Black Hole and Selective Forwarding Attack Detection and
Prevention in WSN
Ms. MeghanaShinde
Department of Computer Engineering
KJCOEMR Pune
meghanashinde19@gmail.com
Abstract: A wireless sensor network is vast domain which
is used to while sensing information in various range of
applications. The information which is sensed is further
carried to base station for processing. While processing of
this information, security of the routed data is very
important and is challengeable in WSN. This has occurred
because in unattended environments WSN is implemented.
Researchers have worked on various problem such as
robustness, energy consumption, security etc. from an
ancient period of time. However current paper focuses
more on the routing which is secured as well as
trustworthy pattern. Here we have used the concept of
active trust routing scheme to defend various kind of
attacks during routing of the data packets. Such attacks
mainly consist of black hole attack, Denial of service attack
and selective forwarding attack. The system also protects
the data by hiding during routing by using ECC
algorithm, which provides the security. Experimental
results prove that the, proposed system improves the
security along with prolong network lifetime and low
energy utilization and more efficiency throughout the
network lifetime.
Keywords: Active trust, secure routing, attack prevention, data
encryption.
I. INTRODUCTION
Over few last decades, the popularity of a topic and is more
prone to be important for civil and military applications are
increasing. Due to the advancement in fields like micro-
electronics, integrated electronics that are extremely enhanced
energy accumulators, in the last few time of span, the
development of sensor nodes was so much intensified that the
magnitude of sensor nodes got below average, whereas the
valuation of per sensor went down contemporaneously. The
main motive behind this was that the sensor nodes should
form a jointly together to observe events in erratic
environments by acting in a self-compositely, self-harmonize
ad hoc manner, i.e. without the need of human intervention.
As the fact presents and notifies that the sensor’s energy, in
most cases is dependent on a battery which should be alive for
the lifetime of sensor’s, is determinant limited, the sensor
nodes are restricted in their gauge power, memory and
transmission range.
978-1-5386-4008-1/17/$31.00 ©2017 IEEE 
Prof. D. C. Mehetre
Department of Computer Engineering
KJCOEMR Pune
dcmehetre@gmail.com
The routing of data packets from a source to a sink through the
network is of more interest for the researchers in WSN
domain. Limitation of energy resources is a major impact, as
energy is an important fundamental component in designing of
the routing protocols. Furthermore, to lessen superfluous
transmissions of the same data the coalition of sensed data
needs to be considered in WSN routing protocols. In
preference, most of the current routing protocols endeavor at
metrics like as reliability, robustness, responsiveness and
preserving energy. However, the non-forbearance of possible
security obstacles in the area of routing can be perilous
because in almost all application areas in which WSNs are
used, sensor nodes are deployed in an inimical or unfavorable
environments, providing the opportunity for antagonist to
launch certain attacks against sensor nodes. Specifically, the
arresting and negotiating of nodes is an imperative issue
because it is easy for adversaries to access the sensors
substantially.
Secure Routing:
Routing is one thing that extricates WSN from other networks.
Secure routing has to be done to ignore signal spoofing,
implanting of concoct message into the network, alteration of
messages while transmission, weave formation of loops,
bypass redirection of shortest path. System fault, error data
may also cause the network collapse. Secure routing has to be
done to surmount the attacks and information loss. Secure
routing through the trusted node is one of the ways to avoid
the attacks mentioned above [10]. Secure routing protocol
have to consider the sensor network limitation such as limited
memory, energy, resource constrained.
Trusted Node:
To ensure the trustworthiness of the node trust has to build up
between nodes. Trusted node refers to the node which operates
normally, that is sensing and forwarding packets to proper
destination without any information loss. To find the trust
node as well as recognizing of malicious node many types of
schemes are used, some of them are discussed here. In Trust
based method, Trust values can be estimated from the
reputation along with behavior of the node.
Routing attacks in WSN:
There are different types of attacks possible by malicious
nodes to damage the network and make the network unreliable
ƒ‰‡ͳ
for transmission and proper functioning [9]. Some of such
kinds of attacks are given below:
1. Wormhole Attack
It is an attack on which the messages are Tunneling as
well as replicating from one location to another through
alternative low latency links, that join two or more points
(nodes) of the WSN by using strong communication
resources than normal nodes and establishing better real
communication channels (called tunnel). This nodes work
fully invisible.
2. Sinkhole Attack
This attack Attract or draw the all possible network traffic
to a compromised node by placing a malicious node
closer to the base station and enabling selective
forwarding.
3. Selective Forwarding Attack
In this attack, a compromised node refuses to forward
some of the packets in its outstanding buffer, such as
manage information or data packets in order to cut off the
packets propagation.
4. Black hole Attack
In the network, a black hole is an attack in which
malicious node attracts all the traffic. By advertising that
it has the shortest path in the network. So, it produce a
symbolic black hole with the malicious node or the
adversary at the center. This black hole drops all the
packets it receives from the other nodes.
5. Grey hole Attack
This attack is similar to the black hole attack except that
the malicious node selectively or randomly
forwards/drops only some of data packets that they are
routed through it, at random intervals to secure from its
forged/artificial path.
6. Denial of Service Attack
A Denial of Service (DoS) attack is one that attempts to
avoid the victim from being able to use all or part of
his/her network connection. DoS attack permit an
adversary to sabotage, rattle, or destroy a network, and
also to scale down network’s capability to lend a service.
Contributions of proposed system are:
• Data is encrypted using ECC.
• Data is verified at each node while data sending using
SHA.
• Generate hash of encrypted data and then send
encrypted data with its hash value. Again calculates
hash from received data and cross check this
calculated hash value with received, if hash matched
then only data is accepted.
• Each node also checks data trust that is type of data.
II. LITERTURE SURVEY
In paper [1] authors have enforced a new security as well as
trust routing system which depends on active detection. The
developed system has High successful routing security,
anticipation as well as scalability. The Active Trust system is
 Third International Conference on Computing, Communication, Control And Automationƒ‰‡ʹ
978-1-5386-4008-1/17/$31.00 ©2017 IEEE 2017
able to sense the nodal trust after that it is also able to stop
doubtful nodes. The developed system is also highly energy
efficient; it makes use of silt energy for procreation of
multiple detection routes. At last they have conducted test runs
to verify the results.
In paper [2] authors have designed an algorithm as well as
built up for the dynamic formation of cluster heads as well as
clusters depending on distance of the nodes from cluster node
utilizing genetic algorithm as well as trust of the sensor nodes.
Cluster data is forwarded to every of the nodes as well as then
real-time routing occurs.
In paper [3] authors have implemented system for the purpose
of detection of the sinkhole attack inside the WSN. The
designed system is light weight system. Also the novel
message digest algorithm which has high complexity as well
as has few collision resistant is designed for identifying the
sinkhole attacks. The system designed is capable of finding
the sinkhole at the time when digest forwarded in the trustable
route as well as new route are different.
In paper [4] authors have worked on muting security in WSN.
They have noticed that, none of the sensor network protocols
acknowledge the security in grant. After this observation they
have found and given few security goals for routing in sensor
network, which gives the possible ways of attacks on ad-hoc
as well as peer-to-peer network, will be adapted in potent
attacks in protest with sensor networks. Also, implemented
two classes of new type of attacks against sensor network
known as sinkholes as well as HELLO Roods.
In paper [5] authors proposed a system for finding as well as
monitoring the selective forwarding attack in WSN. The
selective forwarding attack can be detected in network layer
without any great amount of efforts. In this sort of attack the
attacked node work in the similar way as the different nodes
present in the network but it may try to change or drop the
private data before the sending the packet to other sensor
nodes. The system developed in this paper provides guaranty
for the data while transferring between nodes.
In paper [6] authors have developed a new multipath
transmitting system. The built-up system is utilized as a
defense technique against selective forwarding attack. In
proposed system at the time of routing if a node senses a
packet drop; the packet is forwarded via alternate route.
Because of the resending technique reliability of the routing
mechanism is maximized.
In paper [7] authors are making use of unmanned aerial
vehicles (UAVs) for finding the black hole attacks inside
WSN. In black hole attack a faulty node which shows that the
route to the destination is shortest and feasible one hence they
attract more traffic and drops all the packets. In proposed
system UAV is utilized for verifying nodes as well as
(ICCUBEA)
Sequential Probability Ratio Test technique as a dynamic
threshold system for avoiding malicious nodes.
In paper [8] authors implemented a method which is
depending on two cluster heads inside a cluster. In the
detection phase the base station finds the faulty node. And in
removal phase the faulty node is deleted by the base station.
Authors also provided some feature scope to improve the
system.
III. SYSTEM DESCRIPTION
A. System Overview
Figure 1 depicts the overall description of trustable secure
routing scheme in WSN. This system consists of active
detection routing protocol and data routing protocol. This
system detects and prevents the black hole attack, selective
forwarding attack and data type attack. Initially network is
deployed by entering the number nodes. After that source and
destination is selected by user. According to figure 1, node 0
and 12 are source and destination.

Figure 1. Trustable Secure Routing

Black Hole Attack Detection and Prevention:

After network generation, all possible multiple number of
paths are computed from source to destination. Through each
path, Detection Packet (DP) is sent. Detection packet contains
following information:

DP = {Source ID, Destination ID, Path length} …….. (1)

Here, path length is the number of hopes to destination node.

After receiving DP, each node in path sends the Feedback

Packet (FP) to source node.

FP = {Source ID, Destination ID, Path length} ………. (2)

Then source node compares this FP with DP. If suppose node

is attacker node, it will make path length==0, which means
that it is the destination node. But source nod already have the
ID of destination node. If the Destination Node ID in DP ==
Destination Node ID in FP, and Path length ==0, then and
only then node is genuine node, otherwise it is black hole
attacker node. If such case occurs, system discards this path to
destination node. In this way, black hole attack is prevented.

Fig. 2. Flow of System

978-1-5386-4008-1/17/$31.00 ©2017 IEEE  ƒ‰‡͵

2017 Third International Conference on Computing, Communication, Control And Automation (ICCUBEA)
Trustable Route Selection:
In this approach, we calculate the threshold value for each
path and path with minimum threshold value is treated as most
secure path for data routing. For this, initially, each node has
its own Trust value, which is calculated using following
equation:
­°C AB = ¦ w {ΔBA (ti ) | ∧ BA (ti ).(h i / w)},.....w ≠ 0
NodeTust = ® i =1
°̄0,......w = 0
……3)
Also for each node, distance to destination node is calculated.
For each node threshold value is computed with following
equation:
்௥௨௦௧
݄ܶ‫†Ž‘Š•‡ݎ‬ே௢ௗୣ ൌ ஽௜௦௧௔௡௖ୣ…..(4)
Then for each path, threshold is calculated by using following
equation:
݄ܶ”‡•Š‘Ž†௉௔௧௛ ൌ ෍ ݄ܶ”‡•Š‘Ž†ே௢ௗ௘
௙௢௥௡௢ௗୣ୭୲୭୬
(5)
This is the sum of all node’s threshold value in that path.
Finally, path with minimum threshold value is considered as
the most trusted and secure path for data routing.
Selective Forwarding and Data Type Attack Detection and
Prevention:
After route selection, Packet information is sent through this
path. It contains:
PI = {Type of Data, Size of Data} ………(6)
When any node receives the data packet, it verify the data with
packet information. If the type of data is not matched, then it
is found that data type attack is happened on its previous node.
In this case, node drop that packet and forward remaining
packets to next node.
In selective forwarding attack, size of data is not matched with
size of data in data packet. So node recovers this data from
previous node of attacker node. Because of this, packet loss
ratio is minimum in proposed system.
Data Security:
To protect the information, system makes use of ECC
algorithm. By using this algorithm, data is encrypted before
actual routing. After encryption original data is protected from
unauthorized entities.
To check the data integrity at node SHA1 Hashing method is
used.
Steps are as follows:
1. Generate the data at source node.
2. Convert data into packets.
3. Encrypt each packet by using ECC Encryption
Algorithm.
978-1-5386-4008-1/17/$31.00 ©2017 IEEE  International Conference on Computing, Communication, Control And Automation (ICCUBEA)
2017 Third
4. For each encrypted packet, generate Hash using
SHA-1 Hashing Algorithm.
5. Send encrypted packet and its respective hash value
through selected trustful routing path.
6. At each receiving node in path, hash is calculated for
received encrypted packet.
If new hash is = = received hash, then data is protected. It is
not affected by attacker.
B. Proposed Routing Algorithm
1. Source selects any one node from its neighbors.
2. Check its distance from sink and trust. If trust is
greater and distance is less then send information of
packet size to that node.
3. Otherwise select another node from neighbor list and
repeat step 2.
4. Process continuous until path up to sink is detected.
5. Source sends data packets through path.
6. Each node checks size of data packet. If size of
received packet is not equal to the size stored earlier
then its previous node will send data to next node by
discarding current node.
7. If node = = sink then data routed successfully
otherwise repeat step 6.
IV. RESULTS AND DISSCUSSION
A. Experimentl Setup
The system is built using Java framework (version jdk 6)on
Windows platform. The NetBeans (version 6.9) is used as a
development tool. For network creation system used Jungtool.
The system doesn’t require any specific hardware to run; any
standard machine is capable of running the application.
B. Performance Measures
1. Energy Consumption:
Energy Consumption of the sensing device must be minimum
and sensor nodes must be energy efficient because limited
energy resource determines their lifetime.
Energy consumption formula for sending a k-bit message to a
distance d:
ETx(k , d) = Eelec * k + ∈amp + k * d 2
where,
ETx is energy consumed while data sending
Eelec is energy of transmitter
amp is amplifier energy, k is constant, d is distance.
Energy consumption formula for receiving a k-bit message:
E Rx (k) = E elec * k
where,
ERx is energy consumed while receiving data.
ƒ‰‡Ͷ
Eelec is energy of transmitter, k is constant. Latency = Time of packets received at Destination node –
2. Packet Delivery Ratio (PDR): Time of packet generated at Source node.
The calculation of Packet Delivery Ratio (PDR) is based on
the received and generated packets as recorded in the trace
file. In general, PDR is defined as the ratio between the
received packets by the destination and the generated packets
by the source. The formula of PDR are as follows:

୘୭୲ୟ୪୬୳୫ୠୣ୰୭୤୮ୟୡ୩ୣ୲ୱୟ୲ୢୣୱ୲୧୬ୟ୲୧୭୬
PDR in %= ୘୭୲ୟ୪୬୳୫ୠୣ୰୭୤୔ୟୡ୩ୣ୲ୱୋୣ୬ୣ୰୲ୣୢୟ୲ୗ୭୳୰ୡୣ
* 100

C. Evaluation Results
The existing system detect only blackhole attack. When
Selective forwarding attack occurred then existing system fail.
In proposed system we detect Selective forwarding attack as
well as prevent it by discarding that node. This make system
more secure and consume less energy and enhance the
network lifetime.
Fig.5. Path Length Comparison
Figure 5 represent the length of routing paths for different size
of network in proposed system and existing system. In
propose system, length of routing path is minimized, so that
the energy consumption gets reduced during data sending.
Path length is nothing but the number of hopes from source to
destination in particular path.

Fig.3. Energy Consumption Comparison

Figure 3 represent the energy consumption for different size of

network in proposed system and existing system. Energy
consumption is minimum in proposed system, because black
hole attacker is detected before actual data routing and also
data is recover after packet drop. Fig. 6 Throughput comparison

Figure 6 represent the throughput of proposed and existing

system. Throughput is the number of packets delivered over
the total simulation time. It is calculated as:
Throughput = [Total number of packets delivered at
destination / Total simulation time] * 100.

Fig.4. Latency Comparison

Figure 4 shows the latency comparison for different size of

network in proposed system and existing system. Latency for
existing system is minimum than proposed one. It is an
expression of how much time it takes for a packet of data to Fig.7. Packet Drop Ratio Comparison
get from one designated point to another.

978-1-5386-4008-1/17/$31.00 ©2017 IEEE  International Conference on Computing, Communication, Control And Automation (ICCUBEA)
2017 Third ƒ‰‡ͷ

Out of multiple trusted paths, one trusted path will be selected.
Data will be sent through that selected path. But during data
sending in base system, if at any node energy is insufficient
then whole data will not be reach to the destination, which
leads to load imbalanced situation. Wherein proposed system
if same condition is occurred, data will be sent through
another trusted path and in this way whole data will reach to
destination. Due to this packet drop ratio in proposed system
will be minimum as compared to base system as shown in
figure 7.
V. CONCLUSION
In WSN, the security is the most challenging problem. In most
of the security issues, secure routing, this paper studied
various types of attacks during routing and also some recent
solutions to provide secure routing. This paper focuses on the
black hole attack and selective forwarding. To detect and
prevent such kind of attacks, system makes use of updated
active trust scheme and data routing scheme along with data
type checking during routing. Also system enhance the
privacy of data by encrypting it before actual routing starts, by
using ECC algorithm. Experimental results prove that,
proposed system is better that existing one in terms of
security, trustable routing, and network lifetime and energy
consumption.
References
[1] Y. Liu, M. Dong, K. Ota and A. Liu, "ActiveTrust: Secure
and Trustable Routing in Wireless Sensor Networks," in
IEEE Transactions on Information Forensics and
Security, vol. 11, no. 9, pp. 2013-2027, Sept. 2016.
[2] S. Das, Barani S, S. Wagh and S. S. Sonavane, "Energy
efficient and trustable routing protocol for Wireless
Sensor Networks based on Genetic Algorithm (E2TRP),"
2016 International Conference on Automatic Control and
Dynamic Optimization Techniques (ICACDOT), Pune,
2016, pp. 154-159.
[3] S. Sharmila and G. Umamaheswari, "Detection of
Sinkhole Attack in Wireless Sensor Networks Using
Message Digest Algorithms," 2011 International
2017 Third International Conference on Computing, Communication, Control And Automation (ICCUBEA)
978-1-5386-4008-1/17/$31.00 ©2017 IEEE
Conference on Process Automation, Control and
Computing, Coimbatore, 2011, pp. 1-6.
[4] Karlof and D. Wagner, "Secure routing in wireless sensor
networks: attacks and countermeasures," Proceedings of
the First IEEE International Workshop on Sensor
Network Protocols and Applications, 2003., 2003, pp.
113-127.
[5] N. M. Alajmi and K. Elleithy, "A new approach for
detecting and monitoring of selective forwarding attack in
wireless sensor networks," 2016 IEEE Long Island
Systems, Applications and Technology Conference
(LISAT), Farmingdale, NY, 2016, pp. 1-6.
[6] P. C. Geethu and A. R. Mohammed, "Defense
mechanism against selective forwarding attack in wireless
sensor networks," 2013 Fourth International Conference
on Computing, Communications and Networking
Technologies (ICCCNT), Tiruchengode, 2013, pp. 1-4.
[7] M. Motamedi and N. Yazdani, "Detection of black hole
attack in wireless sensor network using UAV," 2015 7th
Conference on Information and Knowledge Technology
(IKT), Urmia, 2015, pp. 1-5.
[8] P. Dewal, G. S. Narula and V. Jain, "Detection and
prevention of black hole attacks in cluster based wireless
sensor networks," 2016 3rd International Conference on
Computing for Sustainable Global Development
(INDIACom), New Delhi, 2016, pp. 3399-3403.
[9] Kellner, Ansgar, Omar Alfandi, and Dieter Hogrefe. "A
survey on measures for secure routing in wireless sensor
networks." International Journal of Sensor Networks and
Data Communications 1 (2012): 1-17.
[10] Latha, D., and K. Palanivel. "Secure Routing Through
Trusted Nodes in Wireless Sensor Networks–A
Survey." International Journal of Advanced Research in
Computer Engineering & Technology (IJARCET) 3
(2014): 8.
ƒ‰‡͸