A Survey of Cooperative Black and Gray hole Attack in MANET - ijcsmr
A Survey of Cooperative Black and Gray hole Attack in MANET - ijcsmr
A Survey of Cooperative Black and Gray hole Attack in MANET - ijcsmr
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
International Journal <strong>of</strong> Computer Science <strong>and</strong> Management Research Vol 1 Issue 2 September 2012<br />
ISSN 2278-733X<br />
A <strong>Survey</strong> <strong>of</strong> <strong>Cooperative</strong> <strong>Black</strong> <strong>and</strong><br />
<strong>Gray</strong> <strong>hole</strong> <strong>Attack</strong> <strong>in</strong> <strong>MANET</strong><br />
B.Revathi*<br />
D.Geetha**<br />
*Research scholar <strong>in</strong> Computer Science, Sree Saraswathi Thyagaraja College <strong>of</strong> Arts <strong>and</strong> Science<br />
Pollachi-642 107, Tamil Nadu, India<br />
**Assistant Pr<strong>of</strong>essor <strong>in</strong> Computer Science, Sree Saraswathi Thyagaraja College <strong>of</strong> Arts <strong>and</strong> Science<br />
Pollachi-642 107, Tamil Nadu, India<br />
Abstract— Mobile ad hoc networks (<strong>MANET</strong>s) are a set <strong>of</strong><br />
mobile nodes which are self-configur<strong>in</strong>g <strong>and</strong> connected by<br />
wireless l<strong>in</strong>ks automatically as per the def<strong>in</strong>ed rout<strong>in</strong>g protocol.<br />
Security is an essential requirement <strong>in</strong> mobile ad hoc network<br />
(<strong>MANET</strong>s). Compared to wired networks, <strong>MANET</strong>s are more<br />
vulnerable to security attacks due to the lack <strong>of</strong> a trusted<br />
centralized authority <strong>and</strong> limited resources. <strong>Attack</strong>s on ad-hoc<br />
networks can be classified as passive <strong>and</strong> active attacks,<br />
depend<strong>in</strong>g on whether the normal operation <strong>of</strong> the network is<br />
disrupted or not. These mobile nodes communicate with each<br />
other without any <strong>in</strong>frastructure, furthermore, all <strong>of</strong> the<br />
transmission l<strong>in</strong>ks are established through wireless medium. In<br />
this paper we address the problem <strong>of</strong> packet forward<strong>in</strong>g<br />
misbehavior <strong>and</strong> propose a mechanism to detect <strong>and</strong> remove the<br />
black <strong>and</strong> gray <strong>hole</strong> attacks.<br />
Keywords— black <strong>hole</strong>, gray <strong>hole</strong>, <strong>MANET</strong>, active attack,<br />
passive attack.<br />
I. INTRODUCTION<br />
This Mobile Ad-hoc Networks (<strong>MANET</strong>s) differ from<br />
exist<strong>in</strong>g networks by the fact that they depend on no fixed<br />
<strong>in</strong>frastructure. Nodes form<strong>in</strong>g the network perform all<br />
functionality <strong>of</strong> the network with each node performs the<br />
functionality <strong>of</strong> both host <strong>and</strong> router.<br />
Fig.1.1 A typical <strong>MANET</strong><br />
A <strong>MANET</strong> is referred to as an <strong>in</strong>frastructure less network<br />
because the mobile nodes <strong>in</strong> the network dynamically set up<br />
paths among themselves to send out packets temporarily. Due<br />
to multi-hop rout<strong>in</strong>g <strong>and</strong> open work<strong>in</strong>g environment,<br />
<strong>MANET</strong>s are vulnerable to attacks by selfish or malicious<br />
nodes, such as packet dropp<strong>in</strong>g (black-<strong>hole</strong>) attacks <strong>and</strong><br />
selective forward<strong>in</strong>g (gray-<strong>hole</strong>) attacks. Another<br />
characteristic <strong>of</strong> a <strong>MANET</strong> is, limited b<strong>and</strong>width, limited<br />
battery power. This characteristic makes rout<strong>in</strong>g <strong>in</strong> a <strong>MANET</strong><br />
an even more difficult task. Currently, several efficient rout<strong>in</strong>g<br />
protocols have been proposed. These protocols can be<br />
classified <strong>in</strong>to two categories: reactive rout<strong>in</strong>g protocols <strong>and</strong><br />
proactive rout<strong>in</strong>g protocols. In reactive rout<strong>in</strong>g protocols, such<br />
as the Ad hoc On Dem<strong>and</strong> Distance Vector (AODV) protocol<br />
[1], nodes f<strong>in</strong>d routes only when required. In proactive rout<strong>in</strong>g<br />
protocols, such as the Optimized L<strong>in</strong>k State Rout<strong>in</strong>g (OLSR)<br />
protocol [2], nodes obta<strong>in</strong> routes by periodic exchange <strong>of</strong><br />
topology <strong>in</strong>formation. <strong>Gray</strong> <strong>hole</strong> attack [3] may occur due to a<br />
malicious node which is deliberately mischievous, as well as a<br />
damaged node <strong>in</strong>terface we simulated the <strong>Gray</strong> <strong>hole</strong> attack<br />
node which is <strong>in</strong>tentionally misbehav<strong>in</strong>g, as well as a<br />
damaged node <strong>in</strong>terface we simulated the <strong>Gray</strong> <strong>hole</strong> attack.<br />
We made our simulations us<strong>in</strong>g Network Simulator version 2<br />
(NS-2) [4] simulation programs that consists <strong>of</strong> the collection<br />
<strong>of</strong> all network protocols to simulate many <strong>of</strong> the accessible<br />
network topologies.<br />
II. PROTOCOLS COMMONLY USED FOR <strong>MANET</strong>’S<br />
There are many number <strong>of</strong> rout<strong>in</strong>g protocols that are<br />
proposed <strong>in</strong> <strong>MANET</strong>. The most commonly used protocols are:<br />
A. AODV (Ad Hoc On-Dem<strong>and</strong> Distance Vector Rout<strong>in</strong>g)<br />
Ad hoc On-Dem<strong>and</strong> Distance Vector (AODV) Rout<strong>in</strong>g is a<br />
rout<strong>in</strong>g protocol for <strong>MANET</strong>s <strong>and</strong> other wireless ad-hoc<br />
networks. It is a reactive rout<strong>in</strong>g protocol, mean<strong>in</strong>g that is to<br />
establish a route to a dest<strong>in</strong>ation only on dem<strong>and</strong>. AODV is<br />
capable <strong>of</strong> both unicast <strong>and</strong> multicast rout<strong>in</strong>g. Route Requests<br />
(RREQs), Route Replies (RREPs), <strong>and</strong> Route Errors<br />
(RERRs) are the message types dist<strong>in</strong>ct by AODV. These<br />
message types are received through UDP, <strong>and</strong> normal IP<br />
header process<strong>in</strong>g applies.<br />
B. DSR (Dynamic Source Rout<strong>in</strong>g)<br />
The Dynamic Source Rout<strong>in</strong>g (DSR) [5] protocol is an on<br />
dem<strong>and</strong> rout<strong>in</strong>g protocol that is based on the concept <strong>of</strong> source<br />
rout<strong>in</strong>g. The DSR is a simple <strong>and</strong> efficient rout<strong>in</strong>g protocol<br />
B.Revathi et.al. 205 www.<strong>ijcsmr</strong>.org
International Journal <strong>of</strong> Computer Science <strong>and</strong> Management Research Vol 1 Issue 2 September 2012<br />
ISSN 2278-733X<br />
designed specially for use <strong>in</strong> multi-hop wireless ad hoc<br />
networks <strong>of</strong> mobile nodes. DSR allows the network to be<br />
entirely self-organiz<strong>in</strong>g <strong>and</strong> self-configur<strong>in</strong>g, without the need<br />
for any exist<strong>in</strong>g network <strong>in</strong>frastructure or adm<strong>in</strong>istration.<br />
Dynamic source rout<strong>in</strong>g protocol (DSR) is an on-dem<strong>and</strong><br />
protocol designed to conf<strong>in</strong>e the b<strong>and</strong>width consumed by<br />
control packets <strong>in</strong> ad hoc wireless networks by elim<strong>in</strong>at<strong>in</strong>g the<br />
periodic table-update messages.<br />
C. DYMO (Dynamic On-Dem<strong>and</strong> <strong>MANET</strong> Rout<strong>in</strong>g<br />
Protocol)<br />
The Dynamic <strong>MANET</strong> On-dem<strong>and</strong> (DYMO) rout<strong>in</strong>g<br />
protocol enables reactive, multihop, unicast rout<strong>in</strong>g between<br />
participat<strong>in</strong>g DYMO routers. The basic operations <strong>of</strong> the<br />
DYMO protocol are route discovery <strong>and</strong> route ma<strong>in</strong>tenance.<br />
III. CLASSIFICATION OF ATTACKS<br />
The attacks can be categorized on the basis <strong>of</strong> the source <strong>of</strong><br />
the attacks i.e. Internal or External, <strong>and</strong> on the behaviour <strong>of</strong><br />
the attack i.e. Passive or Active attack. This classification is<br />
important because the attacker can develop the network either<br />
as <strong>in</strong>ternal, external or/ as well as active or passive attack<br />
aga<strong>in</strong>st the network.<br />
A. External <strong>and</strong> Internal <strong>Attack</strong><br />
External attacks, <strong>in</strong> which the attacker aims to cause<br />
congestion, spread false rout<strong>in</strong>g <strong>in</strong>formation or disturb nodes<br />
from provid<strong>in</strong>g services.External attacks are attacks launched<br />
by challengers who are not <strong>in</strong>itially <strong>of</strong>ficial to participate <strong>in</strong><br />
the network operations. These attacks usually aim to cause<br />
network congestion, deny access to specific network function<br />
or to <strong>in</strong>terrupt the w<strong>hole</strong> network operations. External<br />
attackers are ma<strong>in</strong>ly outside the networks who want to get<br />
access to the network, once they get access to the network<br />
they start send<strong>in</strong>g fake packets, denial <strong>of</strong> service <strong>in</strong> order to<br />
<strong>in</strong>terrupt the performance <strong>of</strong> the w<strong>hole</strong> network. This attack is<br />
same, like the attacks that are made aga<strong>in</strong>st wired network.<br />
These attacks can be barred by implement<strong>in</strong>g security<br />
measures such as firewall, where the access <strong>of</strong> unauthorized<br />
person to the network can be mitigated.<br />
In <strong>in</strong>ternal attack the attacker wants to have usual access to<br />
the network as well as contribute <strong>in</strong> the normal activities <strong>of</strong><br />
the network. Internal attack is more strict attacks then external<br />
attacks. Internal attacks, <strong>in</strong> which the challenger wants to ga<strong>in</strong><br />
the normal access to the network <strong>and</strong> contribute the network<br />
activities, either by some malicious impersonation to get the<br />
access to the network as a new node, or by directly<br />
compromis<strong>in</strong>g a exist<strong>in</strong>g node <strong>and</strong> us<strong>in</strong>g it as a basis to<br />
conduct its malicious behaviors.Internal nodes might<br />
misbehave to save their limited resources, such as the battery<br />
powers, the process<strong>in</strong>g capabilities, <strong>and</strong> the communication<br />
b<strong>and</strong>width. <strong>Attack</strong>s that are caused by the misbehav<strong>in</strong>g<br />
<strong>in</strong>ternal nodes are hard to detect because to dist<strong>in</strong>guish<br />
between normal network failures <strong>and</strong> misbehaviour activities<br />
<strong>in</strong> the ad hoc networks is not an easy task.<br />
.Fig. 3.1 External <strong>and</strong> Internal <strong>Attack</strong>s <strong>in</strong> <strong>MANET</strong>s<br />
B. Active <strong>and</strong> Passive <strong>Attack</strong><br />
In active attack the attacker disrupt the performance <strong>of</strong> the<br />
network, steal important <strong>in</strong>formation <strong>and</strong> try to destroy the<br />
data dur<strong>in</strong>g the exchange <strong>in</strong> the network. Active attacks can be<br />
an <strong>in</strong>ternal or an external attack. The active attacks are meant<br />
to destroy the performance <strong>of</strong> the network <strong>in</strong> such case the<br />
active attack act as an <strong>in</strong>ternal node <strong>in</strong> the network. Be<strong>in</strong>g an<br />
active part <strong>of</strong> the network it is easy for the node to make use<br />
<strong>of</strong> <strong>and</strong> takeover any <strong>in</strong>ternal node to use it to <strong>in</strong>troduce false<br />
packets <strong>in</strong>jection or denial <strong>of</strong> service. This attack br<strong>in</strong>gs the 18<br />
attacker <strong>in</strong> strong position where attacker can modify, make<br />
<strong>and</strong> replays the massages. <strong>Attack</strong>ers <strong>in</strong> passive attacks do not<br />
<strong>in</strong>terrupt the normal operations <strong>of</strong> the network. In Passive<br />
attack, it listens to the network <strong>in</strong> order to know <strong>and</strong><br />
underst<strong>and</strong> how they are located <strong>in</strong> the network, how the<br />
nodes are communicat<strong>in</strong>g with each other. Before the attacker<br />
start an attack aga<strong>in</strong>st the network, the attacker has enough<br />
<strong>in</strong>formation about the network that it can easily capture <strong>and</strong><br />
<strong>in</strong>troduce attack <strong>in</strong> the network.<br />
Fig. 3.2 Active <strong>and</strong> Passive <strong>Attack</strong> <strong>in</strong> <strong>MANET</strong>s<br />
IV. NETWORK LAYER THREATS<br />
A. <strong>Black</strong> <strong>hole</strong> <strong>Attack</strong><br />
<strong>MANET</strong>s face various securities threats i.e. attack that are<br />
passed out aga<strong>in</strong>st them to <strong>in</strong>terrupt the normal performance<br />
<strong>of</strong> the networks. <strong>Black</strong> <strong>hole</strong> attack is one <strong>of</strong> the security threat<br />
<strong>in</strong> which the traffic is redirect to such a node that actually does<br />
not exist <strong>in</strong> the network. In these attacks, black <strong>hole</strong> attack is<br />
that k<strong>in</strong>d <strong>of</strong> attack which occurs <strong>in</strong> Mobile Ad-Hoc networks<br />
(<strong>MANET</strong>). In black <strong>hole</strong> attack, a malicious node uses its<br />
B.Revathi et.al. 206 www.<strong>ijcsmr</strong>.org
International Journal <strong>of</strong> Computer Science <strong>and</strong> Management Research Vol 1 Issue 2 September 2012<br />
ISSN 2278-733X<br />
rout<strong>in</strong>g protocol <strong>in</strong> order to endorse itself for hav<strong>in</strong>g the <strong>in</strong>volves the cooperation between two attack<strong>in</strong>g nodes [14].<br />
shortest path to the dest<strong>in</strong>ation node or to the packet it wants One attacker captures rout<strong>in</strong>g traffic at one po<strong>in</strong>t <strong>of</strong> the<br />
to <strong>in</strong>terrupt.<br />
network <strong>and</strong> turns it to another po<strong>in</strong>t <strong>in</strong> the network that<br />
This destructive node advertises its availability <strong>of</strong> new shares a private high speed communication l<strong>in</strong>k between the<br />
routes irrespective <strong>of</strong> check<strong>in</strong>g its rout<strong>in</strong>g table. In this way attackers, <strong>and</strong> then selectively <strong>in</strong>jects tunnel traffic back <strong>in</strong>to<br />
attacker node will always have the availability <strong>in</strong> reply<strong>in</strong>g to the network. The two collud<strong>in</strong>g attacker can potentially<br />
the route request <strong>and</strong> thus <strong>in</strong>tercept the data packet <strong>and</strong> reta<strong>in</strong> deform the topology <strong>and</strong> establish routes under the control<br />
it [6]. In protocol based on flood<strong>in</strong>g, the malicious node reply over the worm<strong>hole</strong> l<strong>in</strong>k.<br />
will be received by the request<strong>in</strong>g node before the response <strong>of</strong><br />
reply from actual node; hence a malicious <strong>and</strong> forged route is<br />
created. When this route is establish, now it is up to the node 1<br />
whether to drop all the packets or promote it to the unknown<br />
2<br />
address [7].<br />
B<br />
4<br />
The black <strong>hole</strong> attack has two properties. First, the node<br />
exploits the mobile ad-hoc rout<strong>in</strong>g protocol, such as AODV,<br />
to promote itself as hav<strong>in</strong>g a valid route to a target node, even<br />
3<br />
though the route is false, with the aim <strong>of</strong> <strong>in</strong>tercept<strong>in</strong>g packets.<br />
Second, the attacker consumes the <strong>in</strong>tercepted packets without<br />
A<br />
any forward<strong>in</strong>g. However, the attacker runs the risk that<br />
neighbour<strong>in</strong>g nodes will check <strong>and</strong> represent the ongo<strong>in</strong>g<br />
attacks. There is a more delicate form <strong>of</strong> these attacks when an<br />
Fig.4.2 Warm Hole <strong>Attack</strong><br />
attacker selectively forward packets. An attacker suppress or<br />
modifies packets orig<strong>in</strong>at<strong>in</strong>g from some nodes, while leav<strong>in</strong>g D. Location Disclosure <strong>Attack</strong>:<br />
the data from the other nodes unchanged, which limits the In this attack, the privacy necessities <strong>of</strong> an ad hoc network<br />
suspicion <strong>of</strong> its wrongdo<strong>in</strong>g.<br />
are compromised. Through the use <strong>of</strong> traffic analysis<br />
techniques or with simpler prob<strong>in</strong>g <strong>and</strong> monitor<strong>in</strong>g<br />
approaches an attacker is able to discover the place <strong>of</strong> a node,<br />
<strong>and</strong> the configuration <strong>of</strong> the network.<br />
Fig.4.1<strong>Black</strong> <strong>hole</strong> <strong>Attack</strong><br />
B. Impersonation <strong>Attack</strong>:<br />
The attacker nodes impersonates a right node <strong>and</strong> jo<strong>in</strong>s the<br />
network untraceable, sends false rout<strong>in</strong>g <strong>in</strong>formation, masked<br />
as some other trusted node.<br />
C. Worm<strong>hole</strong> <strong>Attack</strong>:<br />
In the worm<strong>hole</strong> attacks, a compromised node <strong>in</strong> the ad hoc<br />
networks colludes with external attacker to create a shortcut <strong>in</strong><br />
the network. By creat<strong>in</strong>g this shortcut, they could trap the<br />
source node to w<strong>in</strong> <strong>in</strong> the route discovery process <strong>and</strong> later<br />
starts the <strong>in</strong>terception attacks. Packets from these two<br />
collud<strong>in</strong>g attackers are usually transmitted us<strong>in</strong>g wired<br />
connection to create the best route from source to the<br />
dest<strong>in</strong>ation node. In addition, if the worm<strong>hole</strong> nodes<br />
constantly ma<strong>in</strong>ta<strong>in</strong> the false routes, they could permanently<br />
reject other routes from be<strong>in</strong>g established. As a result, the<br />
<strong>in</strong>termediate nodes reside along that denied routes are unable<br />
to contribute <strong>in</strong> the network operations. The worm<strong>hole</strong> attack<br />
E. <strong>Gray</strong> <strong>hole</strong> <strong>Attack</strong><br />
In this k<strong>in</strong>d <strong>of</strong> attack the attacker misleads the network by<br />
approv<strong>in</strong>g to forward the packets <strong>in</strong> the network. As soon as it<br />
receive the packets from the neighbour<strong>in</strong>g node, the attacker<br />
falls the packets. This is a type <strong>of</strong> active attack. In the<br />
beg<strong>in</strong>n<strong>in</strong>g the attacker nodes behaves usually <strong>and</strong> reply true<br />
RREP messages to the nodes that started RREQ messages.<br />
When it receives the packets it starts fall<strong>in</strong>g the packets <strong>and</strong><br />
launch Denial <strong>of</strong> Service (DoS) attack. The malicious<br />
activities <strong>of</strong> gray <strong>hole</strong> attack is different <strong>in</strong> different ways. It<br />
drops packets while forward<strong>in</strong>g them <strong>in</strong> the network. In some<br />
other gray <strong>hole</strong> attacks the attacker node behaves maliciously<br />
for the time until the packets are dropped <strong>and</strong> then switch to<br />
their normal behavior [8]. Due this behavior it’s very tricky<br />
for the network to figure out such k<strong>in</strong>d <strong>of</strong> attack. <strong>Gray</strong> <strong>hole</strong><br />
attack is also termed as node misbehav<strong>in</strong>g attack [9].<br />
V. PROPERTIES OF BLACKHOLE, GREYHOLE AND<br />
WORMHOLE ATTACKS<br />
First, the <strong>Black</strong> <strong>hole</strong> node exploits the ad hoc rout<strong>in</strong>g protocol,<br />
such as AODV, to promote itself as hav<strong>in</strong>g a valid route to a<br />
dest<strong>in</strong>ation node, even though the route is fake, with the<br />
<strong>in</strong>tention <strong>of</strong> <strong>in</strong>tercept<strong>in</strong>g packets. Second, the packets are<br />
consumed by the <strong>Black</strong> <strong>hole</strong> node. Third, the <strong>Black</strong> <strong>hole</strong> nodes<br />
can conduct synchronized attacks. Grey <strong>hole</strong> is a node that can<br />
switch from behav<strong>in</strong>g acceptably to behav<strong>in</strong>g like a black <strong>hole</strong>.<br />
Worm<strong>hole</strong> attacks depend on a node misrepresent<strong>in</strong>g its<br />
B.Revathi et.al. 207 www.<strong>ijcsmr</strong>.org
International Journal <strong>of</strong> Computer Science <strong>and</strong> Management Research Vol 1 Issue 2 September 2012<br />
ISSN 2278-733X<br />
location. Hence, location based rout<strong>in</strong>g protocols have the<br />
potential to prevent worm<strong>hole</strong> attacks.<br />
VI. COUNTERMEASURES<br />
A. Worm<strong>hole</strong> <strong>Attack</strong> Countermeasure<br />
Worm<strong>hole</strong> attacks depend on a node misrepresent<strong>in</strong>g its<br />
position. Hence, location based rout<strong>in</strong>g protocols have the<br />
ability to prevent worm<strong>hole</strong> attacks. Localization may be done<br />
us<strong>in</strong>g globally easy to get to beacons that broadcast known<br />
locations [10]. A solution to worm<strong>hole</strong> attacks was planned <strong>in</strong><br />
which all nodes are equipped with directional antennas. Nodes<br />
use specific ‘sectors’ <strong>of</strong> their antennas to communicate with<br />
each other. Each couple <strong>of</strong> nodes exam<strong>in</strong>e the track <strong>of</strong><br />
received signals from its neighbour. If the directions <strong>of</strong> both<br />
pairs match the neighbour relation is set [10]. This method<br />
may only be used <strong>in</strong> networks us<strong>in</strong>g Directional antennas<br />
[11].Another solution was proposed <strong>in</strong> which nodes estimate<br />
the expanse <strong>of</strong> its neighbours us<strong>in</strong>g the Received Signal<br />
Strength. The value is sent to a central controller which<br />
calculates the physical topology based on <strong>in</strong>dividual sensor<br />
distance measurement. Worm<strong>hole</strong> can be trapped as without<br />
worm<strong>hole</strong> attack the topology is usually flat [12] [11].<br />
B. <strong>Black</strong> <strong>hole</strong> <strong>and</strong> Grey <strong>hole</strong> <strong>Attack</strong> Countermeasure<br />
To detect black <strong>and</strong> gray <strong>hole</strong> nodes, one proposal is<br />
hav<strong>in</strong>g the sender occasionally check through all available<br />
routes to establish if the dest<strong>in</strong>ation received all <strong>of</strong> its<br />
messages <strong>in</strong>tact. This must be done after some data has been<br />
sent. In order to avoid any black <strong>hole</strong> nodes that might<br />
<strong>in</strong>terfere with message traffic, the sender broadcasts a "check"<br />
request message (Fig. 3), <strong>and</strong> the dest<strong>in</strong>ation's response would<br />
follow the same route as the request (Fig. 4). To pact with the<br />
possibility <strong>of</strong> a node alter<strong>in</strong>g or fak<strong>in</strong>g the client’s response,<br />
the sender compares each response with the data that it sent to<br />
the dest<strong>in</strong>ation. If the responses differ from what the sender<br />
sent, it may <strong>in</strong>dicate a bad l<strong>in</strong>k or a malicious node. If any two<br />
client responses vary, that is almost a sure sign <strong>of</strong> a malicious<br />
node [13].<br />
S<br />
Fig.6.1 black <strong>hole</strong> <strong>in</strong>terference <strong>in</strong> sender broadcast<br />
S<br />
N1<br />
BH<br />
N1<br />
BH<br />
Fig.6.2 Dest<strong>in</strong>ation Response<br />
N2<br />
D<br />
N2<br />
D<br />
CONCLUSION<br />
In this paper, a study on the work that attempt to detect<br />
black or gray <strong>hole</strong> or cooperative black <strong>and</strong> gray <strong>hole</strong> attack<br />
has been done. Each node can locally ma<strong>in</strong>ta<strong>in</strong> its own table<br />
<strong>of</strong> black listed nodes whenever it tries to send data to any<br />
dest<strong>in</strong>ation node <strong>and</strong> it can also aware the network about the<br />
black listed nodes which are <strong>of</strong> great importance <strong>in</strong><br />
network<strong>in</strong>g. The survey revised about various type <strong>of</strong><br />
protocols commonly used for <strong>MANET</strong>’s.(eg. AODV, DSR,<br />
DYMO) <strong>and</strong> briefly summarized about the classification <strong>of</strong><br />
attacks, Network layer threats <strong>and</strong> its properties <strong>of</strong> black <strong>hole</strong>,<br />
gray <strong>hole</strong> attack, worm <strong>hole</strong> attacks. F<strong>in</strong>ally the paper<br />
expla<strong>in</strong>ed the countermeasures <strong>of</strong> Warm <strong>hole</strong> attacks, gray<br />
<strong>hole</strong> attack <strong>and</strong> black <strong>hole</strong> attack.<br />
REFERENCES<br />
[1] [1] C. Perk<strong>in</strong>s, E. Beld<strong>in</strong>g-Royer, <strong>and</strong> S. Das, “Ad Hoc Ondem<strong>and</strong><br />
Distance Vector (AODV) Rout<strong>in</strong>g,” IETF RFC<br />
3561, July 2003.<br />
[2] Th. Clausen et al., “Optimized L<strong>in</strong>k State Rout<strong>in</strong>g Protocol,”<br />
IETF Internet<br />
[3] P. Misra,. “Rout<strong>in</strong>g Protocols for Ad Hoc Mobile Wireless<br />
Networks”,http://www.cse.wustl.edu/~ja<strong>in</strong>/cis78899/adhoc_ro<br />
ut<strong>in</strong>g/<strong>in</strong>dex.html, 14 May 2006.<br />
[4] H. Goto, Y. Hasegawa, <strong>and</strong> M . Tanaka, “Efficient Schedu l<strong>in</strong> g<br />
Focus<strong>in</strong>g on the Duality <strong>of</strong> MPL Representatives,” Proc.<br />
IEEE Symp. Computational Intelligence <strong>in</strong> Schedul<strong>in</strong>g (SCIS<br />
07), IEEE Press, Dec. 2007, pp. 57-64,<br />
doi:10.1109/SCIS.2007.357670.<br />
[5] J.Yoon, M. Liu, B.Noble ―R<strong>and</strong>om Waypo<strong>in</strong>t Considered Harmful‖<br />
IEEE INFOCOM, 2003.<br />
[6] K. Biswas <strong>and</strong> Md. Liaqat Ali, “Security threats <strong>in</strong> Mobile Ad-<br />
Hoc Network”, Master Thesis, Blek<strong>in</strong>ge Institute <strong>of</strong> Technology”<br />
Sweden, 22nd March 2007<br />
[7] G. A. Pegueno <strong>and</strong> J. R. Rivera, “Extension to MAC 802.11 for<br />
performance Improvement <strong>in</strong> <strong>MANET</strong>”, Karlstads University, Sweden,<br />
December 2006<br />
[8] S.Marti, T.J.Giuli, K.Lai, M.Baker, “Mitigat<strong>in</strong>g Rout<strong>in</strong>g Misbehavior <strong>in</strong><br />
Mobile Ad-Hoc Networks”.<br />
[9] Zhu, C. Lee, M.J.Saadawi, T., “RTT-Based Optimal Wait<strong>in</strong>g time for<br />
Best Route Selection <strong>in</strong> Ad-Hoc Rout<strong>in</strong>g Protocols,” IEEE Military<br />
Communications Conference, Vol. 2, pp. 1054-1059, Oct, 2003.<br />
[10] L. Hu <strong>and</strong> D. Evans, Department <strong>of</strong> Computer Science , University <strong>of</strong><br />
Virg<strong>in</strong>ia Charlottesville, “ Us<strong>in</strong>g Directional Antennas to<br />
Prevent Worm<strong>hole</strong> <strong>Attack</strong>s”, VA IJCSNS International Journal <strong>of</strong><br />
Computer Science <strong>and</strong> Network Security, VOL.8 No.7, July 2008.<br />
[11] K. W<strong>in</strong>, Department <strong>of</strong> Eng<strong>in</strong>eer<strong>in</strong>g Physics, M<strong>and</strong>alay Technological<br />
University, Pathe<strong>in</strong> Gyi, M<strong>and</strong>alay, “Analysis <strong>of</strong> Detect<strong>in</strong>g<br />
Worm<strong>hole</strong> <strong>Attack</strong> <strong>in</strong> Wireless Networks”, World Academy <strong>of</strong> Science,<br />
Eng<strong>in</strong>eer<strong>in</strong>g <strong>and</strong> Technology 48 2008<br />
[12] W. Wang <strong>and</strong> B. Bhargava., “Visualization <strong>of</strong> worm<strong>hole</strong>s <strong>in</strong> sensor<br />
networks”, Proceed<strong>in</strong>gs <strong>of</strong> the 2004 ACM workshop on Wireless<br />
Security, pp. 51-60, 2004.<br />
[13] E. Mohammed <strong>and</strong> L. Darg<strong>in</strong>,Oakl<strong>and</strong> University School <strong>of</strong> Computer<br />
Science <strong>and</strong> Eng<strong>in</strong>eer<strong>in</strong>g CSE 681 Information Security,<br />
“Rout<strong>in</strong>g Protocols Security <strong>in</strong> Ad Hoc Networks”.<br />
[14] Y.C.Hu, A.Perrig, <strong>and</strong> D.B.Johnson, “Packet Leashes: A Defense<br />
Aga<strong>in</strong>st Worm<strong>hole</strong> <strong>Attack</strong>s <strong>in</strong> Wireless Ad hoc Networks,”<br />
Proceed<strong>in</strong>gs <strong>of</strong> 22nd Annual Jo<strong>in</strong>t Conf. IEEE Computer <strong>and</strong><br />
Communications Societies (Infocom’03), San Francisco, CA, vol.3,<br />
pp.1976-1986, April 2003.<br />
B.Revathi et.al. 208 www.<strong>ijcsmr</strong>.org