Different Types of Attacks on Multicast in
Mobile Ad Hoc Networks
Reporter : Claudia
1
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Outline
Basic knowledge



Mobile Ad Hoc Networks (MANET)
Ad hoc On Demand Distance Vector (AODV) protocol
MANET





Rushing attack
Blackhole attack
Neighbor attack
Jellyfish attack
Summary
Reference


2
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Mobile Ad Hoc Networks (MANET)
Def.
A self-configuring infrastructureless network of mobile
devices connected by wireless links.
Characteristic




3
Each device in a MANET is free to move independently in any
direction, and will therefore change its links to other devices
frequently.
Each device must forward traffic unrelated to its own use, and
therefore be a router.
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Ad hoc On Demand Distance Vector
(AODV) protocol
On Demand routing.
Distance Vector.
Hello messages.
Route discovery.
Sequence number.





4
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Ad hoc On Demand Distance Vector
(AODV) protocol (cont.)

5
Route discovery(Example from reference [5]
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Ad hoc On Demand Distance Vector
(AODV) protocol (cont.)

6
Route discovery(Example from reference [5]
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Ad hoc On Demand Distance Vector
(AODV) protocol (cont.)

7
Route discovery(Example from reference [5]
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Ad hoc On Demand Distance Vector
(AODV) protocol (cont.)

8
Route discovery(Example from reference [5]
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Ad hoc On Demand Distance Vector
(AODV) protocol (cont.)

9
Route discovery(Example from reference [5]
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Rushing attack


By skipping some of the routing processes, can quickly
forward these packets and make other router discard the
normally-process packets.
Cause the attacker is able to gain access to the
forwarding group.
10
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Rushing attack (cont.)
 Picture from
reference [1].
11
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Blackhole attack



Using rushing attack at first.
Drops all of data packets it receives.
Cause very low packet delivery ratio.
12
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Blackhole attack(cont.)
 Picture from
reference [1].
13
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Jellyfish attack



Using rushing attack at first.
Delays data packets unnecessarily for some amount of
time before forwarding them.
Results in significantly high end-to-end delay and delay
jitter.
14
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Jellyfish attack(cont.)
 Picture from
reference [1].
15
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Jellyfish attack(cont.)
 Picture from
reference [1].
16
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Neighbor attack



Using rushing attack at first.
Attacker simply forwards the packet without recording its
ID in the packet.
Resulting in a disrupted route.
17
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Summary



Protocols that use the duplicate suppression mechanism
such as ODMRP, ADMR are very vulnerable to rushing
attacks.
Jellyfish attacks do not affect the packet delivery ratio or
the throughput of a multicast group, but they severely
increase the packet end-to-end delay and delay jitter.
The operations of blackhole attacks and neighbor attacks
are different, they both cause the same degree of damage
to the performance of a multicast group in terms of
packer loss rate.
18
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7
Reference





[1]http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber
=1628395
[2]http://en.wikipedia.org/wiki/Mobile_ad_hoc_network
[3]http://en.wikipedia.org/wiki/List_of_ad_hoc_routing_p
rotocols
[4]http://users.crhc.illinois.edu/yihchun/pubs/wise03.pdf
[5]http://www.cs.jhu.edu/~cs647/aodv.pdf
19
0-7695-2552-0/06 $20.00 © 2006 IEEE
2011/12/7