Abstract— Ad hoc networks are characterized by multihop wireless links. While DSR and AODV share the on-demand
wireless connectivity, frequently changing network behaviour in that they initiate routing activities only in the
topology and the need for efficient dynamic routing presence of data packets in need of a route, many of their
protocols. We compare the performance of two prominent routing mechanics are very different. In particular, DSR uses
on-demand routing protocols for mobile ad hoc networks: source routing, whereas AODV uses a table-driven routing
Dynamic Source Routing (DSR) and Ad Hoc On-Demand framework and destination sequence numbers. DSR does not
Distance Vector Routing (AODV). A detailed simulation rely on any timer based activities, while AODV does to a
model with MAC and physical layer models is used to certain extent. One of our goals in this study is to extract the
study interlayer interactions and their performance relative merits of these mechanisms. The motivation is that a
implications. We demonstrate that even though DSR and better understanding of the relative merits will serve as a
AODV share similar on demand behaviour, the differences cornerstone for development of more effective routing
in the protocol mechanics can lead to significant protocols for mobile ad hoc networks. The rest of the article is
performance differentials. The performance differentials organized as follows. In the following section, we briefly
are analyzed using varying network load, mobility, and review the DSR and AODV protocols. We present a detailed
network size. Based on the observations, we make critique of the two protocols, focusing on the differences in
recommendations about how the performance of either their dynamic behaviours that can lead to performance
protocol can be improved. differences. This lays the foundation for much of the context
of the performance study. We describe the simulation
I. INTRODUCTION environment. We present the simulation results, followed by
In an ad hoc network, mobile nodes communicate with each their interpretations. Related work is presented. We finally
other using multihop wireless links. There is no stationary draw conclusions and also make recommendations for the
infrastructure; for instance, there are no base stations. Each improved design of either protocol.
node in the network also acts as a router, forwarding data
packets for other nodes. A central challenge in the design of 2. A DESCRIPTION OF THE PROTOCOLS
ad hoc networks is the development of dynamic routing A. DSR:
protocols that can efficiently find routes between two
communicating nodes. The routing protocol must be able to The key distinguishing feature of DSR [is the use of source
keep up with the high degree of node mobility that often routing. That is, the sender knows the complete hop-by-hop
changes the network topology drastically and unpredictably. route to the destination. These routes are stored in a route
cache. The data packets carry the source route in the packet
Our goal is to carry out a systematic performance study of two header. When a node in the ad hoc network attempts to send a
dynamic routing protocols for ad hoc networks: the Dynamic know the route, it uses a route discovery process to
Source Routing protocol (DSR) and the Ad Hoc On-Demand dynamically determine such a route. DSR makes very
Distance Vector protocol (AODV). DSR and AODV share an aggressive use of source routing and route caching. No special
interesting common characteristic — they both initiate routing mechanism to detect routing loops is needed. Also, any
activities on an on demand basis. This reactive nature of these forwarding node caches the source route in a packet it
protocols is a significant departure from more traditional forwards for possible future use. Several additional
proactive protocols, which find routes between all source- optimizations have been proposed and have been evaluated
destination pairs regardless of the use or need for such routes. to be very effective by the authors of the protocol , as
The key motivation behind the design of on-demand protocols described in the following:
is the reduction of the routing load. High routing load usually
has a significant performance impact in low-bandwidth
• Salvaging: An intermediate node can use an alternate route dynamically, by taking into consideration the temporal locality
from its own cache when a data packet meets a failed link on of routes.
its source route.
A Critique of DSR and AODV
• Gratuitous route repair: A source node receiving an RERR The two on-demand protocols share certain salient characteristics.
packet piggybacks the RERR in the following RREQ. This In particular, they both discover routes only when data
helps clean up the caches of other nodes in the network that packets lack a route to a destination. Route discovery in
may have the failed link in one of the cached source routes. either protocol is based on query and reply cycles, and route
information is stored in all intermediate nodes along the route
• Promiscuous listening: When a node overhears a packet not in the form of route table entries (AODV) or in route caches
(DSR). However, there are several important differences in
addressed to itself, it checks whether the packet could be the dynamics of these two protocols, which may give rise to
routed via itself to gain a shorter route. If so, the node sends a significant performance differentials.
gratuitous RREP to the source of the route with this new, First, by virtue of source routing, DSR has access to a significantly
better route. Aside from this, promiscuous listening helps a greater amount of routing information than AODV. For
node to learn different routes without directly participating in example, in DSR, using a single request-reply cycle, the source
the routing process. can learn routes to each intermediate node on the route in
addition to the intended destination. Each intermediate node
B. AODV: can also learn routes to every other node on the route. Promiscuous
listening of data packet transmissions can also give DSR
access to a significant amount of routing information. In particular,
AODV shares DSR’s on-demand characteristics in that it also it can learn routes to every node on the source route of
discovers routes on an as needed basis via a similar route that data packet. In the absence of source routing and promiscuous
discovery process. However, AODV adopts a very different listening, AODV can gather only a very limited amount
mechanism to maintain routing information. It uses traditional of routing information. In particular, route learning is limited
routing tables, one entry per destination. This is in contrast to only to the source of any routing packets being forwarded. This
DSR, which can maintain multiple route cache entries for each usually causes AODV to rely on a route discovery flood more
destination. Without source routing, AODV relies on routing often, which may carry significant network overhead.
table entries to propagate an RREP back to the source and, Second, to make use of route caching aggressively, DSR
subsequently, to route data packets to the destination. replies to all requests reaching a destination from a single
request cycle. Thus, the source learns many alternate routes to
AODV uses sequence numbers maintained at each destination the destination, which will be useful in the case that the primary
to determine freshness of routing information and to prevent (shortest) route fails. Having access to many alternate routes
routing loops. These sequence numbers are carried by all saves route discovery floods, which is often a performance
routing packets. bottleneck.
An important feature of AODV is the maintenance of timer- However, there may be a possibility of a route reply
based states in each node, regarding utilization of individual flood. In AODV, on the other hand, the destination replies
routing table entries. A routing table entry is expired if not only once to the request arriving first and ignores the rest. The
used recently. A set of predecessor nodes is maintained for routing table maintains at most one entry per destination.
Third, the current specification of DSR does not contain
each routing table entry, indicating the set of neighbouring
any explicit mechanism to expire stale routes in the cache, or
nodes which use that entry to route data packets. These nodes prefer “fresher” routes when faced with multiple choices. As
are notified with RERR packets when the next-hop link noted in [7], stale routes, if used, may start polluting other
breaks. Each predecessor node, in turn, forwards the RERR to caches. Some stale entries are indeed deleted by route error
its own set of predecessors, thus effectively erasing all routes packets. But because of promiscuous listening and node
using the broken link. In contrast to DSR, RERR packets in mobility, it is possible that more caches are polluted by stale
AODV are intended to inform all sources using a link when a entries than are removed by error packets. In contrast,
failure occurs. Route error propagation in AODV can be AODV has a much more conservative approach than DSR.
visualized conceptually as a tree whose root is the node at the When faced with two choices for routes, the fresher route
point of failure and all sources using the failed link as the (based on destination sequence numbers) is always chosen.
Also, if a routing table entry is not used recently, the entry is
leaves. expired. The latter technique is not problem-free, however. It
The recent specification of AODV includes an optimization is possible to expire valid routes this way if unused beyond an expiry
technique to control the RREQ flood in the route discovery time. Determination of a suitable expiry time is difficult,
process. It uses an expanding ring search initially to discover because sending rates for sources, as well as node mobility,
routes to an unknown destination. In the expanding ring may differ widely and can change dynamically. In a recent
search, increasingly larger neighbourhoods are searched to paper [8], the effects of various design choices in caching
find the destination. The search is controlled by the Time-To- strategies for on-demand routing protocols are analyzed.
Live (TTL) field in the IP header of the RREQ packets. If the Fourth, the route deletion activity using RERR is also conservative
in AODV. By way of a predecessor list, the error
route to a previously known destination is needed, the prior
packets reach all nodes using a failed link on its route to any
hop-wise distance is used to optimize the search. This enables destination. In DSR, however, a route error simply backtracks
computing the TTL value used in the RREQ packets the data packet that meets a failed link. Nodes that are not on
the upstream route of this data packet but use the failed link Phishers are targeting the customers of banks and online
are not notified promptly. payment services. Emails, supposedly from the Internal
The goal of our simulations that follow is to determine the Revenue Service, have been used to glean sensitive data
relative merits of the aggressive use of source routing and from U.S. taxpayers. While the first such examples were
caching in DSR, and the more conservative routing table and
sequence-number-driven approach in AODV.
sent indiscriminately in the expectation that some would
be received by customers of a given bank or service, recent
3. PHISHING ATTACKS : research has shown that phishers may in principle be able
to determine which banks potential victims use, and target
2001: The first known direct attempt against a payment
bogus emails accordingly.
system affected E-gold in June 2001, which was followed
up by a "post-9/11 id check" shortly after the September 11 Social networking sites are a prime target of phishing, since
attacks on the World Trade Center. the personal details in such sites can be used in identity
theft.
2003: The first known phishing attack against a retail bank
was reported by The Banker in September 2003. In January 2009, a phishing attack resulted in unauthorized
wire transfers of US$1.9 million through Experi-Metal's
2004: It is estimated that between May 2004 and May
online banking accounts.
2005, approximately 1.2 million computer users in the
United States suffered losses caused by phishing, totaling
approximately US$929 million. United States businesses
lose an estimated US$2 billion per year as their clients 4. METHODS OF PREVENTION :
become victims.
There are anti-phishing websites which publish exact
messages that have been recently circulating the internet, such
as FraudWatch International and Miller smiles. Such sites
often provide specific details about the particular messages.
To avoid directly dealing with the source code of web pages,
Phishing is recognized as a fully organized part of the hackers are increasingly using a phishing tool called Super
black market. Specializations emerged on a global scale Phisher that makes the work easy when compared to manual
that provided phishing software for payment (thereby methods of creating phishing websites.
outsourcing risk), which were assembled and implemented As recently as 2007, the adoption of anti-phishing strategies
into phishing campaigns by organized gangs. by businesses needing to protect personal and financial 2005:
2006: Almost half of phishing thefts in 2006 were In the United Kingdom losses from web banking fraud—
committed by groups operating through the Russian mostly from phishing—almost doubled to GB£23.2m in 2005,
Business Network based in St. Petersburg. Banks dispute from GB£12.2m in 2004, while 1 in 20 computer users
with customers over phishing losses. The stance adopted claimed to have lost out to phishing in 2005.
by the UK banking body APACS is that "customers must information was low. Now there are several different
also take sensible precautions ... so that they are not techniques to combat phishing, including legislation and
vulnerable to the criminal. Similarly, when the first spate technology created specifically to protect against phishing.
of phishing attacks hit the Irish Republic's banking sector These techniques include steps that can be taken by
in September 2006, the Bank of Ireland initially refused to individuals, as well as by organizations. Phone, web site, and
cover losses suffered by its customers, although losses to email phishing can now be reported to authorities, as
the tune of €113,000 were made good. described below.