SURVEY 23 days      
ON AODV Protocol
23rd Aug
LITERATURE SURVEY 15 days      
ON BLACKHOLE ATTACKS
7th Sept.
Study of NS-2 15 days     

IMPLEMENATATION OF SIMPLE 14th Oct.

DATA TRANSMISSION 27 days     
PROGRAM

PAPER WRITING AND    

70 days Dec 2013
PUBLISHING IN VARIOUS
CONFERENCES
Start Today End

Completed To be completed Not started Entire Lifespan of

the Project
 References.
[1] Jiwen CAI, Ping YI, Jialin CHEN “Preventing AODV Routing Protocol from Black Hole Attack .”,MAY 2011 24th
IJEST.
[2] Songbai Lu, Longxuan Li, Kwok-Yan, Lingyan Jia “Black-Hole and Wormhole Attack in Routing Protocol AODV
in MANET”,FEB 2012
[3] “Risk Mitigation of Black Hole Attack for AODV Routing Protocol” China JULY AUG 2012, IOSR Journal of
Computer Engineering (IOSRJCE) ISSN: 2278-0661 Volume 3, Issue 3 (July-Aug. 2012), PP 12-15
[4] “Simulation of AODV under Black hole Attack in MANET” International Journal of Advanced Research in
Computer Science and Software Engineering Research Paper FEB 2012
[5] Weerasinghe.H. “Performance Analysis of Aodv Protocol under Black Hole Attack ”, International Journal of
Scientific & Engineering Research Volume 2, Issue 8 1 ISSN 2229-5518 AUG 2011
[6] Dokurer .S, Y. M. Erten , Can Erkin Acar “Black Hole Detection in MANET Using AODV Routing Protocol.”,
International Journal of Soft Computing and Engineering (IJSCE) ,JAN 2012
[7] Deng, H., Li, W. “Agrawal, D., "Securing and Preventing AODV Routing Protocol from Black Hole Attack using
Counter Algorithm” International Journal of Engineering Research & Technology (IJERT)Vol. 1 Issue 5,
ISSN:2278-0181, JULY 2012
[8] K. Lakshmi1, S.Manju Priya2 A.Jeevarathinam3 K.Rama4, K.Thilagam5, Lecturer, Dept. of Computer
Applications, Karpagam University, Coimbatore.” Discovering a Secure Path in MANET by Avoiding
Black/Gray Holes “, International Journal of Engineering Research & Technology (IJERT)Vol. 1 Issue 5, ISSN:
2278-0181,AUG 2012
[9] Ming- Yang Su, Kun- Lin Chiang, Wei Cheng Liao. “Detection and Prevention from Black Hole attack in AODV
protocol for MANET.”, International Journal of Computer Applications (0975 – 8887) Volume 50 – No.5,
JULY 2012