The Server Honeypot Based Detection Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Security in Mobile ad-hoc networks is a complex issue. The wireless and dynamic nature of ad-hoc networks makes them more vulnerable to security attacks when compared with fixed networks. The existing routing protocols are optimized to perform the routing process without considering the security problem.

Black hole attack is one of the routing attacks in which, a malicious node uses the routing protocol to advertise itself as having the shortest path to the node whose packets it wants to intercept.

I have proposed a game theoretic approach called Game Theoretic DSR(GT-DSR) and will integrate this into the reactive Dynamic Source Routing (DSR) routing protocol to provide defense against black hole attacks. GT-DSR is based on the concept of non-cooperative game theory.

I have implemented two types of Black hole attack called Passive black hole attack and Active black hole attack on DSR protocol, using Network Simulator 2.


List of figures



The primary aim of this project is to update a DSR (Dynamic Source Routing) based Routing protocol, which provide defense against Denial of Service (DoS) attack caused by Black hole attacker node in Mobile Ad-hoc network. This routing protocol will try to find the secure route from source node to destination node. For finding secure route, it uses non-cooperative game theoretic approach.


Mobile ad-hoc network (MANET) is a collection of mobile nodes that communicate with each other without any fixed infrastructure or a central network authority. Mobile ad-hoc Network has many applications like in Personal Area Networking, Military environment, Civilian environment and also in emergency operations. Many application of MANET require secure communication.

MANET don't have fixed architecture so it needs different kind of routing protocols to find new routes whenever there is a change in topology. MANET use reactive routing protocols like DSR (Dynamic Source Routing) and AODV (Ad-hoc On demand Distance Vector Routing) to find route for data transmission.

Routing protocols for MANET are vulnerable to different kind of packet dropping attacks. DSR protocol is vulnerable to black hole attack [1]. Black hole attack is a routing attack in which a malicious node attract the traffic by showing most efficient route through itself and when the data comes to this malicious node it drops all the packet that causes the data loss and denial of service.

To defend the MANET against black hole attack conventional cryptography and intrusion detection system provide some mechanism at the cost of high computational and communication overhead.

Game theory models the black hole attack as a non-cooperative game between attacker and defender then tries to find the optimal decision that dominate the attacker's strategy.

Our prime aim of the project is to develop game theoretic based secure DSR routing protocol that defend the MANET against black hole attack.


So far many schemes have been proposed for detection or avoidance of malicious black hole node in MANET. Few recent solutions are as follows.

In [2] , Baadache et al. proposed a black hole detection scheme for wireless ad hoc networks based on the principle of Merkle tree.

In [3], Anita et al. proposed a mechanism for detecting black hole attacks in MANETs using a certificate based authentication method that can counter the effect of black hole attack.

In [4], Emmanouil A. Panaousis and Christos Politis proposed a game theoretic mechanism for securing AODV routing protocol against black hole attack.

But the main problem of most of the solutions is high computation overhead due to cryptographic computation.

In [5], Xiaojuan Liao, Dong Hao, and Kouichi Sakurai gives the classification of attacks on wireless Ad-hoc network and gives a game theoretic view of those attacks.


Different types of routing attack are possible on the DSR based Mobile Ad-hoc network. These can be classified as Route disruption, Route diversion and packet dropping attacks like gray hole and black hole attack.

To initiate a black hole attack, malicious node sends the route reply RREP message after getting route request RRRQ message and claims that he is the destination node. The source node likely to receive the RREP message from attacker before real RREP message and starts sending the data packets to the malicious node instead of real destination. After getting the data packets the malicious node discards the packets without sending RERR message.

The proposed solution for defending the black hole attack against DSR based MANET is based on non-cooperative game (For more detailed information see Appendix 1).


In this section I define the game between MANET (S) and malicious node (M). Strategy space of MANET S= {i,-i}, S=i means S choose route i and S=-i means S doesn't choose route i. Strategy space for malicious node M= {i,0,j}, M=i means malicious node M attack on route i, M=0 means malicious node doesn't attack on any route and M=j means malicious node attack route j.

Table:1 Shows the payoff matrix for MANET.












Where Ci=Cost of establishing route i, while Fi denotes the cost of using forged route i.

The number of one-hop neighbors of node i is defined as Ni. The hop count of route i is defined as hi. When establishing a route, the main cost is power consumption, channel collisions and the computational overhead. Ci is defined as Ci.

A malicious node obtains better payoffs when the nodes are denser. Fi is an increasing function of the density of nodes that constitute a route. The density of node i is defined as di. Ri is the communication range of node i and A is the size of region of the MANET. Fi defined as Fi.

Table:2 shows the payoff matrix for the malicious node.












G is the gain of malicious node by launching black hole attack, which equals to the loss of Ad hoc network under attack. Ci is the cost of attacking route i, which contains the cost of generating and sending a forge RREP.

According to game theory rational legitimate nodes will minimize Ci. While rational malicious node prefers to attack in order not to receive a zero payoff.

Sij denotes the element in row i and column j of MANET payoff matrix. Mij denotes the element in row i and column j of malicious node payoff matrix.

S11,S12≥S13 and M11=M13≥M12

Therefore (S11, M11) is the dominant strategy of game, which is also the Nash equilibrium. Which means always take the route which has minimum value of Ci.



Study of various in-depth theoretical concepts about the DSR routing protocol was done [6]. The Dynamic Source Routing protocol (DSR) is a simple and efficient routing protocol designed specifically for use in multi-hop wireless ad hoc networks of mobile nodes. DSR allows the network to be completely self-organizing and self-configuring, without the need for any existing network infrastructure or administration. The protocol is composed of the two main mechanisms "Route Discovery" and "Route Maintenance", which work together to allow nodes to discover and maintain routes to arbitrary destinations in the ad hoc network.


Network Simulator is a tool that used to simulate the large number of applications, protocols, network types, network elements and traffic models. NS2 is based on two languages i.e., an object oriented simulator that is written in C++ and an OTcl (an object oriented extension of TCL) interpreter that uses user commands. NS simulator provides a lot of data on events that occur in the network. These data events can be analyzed using trace of that network.


In this phase of project I have simulated two kind of black hole attack in NS-2 simulator on DSR protocol.

Passive Black hole attack

Active Black Hole attack

Passive Black hole attack

In this kind of attack malicious node participates in the routing operations where the data packet that comes to the malicious node is dropped silently. I have simulated this attack on DSR protocol. I have updated the two files dsragent.cpp and dsragent.h.

Pseudo-code for Passive Black hole attack:

Void BlackholeDSRAgent::recievePacket(Packet P)



If( p is data)

Drop Silently;



Active Black hole attack

In this kind of attack malicious node participates in the routing operations and generates fake RREP (Route Response Packet) in response to received RREQ (Route Request Packet). Consequences of these fake RREP are that it redirects the data packets to the malicious node and it drops the data packets silently. I have simulated this attack on DSR protocol. I have updated the two files dsragent.cpp and dsragent.h.

Pseudo-code for Active Black hole attack:

Void BlackholeDSRAgent::recievePacket(Packet P)



If (P is data)

Drop Silently;

else If( P is RREP )

forward P to the next node of the route;

If (P is RREQ)

Reply with fake RREP;



J:\data\Major Project setup files\screenshot\demo2.pngFigure : Demonstration of black hole attack in Mobile ad-hoc network


This section includes the evaluation of the effects of Passive black hole attack and Active black hole attack in the Mobile Ad-hoc network. The simulations have been performed in NS-2.34 for DSR protocol. Simulation parameters are shown in the following Table.

Table: 3 Simulation parameters



Routing Protocol


MAC layer


Simulation time

900 seconds



Number of Mobile Nodes


Movement Model

Random waypoint

Max Speed

0 to 10 m/s

Traffic type


Data payload

512 bytes


2.5 packets/sec

Malicious node

2 nodes

Target of attack

All nodes

Buffer size


Number of connections


J:\data\Major Project setup files\screenshot\demo3.png Figure : screen shot of simulation

I have calculated the packet drop ratio for this simulation on Active Black hole attack, Passive Black hole attack and without any malicious node in network. From the following figure we can see the percentage of packet drops is highest in case of Active Black hole attack because it attract the traffic toward itself. Even though there is no malicious node in the network, some packet loss occurs because of packet collision in the network. The dropped packet ratio we got is 17.29 % for network that don't have malicious nodes, 24.03% for network which have 2 Passive Black hole node and 24.23% for network which have 2 Active Black hole node.

Figure : packet drop ratio with two black hole node.

The calculated throughput for network without any attack is 8.64Kbps, for network under Passive Black hole attack we got throughput 6.15Kbps and for network under Active Black hole attack we got throughput of 5.75Kbps.

Figure : Average throughput with two black hole node



If a node A receives a RREQ then

If A does not have a route to destination D then

Derives uA add this utility value in the DSR packet add itself to the route and

Forward the RREQ according to DSR protocol.

Else if A has a route to D in its cache then

Derives uA add this value to route A to D and sends a RREP to S according to DSR protocol.

Else // A is destination node

Derives uD add this value to DSR packet add itself in route as destination to the source node and send RREP according to DSR protocol.





S is waiting for RREP for a timeout

If s receives more than one RREP then

S calculate the average cost Ci of each route i.

S chooses the route R with minimum cost.

Else // if S receive only unique RREP

S select the route which is received by the unique RREP

End if

In the above algorithms utility value ui represents the number of one hop neighbor nodes of a node i and cost Ci . According to game theory we have to select the route which has minimum value of Ci to get most secure route.


Next phase of project will be implementation of proposed algorithm and integrating it into existing DSR.

Simulating Black hole attack on updated DSR routing protocol and comparison with the original DSR.

Thesis writing and documentation.



Game theory models strategic situations, or games, in which an individual's success in making choices depends on the choices of others. It is a mathematical method of making decisions in which a competitive situation is analyzed to determine the optimal course of action for an interested party.


The normal (or strategic form) game is usually represented by a matrix which shows the players, strategies, and payoffs. More generally it can be represented by any function that associates a payoff for each player with every possible combination of actions. In the accompanying example there are two players; one chooses the row and the other chooses the column. Each player has two strategies, which are specified by the number of rows and the number of columns. The payoffs are provided in the interior. The first number is the payoff received by the row player (Player 1 in our example); the second is the payoff for the column player (Player 2 in our example). Suppose that Player 1 plays Up and that Player 2 plays Left. Then Player 1 gets a payoff of 4, and Player 2 gets 3.

When a game is presented in normal form, it is presumed that each player acts simultaneously or, at least, without knowing the actions of the other. If players have some information about the choices of other players, the game is usually presented in extensive form.


In non-cooperative game each player is selfish and tries to get better payoff without disclosing his strategy. In cooperative game players might have an agreement on how to play game and this type of game include the issue like bargaining.


Nash equilibrium, named after John Nash, is a set of strategies, one for each player, such that no player has incentive to unilaterally change her action. Players are in equilibrium if a change in strategies by any one of them would lead that player to earn less than if she remained with her current strategy.