(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 4, July 2010
protocol and our proposed ISOR protocol. In this section wepresent a solution model for some countermeasures againstblack hole attacks. This section also deals with theperformance evaluation of our routing protocol and acomparison with the existing AODV routing protocol.II.
DIFFERENT TYPES OF DOS ATTACKS
Security  is the primary challenge to ad hoc wirelessnetworks because of its infrastructure-less features, resourceconstraints and dynamic topology changes. The security issuein MANET for group communication  is even morechallenging because of the involvement of multiple sendersand multiple receivers. DoS attacks  are hard to detect andeasy to implement by an attacker as no hardware is required todo so. These are considered to be the most vulnerable categoryof attacks for network layer thus needs more attention. Theentire network may fail in the presence of such an attack.Some common types of DoS attacks     arediscussed briefly:
- An attacker can drop receivedrouting messages, instead of relaying them as the protocolrequires, in order to reduce the quantity of routinginformation available to other nodes. This is called
by Hu et al., and is a “passive” andsimple way to perform a Denial of Service. The attack canbe done selectively (drop routing packets for a specifieddestination, a packet every
packets, a packet every
seconds, or a randomly selected portion of the packets) orin bulk (drop all packets), and may have the effect of making the destination node unreachable or downgradecommunication in the network.
  isquite severe, and consists in recording traffic from oneregion of the network and replaying it in a differentregion. It is carried out by an intruder node
locatedwithin transmission range of legitimate nodes
are not themselves within transmissionrange of each other. Intruder node
merely tunnelscontrol traffic between
(and vice versa), withoutthe modification presumed by the routing protocol – e.g.without stating its address as the source in the packetsheader – so that
is virtually invisible. This results in anextraneous inexistent
link which in fact is controlledby
can afterwards drop tunneled packets or break thislink at will. Two intruder nodes
′, connected by a
wireless or wired private medium, can also collude tocreate a longer (and more harmful) wormhole.
Jellyfish Attacks –
In this attack, the attacker obeys allthe routing protocol specifications but, delays the packetforwarding process for a certain period of time, resultingin a high end-to-end delay. This attack is difficult todetect as packet drop in this case is negligible.
- An offensive that can be carried outagainst on-demand routing protocols is the
.Typically, on-demand routing protocols state that nodesmust forward only the first received Route Request fromeach route discovery; all further received route requestsare ignored. This is done in order to reduce cluttering. Theattack consists, for the adversary, in quickly forwardingits Route Request messages when a route discovery isinitiated. If the Route Requests that first reach the target’sneighbors are those of the attacker, then any discoveredroute includes the attacker.
- An intermediate node records itsID in the packet before forwarding it to the next node. Inthis type of attack, an attacker simply forwards the packetwithout recording its ID in the packet. This makes twonodes that are not within the communication range of each other believe that they are neighbors (i.e., one hopaway of each other), resulting in a disrupted route.III.
Blackhole attack is one of the most active DoS attackspossible in MANETs. Research on black hole attacks hasgained sufficient momentum. Research focuses mainly onsecuring existing routing protocols, developing new securerouting protocols, and intrusion detection techniques.In  and  new protocols have been designed.Awerbuch et al.  developed a secure new on-demandrouting protocol. It includes link weights which are consideredduring route discovery. The weights are calculated from thepacket delivery fraction of each link. A link not delivering afraction of packets above a certain threshold is consideredmalicious, and therefore the link weight is increased such thatthe link is chosen with smaller probability in the next routediscovery phase. The approach detects a black hole as soon asthe impact occurs, not when the black hole is constructed. In a secure routing protocol based on the Dynamic SourceRouting (DSR) protocol is presented. The authenticity of RouteRequests is verified using message authentication codes(MAC). Furthermore, the authors present three techniques forauthenticating data in Route Requests and Route Replies,where a broadcast authentication protocol for authenticatingrouting messages called TESLA (, ), digital signaturesor MACs are used. Additionally, the authors propose per-hophashing to verify that no node present in the node list of theRoute Request is removed by an attacker. Finally, similar to thework done in  routes are chosen with regard to their priorperformance in packet delivery. The work focuses onauthentication of messages for on-demand protocols.Therefore, their approach is not applicable for pure ad hocnetworks.IV.
HOLE ATTACKING MODEL
Wireless Ad hoc networks are composed of autonomous nodesthat are self- managed without any infrastructure. Besidesacting as a host, each node also acts as a node to discover apath and forward packets to the correct node in the network.The AODV protocol is vulnerable to the well-known black hole attack. An attacker first introduces itself in the forwardinggroup (e.g., by implementing rushing attack), and then instead
This work is part of a WOS-A DST project (ref. no. SR/WOS-A/ET 20/2008, Department of Science & Technology, Government of India)