Journal of Advanced Research in Dynamical and Control Systems Vol. 9.

Sp– 14 / 2017

LESSENING OF BLACK HOLE AND WORMHOLE ATTACKS USING

NEIGHBOR BASED SCF TREE, R3T2, PAP AND ELLIPTIC CURVE
PSEUDO RANDOM CRYPTOGRAPHY ALGORITHM

K.P.Manikandan1, Dr.R.Satyaprasad2, Dr.Kurra.Rajasekhara Rao3

1
Associate Professor, IT Department, Dhanalakshmi Srinivasan College of Engineering, Coimbatore, TN.
2
CSE Department, Achariya Nagarjuna University, Nagarjuna Nagar,AP.
3
Professor in CSE & Director, Usha Rama College of Engineering and Technology, Telaprolu, AP.
1
manikandan_kp111@rediffmail.com , 2profrsp@gmail.com, 3krr_it@yahoo.co.in

ABSTRACT

Mobile Adhoc network (MANET) is widely used network topology for secured reliable
communication. Some malfunctions affect the security of the network, due to illegal nodes
present in the network. The black hole and wormhole are attacks which cause packet loss and
vulnerable to network. In this proposed method, the main objective is to provide secure data
communication and also reduce malicious node present in the network. These suspicious
nodes, which behave like selfish and a thread node in the route for transmissions are detected
using Self Centered Friendship (SCF) tree infrastructure. The trust value is calculated for the
trusted communication between the nodes. The Rapid Response Round Trip Time (R3T2) is
calculated to find the route without any malicious attackers earlier. In this R3T2 method, the
response time and request time of node are calculated. Then it is upgraded for every
transaction and stored as part of history interaction to select the path route without attacker
node. In addition to that it finds the shortest path route by using an algorithm called Path
Assignment Protocol (PAP). PAP is the combination of hybrid method of zone routing
protocol and zone hierarchical link state routing protocol, which helps the node to find the
shortest routing path among the network. Elliptic Curve Cryptography (ECC) encryption
method is used to secure the data packets. Based on the elliptic curve, the packets are
encrypted in a highly secured manner. The ECC is a type of public key encryption. So the
attack node does not retrieve any data information of packets, finally the result shows that
this method is highly secured and less vulnerable than all existing protocols.

Keywords:MANET, SCF Tree, Trust value, R3T2, PAP, ECC.

JARDCS Special Issue On Environment, Engineering & Energy 1077

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

1. INTRODUCTION:

A MANET is a temporary network formed by several wireless mobile hosts without any
stand-alone infrastructure. MANET is a self-centered and self- organized network, which is a
widely used wireless communication network [1]. The nodes in networks are mobile nodes
and able to communicate with other nodes and works as both a host and a router. The main
advantage of MANET is a self-configuring infrastructureless network of mobile devices
connected by wireless. In this case, a destination is out of range belongs to source node which
transmitting packets. The path of the route or forwarding of packets is always needed to find.
This sometimes leads to the un-prediction of connectivity changes due to mobility of nature
[2].

In a MANET, there are more opportunities of prone to attacks and vulnerability. A secured
transmission of data packets is important to protect the privacy of the message. The
vulnerability of the network affects the entire network. MANET has no central
administration, which is responsible for detection and prevention of malicious nodes. The
security involves limited processing time and limited availability of resources such as battery
power and memory [3]. So the nodes have to cooperate within themselves in the network.
The protocols are used for secure routing, allocation and establishment of the communication
path. These kinds of information are very sensitive and have to protect from the malicious
nodes. The attackers may partition the network, or introduce a traffic overload by inefficient
routing or retransmission [4-6].

There are two types of attacks in MANET such as passive attacks and active attacks. The
passive attacks are non-disruptive attacks, that is, it does not affect the operation of the
network. The attacker snoops the data without altering the network path. The active attacks
are disruptive attacks which attempt to alter and destroy data for transmission. It is further
classified into internal and external attacks. The node which is responsible for the attack is
not being a part of the network, and it is referred as external attack. But in internal attack, the
attacker node will be a part of the network as an authorized member. This type of attack is
very difficult to detect and cause severe malfunction within its network [4] [5].

In network layer, some of dangerous attacks are black hole attack and wormhole attack. The
nodes introduce itself as a member of the network to all nodes in network and advertise it as
shortest path. This attack is called as a black hole attack. It learns the routing protocol and

JARDCS Special Issue On Environment, Engineering & Energy 1078

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

does any malware functions on node which passing through them.As a result, the data packets
through that malicious node are lost [7] [9]. Another attack is wormhole attack. In this the
malicious node receives packets and tunnels it to another malicious node. This tunneling
between malicious nodes are called wormhole [8]. To prevent the packets from these attacks,
the encryption method is needed [10].

2. LITERATURE REVIEW:

E.SureshBabu et al (2015), proposed a Secure Routing Protocol against Heterogeneous

Attacks (SRPAHA) protocol, for detection and defending the process of malicious nodes. It
gives the efficient security solution for wireless adhoc network from attacks. This algorithm
is analyzed using some parameters such as Route acquisition time, PDR, Throughput,
overhead and average delay. This algorithm achieved less control overhead and higher
security than existing algorithms [14].

BanothRajkumar et al (2016),developed a CA distribution and trust value is calculated for

proving trust based certificate revocation for secure routing. A trust established solution in
mobile adhoc network based on public key certificates. This mechanism is used for certificate
revocation and validation.The direct and indirect trust value is computed. Then secret key is
distributed to all the nodes. By this method misbehaving node are eliminated [15].

Swapnoneel Roy et al (2017), ECC based authentication and key exchange protocols are
proposed for analysis of vulnerabilities and make more secure against threads. In this paper, it
is explained that ECC based authentication and key exchanging protocols are efficient to find
thread modeling and secure data from network attackers.ECC provides a guarantee of a level
of security [16].

Upendrasingh et al (2016), proposed a trusted securing AODV routing protocol to focus on

mitigating the black hole and wormhole attacks. MANET is a decentralized network where
the nodes are mobile dynamically. The black hole attack works on highest sequence number
during reply messages. A group of black hole attack nodes called collaborative black hole
attacks. The effects of black hole and wormhole attacks are computed based on trust values
[17].

Arun Kumar K A et al (2016), discussed the FPGA implementation of black hole and
wormhole detection and avoidance methods. It is detected in the MAC-physical layer itself

JARDCS Special Issue On Environment, Engineering & Energy 1079

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

by randomly changing the Packet travel time (PTT). By using a Partial-Reconfiguration

technique MAC layer and Physical layer are implemented. Probe request and Probe response
messages are used for authentication of nodes [18].

LeventErtaul et al (2005), proposed a new approach by combining Elliptic Curve

Cryptography and Threshold Cryptosystem. It is to secure deliver messages during
transmission. In this splitting plaintext before encryption and splitting cipher text after
encryption is considered for secure data forwarding. Also exchange keys between two mobile
nodes using ECC Diffie-Hellman. This paper compares ECC and RSA and shows ECC is
more efficient [19].

3. PROPOSED MODEL:

The attacks such as a black hole and wormhole attacks reduce its vulnerabilities by using this
proposed method. In this the node which acts as selfish or any malicious node is detected and
removed from the network group using the SCF Tree technique. Then to authorize the node
for trustworthy communication, trust value is calculated. This value is used to find that the
nodes are original or fake; trust value is calculated for all nearby neighbor nodes for each
node in the network. R3T2 is also computed to make the network communication without
malicious node. After the completion of the node analyzation process, the shortest path is
found by new algorithm called PAP is developed in this model. Some malicious nodes are
very intelligent that may attack the network externally and can retrieve the information of
packets. So the data packets are encrypted using ECC encryption algorithm. In existing
method, elliptic curve values are used for encryption. In this proposed model, pseudo random
numbers are generated and used for encryption.

JARDCS Special Issue On Environment, Engineering & Energy 1080

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

Figure 1: Process of Proposed Model

3.1 SELF CENTERED FRIENDSHIP (SCF) TREE:

The scope of SCF Tree is to attain high accessibility in traffic overhead. This is a prominent
concern in every network. The traffic overhead increases when the replica allocation of
specified data without concern of the other node’s in replica allocation techniques. In a
MANET, to maintain real world friendship management among the nodes, the degree of
selfishness has to be measured. Since this SCF tree has only non- selfish nodes.

This tree is constructed based on its distance and angle of the node. First step is to find the
Cluster Head (CH) of the network. The cluster is created and the node which has maximum
number of neighbors is nominated as cluster head. The cluster is formed based on parameters
such as mobility, distance, cost, power, connectivity and identity. Then the distance between
each node in the cluster is calculated for finding the neighbor nodes. It is also essential to
calculate transmission range. The distance of a node is given as,

𝑑 = (𝑥 + 𝑦 )

Where 𝑥 is the difference between two x axis co-ordinates nodes and 𝑦 is the difference
between two y axis co-ordinates. Then the angle is calculated to find the life time of a path
life time. Each link life time is restrained the path. The equation of the life time is,

−(𝑢𝑙 + 𝑣𝑑) + (𝑢 + 𝑣 )𝐸 − (𝑢𝑑 − 𝑙𝑣)

(𝐿𝑇 , 𝐿𝑇 )=
𝑢 +𝑣

JARDCS Special Issue On Environment, Engineering & Energy 1081

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

In the above equation d refers to distance, u be 𝜏 sin 𝜃 − 𝜏 sin 𝜃 and v be

𝜏 cos 𝜃 − 𝜏 cos 𝜃 and 𝑙 = 𝑥 − 𝑥 where 𝜏 and 𝜏 denotes velocities of nodes and
𝜃 and 𝜃 denotes the direction angles of nodes and E is the transmission range.

Let 𝑁 be a node in a cluster, and it can build its own SCF tree with depth. 𝑁 first adds one
hop neighbor node as child nodes and then checks recursively for child nodes and its
appended nodes. The neighbor nodes within one hop distance are discovered based on the
neighbor list of each node. It includes four steps,

• Neighbor discovery to build a neighbor list of every node

• List exchange

• Detection of malicious node

• List reconstruction

The nodes in the network, find its neighbor nodes and prepare a list which has the
information about the neighbor. This process is done using HELLO message, the node
broadcast this message and other nodes authenticate its Node ID and add that node to the list
and send back reply message. Then this list is prepared and exchanged between the nodes to
modify the changes in the list. If any node seems to be malicious node, it is noted and
exchanged this new list of other nodes to remove these malicious nodes from the list. For this
purpose reconstruction of list is needed. The SCF tree of each node updates based on
network topology at that time also when relocation occurs. After completing the building
process of SCF tree, nodes create its replica in every relocation period for future
communication. It directly creates the replication in the local memory space of non-selfish
nodes in a fully distributed manner.

The nodes are categorized into some levels referred to a number of nodes as fit number of
node 𝑁 , denoted as 𝑓 . If 𝑓 is small, then 𝑁 suffers lack of trustworthy nodes. Sometimes
frequently used data storage causes low data accessibility. If 𝑓 is too large, it may also cause
poor data accessibility. 𝑁 Computes 𝑓 using average of shared space for all connected
nodes and all data items. Then its number of levels are denoted as 𝑡 .

JARDCS Special Issue On Environment, Engineering & Energy 1082

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

𝑇𝑜𝑡𝑎𝑙 𝑛𝑢𝑚𝑏𝑒𝑟 𝑜𝑓 𝑑𝑎𝑡𝑎 𝑝𝑎𝑐𝑘𝑒𝑡𝑠

𝑓 =
𝐴𝑣𝑒𝑟𝑎𝑔𝑒 𝑜𝑓 𝑠ℎ𝑎𝑟𝑒𝑑 𝑠𝑝𝑎𝑐𝑒 𝑓𝑜𝑟 𝑎𝑙𝑙 𝑐𝑜𝑛𝑛𝑒𝑐𝑡𝑒𝑑 𝑛𝑜𝑑𝑒𝑠

𝑛𝑢𝑚𝑏𝑒𝑟 𝑜𝑓 𝑒𝑣𝑒𝑟𝑦 𝑐𝑜𝑛𝑛𝑒𝑐𝑡𝑒𝑑 𝑛𝑜𝑑𝑒𝑠

𝑡 =
𝑓

After the construction of SCF tree, trust value is calculated to every node to make trustworthy
connections without any malicious node in the network. To make trusty connections among
the nodes trust value is calculated.

Algorithm: SCF Tree

R: Range of transmission for node in tree

𝑑 : Distance of child node
d: Distance of transmission range
𝐿𝑇 : Life time of child node
LT: Threshold Life time
𝜃 : Angle of child node
TV: trust value

START
For (CH as SCF tree root node (N))
Search for child node 𝑁
If ( 𝑁 is within R)
Calculate 𝑑 and 𝜃 between N and 𝑁
If ( 𝑑 < d and 𝐿𝑇 > LT)
Check trust value TV
Add 𝑁 to SCF tree
Else
Dismiss the node
End if
Continue
End if
End for
END

JARDCS Special Issue On Environment, Engineering & Energy 1083

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

The trust value for detection of malicious node is given in the following section.

3.2 TRUST VALUE CALCULATION:

The trust relationship between all nodes of network is an important factor in communication.
Trust is also called as degree of belief on another entity’s behavior and paramount to ensure
the secured connection between the nodes. The relation is based on the previous connection
history details. It is represented in two ways, as commonly called,

 Direct trust
 Indirect trust

Direct Trust:

Figure 2: Direct trust communication

The connection establishment is done depends on the previous history between a subject and
an agent successfully in a direct manner. Each connection of nodes maintains a trust value of
its neighbor nodes. After the transmission of data, the sender changes itself in promiscuous
mode to get the acknowledgments from immediate neighbors within its range. Using this
acknowledgement the sender calculates a direct trust value (DTV) of its neighbor node. As
shown in figure 2, if A is the sender it calculates the trust value of node B in a fixed interval
of time (ΔT), using following two cases,

( )
Case 1: 𝑤ℎ𝑒𝑛 𝐹 > 𝐷 𝐷𝑇𝑉 =

( )
Case 2: 𝑤ℎ𝑒𝑛 𝐹 ≤ 𝐷 𝐷𝑇𝑉 =

Where 𝐹 is the number of packets successfully forwarded, 𝐷 is the dropped packet ratio, CT
be the current trust value and DTV represents direct trust value. In case 1, the value of
forwarded packet is greater than dropped packets, so the value of trust is increased relatively.

JARDCS Special Issue On Environment, Engineering & Energy 1084

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

In case 2, the value of forwarded packet is less than or equal to dropped packets, so the direct
trust value is decreased monotonically.

Indirect Trust:

Figure 3: Indirect trust communication

The connection is established through third party trust recommendation. That is if A and B
are in direct trust connection and B and Y are also in direct trust connection. Then B
recommends Y for communication between A and Y. So between the nodes A and Y’s
indirect trust connection is established successfully. The above figure 3 shows this indirect
trust connection. This indirect trust value (IDTV) is calculated by following equation,

𝑇𝑖(𝐵)
𝐼𝐷𝑇𝑉 =
𝑁

Where 𝑇𝑖(𝐵) gives trust value gathered from the neighbor node for node B and N is the total
number of neighbor nodes of node B.

Finally the total trust value is obtained from the addition of above two derived values. The
constants α and β are used in this calculation. It is formulated as,

𝑇𝑟𝑢𝑠𝑡 𝑣𝑎𝑙𝑢𝑒 (𝑇𝑉 ) = 𝛼 ∗ 𝐷𝑇𝑉 + 𝛽 ∗ 𝐼𝐷𝑇𝑉

Where the constants α + β is equal to 1. This shows that the trust value depends on both direct
and indirect trust value.

JARDCS Special Issue On Environment, Engineering & Energy 1085

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

Figure 4: Trust value updating process

The figure shows the process of trust value calculation and operation. The result value is
updated in the trust table. This process is repeated for every node in the network. if the TV is
below a threshold level it is considered as untrustworthy otherwise it is considered as
trustworthy. This value is used to find the untrustworthy nodes, which helps to find malicious
nodes in the network. Then R3T2 is also calculated to find shortest path and time interval of
packets to find malicious node, is explained below.

3.3 RAPID RESPONSE ROUND TRIP TIME (R3T2):

This R3T2 is used to detect the malicious node which is present in the network. The route
path is selected without malicious node before transmission to avoid packet loss. It also
detects the early stage of attack by comparing the history of the previous transmission,
whether the time period of total transmission packet delivery is higher or lower time which
varies with presence of suspicious node. It calculates the request and response time of the
node for detection process. R3T2 involves the following steps,

 Timeline flow for Rapid Response Round Trip Time

 Normal node𝑅 (𝑇 )
 Nearest neighbor node selection

JARDCS Special Issue On Environment, Engineering & Energy 1086

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

Figure 5: Rapid Response Round Trip Time Process

As shown in the figure 5, the message transmission and calculation of round trip time is
explained below.

Timeline flow for Rapid Response Round Trip Time:

The message transmission between sender and receiver uses intermediate nodes, which are
available in the shortest route. Let assume, intermediate nodes are 𝐼 and 𝐼 respectively.
Then request message [𝑅 ] , is sent by the sender node to all nearby nodes to find the
shortest path. At the same time, response time from destination is calculated and maintained.

Normal node𝑹𝑹𝒆𝒒 (𝑻):

In this step, the request and response time of each node is stored and maintained for future
reference. The previous history of nodes is compared to every time taken by packet
communication. The delivery time is calculated with new interval between two distinct

JARDCS Special Issue On Environment, Engineering & Energy 1087

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

nodes. The request and response time is stored in past interaction history. This maintains the
details like a gateway to interface node, node identity number and metric value for current
communication. If any packet is being transmitted, then its metric value, routing details and
history with respect to source node is stored in that past interaction history.

If any packet did not reach the destination where the path is already existed in past interaction
history, then it is due to two reasons, namely already that route is patterned or the route
contains some malicious node. Also the parameters such as delay due to intruder, PDR,
energy consumption, control overhead, queue delay and agent trace of the overall network.
These values are used to analyze the correct route path of each node.

Nearest neighbor node selection:

In this step, the neighbor node of both source node and destination node is discovered. The
time required for transmission of packet with respect to the request and response messages
has been calculated. To compare these values it is stored for all nearby shortest node. This
time period is compared to the normal node R (T), is used to find the suspicious attacks
like a black hole and wormhole attack.

Past Interaction History Table:

The table which is present in each node contains the information of neighbor nodes. And it
also updates the request time, response time of the packet each time of communication. The
route path details also stored for future reference. The previous details have to be checked
and compared every time for the detection of malicious nodes. When time variation occurs,
trust valued is checked whether the value is between the threshold value of 0 to 1.

Table 1: Past interaction history table

Current
No of No No.of. Previous Record Current Record
Network Id Next Hop Node Cost
Nodes Iteration Route
To Gateway
presen of Same on the
Destination Request Response Request Response
Source ID Gateway Interface Metric ted Path gateway
ID Time Time Time Time

0.0.0.0 0.0.0.6 192.168.0.1 192.168.0.100 10 126 1260 2 350 ms 200 ms 350 ms 200 ms

127.0.0.0 127.0.0.4 127.0.0.1 127.0.0.1 1 16382 16382 7 400 ms 150 ms 400 ms 150 ms

192.168.0.0 192.168.0.18 192.168.0.100 127.0.0.1 10 100 1000 1 350 ms 200 ms 350 ms 200 ms

192.168.0.100 192.168.0.110 127.0.0.1 127.0.0.1 10 27889 278890 11 690 ms 490 ms 690 ms 490 ms

192.168.0.1 192.168.0.3 192.168.0.100 192.168.0.100 10 27734 277340 11 500 ms 350 ms 500 ms 350 ms

JARDCS Special Issue On Environment, Engineering & Energy 1088

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

The number of iteration and number of route on gatway is calculated as follows,

Number of iteration on same path = Number of nodes presented ∗ cost metrics

number of gateway between the two nodes
Number of route on the gateway =
current number of nodes to gateway interfaces

R3T2 Algorithm:-

Start
For (source node)
Send Rreq (Route Request) to nearby nodes.
Calculate
Request time
Response time
Packet delivery time
Collect
Gateway detail
Neighbor node detail
Update past interaction history table
Compare with previous details in table
If (Calculate time variation or packet does not reach destination)
Check - route path attack or patterned
Check trust value within threshold limit
If (Malicious Attack occurs)
Calculate
PDR
Energy consumption
Control overhead
Queue delay
Else
Find route path is patterned
End if
Delete this route path
End if

JARDCS Special Issue On Environment, Engineering & Energy 1089

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

Search for other route path

End for
End

The protocol used in our proposed method for finding the minimum shortest path and also to
find suspicious nodes, is discussed in following section.

3.4 PATH ASSIGNMENT PROTOCOL (PAP):

The PAP is an algorithm developed to find the minimum shortest path in the network. It is the
combination of two routing protocols such as Zone Routing Protocol (ZRP) [11] and Zone
based Hierarchical Link State protocol (ZHLS) [11,12]. This hybrid technique is used to
reduce the overheads in between the malicious nodes. These two protocols are hybrid
functions of both proactive and reactive protocols, which have highly efficient routing
performance. In ZRP the network is divided as many overlapping zones with respect to
knowledge of neighboring nodes. Each node of the network has to maintain network
connectivity and details of its neighbors. This reduces the routing zone and latency in route
discovery. In ZHLS the routing of mobile nodes based on their physical location by using
devices like global positioning system (GPS). Then the network is divided into non
overlapping zones based on its geographical information. In this routing protocol each node
has Zone ID and Node ID which are used to make the virtual link between the nodes if they
have at least one physical link between the zones. These protocols provide the higher
performance like throughput, bandwidth, power requirement, control overhead, routing
structure, time interval, and scalability.

This hybrid technique PAP finds the distance and route based on the node ID and the zone ID
of corresponding destination. This new algorithm performs better than pure reactive and
proactive protocols. It reduces the number of intermediate nodes used to transmit data packets
by selecting a shortest path. So the performance of route discovery is more than other routing
techniques due to its combined operations of hybrid zone routing protocols. This also selects
the route without a suspicious node, in case, if, any malicious node appeared it detect and
change its route path without attacker nodes. This PAP method can eliminate the black hole
and wormhole attack on the network, though it removes suspicious node.

PAP Algorithm:

JARDCS Special Issue On Environment, Engineering & Energy 1090

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

// Protocols used: ZRP and ZHLS Routing protocols.

// Each node has its own Node ID and Zone ID

Start
For (each node)
Select nodes within the minimum distance (in hop count) //IARP
Calculate distance and zone radius
If (Distance<zone radius)
Create node id and zone id
Else
Dismiss that node
End if
End for
For (source node)
Broadcast “Hello” beacons // to all nodes I zone to find the destination node (IERP)
If (Destination node ID is present)
Communication established
Else
Broadcast query message to peripheral nodes // BRP
Search destination ID in its zone
If (Destination node present)
Route reply is sent back to the source node
Else
Route request is forwarded to other peripheral node
End if
End if
Check matching of node ID and zone ID)
If (matches)
Communication established
Else
Node dismissed
End if
Data packet reaches the destination node.
JARDCS Special Issue On Environment, Engineering & Energy 1091
 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

End for
End

After the route detection process, the data is encrypted by following ECC method to make
highly secured communication between the nodes.

3.5 ELLIPTIC CURVE CRYPTOGRAPHY (ECC):

ECC is an emerging technique which is used in multi-factor authentication. This is a public

key encryption method with elliptic curve theory for the production of smaller keys which
gives a faster and efficient algorithm as a result. This generates keys depends on the
properties of the elliptic curve equation. This technology can be operated in combination with
any public key encryption methods such as RSA or Diffe-Hellman [13].

As said earlier, ECC is a method of asymmetric cryptography based on the public key. The
discrete logarithm problem (DLP) is used for the security of ECC technique. When compared
to RSA, ECC has a small key size. This smaller key size does not affect the security of this
technique. Due to its key size, the calculations are performed faster. The base equation for
ECC is,

𝒚𝟐 = 𝒙𝟑 + 𝒂𝒙 + 𝒃 (𝒎𝒐𝒅 𝒑)

In this, a, b, and p are announced in public and the modular space for these parameters are
changed based on p. Parameter G is a point in Cartesian coordinate space on the curve and
publically announced. The operation of elliptic curves is slow on the real number and it is
inaccurate because of round off error. The ECC operation depends on two fine fields,

 Prime field (Fp)

 Binary field (F2m)

In prime field, y2 mod p= x3+ax+b (mod p) is the equation of the elliptic curve; here elements
of this finite field are integers between 0 and p-1. The prime number p is chosen such that to
make more a number of points on elliptic curves to make the cryptographic system secure.

In binary field, the elliptic curve equation is y2+xy = x3+ax2+b, where b≠0. Here the elements
of the finite field are integers of length almost m bits. These numbers can be considered as a

JARDCS Special Issue On Environment, Engineering & Energy 1092

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

polynomial of degree m-1. 0 and 1 are the binary polynomial coefficients. The operation such
as addition, subtraction, division and multiplication involves the polynomial of degree m-1.
The m is chosen for a large number of points on elliptic curves to make secure. For each
binary field, one elliptic curve and one koblitz curve are selected.

Figure 6: Graph of ECC

The working of ECC depends on the efficiency of finite field computations and fast
algorithms for elliptic scalar multiplication. Selection of specific underlying fields and elliptic
curves can speed up the implementation.

Then two public and private keys are generated as follows. A Pseudo Random number is
generated as a private key which is notated as 𝑛 . Public key is then obtained by multiplying
𝑛 and G. Whereas, parameter of G is a starting point in Cartesian coordinates space on
curves. Multiplying is the process of sequence point addition in an elliptic curve. The
operation is given as,

𝐴: (𝑥, 𝑦) ∗ 𝑚 = 𝐴 + 𝐴 … … … + 𝐴

This ECC works with random numbers generated. The shared primary key is obtained using
Diffe-Hellman. But Diffe-Hellman is vulnerable to Man in middle attack, so both nodes can
share with their own digital signature to prevent from this type of attack. The primary key is
essential for random number generation. Generation of random number is the first step for
obtaining encryption key.

The DLP in ECC provides more advantage in creation of sequence random numbers. It
allows ECC to create irreversible numbers. This added advantages, benefits from the ECC
main operation in addition and multiplication. Finding of the shared primary key is a very

JARDCS Special Issue On Environment, Engineering & Energy 1093

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

difficult task. So the G and A points are shared because it does not affect the safety of the
proposed method. The operation of random number generation is shown in the diagram
below.

A(x,y) = 𝑆𝐾𝑖 * G(x,y) C(x,y) = B(x,y) ⊗ G(x,y)

A B

B(x,y) = A(x,y) ⊗ Y(x,y)

Primary A,B,C
S𝐾𝑖+1

𝑍𝑖 = |𝑥𝐴 × 𝑥𝐵 × 𝑥𝐶 | S𝐾𝑖+1 = 𝑦𝐴 + 𝑦𝐵 + 𝑦𝐶

Output Random
Numbers

Figure 7: Random Number generation for encyption

Random number generation: Algorithm

Start RNG (primary key, α, Y,G)

//𝑆𝐾 𝑟𝑒𝑓𝑒𝑟𝑠 𝑝𝑟𝑖𝑚𝑎𝑟𝑦 𝑘𝑒𝑦
// α refers number of random number required
//Y and G are points on curve
S𝐾 ⃪ primary key
For (i=1, i ≤ α)
A(x,y) = 𝑆𝐾 * G(x,y)
B(x,y) = A(x,y) ⊗ Y(x,y)
C(x,y) = B(x,y) ⊗ G(x,y)
𝑍 = |𝑥 × 𝑥 × 𝑥 |
S𝐾 = 𝑦 +𝑦 +𝑦
End for
End

JARDCS Special Issue On Environment, Engineering & Energy 1094

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

In the above algorithm, point addition is mainly focused than multiplication on account of
expensive process. Using x-coordinates of points A,B and C are used to generate matrix Z
since all ECC operations are secure. After that the value of SK is updated using y coordinates
of points for randomness of proposed algorithm. The value of α is dependent on running
system specs or it can be set based on packet size. In the initiation time 𝑆𝐾 receives primary
key. Then A, B and C coordinates are calculated as in algorithm. A(x,y) is obtained by
multiplying primary key 𝑆𝐾 and a point on curve G(x,y). Then B(x,y) is obtained by
summing the values A(x,y) and a point on curve Y(x,y). Then C(x,y) is obtained also by
summing B(x,y) and G(x,y). After finding values matrix 𝑍 is generated by |𝑥 × 𝑥 × 𝑥 |.
Finally S𝐾 is updated using 𝑦 + 𝑦 + 𝑦 . The array 𝑍 is the algorithm output values
which has includes generated random numbers required for encryption.

4. EXPERIMENTAL RESULT:

The proposed model for the detection of black hole and wormhole nodes in a network is
analyzed through the ns2 simulator tool. The version ns2.34 tool is mainly used for the
simulations of MANET, VANET, WSN and so forth. The parameters such as a true negative
ratio, average delay, PDR, routing overhead, detection ratio and false detection ratio is
compared with existing algorithms namely PAP and SCF cluster. The graphs are drawn
below.

True Negative Ratio

100
98
96
True Negative Ratio

94
92
90
88
86 ECC_SCF_PAP
84
82
80 PAP
78
76
74 SCF_CLUSTER
72
70
10 20
Number of black hole and wormhole nodes

Figure 8: Graph of True negative ratio

True negative ratio measures the ratio of negatives that are correctly identified. Therefore the
percentage of node which are correctly identified as not under the false condition.

JARDCS Special Issue On Environment, Engineering & Energy 1095

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

𝑇𝑁
𝑇𝑟𝑢𝑒 𝑛𝑒𝑔𝑎𝑡𝑖𝑣𝑒 𝑟𝑎𝑡𝑖𝑜 =
𝑇𝑁 + 𝐹𝑃

Where True negative (TN) value is the number of correctly identified as non-malicious node
and False positive (FP) value is number of correctly identified as malicious node.

Average Delay
8
7.5
7
Average Delay (sec)

6.5
6
5.5
5
4.5 ECC_SCF_PAP
4
3.5 PAP
3
2.5
2 SCF_CLUSTER
1.5
1
10 20 30
Number of black hole and wormhole nodes

Figure 9: Graph of average delay

The average delay is the parameter which reflects the usage degree of network resources for
routing protocols. It is given in seconds.This can be calculated as the summation of all delay
samples to the total number of samples.

𝑆𝑢𝑚 𝑜𝑓𝑡𝑜𝑡𝑎𝑙 𝑝𝑎𝑐𝑘𝑒𝑡 𝑑𝑒𝑙𝑎𝑦

𝐴𝑣𝑒𝑟𝑎𝑔𝑒 𝑑𝑒𝑙𝑎𝑦 =
𝑇𝑜𝑡𝑎𝑙 𝑛𝑢𝑚𝑏𝑒𝑟 𝑜𝑓 𝑟𝑒𝑐𝑒𝑖𝑣𝑒𝑑 𝑝𝑎𝑐𝑘𝑒𝑡𝑠

Packet Delivery ratio

100
98
96
94
92
PDR (%)

90 ECC_SCF_PAP
88
86
84 PAP
82
80 SCF_CLUSTER
78
10 20 30
Number of black hole and wormhole nodes

Figure 10: Graph of PDR

Packet delivery ratio (PDR) is the ratio between the number of packets delivered by a traffic
source node and the number of packets acknowledged by a traffic drop. It measures the loss
JARDCS Special Issue On Environment, Engineering & Energy 1096
 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

rate as seen by transport protocols, and it describes both the rightness and effectiveness of
mobile ad hoc routing protocols.

𝑃𝑎𝑐𝑘𝑒𝑡𝑠 𝑟𝑒𝑐𝑒𝑖𝑣𝑒𝑑
𝑃𝐷𝑅 = × 100
𝑃𝑎𝑐𝑘𝑒𝑡𝑠 𝐷𝑒𝑙𝑖𝑣𝑒𝑟𝑑

Routing Overhead
6
5.5
5
Overhead (bits)

4.5
4
3.5
3 ECC_SCF_PAP
2.5
2 PAP
1.5
1
0.5 SCF_CLUSTER
0
10 20 30
Number of black hole and wormhole nodes

Figure 11: Graph of routing overhead

Routing overhead is the percentage of packets generated for routing and packets received at
the destination. Its value is given in bits. Routing overhead is the amount of routing control
packets in circulation in the network where these are responsible for route discovery and
route management.

𝑇𝑜𝑡𝑎𝑙 𝑛𝑢𝑚𝑏𝑒𝑟 𝑜𝑓 𝑅𝑜𝑢𝑡𝑖𝑛𝑔 𝑝𝑎𝑐𝑘𝑒𝑡𝑠 𝑡𝑟𝑎𝑛𝑠𝑚𝑖𝑡𝑡𝑒𝑑

Routing overhead =
𝑎 𝑑𝑎𝑡𝑎 𝑝𝑎𝑐𝑘𝑒𝑡 𝑠𝑒𝑛𝑡 𝑡𝑜 𝑑𝑒𝑠𝑡𝑖𝑛𝑎𝑡𝑖𝑜𝑛

Detection Ratio
99
98
97
Detection ratio %

96
95
94
93
92 ECC_SCF_PAP
91
90
89 PAP
88
87
86 SCF_CLUSTER
85
84
10 20
Number of black hole and wormhole nodes

Figure 12: Graph of detection ratio

JARDCS Special Issue On Environment, Engineering & Energy 1097

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

This is the ratio of finding of malicious node among all nodes in the network. It is calculated
in percentage of detection ratio. The detection ratio increases with decrease in mobility
because the changes are less on routing table and thus it is ease to identify abnormal
behavior. In case if mobility is high, the detection ratio is low respectively.

Detection ratio
sum of ratio of routing packets [sent data packets − received data packets]
=
𝑎𝑣𝑒𝑟𝑎𝑔𝑒 𝑜𝑓 𝑑𝑎𝑡𝑎 𝑝𝑎𝑐𝑘𝑒𝑡𝑠 𝑑𝑒𝑙𝑖𝑣𝑒𝑟𝑒𝑑

False Positive Ratio

12
11
False detection ratio

10
9
8
7 ECC_SCF_PAP
6
5
4 PAP
3
2 SCF_CLUSTER
1
10 20
Number of black hole and wormhole nodes

Figure 13: Graph of false positive ratio

It is the percentage of decision in which normal notifications are flagged as unusual problem.
Through analyzation of probability of aggregated routing control packet source address, the
sudden, unexpected changes yet normal activate are eliminated.

False discovery of malicious node

False positive ratio =
𝑡𝑜𝑡𝑎𝑙 𝑛𝑢𝑚𝑏𝑒𝑟 𝑜𝑓 𝑑𝑖𝑠𝑐𝑜𝑣𝑒𝑟𝑖𝑒𝑠

The metric values are tabulated as follows:

Table 2 (a): Performance analysis of True Negative, Detection and False detection ratio

Numbe True Negative Ratio Detection Ratio False Detection Ratio

r of
black SCF_ SCF_ SCF_
ECC_SC PA ECC_SC PA ECC_SC PA
hole CLUST CLUST CLUST
F_ PAP P F_ PAP P F_ PAP P
and ER ER ER
wormh

JARDCS Special Issue On Environment, Engineering & Energy 1098

 Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

ole
nodes

94.
10 95.6 91 97.5 96 94.8 3.6 4.2 6.85
2
91. 8.0
20 89.8 88 81.5 92.6 88.5 7.8 11.2
8 5
Table 2 (b): Performance analysis of Average delay, PDR and Routing Overhead

Number Average Delay PDR Routing Overhead

of black
hole and ECC_SCF_ SCF_ ECC_SCF_ SCF_ ECC_SCF_ SCF_
PAP PAP PAP
wormhole PAP CLUSTER PAP CLUSTER PAP CLUSTER
nodes

10 1.6 2.25 3.49 95.5 93.5 91.5 1.25 1.8 2.1

20 2.75 3.55 5.55 90.8 87.6 83.6 2.68 2.9 4.6

30 4.2 5.3 7.25 85 81 78 3.9 4.2 5.25

5. CONCLUSION:

The malicious nodes are detected by SCF tree, trust based network and R3T2 with a
combination of PAP algorithm. The route path also monitored and data routing is more
secured. Each node has details of neighbor nodes and path history, therefore the intrusion of
any unwanted nodes is easily identified. Then the data are equally prevented by the
encryption using ECC based on pseudo random number. As shown in the experimental result,
the detection of black hole and wormhole attack nodes in the network is efficiently detected
using this proposed algorithm model. So this method is highly secured and more efficient
than all existing methods. The future work is to focus the reduction of detection time of
malicious node and also to prevent the network from the intrusion of an attacker using a
better authentication system.

REFERENCE

JARDCS Special Issue On Environment, Engineering & Energy 1099

Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

1. Muhammad KashifNazir, Rameez U. Rehman, AtifNazir, “A Novel Review on

Security and Routing Protocols in MANET”, Communications and Network, 8, 2016,
pp.205-218.
2. Fan Bai, Narayanan Sadagopan, Ahmed Helmy, “The important framework for
analyzing the impact of mobility on performance of routing protocols for adhoc
networks”, Ad hoc networks 1, 2003, pp.383–403.
3. PanagiotisPapadimitratos and Zygmunt J. Haas, “Secure Data Communication in
Mobile Ad Hoc Networks”, IEEE journal on selected areas in communications,
Volume. 24, no. 2, Feb 2006, pp.343-356.
4. Sarika S, Pravin A , Vijayakumar A , Selvamani K, “Security Issues In Mobile Ad
Hoc Networks”, Procedia Computer Science 92, 2016 , pp. 329 – 335.
5. Mohan V. Pawar, Anuradha J, “Network Security and Types of Attacks in Network”,
Procedia Computer Science 48, 2015, pp. 503 – 506.
6. SrinivasAluvala, Dr. K. Raja Sekhar, DeepikaVodnala, “An Empirical Study of
Routing Attacks in Mobile Ad-hoc Networks”,Procedia Computer Science 92, 2016,
pp. 554 – 561.
7. Vimal Kumar , Rakesh Kumar, “An Adaptive Approach for Detection of Black hole
Attack in Mobile Ad hoc Network”, Procedia Computer Science 48, 2015, pp.472 –
479.
8. Muhammad Imran, FarrukhAslam Khan, Tauseef Jamal, Muhammad HanifDurad,
“Analysis of Detection Features for Wormhole Attacks in MANETs”, Procedia
Computer Science 56, 2015, pp.384 – 390.
9. Radha Krishna Bar, Jyotsna Kumar Mandal and MoirangthemMarjit Singh, “QoS of
MANET Through Trust Based AODV Routing Protocol by Exclusion of Black Hole
Attack”, Procedia Technology 10, 2013, pp. 530 – 537.
10. Ajay Kushwaha, Hari Ram Sharma, AshaAmbhaikar, “A Novel Selective Encryption
Method for Securing Text over Mobile Ad hoc Network”, Procedia Computer Science
79, 2016, pp.16 – 23.
11. MehranAbolhasan, TadeuszWysocki, ErykDutkiewicz, “A review of routing
protocols for mobile ad hoc networks”, Ad Hoc Networks 2, 2004, pp.1–22.
12. Mario Joa-Ng, and I-Tai Lu, “A Peer-to-Peer Zone-Based Two-Level LinkState
Routing for Mobile Ad Hoc Networks”, IEEE journal on selected areas in
communications, vol. 17, no. 8, Aug. 1999, pp.1415-1425.

JARDCS Special Issue On Environment, Engineering & Energy 1100

Journal of Advanced Research in Dynamical and Control Systems Vol. 9. Sp– 14 / 2017

13. Gaurav Sharma, SumanBala, Anil K. Verma, “Security Frameworks for Wireless
Sensor Networks-Review”, Procedia Technology 6, 2012, pp. 978 – 987.
14. E.SureshBabu, C Nagaraju,MHM Krishna Prasad, “Analysis of Secure Routing
Protocol for Wireless AdhocNetworksusing Efficient DNA based Cryptographic
Mechanism” , Procedia Computer Science 70, 2015, pp.341 – 347.
15. BanothRajkumar,Dr.G.Narsimha, “Trust Based Certificate Revocation for Secure
Routing in MANET”, Procedia Computer Science 92, 2016, pp. 431 – 441.
16. Swapnoneel Roy and ChanchalKhatwan, “Cryptanalysis and Improvement of ECC
Based Authentication and Key Exchanging Protocols”, cryptography, 1, 9, 2017,
pp.1-25.
17. Upendrasingh, MakrandSamvatsar, Ashish Sharma, Ashish Kumar Jain, “Detection
and Avoidance of Unified Attacks on MANET using Trusted Secure AODV Routing
Protocol”, Symposium on Colossal Data Analysis and Networking, 2016 IEEE.
18. Arun Kumar K A, “Worm Hole-Black Hole attack Detection andAvoidance in
MANET with Random PTT using FPGA”, International Conference on
Communication Systems and Networks, July 2016, IEEE, pp.93-98.
19. LeventErtaul and Weimin Lu, “ECC Based Threshold Cryptography for Secure Data
Forwarding and Secure Key Exchange in MANET”, International Federation for
Information Processing 2005, pp. 102-113.

JARDCS Special Issue On Environment, Engineering & Energy 1101