A Review of Black-Hole Attack Mitigation Techniques ...

A Review of Black-Hole Attack Mitigation Techniques and its Drawbacks in Mobile Ad-hoc Network Shashi Gurung1 and Siddhartha Chauhan,2 1

2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17

18

19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43

Department of Computer JNGEC, Sundernagar Sundernagar, India, Department of Computer Science and Engineering NIT Hamirpur, Hamirpur, India. Email: 1 [email protected], 2 [email protected]

Abstract—Mobile Ad-hoc Network (MANET) is a prominent technology in the wireless networking field in which the movables nodes operates in distributed manner and collaborates with each other in order to provide the multi-hop communication between the source and destination nodes. Generally, the main assumption considered in the MANET is that each node is trusted node. However, in the real scenario, there are some unreliable nodes which perform black hole attack in which the misbehaving nodes attract all the traffic towards itself by giving false information of having the minimum path towards the destination with a very high destination sequence number and drops all the data packets. In the paper, we have presented different categories for black hole attack mitigation techniques and also presented the summary of various techniques along with its drawbacks that need to be considered while designing an efficient protocol. Index Terms—MANET, AODV, overhearing, clustering, IDS, blackhole, cross checking, byzantine attacks, sequence number.

I. I NTRODUCTION The mobile ad-hoc network is a collection of independent movable nodes which operate in distributed manners and coordinates with each other in providing communication between the source node and the destination node. These networks can be easily set up and quickly at a low cost without requiring any type of fixed infrastructure like base station which is required in case of setting up the cellular network. It provides multi-hop communication through the intermediate node which plays an important role providing the communication path between the source and the destination node as well as in forwarding the data packets. It is a selfconfigurable, temporary and infrastructure-less networks [1] of mobile devices that communicate with each other if within the direct radio range of each other or via intermediates. The node in MANET has limited computation power due to its smaller size, small memory, and low processing capabilities. Each node in the network behaves as a host and as a router. In order to communicate with other nodes, the network layer protocol such as AODV [2], DSR [3] etc is generally used which helps in finding the optimal route between the source and the destination node. Conventional MANET routing protocols assume that all nodes are trusted node and cooperates with each other but in a real environment, the behavior of nodes can be different which do not cooperates with others nodes. Due to this assumption, MANET’s routing protocols have

many weaknesses that may be exploited by the attacker for launching the attack in the network and thereby disturbing the communication process. Therefore, MANET’s routing protocols are more vulnerable to a denial of service attack [4]. The main contribution of this paper is that we have presented about different possible nature of the node and analyzed the various mitigation techniques with its limitations. We have further categorized these techniques into various schemes and highlighted the major limitation of various schemes. The remaining sections of the paper are structured as follows. Section II explains about black hole attack. In Section III, we describe various techniques that deal with the black hole attack and its classification. The summary of various techniques and its drawbacks are also presented. In Section IV, we discussed the major drawbacks of various schemes that need to be considered for designing efficient routing protocols. At last, Section V concludes the paper. II. B LACKHOLE ATTACK The blackhole attack is known as a packet dropping attack which seriously degrades the performance of the network. In this type of attack, there can be a single legitimate node or multiple legitimate nodes in the network. When there are two or more than two legitimate nodes which collaborate with each other in order to disrupt the communication, they are called as cooperative black hole attack. The attack launched by this genuine node is known as byzantine attacks [5]. In normal AODV protocol, when the source needs to communicate with destination, it broadcasts request packet if it does not have a path towards the destination. The destination node sends back reply packet on receiving the route request from the intermediate node. But in black hole attack, the black hole node on receiving route request packet sends reply packet with false information of having minimum hop count towards the destination with a very high sequence number. The high sequence number indicates about the freshness of the path. On receiving reply packets from the malicious node, the source node starts transmitting the data packets from the path which contains malicious node and then the malicious node starts dropping the data packet. In a network, the route is established on the basis of two main parameters of reply packets which are

This article is accepted for publication in IEEE WiSPNET 2017

44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83

TABLE I B EHAVIOR OF A N ODE . Malicious

No Yes Yes Yes Yes

Destination Hop count sequence number

Packet drop

1 0 0 1 1

No Yes Yes Yes Yes

1 0 1 0 1

•

Attack

No Yes Yes Yes Yes

Type attack

of

No attack Black hole Black hole Black hole Gray hole

•

•

•

•

Fig. 1. Classification of blackhole attack mitigation techniques.

• 84 85 86

87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112

destination sequence number and hop count. The nodes can behave in different ways which are presented in Table I where 1 means true information and 0 means false information. III. L ITERATURE R EVIEW There are various existing techniques which have been proposed by many researchers for combating with the black hole attack in MANET. These techniques have been classified into ten main categories as shown in Fig. 1. The summary of various techniques according to year wise is presented in Table II. • Cryptography based scheme It includes all those solutions in which cryptography technologies such as symmetric key cryptography, digital signature or hashing are used for encryption, verification and integrity purpose so as to be able to secure the network from the possible attacks. • Overhearing based scheme It consists of all the solutions in which normal mobile nodes can overhear its neighbor’s transmission to check its honesty. If its neighbor node is found to be doing some unexpected event, it will be considered as a malicious node and then the information is propagated in the network. • Sequence number threshold based scheme In this category, the source node calculates a threshold value by using destination sequence number parameter of reply packet and drops the reply packet if it contains the sequence number greater than the threshold. The threshold value can be a static type or dynamic type.

•

Acknowledgment-based scheme In this category, an acknowledgment packet is sent by the node to confirm about the well reception of the packets. Clustering based scheme In this scheme, the network is divided into the cluster in which the cluster head detect the black hole attack and inform about it in the network. Cross-layer collaboration based scheme In this section, it encompasses all those solutions in which more than two layers cooperate with each other to detect the malicious activity in the network. Cross-Checking based schemes In this scheme, cross checking is done by the source node with the others node so that nature of the intermediate node can be found out. The cross checking has to be used without having DRI (Data routing information) table’s information and with DRI table’s information. Trust-based schemes It includes the solutions that compute the node trust values based on neighbor transmission which helps in identifying the nature of node whether malicious or normal. If the trust value of any node is less than the threshold, it is considered as a malicious otherwise normal node. IDS based schemes This scheme is based on special nodes called as IDS nodes which have the capability to detect the malicious activities by overhearing its near transmission and when any anomaly is detected, it broadcast the message in the network to isolate it. Other schemes In this section, there are many solutions which do not come under the above categories. Under this, some solutions are based on reply caching mechanism, repeated next hop based etc.

IV. D RAWBACKS In this section, we have discussed the major drawbacks of various schemes which are presented in Table III. • In overhearing based schemes, the major drawbacks is that every node is required to be in sniffing mode due to which there will more energy consumptions and also in promiscuous mode, there are high chances of false positive due to the collision of packets. • Acknowledgment based schemes also result in high routing overhead due to extra transmission acknowledgment packet by the node after receiving the data packets. Due to this, routing overhead increases and more energy is also consumed which is not suitable for resource constraint network. • Trust based solutions also have problems as there is a periodic exchange of trust values between the nodes which also results in routing overhead and more energy is also consumed due to monitoring and frequently calculation of threshold values.


113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147

148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166

No No

Yes Yes

Yes Yes Yes Yes

Sequence number thresh- AODV old based Acknowledgement based DSR

AODV

AODV DSR

Others Others

Cryptography based

IDS based

F. Ameza et al. [21] Nital Mistry [22]

P. N. Raj et al. [23]

A.Al-Roubaiey et al. [24] C. Li et al. [25]

M. Yang Su [26]

N. Marchang et al. [27] Trust based T.H. Lacey et al. [28] Trust based

R. H. Jhaveri et al. [29] Sequence number thresh- AODV old based R. H. Jhaveri et al. [30] Sequence number thresh- AODV old based

AODV

AODV AODV

AODV

Others

S. Lu et al. [20]

Yes

Yes

Yes Yes

Yes

Yes No

No

No

Yes

No

Yes No

Yes

Yes

AODV

Yes

Yes

H. Weerasinghe [18]

Yes

No

Cross checking based M. Medadian et al. [19] Overhearing Based

Yes

Yes

Yes

Not Discussed Yes (only Proposed Solution) AODV Yes

T. Fahad et al. [17]

Other (Caching mechanism) Cross-layer

S. Dokurer et al. [16]

AODV

Acknowledgement based DSR

K. liu et al. [15]

Yes

Yes

AODV

Chang Wu Yu et al. [14] Cross Checking based

No No

Yes

Yes

Yes Yes

Yes

Yes

L. Tamilselvan et al. [12] Others AODV Satoshi Kurosawa Sequence number thresh- AODV et al. [13] old based

Yes

Yes

Yes

Yes

Yes

Yes

S. Ramaswamy et al. [9] Cross checking AODV Based K.Balakrishnan Acknowledgement based DSR et al. [10] G. Peng et al. [11] Trust based DSR

AODV

Yes

Not used

Not used

Trust packet Not used

Not used

Not used

Acknowledgement packet

Not used

Alert Not used

Opinion Alarm packet SRREQ SRREP

FREQ and FREP packet

FAP

MR-AODV

R-AODV

LTB-AODV Ripsec

ABM

SEAODV

AACK

DPRAODV

AODVSABH MAODV

SAODV

MAODV

MAODV

SMDP

Memory constraint due to requirement of pre-distribution of key less secure due to single unique shared key Cannot detect gray hole attack. If the IDS nodes do not cover the entire network, detection, as well as isolation of gray hole node, will not be possible Routing overhead Designed for CLOSED MANET Routing overhead due to forwarding of reply packet back to the source node Need to deal with cooperative black hole attack

Routing overhead due to multiple reply packets and additional control packets Routing overhead End-to-end delay increases normalized routing overhead increases End-to-end delay increases normalized routing overhead increases Routing overhead increases

Opinion is not always correct

Has higher end-to-end delay than AODV

Need extension of the solution to support node‘s mobility during the session.

Contribute to the traffic congestion. Detects only misbehaving links Broadcasting malicious ID Common neigh- Fail in highly dynamic network topology End to End Delay bour Increases listening Not used SAODV Average end-to-end delay increases Not used Dynamic learn- False positives ing method Check packet DCM Need improvement in the voting mechanism which can deal with gray hole attack. Acknowledgement packet 2ACK Routing overhead assumed no collusion among malicious nodes Not used IDSAODV Assumption that first reply always comes from black hole

Routing overhead

Fail in cooperative black hole attacks

Fail in cooperative black hole attacks

False positive

Proposed Drawbacks protocol/scheme

Send Route Request Watchdog bath(SRR). water Further Request SAODV and Further Reply CREQ CREP EXACT DIFF_ONE Further Request MAODV and Further Reply Acknowledgement packet Two HOP ACK

Extra con- Control packets name trol packets

Yes

Cross checking Based Other

H. Deng et al. [7]

DSR

Base protocol Protocol modified

AODV

Overhearing based

S. Marti et al. [6]

S. Lee et al. [8]

Schemes category

Author

TABLE II S UMMARY OF VARIOUS T ECHNIQUES .

2012

2012

2011 2012

2011

2010

2010

2010

2010 2010

2009

2009

2008

2007

2007

2007

2007

2007 2007

2006

2005

2003

2002

2002

2000

Year

NS-2

NS-2

NS-2 OPNET

NS-2

Continued...

Not discussed

NS-2

NS-2

NS-2 NS-2

NS-2

Glomosim

Qualnet

Not used (Theoretical analysis was done)

NS-2

NS-2

NS-2

Glomosim NS-2

NS-2

NS-2

Not used

NS-2

Berkeley’s Network Simulator (ns) Not Discussed

Simulator used

Sequence number thresh- AODV old based Clustering based AODV

S.Tan et al. [35]

Clustering

M.Singh [50]

AODV

IDS AODV Sequence number thresh- AODV old based Others AODV

S. Gurung et al. [46] J. Kumar et al. [47]

AODV

Sequence number thresh- AODV old based Sequence number thresh- AODV old based

Cross checking Based

C. Panos et al. [48]

Yes Yes Yes

No

Yes

Yes Yes

Yes

Yes

Yes

Not Discussed Yes

A. Dorri et al. [46]

R.H. Jhaveri et al. [45]

A. Salunke et al. [44]

Trust based

IDS based AODV Acknowledgement based DSR Cryptography based DSR

Yes

AODV

F. Barani et al. [40] D. Dhiman et al. [41] K. S. Dhanalakshmi et al. [42] S. Vadhana Kumari et al. [43]

Yes

DSR

J.M. Chang et al. [38] & Others 2014 S. Gurung et al. [39] Others

Yes

DSR

Yes

Yes

M. Mohanapriya IDS based et al. [37] & 2014

A. Katal et al. [36]

Acknowledgement based AODV, OLSR Yes Clustering based AODV Yes

A.Baadache et al. [33] F. Shi et al. [34]

Yes

AODV

Others

R. Yerneni et al. [32]

Yes

Base protocol Protocol modified DSR

Schemes category

H. Nath Saha et al. [31] Cross-Layer based

Author

No

Yes

Yes No

Yes

Yes

No

Yes

No Yes No

No

Yes

Yes

No

No

Yes Yes

Yes

Yes

GAIIS E2ACK IKGM

ANB-AODV

CBDS

MDSR

CBDCDDPT

SRD-AODV

TA, RA Clustering

SAODV

TSR

Not used

Alarm Packet

Assume that no attack takes place during the training phase. The false Positive ratio of the standard CUSUM increases when speed increases and decreases. Mobile trust Energy consumption due to monitoring of cluster head point activities. with clustering

CUSUM

Data Control Packet Alarm packet (Containing malicious id) Alert Packet MGAM Static Threshold value Not used Modified AODV False Positive

Bait Request (RREQ) Packet

2015

2014 2014 2014

2014

2014

2014

2013

2013

2012 2013

2012

2012

Year

2016

2016

2016 2016

Requires detailed study of message exchange in their specific 2015 network for which fine tuning of λ is done Sequence num- An intelligent attacker can breach the security and may escape 2015 ber from detection if the sequence number is below peak value. based bait detection EDRI Delay rises 2016

Routing overhead due to multiple reply packets and additional control packets Generates an additional overhead Complex due to the computation of various values. Cannot tackle Gray hole attack because the gray hole can become cluster head (CH) of the cluster. Cannot prevent black hole attack if sequence number is less than fixed threshold for different environment Increases delay Malicious node can become CH due to high residual energy Not suitable for highly mobile network High routing overhead due to extra control packets such as QREQ, QREP, MNREQ and ALARM packets. If the IDS nodes do not cover the entire network, detection and isolation of gray hole nodes may not be possible High routing overhead due to bait packets. CBDS is DSR based. Acceptance of the last reply packet. by the source node or intermediate node which can come from malicious node leading to performance degradation False Positive Routing overhead due to E-2ACK1 and E-2ACK2 packets Battery consumption as new keys are to be generated instantly by every node when it takes part in the communication High routing overhead due to additional control packets

Various assumption

Proposed Drawbacks protocol/scheme

S-Ack, F-Ant ADMSFA Challenge & monitoring packets Not used DSNT

Not used Acknowledgement packet Not used

Bait Request (RREQ) packet Not used

QREQ, QREP, MNREQ and ALARM

Not used

MREQ and MREP Acknowledgement packet Routing check request Route Check Affirmation Not used

Alert packet

Extra con- Control packets name trol packets

NS-2

NS-3

NS-2 NS-2

OPNET

NS-2

NS-2

NS-2

NS-2 NS-2 NS-2

NS-2

Qualnet

Glomosim

OPNET

NS-2

OPNET NS-2

The platform to do simulation is designed in Java NS-2

Simulator used

210

Sequence number threshold based schemes do not identify the malicious node completely due to openness nature of MANET because the smart attacker has an idea of ongoing communication between the nodes and based on communication, it will try to send a sequence number that is enough to attract the traffic towards itself and escape from detection. Moreover, false positive problem can also take place if black hole node does not send high destination sequence number. • Cryptography based scheme although provides good protection from the external threats but an internal attacker can create havoc in the network. This scheme requires high computation and communication cost which is not feasible in resource constraint network. • In the clustering based scheme, cluster maintenance is an overhead in case of high mobility scenario due to dynamic network topology. Sometimes cluster head (CH) is selected based on residual energy, if gray hole node has the high energy it will become as a CH. If gray hole node becomes the cluster head of the cluster, it will cause performance degradation of the network. • In cross-layer based scheme, more than two layers communicate with each other in order to detect the malicious nodes. This scheme may fail if there is an attack in other layers due to which intercommunication between layers will not be possible and hence attacker may escape from detection. • Cross checking is another scheme that helps in identifying the nature of node by doing cross-checking with other nodes but by sending extra control packet for cross checking, there is more consumption of energy and increase in routing overhead. • IDS based schemes have a special node called IDS nodes which are always or sometimes in sniffing mode. These nodes are not able to detect the malicious nodes properly if the malicious node is outside the radio range of IDS nodes. These special nodes are fixed in the network. Improper placement of special IDS node will not able to protect the network. These are major limitations of various schemes which need to taken into consideration for designing the effective protocols that can combat with the black hole attack with fewer energy consumptions, minimum routing overhead, minimum delay and with accurate detection of malicious nodes.

211

V. C ONCLUSION

167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209

212 213 214 215 216 217 218 219 220 221

•

In this paper, we discussed the black hole attack problem in the mobile ad-hoc network. There are various techniques which have been proposed by the researcher for dealing with the black hole attacks and these techniques have been classified into various categories according to their basic operation. In this paper, we have presented a summary of various existing techniques with its drawbacks. Finally, some main drawbacks of each scheme are highlighted that needs to be taken care for designing the efficient protocols. Moreover, the study done in this paper will be helpful for the researchers who are interested

in designing the protocols for combating with packet dropping attack in MANET. As a future work, we will propose a new mechanism to protect the network from black hole attack and will also compare it with the previous approach in NS-2 simulator on the various performance metrics like packet delivery rate, average throughput and routing overhead with respect to varying node mobility and varying percentage of malicious nodes in the network. R EFERENCES [1] C.S.R Murthy and B.S. Manoj, B. S, Ad hoc Wireless Networks: Architectures and Protocols. Prentice Hall PTR, 2004. [2] C.E.Perkins, E.Beliding-Royer, and S. Das, “Ad hoc on-demand distance vector (AODV) routing”, IETF Internet Draft, MANET working group, 2004. [3] D.B. Johnson, D.A. Maltz and Y-C. Hu, “The dynamic source routing protocol for mobile ad-hoc network”, IETF Internet Draft, 2004. [4] R.H. Jhaveri, S.J. Patel and D.C. Jinwala, “DoS Attacks in Mobile Adhoc Networks: A Survey”, In IEEE 2nd International Conference on Advanced Computing & Communication Technologies, 2012. [5] A.R. Sangi, J. Liu, and L. Zou, “A Performance Analysis of AODV Routing Protocol under Combined Byzantine Attacks in MANETs”, International Conference on Computational Intelligence and Software Engineering, pp. 1–5, 2009. [6] S. Marti, T. J. Giuli, K. Lai and M. Baker, “Mitigating routing misbehavior in mobile ad hoc networks”, In Proceeding of 6th annual international conference on Mobile computing and networking, USA, August 2000. [7] H. Deng, H, W. Li and D.P. Agrawal, “Routing security in wireless ad hoc networks. IEEE Communication Magazine”, vol. 40, issue 10, pp. 70–75, 2012. [8] S. Lee, B. Han, and M. Shin, “Robust Routing in Wireless Ad Hoc Networks”, International Conference on Parallel Proceedingessing Wowrkshops, August, 2002. [9] S. Ramaswamy, H. Fu, M. Sreekantaradhya, J. Dixon and K. Nygard, “Prevention of Cooperative Black Hole Attack in Wireless Ad Hoc Networks”, 2003. [10] K. Balakrishnan, J. Deng and P.K. Varshney, “TWOACK: preventing selfishness in mobile ad hoc network”, IEEE Wireless Communications and Networking Conference, pp. 2137–2142, 2005. [11] G. Peng and Z. Chuanyun, “Routing Attacks and Solutions in Mobile Ad hoc Networks”, International Conference on Communication Technology, November 2006, pp. 1–4. [12] L. Tamilselvan and V. Sankaranarayanan, “Prevention of Blackhole Attack in MANET”, In Proceeding of 2nd International Conference on Wireless Broadband and Ultra Wideband Communications, pp. 21–26, 2007. [13] S. Kurosawa, H. Nakayama, N. Kato, A. Jamalipour, and Y. Nemoto, “Detecting Blackhole Attack on AODV-based Mobile Ad Hoc Networks by Dynamic Learning Method”, International Journal of Network Security, vol. 5 no. 3, pp. 338–346, 2007. [14] C.W. Yu, T.K. Wu, R.H. Cheng, and S.C. Chang, “A Distributed and Cooperative Black Hole Node Detection and Elimination Mechanism for Ad Hoc Network”, Springer-Verlag Berlin Heidelberg, 2007. [15] K. liu, J. Deng, P. K. Varshney and K. Balakrishnan, “An Acknowledgment-Based Approach for the Detection of Routing Misbehavior in MANETs”, IEEE Transaction of Mobile Computing, vol. 6, issue 5, pp. 536–550, 2007. [16] S. Dokurer, Y.M. Erten and C.E. Acar, “Performance analysis of adhoc networks under black hole attacks”. In Proceeding of the IEEE SoutheastCon, 2007. [17] T. Fahad, D. Djenouri and R. Askwith, “On Detecting Packets Droppers in MANET: A Novel Low Cost Approach”, 3rd International Symposium on Information Assurance and Security, pp. 56–61, 2007. [18] H. Weerasinghe, “Preventing Cooperative Black Hole Attacks in Mobile Ad Hoc Networks”, Simulation Implementation and Evaluation”, International Journal of Software Engineering and Its Applications, vol. 2, issue 3, pp. 39–54, 2008. [19] M. Medadian, A. Mebadi and E. Shahri, “Combat with Black Hole attack in AODV routing protocol” IEEE 9th Malaysia International Conference, pp. 530–535, 15–17, 2009.


222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292

TABLE III M ERITS AND D RAWBACKS OF VARIOUS SCHEMES .

293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333

Schemes

Merits

Drawbacks

Overhearing-based schemes

Detects single and multiple black hole nodes.

Acknowledgement-based schemes

Good detection rate at low speed.

Trust-based schemes


Sequence number threshold-based schemes


Cryptography-based schemes Clustering-based schemes

Good against external threats. Good against the single black hole, multiple black hole and collusive blackhole attacks.

Cross-Layer-based schemes

Ensure High detection accuracy. Low false alarms

High False positive. Energy consumptions Huge routing overhead due to the extra control acknowledgment packets. False positive increases in case of high mobility Routing Overhead due to the periodic exchange of trust values. Energy consumptions due to monitoring the traffic of neighbor nodes and calculation of threshold values. If within the threshold value, it will not able to detect and prevent the attack. Delays and routing overhead increase in case of waiting for multiple reply packets by the source node Requires high computation and communication cost. Cluster formation and maintenance overhead in high mobility scenario. Possible chances for a malicious node to become CH because grayhole node behaves sometimes as a genuine. Layer dependency.

Cross Checking-based schemes

Good against cooperative blackhole attacks in case of cross checking with DRI table.

IDS-based schemes

Single and multiple black hole attacks can be detected by IDS nodes.

[20] S. Lu, L. Li, K.Y. Lam, and L. Jia, “SAODV: A MANET Routing Protocol that can Withstand Black Hole Attack”, IEEE International Conference on Computational Intelligence and Security, pp. 421–425, 2009. [21] F. Ameza, N. Assam and R. Beghdad, “Defending AODV Routing Protocol Against the Black Hole Attack”, International Journal of Computer Science and Information Security, vol. 8, issue 2, pp. 112–117, 2010. [22] N. Mistry, D. C. Jinwala and M. Zaveri, “Improving AODV Protocol against Blackhole Attacks”, International Multiconference of Engineers and Computer Scientists, 2010. [23] P.N. Raj and P. B. Swadas, “DPRAODV: A dynamic learning system against black hole attack in AODV based MANET”, International Journal of Computer Science Issues, vol. 2, issue 3, pp. 54–59, 2010. [24] A. Al-Roubaiey, T. Sheltami, A. Mahmoud, E. Shakshuki and H. Mouftah, “AACK: Adaptive Acknowledgment Intrusion Detection for MANET with Node Detection. Enhancement”, 24th IEEE International Conference on Advanced Information Networking and Applications, 2010. [25] L. Celia, W. Zhuang, and Y. Yang, “SEAODV: A Security Enhanced AODV routing protocol for wireless mesh networks”, IEEE International Workshop on Selected Topics in Mobile and Wireless Computing, pp. 699–706, 2010. [26] M. Y. Su, “Prevention of selective black hole attacks on mobile ad hoc networks through intrusion detection systems, Elsevier Computer Communication”, 2011. [27] N. Marchang and R. Datta, “Light-weight trust-based routing protocol for mobile ad hoc networks”, IET Information Security, 2011. [28] T.H. Lacey, R.F. Mills, B.E. Mullins, R.A. Raines, M.E. Oxley and S.K. Rogers, “RIPsec e Using reputation-based multilayer security to protect MANETs”, Elsevier Computer & Security, vol. 31, issue 1, pp. 122–136, 2012 [29] R.H. Jhaveri, S.J. Patel and D.C. Jinwala, “Improving Route Discovery for AODV to Prevent Blackhole and Grayhole Attacks in MANETs”, INFOCOMP Journal of Computer Science, vol. 11, no. 1, pp. 1–12, 2012. [30] R.H. Jhaveri, S.J. Patel and D.C. Jinwala, “A Novel Solution for Gray hole Attack in AODV Based MANETs”. In Proceeding of Third International Conference on Advances in Communication Network and Computing, Springer, pp. 60–67, 2012. [31] H.N. Saha, D. Bhattacharyya, A.K. Bandhyopadhyay, and P.K. Banerjee, “Two-level Secure Re-routing in Mobile Ad Hoc Networks, International

[32] [33]

[34]

[35] [36]

[37]

[38]

[39]

[40]

[41]

[42]

[43]

Requires changes in multiple layers. Increases routing overhead and delay Energy consumptions. Randomly placement of IDS nodes will lead to less detection of the malicious node. Require full coverage of network area.

Conference on Advances in Mobile Network”, Communication and its Applications, pp. 119–122, 2012. R. Yerneni and A.K. Sarje, “Enhancing performance of AODV against Black holeAttack”, ACM, 2012. A. Baadache and A. Belmehdi, “Fighting against packet dropping misbehavior in multi-hop wireless ad hoc networks”, Elsevier Journal of Network and Computer Applications, pp. 1130–1139, 2012. F. Shi, W. Liu, D. Jin and J. Song, “A cluster-based countermeasure against black hole attack in MANETs”, Springer Science Business Media New York, 2013. S. Tan & K. Kim, “Secure Route Discovery for Prventing Black Hole Attacks on AODV-based MANETs”, IEEE pp. 1027–1032, 2013. A. Katal, M. Wazid, R.H. Goudar and D. Singh, “A Cluster Based Detection and Prevention Mechanism against Novel Datagram Chunk Dropping Attack in MANET Multimedia Transmission”, In Proceeding of IEEE Conference on Information and Communication Technologies, pp. 479–484, 2013. M. Mohanapriya and I. Krishnamurthi, “Modified DSR protocol for detection and removal of selective black hole attack in MANET”, Elsevier Computers and Electrical Engineering, vol. 40, issue 2, pp. 530–538, 2014. J.M. Chang, P.C. Tsou, I. Woungang, H.C. Chao and C.F. Lai, “Defending Against Collaborative Attacks by Malicious Nodes in MANETs: A Cooperative Bait Detection Approach”, IEEE System Journal, 2014. S. Gurung and K.K. Saluja, “Mitigating Impact of Blackhole attack in MANET”, In Proceeding of 5th, ACEEE International Conference on Recent Trends in Information, Telecommunication and Computing, ITC, pp. 229–237, 2014. F. Barani, “A Hybrid Approach for Dynamic Intrusion Detection in Ad Hoc Networks Using Genetic Algorithm and Artificial Immune System”, IEEE Iranian Conferenc, pp. 1–6, 2014. D. Dhiman and N. Sood, “Enhanced 2ACK scheme for Reducing Routing Overhead in MANETs” IEEE International Conference on Parallel, Distributed and Grid Computing, pp. 120–125, 2014. K.S. Dhanalakshmi, B. Kannapiran, and A. Divya, “Enhancing Manet Security Using Hybrid Techniques in Key Generation Mechanism”, In Proceeding. of International Conference on Electronics and Communication System, pp. 1–5, 2014. S. Vadhana Kumari and B. Paramasivan, “Ant based Defense Mechanism for Selective Forwarding Attack in MANET”, IEEE ICDE Workshops, pp. 92–97, 2015.


334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375

376 377 378 379 380 381 382 383 384 385 386 387 388 389

[44] A. Salunke and D. Ambawade, “Dynamic Sequence Number Thresholding Protocol for Detection of Blackhole attack in Wireless Sensor Network”, International Conference on Communication, Information & Computing Technology, 2015. [45] R.H. Jhaveri and N.M. Patel, “A sequence number based bait detection scheme to thwart grayhole attack in mobile ad hoc networks”. Springer Wireless Network vol. 21, issue 8, pp. 2781–2798, 2015, doi: 10.1007/s11276-015-0945-9. [46] A. Dorri, “An EDRI-based approach for detecting and eliminating cooperative black hole nodes in MANET”, In Springer Wireless Network, 2016, doi: 10.1007/s11276-016-1251-x. [47] S. Gurung and S. Chauhan, “A novel approach for mitigating gray hole attack in MANET”, Springer Wireless Network, 2016, doi: 10.1007/s11276-016-1353-5.

[48] J. Kumar, M.Kulkarni, D. Gupta and S. Indu, “Secure route discovery in presence of blackhole attack”, Springer CSIT, 2016, doi: 10.1007/s40012-016-0075-2. [49] C. Panos, C. Ntantogian, S. Malliaros and C. Xenakis, “Analyzing, Quantifying, and Detecting the Blackhole attack in Infrastructureless Networks”, Elsevier Computer Networks, 2016, doi: 10.1016/j.comnet.2016.12.006. [50] M.Singh and P. Singh, “Black Hole Attack Detection in MANET Using Mobile Trust Points with Clustering” Springer Smart Trends in Information Technology and Computer Communication, 2016, doi: 10.1007/978-981-10-3433-6_68.


390 391 392 393 394 395 396 397 398 399 400