You are on page 1of 5



Blackhole Attack Effect Elimination in VANET Networks
Using IDS-AODV, RAODV and AntNet Algorithm
Rand S. Majeed and Mohammed A. Abdala

Abstract— In vehicular ad-hoc networks, security is one of the most challenging problem. This is because of the nature of the network
that has high speed, mobility and large amount of network entities, so the controlling of network becomes more difficult and may lead the
network to be vulnerable to the security attacks that affect its performance. One of these attacks is the black hole attack, which is a network
routing attack that takes advantage of the route discovery procedure of routing protocol, to show itself as having the shortest path to the des-
tination node or to the node that wants to take its packets. In this paper, AODV was chosen to be the routing protocol to transmit traffic mes-
sages between vehicle nodes. There are several number of mechanisms to improve the security of AODV routing protocol against blackhole
attack. Three classifications of scenarios were implemented in this paper using NS2 simulator (for network simulation) with SUMO simulator
(for traffic network simulation) include: scenarios without attack's effect, the scenarios under black hole effect, and scenarios with implement-
ing suitable solutions. IDS-AODV, RAODV which are modifications of AODV and AntNet algorithm were used to eliminate the effect of black-
hole attack with single and multiple attackers effect. The results of total number of dropped packets was obtained, analyzed, compared, and
shows an improvement of AODV routing protocol performance.

Index Terms— SUMO; NS2; AODV; RAODV; IDS-AODV; AntNet.

—————————— u ——————————

VANET networks are one of the modern wireless net-
work classes. They are known as one of ad-hoc net-
works that enable real-life applications such as com-
munication between nearby vehicles or between vehi-
cles and road side equipment’s [1]. Vehicular networks
system domain can be divided into: the mobile domain,
the infrastructure domain, and the generic domain.
There are three types of communications in VANET
networks that allow vehicles to communicate with each
other’s or with nearby road side equipment’s which
include: Vehicle-to-Vehicle (V2V) communication, Ve-
hicle-to-Infrastructure (V2I) communication, and Vehi-
cle-to-Broadband (V2B) communication [2]. Fig. 1. VANET architecture [3].
C2C-CC is the proposal reference architecture for
VANET networks. It contains three domains: in-vehicle,
ad-hoc, and infrastructure domains. Fig. 1. illustrates 2 SECURITY IN VANET
this reference architecture. The in-vehicle domain re- In VANET, as the need for service discovery is in-
fers to the local network inside each vehicle which con- creased, drivers may generate security problems for
tains two types of units: an on-board unit (OBU) which themselves or for the other users in the network. The
is responsible for communication capabilities like (wired node conductance in VANET network is an important
or wireless), and one or more application units (AUs) issue because it may threaten the delivery of service
which has the responsibility of executing a single or a and security of communication. It may behave as self-
set of applications. The AU and OBU can be connected ish node by not allowing messages to forward to other
using wired or wireless connections. The ad-hoc do- nodes in the network, so there is a need for appropriate
main can be composed with roadside units (RSUs). An security architecture to ensure security communication
RSU can be connected to an infrastructure network and detect selfish nodes in vehicular network [1].
which can be connected to the Internet [1].
In VANET networks, the message transmission model
———————————————— depends on the type of services that is divided into: ITS
• R. Majeed. is with the Department of Networks Engineering, College of safety services which deal with broadcast transmission
Information Engineering, Al-Nahrain University, Bagdad, Iraq.
• Assis. Prof. Dr. M. Abdala. is with the Department of Networks Engineer-
and non-ITS services which deal with multicast and
ing, College of Information Engineering, Al-Nahrain University, Bagdad, unicast transmission models [1]. To ensure the security
Iraq. of transmission, number of security requirements
should be presented in VANET networks as the follow-

• Availability: It includes that each node in 4 PROPOSED SOLUTIONS
the network is capable to send messages Three solutions were used to eliminate the effect of
at any time [4]. blackhole attack in the case of single and multiple
blackhole attacks and improve security of AODV Rout-
• Access Control: it is important to attach ing protocol on the ad-hoc vehicular network. These
every node in the network with fixed roles solutions are:
and determines what each node can do in
the network and type of the messages that • R-AODV (Reverse-AODV)
can be generated by it [5]. The proposed R-AODV protocol was used to
eliminate the effect of blackhole attack by dis-
• Message Confidentiality: is used to ensure covering routes using a reverse route discovery
that the message is read only by authorized procedure. The source and destination nodes
parties in communication group [5]. send the control messages in the same way dur-
ing the discovery procedure. The destination
• Authentication: it means that the message node floods reverse request (R-RREQ), to find
generation should be done by legal user [6]. source node after receiving RREQ message.
The source node starts transmitting packets af-
• Privacy: the privacy of vehicle nodes should ter receiving (R-RREQ) message [10].
be ensured against unauthorized nodes [6].
• IDS-AODV (Intrusion Detection System-
In this attack, the attacker node advertises itself as Intrusion Detection System can be defined as a
having a shortest path to the node that want to take its system software used for monitoring the events
packets. So, it takes the advantages of route discovery occur in the network or the computer system
of routing protocol procedure. In this way, it always has and analyzing the behaviors of malicious nodes
the ability in replying to the route request and thus in- that deal with confidentiality, integrity and avail-
tercept the data packet. Blackhole attacks are classi- ability of a computer system [11].
fied into two categories [7]: Ming-Yang Su suppose a mechanism called Anti
Blackhole Mechanism (ABM) and an IDS
• Single Blackhole Attack: only a single scheme to solve the problem of blackhole at-
node behaves as a malicious within a net- tack. The IDS node in the beginning execute the
work. ABM function in sniffing mode. The value of the
dubious node can be evaluated by ABM be-
• On Collaborative Black Hole Attack: mul- cause of the illegal difference among the routing
tiple nodes behave as malicious nodes with- information’s sent from this suspicious node. Af-
in a network. ter the normal node receives message sent from
the IDS node, the malicious node is added to the
Blackhole attack has mostly affect proactive routing
protocols, and greatly affect AODV routing protocol.
block table. Then the normal node replies with
After advertising itself as having a shortest path, it RREP to establish routing table. If the reply re-
takes the packets without forwarding them. Any node ceived from the node listed in the block list, the
wants to send data it will send firstly a Route Request normal node drops this reply to prevent the at-
Message to all neighbors including black hole node. tacker node [12].
The black hole node is the first node that reply the
sender node by sending the Route Reply quickly back • ACO (AntNet Colony Optimization) Algorithm
to that node. When the sender node receives the reply The AntNet Colony Optimization can be defined
message, it begins transmitting packets to the at- as the algorithm of optimization family that is
tacker's node path. Then the packets will be dropped based on the real ant’s behavior. the ants in this
after received by the attacker node [8]. Black hole at- algorithm explore the network to find the optimal
tack in AODV protocol can be performed in two ways path, then update the routing tables, and estab-
[9]: lish the statistical model for traffic transmitted by
nodes in the network [13].
• Black hole caused by RREQ: the mali-
cious node sends a fake RREQ (Route Re-
quest) message to form blackhole node. 5 SIMULATION DESIGN
two simulators were used to simulate VANET network
• Black hole caused by RREP: The mali-
by making the integration between them: SUMO (Simu-
cious node may generate a RREP (Route
lation of Urban Mobility) [14] version 0.25.0 as a traffic
Reply) message to form Black hole.

simulator was used to simulate real time vehicular sim- three sets of scenarios were running, including:
ulation and NS2 (network simulation) [15] version 2.35 • First set of scenarios which includes running the
as a network simulation of AODV routing protocol scenarios
simulation to simulate VANET network with defining with changing speeds and number of nodes to
suitable parameters as shown in Fig. 2. see what happens to their performances.

• Second set of scenarios includes running of
simulation of AODV routing protocol under the
effect of blackhole attack to see how it affects
the performance of AODV.

• Third set of scenarios includes running
simulation scenarios with implementing so-
lutions for single and multiple blackhole at-
tacks then compare the results of them.

In this paper, the total dropped packets matric was
measured to show the performance of VANET net-
work under the effect of blackhole attack and how it
Fig. 2. Integration between SUMO and NS2. improves with using the proposed solutions.

Table 1 shows the parameters used for the For single blackhole attack, RAODV solution was
simulation. AODV routing protocol was used, used to improve the performance of AODV routing
Wireless channel for wireless connection, sig- protocol as shown in figure 3.
nals were propagated using omni antenna,
number of nodes equals to (100), were posi-
tioned randomly over (2700 * 2700) meter area,
the simulation time was 600 seconds, and the
IEEE 802.11p VANET MAC protocol was used.

Table 1

Network simulation parameters.

Parameter Value

Type of channel Wireless channel

Type of antenna Omnidirectional Fig. 3. Total Dropped Packets for 100 nodes with RAODV
for single blackhole attack.
Propagation Model Two Ray Ground

Packet Length 512 Byte The AntNet and IDS-AODV solutions can be
used for single and multiple blackhole attacker
Traffic Type UDP nodes.
• For single blackhole attack, figures 4 & 5
Simulation Time 600 sec shows how the performance of AODV routing
protocol in VANET can be improved using
Routing Protocols AODV
AntNet and IDS-AODV solutions.
Type of channel Wireless channel

No. of nodes 100

Speeds (kmph) 40,50,60,70

Simulation area (m) 2700*2700

Fig. 4. Total Dropped Packets for 100 nodes with AntNet for
single blackhole attack. Fig. 7. Total Dropped Packets for 100 using IDS-AODV for
multiple blackhole attacks.

• The blackhole attack is one of the attacks that has a
high effect on the performance of AODV routing pro-
tocol. The number of dropped packet increases with
increasing the number of blackhole attacker nodes.

• The RAODV is an efficient solution that improve the
performance of AODV under the effect of single
blackhole attacker node. It decreases the number of
loss packets because the RAODV eliminates the ef-
fect of blackhole attack by discovering routes using
reverse route request message.

• IDS-AODV improves the performance of AODV rout-
Fig. 5. Total Dropped Packets for 100 nodes with IDS-
AODV for single blackhole attack. ing protocol under the effect of blackhole attack by
detecting and preventing this node from hacking
packets and put it in the blocklist. However, it has a
• For multiple blackhole attacker nodes figures drawback of having a high delay compared with Ant-
6 & 7 shows how the performance of the Net and RAODV solutions.
AODV routing protocol will improve using
AntNet and IDS-AODV soloutions to eliminate • The performance of VANET network is affected by the
the effect of the attacker nodes. number of nodes and speed. In this paper it was seen
that with increasing the speeds, the number of total
dropped packets was increased because when the
speed of nodes increased, this may made the source
to be far from the destination and hence increases the
number of dropped packets.

• AntNet algorithm has the least efficiency comparing
with IDS-AODV in case of multiple blackhole attack
because it deals with small number of nodes. When
the number of nodes increase, its efficiency in solving
attacks problems will be reduced.


[1] Hassnaa Moustafa, Yan Zhang, “vehicular networks
techniques, standards, and applications”, Taylor & Francis
Fig. 6. Total Dropped Packets for 100 nodes using AntNet
Group, LLC, US ,2009.
for multiple blackhole attacks.

[2] Wenshuang Liang, Zhuorong Li, Hongyang Zhang, Shenling
Wang, and Rongfang Bie, “Vehicular Ad Hoc Networks:
Architectures, Research Issues, Methodologies, Challenges,
and Trends”, International Journal of Distributed Sensor
Networks, 2015.
[3] Abdul Kalam Kunnel Aboobaker and Dr. Stephen Wolthusen
“Performance analysis of Authentication Protocols in
Vehicular Ad Hoc Networks (VANET)”, Department of
Mathematics, Royal Holloway, University of London,
[4] Maxim Raya and Jean-Pierre Hubaux, “Securing vehicular
ad hoc networks”, Journal of Computer Security, 2007.
[5] Al-Sakib Khan Pathan, “security of self-organizing networks
MANET, WSN, VANET”, Taylor & Francis Group, LLC, US
[6] Parul Tyagi and Deepak Dembla, “A Taxonomy of Security
Attacks and Issues in Vehicular Ad-Hoc Networks
(VANETs)”, International Journal of Computer Applications,
Vol. 91, No.7, April 2014.
[7] Nidhi Gupta, Sanjoy Das and Khushal Singh, “A
Comprehensive Survey and Comparative Analysis of Black
Hole Attack in Mobile Ad-Hoc Network”, International Journal
of Computer, Electrical, Automation, Control and Information
Engineering, Vol.8, No.1, 2014.
[8] Jaspal Kumar, Muralidhar Kulkarni, and Daya Gupta, “Effect
of Black Hole Attack on MANET Routing Protocols”,
Computer Network and Information Security, 2013.
[9] Sheenu Sharma and Roopam Gupta, “Simulation Study of
Blackhole Attack in the Mobile Ad-hoc Networks”,
International Conference on Network Applications, Protocols
and Services, Malaysia, 2008.
[10] Chonggun Kim, Elmurod Talipov, and Byoungchul Ahn, "A
Reverse AODV Routing Protocol in Ad Hoc Mobile
Networks”, 2006.
[11] Shivani Sharma and Tanu Preet Singh,” An Effective
Intrusion Detection System for Detection and Correction of
Gray Hole Attack in MANETs”, International Journal of
Computer Applications, Vol. 68, No. 12, april-2013.
[12] Fan-Hsun Tseng, Li-Der Chou and Han-Chieh Chao, “A
survey of black hole attacks in wireless mobile ad hoc
networks”, Human-centric Computing and Information
Sciences, 2011.
[13] Shuchita Upadhyaya and Richa Setiya, "AntNet: Modified
Routing Algorithm for Packet Switched Networks”, VOL. 2,
NO. 1, Jul-2009.