OVERVIEW OF BLACK HOLE ATTACK:
It is an Active attack, it causes attack in 2 steps:
1) Exploiting AODV, by advertise itself to have a valid shortest route to a destination node, with an intention of intercepting packets.
2) By consuming the intercepted packets without forwarding them. However, the attacker node take the risk of getting exposed by the neighbour node about ongoing attacks though it is under continuous monitoring.
There are two types of attack:-
Single Black hole attack: In this type of attack, one malicious node uses routing protocol to claim itself of being shortest path to destination node but drops routing packets and doesn’t forward packets to its neighbors.
Cooperative Black hole attack: Black hole is a malicious node that incorrectly replies the route requests that it has a fresh route to destination and then it drops all receiving packets. A chance of serious damage arises if malicious nodes work together as a group. This is called cooperative black hole attack.
To create multiple blackhole attackers in AODV protocol
It is an Active attack, it causes attack in 2 steps:
1) Exploiting AODV, by advertise itself to have a valid shortest route to a destination node, with an intention of intercepting packets.
2) By consuming the intercepted packets without forwarding them. However, the attacker node take the risk of getting exposed by the neighbour node about ongoing attacks though it is under continuous monitoring.
There are two types of attack:-
Single Black hole attack: In this type of attack, one malicious node uses routing protocol to claim itself of being shortest path to destination node but drops routing packets and doesn’t forward packets to its neighbors.
Cooperative Black hole attack: Black hole is a malicious node that incorrectly replies the route requests that it has a fresh route to destination and then it drops all receiving packets. A chance of serious damage arises if malicious nodes work together as a group. This is called cooperative black hole attack.
Blackhole attack implementation in AODV routing protocol
The
following scenario consists of 25 nodes, in which 1,7 and 13 nodes are
blackhole nodes and other nodes are non-malicious.
To create multiple blackhole attackers in AODV protocol
i)
In
aodv.h the following blue colour lines needs to be added to define balckhole attackers
/*
* History management
*/
double PerHopTime(aodv_rt_entry *rt);
nsaddr_t malicious;
ii)
In aodv.cc the following blue colour lines needs to be added to
initialize the attackers
int
AODV::command(intargc,
const char*const* argv) {
if(argc ==
2) {
Tcl&tcl
= Tcl::instance();
if(strncasecmp(argv[1],
"id", 2) == 0) {
tcl.resultf("%d",
index);
return
TCL_OK;
}
if(strncasecmp(argv[1],
"blackhole", 9) == 0) {
malicious=1000;
return TCL_OK;
}
AODV::AODV(nsaddr_t
id) : Agent(PT_AODV),
btimer(this), htimer(this), ntimer(this),
rtimer(this), lrtimer(this), rqueue() {
index = id;
seqno = 2;
bid = 1;
LIST_INIT(&nbhead);
LIST_INIT(&bihead);
malicious=999;
Malicious nodes 1,7 and 13 generates
fake route replies using following blue colour code
After replacing original aodv.cc and aodv.h files,
first perform $make clean operation in ns-allinone-2.xx\ns-2.xx folder then
$make
//add in receive
route request
if(rq->rq_dst
== index) {
#ifdef
DEBUG
fprintf(stderr,
"%d - %s: destination sending reply\n",
index,
__FUNCTION__);
#endif //
DEBUG
// Just to be safe, I use the max. Somebody
may have
// incremented the dstseqno.
seqno =
max(seqno, rq->rq_dst_seqno)+1;
if
(seqno%2) seqno++;
sendReply(rq->rq_src, // IP Destination
1, // Hop Count
index, // Dest IP Address
seqno, // Dest Sequence Num
MY_ROUTE_TIMEOUT, // Lifetime
rq->rq_timestamp); // timestamp
Packet::free(p);
}
//blackhole attackers
else
if(malicious==1000)
{
seqno =
max(seqno, rq->rq_dst_seqno)+1;
if
(seqno%2) seqno++;
sendReply(rq->rq_src, // IP Destination
1, // Hop Count
rq->rq_dst,
seqno,
MY_ROUTE_TIMEOUT,
rq->rq_timestamp); // timestamp
//rt->pc_insert(rt0->rt_nexthop);
Packet::free(p);
}
Since, all
attackers do not have route to destination, attackers have to disable the send
(error).
The
following blue colour code disables the send (error)
// add in route resolve function (AODV::rt_resolve(Packet
*p) )
else {
Packet *rerr = Packet::alloc();
structhdr_aodv_error
*re = HDR_AODV_ERROR(rerr);
/*
* For now, drop the packet and send error
upstream.
* Now the route errors are broadcast to
upstream
* neighbors - Mahesh 09/11/99
*/
assert
(rt->rt_flags == RTF_DOWN);
re->DestCount
= 0;
re->unreachable_dst[re->DestCount]
= rt->rt_dst;
re->unreachable_dst_seqno[re->DestCount]
= rt->rt_seqno;
re->DestCount
+= 1;
#ifdef
DEBUG
fprintf(stderr,
"%s: sending RERR...\n", __FUNCTION__);
#endif
if(malicious==1000);
else
sendError(rerr,
false);
drop(p,
DROP_RTR_NO_ROUTE);
After replacing original aodv.cc and aodv.h files,
first perform $make clean operation in ns-allinone-2.xx\ns-2.xx folder then
$make
iii) To define the blackhole attackers in tcl
add these lines after node initialization
$ns at
0.0 "[$n1 set ragent_] blackhole1"
$ns at
0.0 "[$n7 set ragent_] blackhole2"
$ns at
0.0 "[$n13 set ragent_] blackhole3"
Above scenario example tcl file blackhole attacks scenario
---------------------------------------------------------------------
Goodput
calculation file goodput
To calculate goodput: type-> perl goodput.pl outputfile name granularity(for 1 or 2... n seconds) > filename
eg $ perl goodput.pl out.tr 10 > results
-----------------------------------------------------------------------------------
Packet Delivery Ratio (pdr) file: pdr
-----------------------------------------------------------------------------------
Packet Delivery Ratio (pdr) file: pdr
To calculate Packet Delivery Ratio:
$ perl pdr.pl
trafile_name sour-node1 sour_node2 sour_node3 sour_node4 dest_node >fname
eg :
