Routing Security In Wireless AD HOC Networks Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Wireless Ad Hoc Network (MANET) is a network of wireless mobile nodes that communicate with each other without any network infrastructure. These nodes dynamically self- organize in temporary and arbitrary network topologies. As the nodes are in continuous motion, topology of the network changes constantly. In Ad Hoc network node can move into and out of radio range of other nodes. These nodes can communicate directly with other nodes in range or they use intermediate nodes to communicate with out of range nodes. MANET is multi-hop network. MANET is vulnerable to attacks due to its fundamental characteristics such as, freedom to join, leave and move inside the network, dynamically changing topology, distributed cooperation. In wireless Ad hoc network, nodes as host as well as router, and forwards packets for other nodes in network. Each node participates in an Ad Hoc routing protocol that allows it to discover multi-hop paths through the network to any other node. Routing plays important role in security of network. Attacks on wireless Ad Hoc network can be classified into passive and active attacks. Attacks are more difficult to deal with if malicious node already belongs to network as authorized party. Also compromised node can frequently change its attack target and perform malicious behaviour to different node in the network. Due to absence of centralized management, it is difficult to detect the attacks as nodes are in motion and dynamically change the topology. In this Black hole attack, malicious node advertises itself having the shortest path to the node whose packets it wants to intercept.

With the recent technological advances in wireless communication and increasing popularity of portable computing devices, wireless ad hoc networks are expected to play increasingly important role in future civilian and military settings where wireless access to wired backbone is either ineffective or impossible. Wireless ad hoc networks (MANET's) are composed of a set of stations (nodes) communicating through wireless channels, without any fixed backbone support. These nodes are autonomously self organizing in networks. In ad hoc networks, the devices themselves are the network, and this allows seamless communication, at low cost, in a self organized fashion and with easy deployment. The large degree of freedom and the self-organizing capabilities make mobile ad hoc networks completely different from any other networking solution. However, a price for all those features is paid in terms of complex technology solutions, which needed at all layers and also across several layers. Frequent topology changes caused by node mobility make routing in wireless ad hoc networks a challenging problem. In addition limited capabilities of mobile stations require control on node congestion due to message forwarding and limited battery consumption. Ensuring secure and good quality of service (QoS) are key commercial concerns in ad hoc wireless networks. MANET is of the more innovating & challenging areas of wireless networking.

While several researches were conducted in this area so far and many researchers in different parts of the world are still conducting research in this field. In wireless ad hoc network, nodes communicate directly with one another in a peer-to-peer fashion. As these nodes are not connected to power supply continuously, they have limitation on their power capacity, so their transmission range is also limited. This limitation affects the functionality of the nodes and services they provide. Nodes have to work as end systems so as to relay packets generated by other nodes also each node must be able to function as a router as well. Nodes continuously move so they move in and out of range of other nodes, network topology changes accordingly. This change in topology must be informed to all other nodes by some means. So the nodes must use the effective routing protocol. Proper routing is the main challenge for wireless ad hoc networking.

As in wireless ad hoc network there is no fixed infrastructure, there is no central administration to manage the channel resources for the network nodes. For channel allocation distributed medium access techniques must be used and also techniques must be used to recover from the packet collisions. Quality of service is provided by using effectively designed protocol to give medium access control. Due to dynamic nature of the ad hoc network and changing network state information, supporting appropriate quality of service is a complex and difficult issue.

In wireless Ad hoc network, nodes are host as well as router, and forwards packets for other nodes in network. Each node participates in an Ad Hoc routing protocol that allows it to discover multi-hop paths through the network to any other node. Routing plays important role in security of network. There are three main routing protocols for a MANET: DSDV protocol (destination sequenced distance vector routing), AODV protocol (ad hoc on demand distance vector), and DSR protocol (dynamic source routing).

Wireless ad hoc routing protocols are basically exposed to two different types of attacks: internal attacks and external attacks. External attacks can again be classified as active or passive. An attack is considered to be active when the misbehaving node has to bear some energy costs in order to perform the threat, where as passive attacks are mainly due to lack of cooperation, with the purpose of saving energy selfishly. Malicious nodes can disrupt the correct functioning of routing protocol by modifying routing information, by fabricating false routing information, and by impersonating other routing information. (Basagni, 2004 p331)

Researchers have tried to address different attacks on MANET. An internal attack is a more sever kind of threat to ad hoc networks. The attacker may broadcast wrong routing information to other nodes within the network. Differentiating between modifications in data due to an actual attack or due to wireless link impairment may be difficult. Some types of active attacks on routing protocol that can usually be easily performed against an ad hoc network are black hole problem, routing table overflow, sleep deprivation, location disclosure, and wormhole attack. In order to deal with these challenges, extensive research has been conducted. The black hole problem can be easily launched against MANET.In this Black hole attack, malicious node advertises itself having the shortest path to the node whose packets it wants to intercept. The need to address this problem and to optimise the security of MANET becomes very important reason for carrying out research into this area.

1.2 Aims and objectives

This project aim is to investigate different types of attacks on routing protocols of MANET with the objectives to study routing protocols of MANET under different traffic conditions by conducting a small scale simulation using OPNET. Finally make recommendation on these protocols based on the simulation conducted.

1.3 Interest and Contributions

Ensuring the secure transmission and good quality of service (QoS) are key commercial concerns in ad hoc wireless networks as their application in short range devices, sensor networks, control systems, and other areas continues to develop which motivated me to research into this topic and make the following contributions:

Critical review

Small scale simulation using OPNET

Make recommendations

1.4 Scope of the Thesis:

This project covers the three main routing protocols of ad hoc networks, DSDV protocol, AODV protocol, and DSR protocol. AODV protocol is discussed in detail. Due to the open medium different attacks are possible against MANET. Attacks against routing protocols are discussed. Black hole problem is studied in detail. Secured MANET and quality of service are main concerns in ad hoc networks. This project report presents in-depth details for AODV protocol; it covers fundamental background details of black hole attack that are considered relevant to this dissertation

1.5 Research questions:

While several researches were conducted by researchers in different parts of the world, the following questions need to be answered in this project:

(1) What are the types of protocols that can be used for routing in MANET?

(2) Why and when is AODV protocol preferred instead DSDV and DSR protocols?

(3) How the black hole attack is launched and how it can be avoided.

All of these questions would be answered in this project.

1.6 Research Methodology:

The methodology proposed in conducting this research involves both theoretical and practical approach by carry out a critical evaluation on routing protocols used for wireless ad hoc networks and compare their behaviour to different traffic conditions. This would be achieved by conducting a small scale simulation with the aid of one of the most appropriate simulation software tool (OPNET). AODV protocol is examined in detail with black hole attack that can be launched against it.

2.0 Literature Review

The pace of increased innovation triggers a tremendous advancement in wireless technology which paves way for dealing with the security issues in wireless ad hoc networks. Routing plays important role in security of network. Route identification and route configuration are the basic functions that all routing protocols for wireless ad hoc networks has to perform. At least one route is essential between any pair of nodes for communication to happen and that should be loop free path. As a prerequisite to communication the route between a pair of nodes must be identified. To recover from the unexpected events such as link failure, host unavailable, and traffic congestions in the sub network, route configuration functions are performed.

Wireless Ad Hoc network has advantage that wireless node can communicate with rest of the world while being mobile. Wireless technologies are very popular over last few years, from satellite transmission to home wireless personal area networks. Wireless Ad Hoc networks have self-forming, self-configuring and self-healing algorithms that make network more flexible and rapidly deployable. Tactical communications and military networks are two main applications of MANET. Due to its fundamental characteristics wireless MANET is vulnerable to attacks. In order to deal with different threats, extensive research has been conducted. Internal attacks are more dangerous as node is already reliable part of the network. So it's difficult to find out the attacking node in internal attack. Black hole problem is one of the main threats in which malicious node advertise it by using routing protocol. It advertises as having shortest path to node whose packets it wants to intercept. This particular issue is aimed to implement secured AODV routing protocol. Researchers have tried to address black hole problem by disabling the ability to reply in a message of an intermediate node, so that only the destination node should send all reply messages. It is not possible to find a general idea that can be used against all kinds of attacks, because every attack has its own distinct characteristics.

2.1 Ad hoc networking

Conventional wireless networks have a fixed network infra-structure and centralized administration. In contrast, wireless ad hoc networks have no infrastructure or administrative support. It is made up of wireless nodes, some or all of them may be mobile, and they create a wireless network amongst themselves dynamically. There is no central administration or no fixed infrastructure, no base station, so network can be created and used at any time and any where. Since all wireless nodes can be mobile, the composition of such networks is necessarily time varying. By interacting with other nodes only it is possible to add or delete nodes from the network. Fig. 1.1 is the conceptual representation of mobile ad hoc network.

Figure 1: Conceptual Representation of MANET

The absence of a fixed infrastructure for ad hoc networks and no central management means that the nodes directly communicate with other nodes in a peer-to-peer fashion. The nodes have restriction on the use of their power capacity, so their transmission range is also limited. Mobile nodes are not only the end system; but they have to relay packets generated neighbouring nodes, thus nodes act as a router as well.

As nodes move in and out of range with respect to other nodes, including those that are operating as routers, the resulting topology changes must somehow be communicated to all other nodes, as appropriate. Ensuring the effective routing is one of the great challenges for ad hoc networking. Carefully designed distributed medium access techniques must be used for channel resources, and, hence, mechanisms must be available to recover effectively from the inevitable packet collisions. (Amitabh Mishra 2008, p3)

The mobile ad hoc network has the following typical features :

* Unreliability of wireless links between nodes. Because of the limited energy supply for the wireless nodes and the mobility of the nodes, the wireless links between mobile nodes in the ad hoc network are not consistent for the communication participants.

* Constantly changing topology. Due to the continuous motion of nodes, the topology of the mobile ad hoc network changes constantly: the nodes can continuously move into and out of the radio range of the other nodes in the ad hoc network, and the routing information will be changing all the time because

of the movement of the nodes.

* Lack of incorporation of security features in statically configured wireless routing protocol not meant for ad hoc environments. Because the topology of the ad hoc networks is changing constantly, it is necessary for each pair of adjacent nodes to incorporate in the routing issue so as to prevent some kind of potential attacks that try to make use of vulnerabilities in the statically configured routing protocol.

2.2 Ad hoc wireless network: operating principles

Fig.1.2 shows the peer-level multi-hop representation of mobile ad hoc network. If a radio channel with required characteristics is available between node A and other node B, then node A directly communicates with node B. This communication happens in single hop. Else multihop communication is required where one or more intermediate nodes are required to function as a relay (router) between two communicating nodes. For example, there is direct radio channel between A and C or A and E.

Figure 2: Operating Principle of MANET

Nodes B and D must, therefore, serve as intermediate routers for communication between A and C, and A and E respectively. All the nodes must be able to function as router on demand. A loop free path between a pair of nodes is called route.

An ad hoc network starts with minimum two mobile nodes broadcasting their presence and their respective address information. Nodes may also include their location information in the network. If it is possible for node A to establish direct communication with node B then both of them updates their routing tables. When a third node C, enters the network with its beacon signal, then two possible scenarios happens. The first is where both node A and node B finds that one hop communication is possible with node C. Or in the second scenario, only one of the nodes, say A, recognizes the beacon signal from C and sends the availability of direct communication with C. The updates about address and route are made in all three nodes immediately, which means topology is updated afterwards. (Amitabh Mishra 2008, p4)

2.3 Applications of Wireless ad hoc networks

Most important application of MANET is in battlefield communication. In battlefield it is expected that there will be large number of nodes that are required to be interconnected. These nodes will be missiles, radio mounted on vehicles, radios carried by soldiers and sensors. Here network plays very important role in military mission. These nodes move dynamically and they need to communicate with each other. As they move around, they may loose connectivity because of terrain, distance among the nodes. Fixed infrastructure is not possible in battle field. MANET's is very efficient solution for this situation.

Figure 3: Example application of MANET

Other very widely considered application for MANET is for interconnecting sensors. In military settings, in industry the sensors are typically small devices that measure environmental inputs such as light, temperature, motion, etc. When these inputs reach specific ranges, sensor alerts user or take specific action.

MANET is useful in emergency response. During major emergencies and disasters such as hurricanes or large explosions, the communications infrastructure in the immediate area of the disaster may be unusable, unavailable, or completely destroyed. MANET's are well suited for such an application because of their ability to create connectivity rapidly with limited human effort.

2.4 Ad hoc networks: Security requirements

The lack of fixed base station in ad hoc networks means that there is no dedicated agency for managing the channel resources for the network nodes. Instead, carefully designed distributed medium access techniques must be used for channel resources, and, hence, mechanisms must be available to recover efficiently from inevitable packet collisions. An effectively designed protocol for medium access control is essential to the quest for QoS. Supporting appropriate quality of service for mobile ad hoc networks is a complex and difficult issue because of the dynamic nature of the network topology and generally imprecise network state information.

There are five main security services for MANETs:

Authentication, confidentiality, integrity, non-repudiation, availability. Authentication means that correct identity is known to communicating partner; Confidentiality means certain message information is kept secure from unauthorized party; integrity means message is unaltered during the communication; nonrepudiation means the origin of a message cannot deny having sent the message; availability means the normal service provision in face of all kinds of attacks. Among all the security services, authentication is probably the most complex and important issue in MANETs since it is the bootstrap of the whole security system. Without knowing exactly who you are talking with, it is worthless to protect your data from being read or altered. Once authentication is achieved in MANET, confidentiality is a matter of encrypting the session using whatever key material the communicating party agrees on. Note that these security services may be provided singly or in combination.

2.5 Routing:

Ad hoc networks have certain characteristics that put a lot of stress on the routing layer.

1st - With constrained bandwidth nodes in a MANET are connected by wireless links. This limited bandwidth should be preserved. So appropriate routing protocol should imply a reasonable overhead. Message complexity must be kept low.

2nd- Nodes in MANET are likely to be hand-held devices and laptops with relatively constrained resources. Storage capacity and battery power should be used in a smart way. Routing is important to establish correct and efficient route between MANET nodes so that the message can be delivered with minimum overhead and bandwidth consumption. Due to dynamic nature of MANET, network topology changes constantly. So routing protocol for wireless ad hoc network should not only have the general characteristics of any routing protocol but it should consider the specific characteristics of MANET- mobility, battery limitation, bandwidth consumption, minimum overhead, security.

2.5.1 Routing protocols for Ad hoc networks:

As this dissertation rightly titled "Routing security in wireless ad hoc networks", it is necessary to briefly discuss the routing protocols of MANET. Routing protocols in ad hoc networks can be classified into three categories; periodic (also called proactive or table driven), on-demand (also called reactive), and hybrid protocols. Networks using periodic protocols attempt to maintain the knowledge of every current route to every other node by periodically exchanging routing information. The on-demand protocols, in contrast to periodic protocols, create routes only when necessary for carrying traffic. As a result route discovery process is a prerequisite to establishing communication between any two nodes, and a route is maintained as long as communication continues. Examples of on-demand protocols include dynamic source routing (DSR), ad hoc on-demand distance vector (AODV) routing. The hybrid approach combines both aspects of periodic and on-demand routing.

2.5.2 Classification:

Figure 4: Classification of MANET routing protocols

2.5.3 Proactive Protocols:

Proactive routing protocols aim to keep consistent and up to-date routing information between every pair of nodes in the network by proactively propagating route updates at fixed time intervals. Each node maintains this information in tables; thus, protocols of this class are also called table-driven algorithms. Examples of proactive protocols are Destination sequenced distance vector (DSDV) protocol, Optimised link-state routing (OLSR) protocol, Topology based reverse path forwarding (TBRPF) protocol. Reactive Protocols

Reactive on-demand routing protocols establish a route to a given destination only when a node requests it by initiating a route discovery process.

Once a route has been established, the node keeps it until the destination is no longer accessible, or the route expires. Examples of reactive protocol are DSR and AODV.

An important question is to determine the best routing protocol to be used in a MANET. This is not a simple issue, and the identification of the most appropriate protocol depends on different factors such as QoS guarantees, scalability, and traffic and mobility pattern. Reactive protocols tend to be more efficient than proactive protocols in terms of control overhead and power consumption because routes are only created when required. On the other hand, proactive protocols need periodic route updates to keep information updated and valid. In addition, many available routes might never be needed, which increases the routing overhead. Proactive protocols tend to provide better quality of service than reactive protocols. In this class of protocols, routing information is kept updates; thus, a route to a given destination is available and up-to-date, which minimizes the end-to-end delay. (Boukerche, 2009,p8)

2.5.4 Ad-hoc On-demand Distance Vector Protocol (AODV):

The ad hoc on-demand distance-vector (AODV) routing protocol is a unicast, reactive routing protocol for mobile nodes in ad hoc networks. It enables multi-hop routing and the nodes in the network maintain the topology dynamically only when there is traffic. In AODV, when a node intends to communicate with a destination node, it broadcasts a route request message (RREQ) to its neighbours, and its neighbours propagate the message to their neighbours, as a result the RREQ ultimately reaches the destination. While moving closer to the destination, if the RREQ message finds a node that has a path to the destination, then this node creates a route-reply (RREP) message and sends it to the source node by using the path that the RREQ message used. This forwarding process is called reverse path forwarding.











Figure 5: Propagation of RREQ message

The RREQ message creates this path by inserting the identities of all the nodes that it encounters while traversing towards the destination. After selecting and establishing a route, it is maintained by a route maintenance procedure until either the destination becomes inaccessible along every path from the source or the route is no longer desired.

Two other fields of a RREQ are the time to live (TTL) and the broadcast ID.

The TTL field allows a discovery initiator to control the degree of dissemination of its RREQ within the network. For instance, a RREQ packet whose TTL field is set to 2 will travel through 2 hops at most from the source node. When a RREQ is broadcast, the source node sets its TTL field to an initial value in terms of hops and waits for a corresponding period of time (RREP_WAIT_TIMEOUT) before taking any action. If by any chance, a route is received before the waiting period is finished, then the discovery process is successfully terminated. On the other hand, if the waiting period arrives to its term without having received any response, the source node re-broadcasts the "same" RREQ packet and again waits for another period of time. This time, however, the RREQ has a bigger TTL value and the waiting period is consequently longer. Having a bigger TTL value, the new RREQ will reach a larger set of nodes and will hopefully lead to a route reply generation.

If still no reply is received, the source keeps on re-broadcasting the RREQ with an incremented TTL up to a maximum number of retries. Upon threshold, the discovery period is aborted. These mechanisms of broadcast control is also known as the expanding ring search technique.

Also, each RREQ packets is tagged with a sequence number, called Broadcast ID. This tag provides a mean for nodes to distinguish the different RREQs emanating from the same node and is incremented after each broadcast. A couplet <source IP address, Broadcast ID> uniquely identifies a RREQ and a RREQ with a greater Broadcast ID is fresher. As an intermediate node processes a RREQ issued from a particular node, it records the corresponding Broadcast ID. Later, the intermediate node will only process RREQs from a same source node with a greater Broadcast ID. Other RREQs with smaller Broadcast ID are simply discarded.

Finally, a RREQ carries a hop count field that records the number of hops that the RREQ has travelled through.

When a node wants to make a route available (either a destination node or an intermediate node with a fresh enough route), it uncast a route reply packet (RREP) back to the source node that initiated the discovery process.

The RREP contains IP addresses of both source and destinations nodes and the sequence number of the advertised route. It also includes a hop count field (similar to the one in RREQ packets) and a lifetime field whose value indicates the validity period of the advertised route.

The forward path (from source to destination) is built as the route reply packet travels down along the reverse path. Each node receiving the RREP creates an entry for the destination node N8. The destination sequence number and hop count are copied from the RREP itself and the next hop along this path is the last node that forwarded the RREP.

When the RREP finally reaches the source node, it does no longer need to be forwarded. After N1 has created a forward entry toward D, it automatically destroys the RREP packet. The discovery period is terminated and the newly established route can now be used to send the data packets waiting on the buffer.

Several security schemes for MANET's have been proposed. One routing attack that could easily happen in wireless MANET's, the black hole problem. According to the original AODV protocol, any intermediate node may respond to the RREQ message if it has a fresh enough route, which is checked by the destination sequence number contained in the RREQ packet. This mechanism is used to decrease the routing delay, but makes the system a target of a malicious node. The malicious node easily disrupts the correct functioning of the routing protocol and makes at least part of the network crash. Moreover, a malicious node does not need to check its routing table when sending a false message; its response is more likely to reach the source node first. This makes the source node think that the route discovery process is complete, ignore all other reply messages, and begin to send data packets. As a result, all the packets through the malicious node are simply consumed or lost. The malicious node could be said to form a black hole problem. In this way the malicious node can easily misroute a lot of network traffic to itself, and could cause an attack to the network with very little efforts on its part.

2.5.5 Security aware routing:

The route discovery process is an integral part of a routing protocol, which finds path between a source-destination pair. When a route discovery process is initiated to find a path that satisfies a minimum set of security constraints is called a security-aware routing protocol. The motivation for the SAR protocol stems from the recognition of facts that certain applications, such as military, finding a route with specific security attributes or trust levels is more relevant than finding the shortest route between two end points.

In security aware AODV routing protocol, security metric is embedded in the RREQ packet. Upon receiving an RREQ packet, the node verifies whether it has the ability to provide the required security. If it does, the packet is forwarded to the next hop, otherwise the RREQ packet is dropped. Upon finding a path that has a desired security, the destination node or any other intermediate node creates an RREP packet and sends it to the source.

Security-aware routing advocates modifying the AODV protocol, particularly the RREQ and RREP messages, while preserving most of the essential characteristics of AODV. The AODV protocol incorporating these changes has been called SAODV (security-aware AODV protocol). With the proposed changes to RREP and RREQ the route discovery operation gets slightly modified over a conventional AODV.

3.0 Attacks against Routing protocols

Wireless ad hoc routing protocols are basically exposed to two different types of attacks: internal attacks and external attacks. External attacks can again be classified as active or passive. An attack is considered to be active when the misbehaving node has to bear some energy costs in order to perform the threat, where as passive attacks are mainly due to lack of cooperation, with the purpose of saving energy selfishly. Nodes that perform active attacks with the aim of damaging other nodes by causing network outages are considered to be malicious whereas nodes that perform passive attacks with the aim of saving battery life for their own communications are considered to be selfish. Malicious nodes can disrupt the correct functioning of routing protocol by modifying routing information, by fabricating false routing information, and by impersonating other routing information. (Basagni, 2004 p331)

Researchers have tried to address different attacks on MANET. An internal attack is a more sever kind of threat to ad hoc networks. The attacker may broadcast wrong routing information to other nodes within the network. Differentiating between modifications in data due to an actual attack or due to wireless link impairment may be difficult. Passive external attacks involve unauthorized "listening" to the routing packets. Active external attacks on the network from outside sources are meant to degrade or prevent message flow between the nodes. Some types of active attacks on routing protocol that can usually be easily performed against an ad hoc network are black hole problem, routing table overflow, sleep deprivation, location disclosure, and wormhole attack. Malicious node can disrupt the correct functioning of a routing protocol by modifying routing information, by fabricating false routing information, and by impersonating other nodes.

3.1 Security threats:

The main influences brought by the attacks against routing protocols include network partition, routing loop, resource deprivation and route hijack. There are some attacks against routing that have been studied and well known:

- impersonating another node to spoof route message.

- advertising a false route metric to misrepresent the topology.

- sending a route message with wrong sequence number to suppress other legitimate route messages.

- flooding Route Discover excessively as a denial of service attack.

- modifying a Route Reply message to inject a false route.

- generating bogus Route Error to disrupt a working route.

- suppressing Route Error to mislead others.

Because of the mobility and constantly changing topology of the mobile ad hoc networks, it is very difficult to validate all the route messages. There are some more sophisticated routing attacks, which include Wormhole attacks, Rushing attacks and Sybil attacks.

Denial of service (DoS) threat is one of the attacks that could be launched against the ad hoc networks. Radio jamming and battery exhaustion are two ways in which services can be denied to other nodes and users. A distributed DoS attack is more severe. If the attackers have enough computing power and bandwidth to operate with, smaller ad hoc networks can be crashed or congested easily.

Impersonating attacks form a serious security risk at all levels of ad hoc networking. If proper authentication of parties is not supported, compromised nodes may be able to join the network, send false routing information, and masquerade as some other trusted nodes. A compromised node may get access to the network management system of the network and may start changing the configuration of the system as a super-user who has special privileges.

Routing table overflow- in this attack, the attacker attempts to create routes to non-existent nodes. The goal is to create enough routes to prevent new routes from being created or to overwhelm the protocol implementation. An attacker can simply send excessive route advertisements to the routers in the network.

Sleep deprivation- this attack is practical only in ad hoc networks where battery life is a critical parameter. Battery-powered devices try to conserve energy by transmitting only when absolutely necessary. An attacker can attempt to consume batteries by requesting routes, or by forwarding unnecessary packets to the node.

Location disclosure- this attack can reveal something about the locations of nodes or the structure of the network. This information gained might reveal which other nodes are adjacent to the target, or the physical location of a node. Routing messages are sent with inadequate hop-limit values and the addresses of the devices sending the ICMP error messages are recorded. In the end, the attacker knows which nodes are situated on the route to the target node.

Wormhole attack- in this attack, an attacker receives packets at one location in the work, and tunnels them to another location in the network, and from there the packets are resent into the network. This tunnel between two colluding attackers is referred to as a wormhole. It could be established through a single long range wireless link or even through a wired link between the two colluding attackers.

3.2 The Black hole problem in AODV protocol:

AODV is the on-demand routing protocol, so it creates route from source to destination only when desired by destination node. Source node initiates route discovery process in the network when it needs route to destination. Source broadcasts RREQ (route request) packet which is forwarded to its neighbor which is again forwarded to its neighbor. It continues until either destination or an intermediate node with fresh enough route to destination is located. Now in this any intermediate node having fresh enough route can reply to route request message. when destination receives route request message, destination or intermediate node having fresh route responds by unicasting a RREP (route reply) packet back to the neighbor from where it first received the RREQ. When the route is established it is maintained until it is not required or destination becomes inaccessible.

According to original AODV protocol any intermediate node who has fresh enough route to destination can respond to RREQ message. This property can be exploited by the attacker. Fresh enough route is checked by destination sequence number contained in the RREQ packet. This decrease the routing delay.

Figure 6: Black hole problem in AODV protocol

Fig. 5 shows the black hole problem. Node A wants to send data to node D. Node A initiates the route discovery process by sending RREQ packets to its neighbors. Node B and C receives the route request message. Now lets consider that node C is the malicious node which does not have any fresh enough route to destination node D. Then also node C uses the routing protocol to advertise itself as having shortest path to the node D. So whenever attacker node C receives a request for a route to target node D, attacker creates a reply consisting of an extremely short route. Any other intermediate node having fresh enough route or destination may also send the response to source. If the reply from attacker reaches the source node before reply from any other node then source thinks that route discovery process is complete, ignore all other replies and start sending data. If the malicious node is nearer to the source node, its reply will reach to source before any other node's reply. Also malicious node does not check its routing table to see the route before sending false route message. Thus source starts sending data packets to malicious node which may consume the packets or packets may be lost. Malicious node act as a black hole and can easily misroute the network traffic to itself.

Once the malicious node is successful to insert itself between the communicating nodes , it can do anything with the packets passing between them. It can perform denial-of-service attack by choosing to drop the packets, or use its place on the route as the first step in a man-in-the-middle attack.

4.0 Simulation tools required

To conduct a small scale simulation, it has become very important to identify a simulation tool (software) that is capable of supporting the necessary routing protocols of wireless ad hoc networks to be used in conducting such simulation. Though there are different simulation tools in the market today, however, in this project caution has been exercised to choose a simulator that is widely used and is not so complicated to learn and understand. In conducting simulation for this project, OPNET is the preferred simulation tool used.

4.1 Description of the required resources

OPNET (Optimised Network Engineering tool) - OPNET is a high level event based network level simulation tool used for communication networks which supports a comprehensive development environment for the specification, simulation and performance analysis of communication network. OPNET solutions model communications devices, protocols, technologies, and architectures, and simulate their performance in a dynamic virtual network environment. Integrated code debugging and data analysis features facilitate the design process. OPNET Network Research and Development solutions enable a broad range of academic research including:

Evaluating and enhancing wireless protocols i.e., WiMAX, Wi-Fi, UMTS, etc.

Designing MANET routing protocols

Studying new power management schemes for sensor networks

Researching new enhancements to core network technologies i.e., IPv6, MPLS, etc.

Analyzing optical network designs

By working in the Virtual Network Environment, IT managers, network and system planners, and operations staff are empowered to diagnose difficult problems more effectively, validate changes before they are implemented, and plan for future scenarios including growth and failure (Peterson, L.L., Dave, B.S, 2003 P1).

OPNET incorporates various tools for data collection. A probe editor allows specifying: (1) which statistics are to be collected from where (Probe editor); (2) their own statistics (analyse tool); (3) animation view and formats (Filter Tool, Animation viewer). OPNET has objects capable of generating very large amount of output data during simulation. It can produce error rate and throughputs, delay queue size. Packet trace may be done. Output can be plotted in graph, such as end-to end delay vs. queue buffer capacity, loss ratio vs. queue buffer capacity. Probability distribution function, cumulative distribution function as well as histogram can be plotted for several data sets. OPNET is widely used to different features of MANET (Rahman, Pakštas, Wang, 2009, P9).

Some of the advantages OPNET has are: It is extendible; has large customer base; professional support; very well documented; comes with a large number of built-in protocols. However, it limitations are: It is relatively expensive; complexity (requires some time to learn; and there is limitation to its portability. To use this software, the computer on which it will be install must meet the basic hardware and software requirement provided in the tables below.

Table 1.1 System (Hardware) Configuration


Required: 2.0 GHz for Windows, 1.0 GHz for Linux using x86, EM64T, x86 AMD, or AMD64

Recommended: 3.0+ GHz using x86, EM64T, x86 AMD, or AMD64 (dual-core))


Required: 512 MB

Recommended3: 1-2 GB

System File Space

3 GB Up to an additional 2GB of free disk space may be required during installation.

Working File Space

100 MB or more for temporary and log files


Resolution: 1024x768 minimum

Table 1.2 Software Supported Platforms


Operating Systems


Windows 7 Professional (32 and 64 bit)

Windows Vista Business (32-bit and 64-bit)

Windows XP Professional (32-bit and 64-bit)

Windows Server 2008 (32-bit and 64-bit)

Windows Server 2003 (32-bit and 64-bit) and Windows Server 2003 R2 (32-bit and 64-bit)

Windows 2000 Professional

Windows 2000 Server

Red Hat

Red Hat Enterprise Linux 5 (v2.6.18 Linux kernel)

Red Hat Enterprise Linux 4 (v2.6 Linux kernel)

Fedora Project

Fedora Linux 6 (v2.6.18 Linux kernel)

4.2 Conducting the simulation

Implementation: a brief description of the process required to conduct a simulation using OPNET for any type of simulation is illustrated in figure 5.0. The workflow for OPNET Modeler (that is, the procedures to be followed in order to create a network model and run simulations) concentrates around the Project Editor. Using the Project Editor, One can build a network model, select statistics to compile from each network object or from the entire network, run the simulation, and view results.

Figure 7: OPNET simulation workflow

4.3 Simulation scenario:

In this simulation nodes and links from the object palette were used to create the network model in the Project Editor. How this was achieved is explained step by step below.

Step 1: To complete this design, the following network nodes and links are required:

Wireless LAN workstation :

The wireless workstation node model represents a workstation with client-server

applications running over TCP/IP and UDP/IP. The workstation supports one

underlying WirelessLAN connection at 1 Mbps, 2 Mbps, 5.5 Mbps, and 11 Mbps.

This workstation requires a fixed amount of time to route each packet, as

determined by the "IP Forwarding Rate" attribute of the node. Packets are routed

on a first-come-first-serve basis and may encounter queuing at the lower protocol

layers, depending on the transmission rates of the corresponding output interfaces.

Profile configuration node:

The Profile configuration node can be used to create user profiles. These user

profiles can then be specified on different nodes in the network to generate application layer traffic. The application defined in the Application configuration objects are used by this object to configure profiles. We can specify traffic patterns followed by applications as well as the configured profiles on this object.

Application configuration node:

The Application configuration node can be used for the following specifications:

1. "ACE Tier Information": Specifies the different tier names used in the network model.

2. "Application Specification": Specifies applications using available application types. We can specify a name and the corresponding description in the process of creating new applications.

3. "Voice Encoder Schemes": Specifies encoder Parameters for each of the encoder schemes used for generating Voice traffic in the network.

Mobile configuration node:

Mobile configuration node is used to define mobility profiles that individual nodes reference to model mobility. This node controls the movement of nodes based on the configured parameters.

Editors required:

The Project Editor- It is the main staging area for creating a network simulation. From this editor, we can build a network model using models from the standard library, choose statistics about the network, run a simulation, and view the results. We can also create node and process models, build packet formats, and create filters and parameters, using specialized editors that you can access from the Project Editor.

The Node Editor- This allows us define the behavior of each network object. Behavior is defined using different modules, each of which models some internal aspect of node behavior such as data creation, data storage, etc. Modules are connected through packet streams or statistic wires. A network object is typically made up of multiple modules that define its behavior.

The Process Editor- This lets us create process models, which control the underlying functionality of the node models created in the Node Editor. Process models are represented by finite state machines (FSMs), and are created with icons that represent states and lines that represent transitions between states. Operations performed in each state or for a transition are described in embedded C or C++ code blocks.

The Path Editor- It is used to create new path objects that define a traffic route. Any protocol model that uses logical connections or virtual circuits (MPLS, ATM, Frame Relay, etc.) can use paths to route traffic.

Simulation sequence editor- Additional simulation constraints can be specified in the simulation sequence editor. Simulation sequences are represented by simulation icons, which contain a set of attributes that control the simulation's run-time characteristics.

Step 2: The model is created by dragging and dropping the mobile nodes from object palette into the project editor. In this scenario 15 mobile nodes form the mobile ad hoc network. Network size is chosen to be 1000*1000 (campus).

Step 3: Wireless LAN workstation mobile node is drag into the project editor.

In Protocols menu, select IP, addressing, auto assign IPV4 addresses.

Step 4: Select all nodes and edit their attributes. AODV protocol is selected.

Step 5: Application configuration node is dragged in to work space and configured its attributes. Under application definitions, number of rows selected equal to 1. Application name entered=FTP. High load is applied to FTP under description menu. This is applied to all selected nodes.

Step 6: Profile configuration is dragged into workspace window from object palette and it is configured. Under profile configuration menu, number of rows set equal to 1. Name is set under Enter profile name menu. Under application name, FTP is set. Start time offset is set to constant=0. Duration= End of profile. Under repeatability option, inter-repetition time (seconds) is set to uniform=(0,100). Number of repetitions= unlimited. Start time (seconds) to constant=0. Duration= end of simulation. Under repeatability option, inter-repetition time (seconds) to constant=300. Number of repetitions is set to constant=0 . This is applied to all selected objects.

Step 7: Under protocol menu, select Applications, Deploy defined. All mobile nodes are transferred under the category of source on right hand side (RHS). And server node is transferred under the category of "FTP-SERVER" on RHS.

Step 8: Mobility configuration node is dragged from object palette to work space and configured it. Under random mobility profile, number of rows selected is 1. Under default random waypoint and then under random waypoint parameters, set speed (meters/seconds) to constant=10. Pause time is set to constant=200. Start time (second) is set to constant=0.

Step 9: Under Topology menu select Random Mobility, Set mobility profile.

Step 10: By right clicking in workspace window, select individual statistics. Under Global statistics, select AODV protocol, traffic pattern and wireless LAN. Saved the project.

Figure 8 show the network model designed using 15 mobile nodes using AODV protocol and in the range of 1000*1000 meters campus.

Figure 8: Network Model design under AODV protocol

Step 11: Node models describe the internal flow of data within a network object. Every node in a network has an underlying node model that specifies the internal flow of information in the object. Node models are made up of one or more modules connected by packet streams or statistic wires. Node modules in turn contain process models.

Process Editor is used to create process models that describe the behavioral logic of a module in a node model. A process model is represented by a state transition diagram (STD) that describes the behaviour of a node module in terms of states and transitions. Double-click on the tpal module in the Node Editor and Process Model Editor opens in a new window. The red and green states and the solid and dotted lines indicating transitions between the states. Each state in the process model contains an enter executive and an exit executive. Enter executives are executed when a process enters a state. Exit executives are executed when the process leaves the state. Operations performed in the state are described in C or C++.

Figure 9: Node model for WirelessLAN server

Figure 10: Process Model

Step 12: Click on the run simulation button to change the time to 30 minutes and click Ok to Save the work. Simulation kernel is set to Optimised. Update interval field is set to 10000. Then Run the simulation.

Step 13: Simulation sequence dialogue box appears after simulation is complete successfully.

Step 14: View Results option is selected from the workspace pop-up menu to obtain global statistics and individual object statistics from one tree view.

Step 15: Following two graphs show Routing Traffic sent (packets/sec) , Routing traffic received (packets/sec) by the network under AODV protocol.

Figure 11: Routing traffic sent (packets/sec)

Figure 12: Routing traffic received (packets/sec)