PERFORMANCE EVALUATION OF MANAET IN

AODV ROUTING PROTOCOL UNDER

WORMHOLE ATTACK USING NS3
A
Dissertation
submitted
in partial fulfillment
for the award of the Degree of
Master of Technology
in Department of Computer Science and Engineering
(with specialization in Computer Science and Engineering)

Supervisor Submitted By
Amit Kumar Bairwa Himanshu Gautam
Asst. Prof. 13E2RECSM4XP606
Department of Computer Science and Engineering
Rajasthan Institute of Engineering and Technology
Rajasthan Technical University
August, 2017
 Acknowledgement
I would like to thank my guide Asst. Prof. Amit Kumar Bairwa for his
valuable guidance. I appreciate his presence for giving all discussions,
suggestions and the time for me whenever I needed him.
I am heartly thankful to my coordinator, Asst. Prof. Vijay Sharma,
whose encouragement, guidance and support from the initial to the
final level have enabled me to develop an understanding of the subject.
I would also like to give my special thanks to the Prof. Kapil Dev
Sharma (HOD CSE,), Dr. Saroj Hiranwal (Principal) and the
management of Rajasthan Institute of Engineering and Technology for
providing the opportunity to me to undertake this work.
I also want to thank my friends and family for their encouragement and
support. In particular, I am grateful to my parents for their love and for
instilling in me a deep sense of academic pride.
Lastly, I offer my regards and blessings to all of those who supported
me in any respect during the completion of the work.
 Objective
Few characteristics of a Mobile Ad hoc Network, such as dynamic topology
and shared wireless medium, pose various security challenges.
This research focuses on the performance investigation of MANET routing
protocols, under various the security attacks.
Network performance is evaluated in terms of end to end delay, routing over
head, network load and throughput, when a percentage of nodes misbehave.
Find out which protocol has the highest resistance to security attacks.
Find out is there any benefit of behaving maliciously or selfish.
 Introduction
Mobile Ad Hoc Network
Collection of mobile nodes that can dynamically form a network that does
not rely on any infrastructure.
Each device will work as computational device as well as router.
Each device will have limited battery.
 MANET Challenges
Regardless of the attractive applications, the features of MANET introduce
several challenges that must be studied carefully before a wide commercial
deployment can be expected. These include:

1) Routing

2) Security and Reliability

3) Quality of Service (QoS)

4) Power Consumption
 Routing protocol
Routing protocol may generally be categorized as three types
ABR
ACOR
Reactive Protocol
AODV
DSR
CGSR
DSDV
MANAET Routing Protocol Proactive Protocol
OLSR
WRF
ARPAM
OORP
Hybrid Protocol
TORA
ZRF
 Continue
1)Dynamic Source Routing

Reactive or On Demand
Two phases of DSR protocol
1)Route discovery
2) Route maintenance

Performance Evaluation of DSR on the basis of following parameter

1. Throughput
2. End to end delay
3. Normalized Routing Load
4. Packet Delivery Ratio.
 Ad-hoc On Demand Distance Vector

Combination of DSR & DSDV

Two phases of AODV protocol
1)Route discovery
2) Route maintenance
 Security Attributes
1)Confidentiality
2)Authentication
3)Integrity
4)Non-repudiation
5) Availability
6) Access control
 SECURITY ATTACKS IN
MANET
Types of attacks
Passive attacks
Active attacks
External attacks: Caused due to nodes which are not part of
network
Internal attacks: Caused due to nodes with in network

Examples of different attacks :

Denial Of Service(DOS), Impersonation, Eavesdropping, Sinkhole Attack,
Wormhole Attack , Sybil Attack , Black hole Attack , Gray hole Attack
etc
MANET Attacks
 Attacks on Different Layers of Protocol Stack

Layers Example of Attacks

Application Layer Repudiation, Data corruption, Viruses, Worms, Malicious codes

Transport Layer Session hijacking, SYN flooding

Sybil attack, Sinkhole attack, Black hole attack, Gray hole attack,
Network Layer Wormhole attack, Spoofing, Flooding, Location disclosure, Route
table overflow, Route table poisoning, Route cache poisoning

Traffic monitoring and analysis, Disrruption MAC (802.11), WEP

Data-Link Layer
weakness

Physical Layer Jamming, Interception, Eavesdropping

 Attacks on Different Layers of Protocol Stack

Layers Example of Attacks

Application Layer Repudiation, Data corruption, Viruses, Worms, Malicious codes

Transport Layer Session hijacking, SYN flooding

Sybil attack, Sinkhole attack, Black hole attack, Gray hole attack,
Network Layer Wormhole attack, Spoofing, Flooding, Location disclosure, Route
table overflow, Route table poisoning, Route cache poisoning

Traffic monitoring and analysis, Disrruption MAC (802.11), WEP

Data-Link Layer
weakness

Physical Layer Jamming, Interception, Eavesdropping

 Wormhole Attack
Worm hole, in cosmological term, connects two distant points in
space via a shortcut route.
Wormholes and Its Variants
 Wormhole Attack
Wormhole attack two phase
process:
1. get as much data as possible,
take advantage of these data.

2 malicious node which are able

to tunnel packets to each other:
out-of-band channel,
encapsulation,

One node overhear packets, tunnels

to the other node which then replay
into the network at that point.

More nodes want to send data via Fig. Wormhole Attack

the wormhole link

The attack can also still be performed even if the network communication provides
confidentiality and authenticity and even if the attacker has no cryptographic key.
 Wormhole Attack

Hidden Attack:
The attackers do not modify either the content or the header of packets. W1,
W2 are invisible to other nodes.
S A1 B1 D
A1, B1: fake neighbors

Exposed Attack:
The attackers do not modify the content of the packets but include themselves
in the packet header following the route setup procedure.
S A1 W1 W2 B1 D
Other nodes know the existence of wormhole nodes but they do not know
wormhole nodes are malicious

The main difference: neighborhood

Hidden Attack creates many fake neighbors but Exposed Attack does not.
 Packet Leashes

Temporal packet leashes:

The sender A puts a time stamp (sending time) into the header.
The receiver B will estimate the distance between A & B based on the
transmission time & speed of the packet.
D = (<receiving time> <sending time>) * <transmission speed>
If the distance is longer than maximum radio range -> reject communication.
Require tightly synchronized clock

Geographical packet leashes:

The sender A puts its location & the time of sending into the packets header.
The receiver B will estimate the distance between A & B.
Require every node to know its location
 Neighbor Authentication

(RTT) Round Trip Time: A node A send a special packet to node B,

requiring immediate reply from node B.
RTT between A & B is the delay time between A sending the packet &
receiving reply.
A node A will calculate every RTTs between A & its neighbors.
RTT between A & its fake neighbors are much greater than RTT between A
& its real neighbors.
Can not detect exposed attack

2
RTT2 RTT3 3

A w w

RTT1 RTT4
1 4

Fig 2. Round Trip Time Fig 3. Neighbor Authentication

 Proposed Mechanism

We calculate all transmission times between two successive nodes along the path
established between the source & the destination.
Each intermediate node calculates the transmission time between it and the
destination, put the value into RREP & send back to the source node.
S A B C D
TSREQ R R EQ
Processing
TAREQ Time
R R EQ

RR
EQ
TBREQ

TCREQ
RTTS,D
R R EQ
TDREQ
RTTA,D
Time

TDREP
TCREP R R EP RTTB,D
RTTC,D

EP
RR RTTS,A
TBREP
RTTA,B
TAREP R R EP
RTTB,C
TSREP
R R EP RTTC,D
Processing Time
RREP format
RREQ Format
 Black hole Attack
In Computer networking , a packet drop attack or black hole attack is a type
of denial-of-service attack in which a router that is supposed to relay
packets instead discard them.
This usually occurs from a router becoming compromised from a number
of different cases.
Because packets are routinely dropped from a lossy network, the packet
drop attack is very hard to detect and prevent.
The malicious router can also accomplish this attack selectively, e.g. by
dropping packets for a particular network destination, at a certain time of
the day, a packet every n packets or every t seconds, or a randomly selected
portion of the packets
 Effect of Black Hole Attack on Dynamic
Source Routing Protocol
In DSR, the source node gets multiple paths to reach each
destination and best path will be decided based on minimum hop-
count.
Again the aggressive use of route cache will allow DSR to find a
current existing path without any new route discovery or choose an
alternate path to the destination in the presence of route failure or link
breakage due to mobility.
This will save large route discovery overhead and effectively reduce
the time delays. This route cache works fine with low traffic load
and lower mobility; however it will face some problems when the routes
in its cache become expired due to host mobility.
Under these conditions, the source node will continue to use these
expired routes without any notice
 Tools & Technique for Implementation

Network Simulator (NS-3.25)

ns-3 is open-source, and the project strives to maintain an open
environment for researchers to contribute and share their
software.
ns-3 is not a backwards-compatible extension of ns-2; it is a
new simulator. The two simulators are both written in C++
but ns-3 is a new simulator that does not support the ns-
2 APIs. Some models from ns-2 have already been ported
from ns-2 to ns-3.
 About ns3
ns-3 has been developed to provide an open, extensible
network simulation platform, for networking research and
education.
ns-3 provides models of how packet data networks work
and perform, and provides a simulation engine for users to
conduct simulation experiments.
To study system behavior in a highly controlled,
reproducible environment, and to learn about how networks
work.
Available model set in ns-3 focuses on modeling how
Internet protocols and networks work, but ns-3 is not
limited to Internet systems; several users are usingns-3 to
model non-Internet-based systems.
Cont.
 About ns3
Cont.
ns-3 is designed as a set of libraries that can be combined together
and also with other external software libraries.
Several external animators and data analysis and visualization tools
can be used with ns-3. However, users should expect to work at the
command line and with C++ and/or Python software development
tools.
ns-3 is primarily used on Linux systems, although support exists for
FreeBSD, Cygwin (for Windows), and native Windows Visual
Studio support is in the process of being developed.
ns-3 is not an officially supported software product of any company.
Support for ns-3 is done on a best-effort basis on the ns-3-users
mailing list.
 AODV Protocol In Mobile Ad- Hoc Networks.

1) Packet Delivery Ratio:

The number of attacker, the Packet Delivery Ratio is high or low. If
the number of them increases, the Packet Delivery Ratio is low,
because we have grey hole attack.
2) End to End Delay
End to End Delay is not more different between two states (attack or no
attack), because the topology is dynamic and the figured structure in
first state is change in next times.
3) Throughput
Throughput or network throughput is the average rate of successful message delivery over a
communication channel. This data may be delivered over a physical or logical link, or pass through a
certain network node. The throughput is Usually measured in bits per second (bit/s or bps), and
sometimes in data packets per second or data packets per time slot. As from the graph we can say as
number of malicious node increase dropping ratio increase.
 Simulation Results of Selfish
Behaviour
1. Static Topology with Constant Bit Rate Traffic In static topology, routes are established at
the beginning of session and remain valid throughout the session. So route overhead is low
compare to dynamic topology and do not consume more energy. From Figure we can say that
as number of selfish node increase in network, good node need to do more work to
compensate the selfish node work. So good node need to spend more energy to complete the
work. Simulation result show that selfish nodes save more energy as number of selfish node
increase in network.
 Dynamic Topology with Constant Bit
Rate Traffic
1. In mobile network scenario, routes may break frequently and routing overhead is a large
component in energy consumption.
2. When node density is high and all the nodes participate in flooding based route discovery
done by DSR, nodes consume more energy. This in turn means that density play important
role in dense network.
3. When some nodes behave selfishly, they prune all route request coming to them. So they
reduce the number of control packet in network hence reduce energy consumption of good
nodes as well as selfish nodes
 1) Route Overhead:

Route overhead Vs Num. of Selfish Node for CBR Traffic From Figure, We can say that
when some nodes behave selfishly, they prune control packets and reduce the routing
overhead. As number of selfish nodes increase, Routing overhead of overall network
decrease drastically. Due to drastic decrement in routing overhead, overall network become
efficient and good nodes as well as selfish nodes saves energy.
2) Throughput: Figure shows the throughput of network with varying number of selfish
nodes. Simulation results suggest that certain numbers of selfish nodes are good for network.
It also improves network throughput and make network efficient. When initially density is
high, the probability of collision increase.

Figure shows Throughput Vs Num. of Selfish Node for CBR Traffic As more number of
nodes behaves selfishly, network density decreases which in turn decrease the
probability of packet collision. So up to certain limit, selfish nodes are good for network.
 Effect of Worm Hole Attack on
AODV Protocol
In worm hole attack, all network traffics are redirected to a specific node which
does not exist at all. Because traffics disappear into the special node as the matter
disappears into Black hole in universe. So the specific node is named as a Black
hole.
A worm hole has two properties. First, the node exploits the ad hoc routing
protocol, such as AODV, to advertise itself as having a valid route to a destination
node, even though the route is spurious, with the intention of intercepting packets.
Second, the node consumes the intercepted packets.
Worm hole attacks in AODV protocol routing level can be classified into two
categories: RREQ worm hole attack and RREP Black hole attack. Following are
our simulation results that demonstrate the effects of worm hole attack on AODV
protocol in Mobile Ad- Hoc Networks.
1) Throughput:
Figure shows the throughput of network with varying number of selfish nodes
Simulation result suggest that as number of worm hole attacker increase network
become disconnected because every path will go through attacker nodes and that
node will drop all packets and its throughput decrease significantly. .
End to End Delay:
From below figure we can say that as number of attacker increase,
End to end delay increased because network is not able to find
appropriate in presence of worm hole attack.
3) Routing Overhead:
Simulation result suggest, In presence of worm hole nodes overall
routing overhead is decreased because worm hole node does not
forward route request and route reply packets
Comparative Results
 Throughput

Percentage improvement is 02.20 %

 Packet Delivery Ratio
Percentage improvement is 02.40 %
 End to End Delay
Percentage improvement is 3.30 %
 Routing Overhead
Percentage improvement is 3.20%
 Conclusion
During selfish behavior, selfish nodes save more energy
than good nodes. As number of selfish node increase,
residual energy of good node decrease.
During malicious attack, based on the number of raider, the
Packet Delivery Ratio is high or low. If the number of them
increases, the Packet Delivery Ratio is low, because we are
dropping data packets.
As number of malicious node increase our throughput
decreases because nodes are not able to find path towards
destination and that causes dropping.
In case of Wormhole attack, the routing overhead is
decreased. This is because this attacker does not forward
routing packets and that reduce overall routing overhead.
 Future Work
Future work involves the study of certain attacks on network
under stochastic modeling for nodes participating in the
routing path, and its effect on routing protocol by comparing
various network parameters. It is also aimed to find the
analytical expression for the same.
 Publications
Himanshu Gautam, Amit Kumar Bairwa, Dr. Sandeep Joshi
, Paper titled Performance Evaluation of NANET in
AODV Routing Protocol Under Wormhole Attack Using
NS3 Presented in International Journal of Engineering,
Management & Sciences (IJEMS) , ISSN-2348 3733,
Volume-3, Issue-11, November 2016.

Himanshu Gautam, Amit Kumar Bairwa, Dr. Sandeep Joshi

, Paper titled Routing Protocols under Mobile Ad-hoc
Network Presented in International Journal of
Engineering, Management & Sciences (IJEMS) , ISSN-
2348 3733, Volume-3, Issue-11, November 2016.
 References
Yanxia Rong, S. K. Lee, and H. A. Choi, "Detecting stations cheating on backoff rules in 802.11 networks using sequential
analysis," In Proc. IEEE INFOCOM '06, 15-jun-2014.
Cenker Demir and Cristina Comaniciu, An Auction based AODV Protocol for Mobile Ad Hoc Networks with Selfish Nodes,
IEEE International Conference on 24-28- June- 2011.
Zahara Safaei , Mohammad Hossein Anisi an Fatemeh Torgheh, A Reputation-Based Mechanisms to enforce Cooperation in
MANETs, Software, Telecommunications and Computer Networks, ( SoftCOM 2008) 16th International Conference on 25-27
Sept.- 2012.
C.-K. Toh, D. Kim, S. Oh, and H. Yoo, The controversy of selfish nodes in ad hoc networks, in Proceedings of the Twelveth
international conference on Advanced communication technology, pp.20-26, 20-June- 2010.
F. Kargl, A. Klenk, S. Schlot, and M. Webber, Advanced detection of selfish or malicious nodes in ad hoc networks, springer -
verlag berlin Heidelberg, vol. 05, pp. 152-165, 15-Jan. - 2009.
G. Corradi, J. Janssen, and R. Manca, Numerical Treatment of Homogeneous Semi-Markov Processes in Transient Case a
Straightforward Approach, Methodology and Computing in Applied Probability, vol. 6, pp. 233246, Feb. -2014.
J.-K. Lee and J. C. Hou, Modeling Steady-state and Transient Behaviors of User Mobility: Formulation, Analysis, and
Application, in Proc. of ACM MobiHoc 06, vol.08, pp. 8596, May- 2012.
S. Marti, T. J. Giuli, K. Lai, and M. Baker, Mitigating Routing Misbehavior in Mobile Ad hoc Networks, in Proc. of ACM
MobiCom, pp. 255265, 2010.
D. Chen, S. Garg, and K. S. Trivedi, Network Survivability Performance Evaluation: A Quantitative Approach with Applications
in Wireless Ad-hoc Networks, in Proc. of the ACM International Workshop on Modeling, Analysis, and Simulation of Wireless
and Mobile Systems, pp. 6168, Sep.- 2002.
D. Goyal and J. J. Caffery, Partitioning Avoidance in Mobile Ad Hoc Networks Using Network Survivability Concepts, in Proc.
of the 7th International Symposium on Computers and Communications, May- 2012.
P. Snow, U. Varshney, and A. D. Malloy, Reliability and Survivability of Wireless and Mobile Networks, IEEE Computer
Magazine, vol. 33, pp. 449454, Jul.-2011.
F. Xing and W. Wang, Modeling and Analysis of Connectivity in Mobile Ad Hoc Networks with Misbehaving Nodes, in Proc. of
IEEE Conference on Communications, pp. 179184, Jun.-2006.
 References
H. Kawahigashi, Y. Terashima, N. Miyauchi, and T. Nakakawaji, Desiging Fault Tolerant Ad Hoc Networks, in Proc. of
IEEE/AFCEA Military Communications Conference, pp. 115121, Jan.-2005.
L. Buttyan and J.-P. Hubaux, Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks, Mobile Networks and
Applications, vol. 8, no. 5, pp. 579592, Oct.-2003.
M. Zhao and W. Wang, A Unified Mobility Model for Analysis and Simulation of Mobile Wireless Networks, ACM-Springer
Wireless Networks, vol. 6, no. 4, pp. 184191, September -2007.
N. Sadagopan, F. Bai, B. Krishnamachari, and A. Helmy, PATHS: Analysis of PATH Duration Statistics and their Impact on
Reactive MANET Routing Protocols, in Proc. of ACM MobiHoc ,03-Jun.- 2010.
Ian D. Chakeres and Elizabeth M. Belding-Royer, "AODV Routing Protocol Implementation Design" Proceedings of the
International Workshop on Wireless Ad Hoc Networking, Tokyo, Japan, March- 2004.
J. Hortelano, C.-T. Calafate, J.-C. Cano, M. de Leoni, P. Manzoni, and M. Mecella, worm-hole attacks in p2p mobile networks
discovered through bayesian filters, in Proceedings of OTM Workshops, pp. 543552, jun.-2010.
David B. Johnson, David A. Maltz and John Broch, DSR: The Dynamic Source Routing Protocol for Multi-Hop Wireless Ad hoc
Networks in Ad hoc Networking edited by Charles E. Perkins, Chapter 5, pp. 139-172, Oct.-2001.
L. Buttyan and J. P. Hubaux, Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks, in ACM Journal for Mobile
Networks (MONET), Special Issue On Mobile Ad Hoc Networks, Jan.-2003.
Y. Li, G. Su, D. Wu, D. Jin, L. Su, and L. Zeng, The impact of node selfishness on multicasting in delay tolerant networks,
Vehicular Technology, IEEE Transactions on, vol. 60, pp. 2224 2238, jun 2011.J. P. Sterbenz, R. Krishnan, and et. al, Survivable
Mobile Wireless Networks: Issues, Challenges, and Research Directions, in Proc. of ACM Workshop on Wireless Security pp. 31
40, Sept.-2002.
Thank you

Queries!!!!