International Journal of Engineering Trends and Technology (IJETT) – Volume 15 Number 5 – Sep 2014
Performance Evaluation of Conditional Active Rreq
Flooding-Filter Based Prevention Method for AODV
in Manet
Neha Kamdar #1, Neeraj Paliwal
*2
M-Tech Scholar , Associate Proff.
Department CSE ,Oriental University
Indore (M.P), India
Abstract— Without the management of centralized unit, mobile
ad hoc networks (MANETs) are vulnerable to security threats
from flooding attacks launched through compromised nodes or
intruder. Whenever a source node needs a data session with a
destination node, it disseminates a route request (RREQ)
message to its neighbors in a hop-by-hop manner. A crucial type
of flooding attacks called RREQ flooding appears to be
inevitably proliferated in wireless networks. Within the RREQ
flooding attack, attackers would launch immense RREQ packets
with out-of-domain IP address as its destination node.[1]
Forwarding services conducted by all intermediate nodes exhaust
their energy and processing resources. This proposed approach
can suppress redundant RREQ packets using the co-operation of
destination node and neighbor nodes within one hop range of the
attacking node.This proposed approach and configure all
relevant system aspects in a concise fashion for qualitative
analysis. As of quantitative viewpoint, relevant network
simulations were conducted to validate the proposed scheme
using an NS2. The experimental result reveals that the proposed
CARF-F can be applied to economically and effectively elongate
the operational lifetime of MANETs under flooding attack. [2]
Keywords—MANET; AODV, CARF-F (Conditional Active
RREQ Flooding-Filter), RREQ (Route Request)
I. INTRODUCTION
A mobile ad hoc network (MANET) is a wireless
LAN(Local Area Network) model without the need of central
base stations and operated as a self-organized, dynamically
changing multi-hop network. MANETs can be applied in
during natural catastrophes, for military applications and
conducting geographic exploration [3,4]. Mobile and wireless
devices belonging to a MANET are usually called mobile
nodes. Nodes are characterized by high mobility, low power,
limited storage, limited transmission range and finite energy
budget without recharging gears. Mobile nodes communicate
through bi-directional radio links and data transmission is a
key challenge. MANET communication events are called
sessions.Two communicating parties, namely the source node
and the destination node comprise a session pair (or source–
destination pair). A mobile node can communicate effectively,
but when flooding in the network is minimized. Based on a
hop-by-hop routing scheme, the AODV (Ad hoc On-Demand
Vector) routing protocol offers quick adaptation to dynamic
links, low processing and memory overhead for CARF-F.[5]
When a source node needs a route to a destination, it
disseminates a route request (RREQ) message to its
ISSN: 2231-5381
neighbors. Every node receiving the message creates a mobile
ad hoc network (MANETs) are usually formed by a group of
mobile nodes, interconnected via wireless links, which is
agreed to cooperate and forward each other’s packet. One of
the basic assumptions in the design of routing protocols in
MANETs is that every node is honest and cooperative. [6]
Fig. 1 Example of a simple ad-hoc network with three participating nodes
That means, if a node claims it can reach another node by a
certain path or distance, the claim is trusted/true. Similarly, if
a node reports a link break, the link will no longer be used.
While this assumption can fundamentally facilitate the design
and implementation of routing protocols, it meanwhile
introduces a vulnerability to several types of denial of service
(DOS) attacks and node deopping, all this problem resolved
by using this scheme CARF-F [7], particularly packet
dropping attack. To launch such attacks, a malicious node can
stealthily drop some or all data or routing packets passing
through it. Due to the lack of physical protection and reliable
medium access mechanism, packet dropping attack represents
a serious threat to the routing function in MANETs. A foe can
easily join the network and compromise a legitimate node,
then subsequently start dropping packets that are expected to
be relayed in order to disrupt the regular communications. As
a result, all the routes passing through this node fail to
establish a correct routing path between the source and
destination nodes.[8]
II. RELATED STUDY
Significant works have been done in securing the ad hoc
network. A few researches defined the method for secure
routing, but secure routing also can not able to handle the
flooding attack.
The first flooding attack prevention(FAP) method was
proposed in [9]. In their paper, first they described RREQ
flooding and data flooding. This was the first paper that
http://www.ijettjournal.org
Page 206
International Journal of Engineering Trends and Technology (IJETT) – Volume 15 Number 5 – Sep 2014
addressed the prevention of flooding attack in ad hoc network.
The authors proposed the separate approach for RREQ
flooding and data flooding. To oppose the RREQ flooding,
they defined the neighbor suppression method which
prioritizes the node based on the number of RREQ
acknowledged. A node gets higher priority if it sends less
numbers of RREQ packets and defined the threshold rate. To
deal with data flooding they used path cutoff method. In this
method when a node identifies that sender is originating data
flooding, then it cut off the path and sends the route error
message. During this way the attack is prevented up to some
extent, but the disadvantage of this method is flooding a
packet still exists in the network. This limitation of FAP is
eliminated by [10] presented threshold prevention. In this
method they defined the fixed threshold value for every node
in the network. Now if any node receives the RREQ flooding,
packet more than the threshold value, then the sender is
assumed as an attacker and all the packets from an attacker is
discarded by the receiver node. This method eliminates the
flooding, packet but if the intruder has the idea about the
threshold value, then it can bypass the TP mechanism. A usual
node with high mobility is treated as the malicious node.
In [11], the author proposed the distributive approach to
resist the flooding attack. In this method they have used the
two
threshold
values;
RATE_LIMIT
and
BLACKLIST_LIMIT. If the RREQ count of any node is less
than RATE_LIMIT then the request is processed otherwise
check whether it is less than BLACKLIST_LIMIT, and if yes,
then black list the node, but if the count is greater than
RREQ_LIMIT and less than BLACKLIST_LIMIT then put
the RREQ in the delay queue and process after queue time out
occurs. This method can Handel the network with high
mobility.
In [12], the author analyzed the flooding attack in
anonymous communication in the network. They used the
threshold tuple which consist of three threshold components:
transmission, blacklist and white listing threshold. If any node
generates RREQ packet more than transmission threshold,
then its neighbor discards the packet if it crosses the
transmission threshold more than blacklist threshold then it
black list the node.
III. PROBLEM DOMAIN
The Flooding is the active category based network attack
whose aim is to make the network congested by some fake
route request (RREQ) packets. In this scenario when a route
initiated route discovery then the source node sends RREQ
packet to its neighbors and waits for a time for its reply. The
node is not having any information about the behaviour of its
neighbour. The neighbors distance is taken as a hop count.
Thus if the node is having smallest hop count the packet is
forwarded to it[13]. During this process of traditional routing
the verification of legitimate node condition is not involved
and hence some new node will destruct the actual working of
the network by flooding the fake RREQ packets to the
ISSN: 2231-5381
network. By this packets the actual packet route discovery
gets affected and which later makes denial of service (DOS)
attacks. Thus, in the absence of any malicious packet removal
schemes the network is getting congested with these fake
packets. Traditional schemes are not capable of identifying
these packets. So later on several improvements over the
AODV protocol is proposed[14]. This paper studies various
techniques proposed for overcoming the flooding attack
situation and measured that there are some issues which
remains unsettled.
IV. PROPOSED CARF-F ARCHITECTURE & METHOD
All the nodes in an ad hoc network are categorized as
friends, associates or strangers based on their relationships
with their neighboring nodes. During network initiation all
nodes will be strangers to each other node. A trust estimator is
used in each node to evaluate the trust level of its neighboring
nodes.That trust level is a function of various parameters like
length of the association, proportion of the number of packets
forwarded successfully by the neighbor to the total number of
packets sent to that neighbor, proportion of number of packets
received intact from the neighbor to the total number of
received packets from that node on that time, and average
time taken to respond to a route request etc. Consequently, the
neighbors are categorized into friends (most trusted),
acquaintances (trusted) and strangers (not trusted).
In an ad hoc network, the link of a node i to its neighbor node
j may be any of the subsequent varieties
A. Node i may be a stranger (S) to neighbor node j :
Node I actually have ne’er sent/received messages to/from
node j. Their trust levels between one another are going to be
terribly low. Any new node getting in to ad hoc network will
be a stranger to all or its neighbors. There are unit high
probabilities of malicious behavior from stranger nodes.
B. Node i is an exponent (A) to neighbor node j
Node I actualy have sent/received few messages from node
j. Their mutual trust level is neither too low nor too high to be
reliable. The probabilities of malicious behavior can go to be
observed.
C. Node i is a friend (F) to neighbor node j :
Note i sent/received plenty of messages to/from node j. The
trust levels between them area unit are reasonably high.
chance of misbehaving nodes is also teribly less.
The above relationships are represented as a Friendship
table for each node in an ad hoc network. Consider the node
n0 in Figure 1. The threshold trust level for a stranger node to
become an acquaintance to its neighbor is represented by Tacq
and the threshold trust level for an acquaintance node to
become a friend of its neighbour is denoted by Tfri.This idea
provide a uniform approach for mimizing node dropping and
perform the process with high accuracy and avoid the problem
of misbehaving .This approach generate a better result as a
outcome.
http://www.ijettjournal.org
Page 207
International Journal of Engineering Trends and Technology (IJETT) – Volume 15 Number 5 – Sep 2014
Figure 2 : Proposed CARF-F Based Flooding Attack Prevention and Removal
The relationships are represented as
R (ni →nj) = F when T ≥ Tfri
R (ni →nj) =A when Tacq ≤ T < Tfri
R (ni →nj) =S when 0 < T < Tacq
5. Else
6. Forward the RREQ packet
7. If node =A‘ is an acquaintance and Z [A] = 0 then
8. Increment X [A]
9. If X [A] > Xra
10. Drop the RREQ packet and set
Z [A] = 1
11. Else
12. Forward the RREQ packet
13. If node =A‘ is a stranger and Z [A] = 0 then
14. Increment X [A]
15. If X [A] > Xrs
16. Drop the RREQ packet and set
Z [A] = 1
17. Else
18. Forward the RREQ packet
End
Figure 3: Nodes in an Ad hoc Network
A. Proposed Algorithms
CARF-F Algorithm:
Begin
If an intermediate node receives RREQ flooding, packet from
Node A then
1. If node =A‘ is a friend and Z [A] = 0 then
2. Increment X [A]
3. If X [A] > Xrf
4. Drop the RREQ packet and set
Z [A] = 1
ISSN: 2231-5381
The packets are successfully received by n0 else if Xrs < X,
the packets are dropped. Again, if the n3 is sending X packets
to n0, is compared with the threshold value of acquaintance. If
Xra > X then the packets are successfully received by n0. Else
if Xra < X, the packets is dropped. Similarly the transfer of X
packets from n4 is compared with the threshold value for
friend (Xrf). The same procedure is followed for preventing
DATA flooding attacks from the neighboring nodes.
http://www.ijettjournal.org
Page 208
International Journal of Engineering Trends and Technology (IJETT) – Volume 15 Number 5 – Sep 2014
A. Energy Description with respect to time (PDR) –
The no of nodes packets received at the destination to the
number of packets sent from the source. When flooding is
judged it shows uniform result.
B. RREQ packet with respect to Nodes:
Graph Summary: As turnout live the transmission potency in
terms of which success, delivered packets in unit time for a
mere channel information measure. The higher than result
shows the effectiveness of the steered approach, whereas
compare it with the prevailing. The graph interprets the
constant turnout for many cases that justify the approach.
D. Node Overhead:
Routing Load is that the quantitative relation of the local
variety of the routing packets to the full variety of received
information packets at the destination. The number of batteries
consumed generated (in bits) per information traffic delivered
(in bits). It ought to be taken in terms of the additional load
started whereas executing the steered approach than the
normal protocol load for the system.
Graph Summary: As the PDR ratio is used to identify the
performance of the approaches using the packet delivery
ration. It is the ration of the number of packets sent to the
amount of packet received. In ideal condition it ought to be
high as possible.
C. Exist RREQ
It is one of the dimensional parameters of the network,
which gives the fraction of the channel capacity used for
useful transmission selects a destination at the beginning of
the simulation, i.e., the information whether or not data
packets correctly delivered to the destinations.
ISSN: 2231-5381
Graph Summary: The above graph verifies its results by
uniform node with the suggested approach. It also shows that
the execution of nodes using the proposed method is quite
uniform with comparison with other methods.
V.
CONCLUSION
This analytical work planned a distributive approach to
known and stop the flooding attack. The effectiveness of the
planned technique depends on the choice of threshold values.
Although, the idea of delay queue reduces the likelihood of
accidental blacklisting of the node, however it conjointly
delays the detection of misbehaving node by permitting him
sends more packet until delay queue time out happens. This
http://www.ijettjournal.org
Page 209
International Journal of Engineering Trends and Technology (IJETT) – Volume 15 Number 5 – Sep 2014
analysis addresses related works on security problems and
trust institution schemes. A proposal to effectively stop
flooding attack exploitation AODV Protocol is mentioned. An
improved understanding and modelling of the protection
attacks is required in MANETs if economical, secure routing
algorithms are to be built into the network [15]. Future work
of this analysis is optimizing price of threshold and improve
their performance this distributed approach to identifying the
flooding attack. The effectiveness of the planned technique
depends on the choice of threshold values. Although, the
concept of delay queue reduces the probability of accidental
blacklisting of the node, but it also delays the detection of
misbehaving node by allowing him sends more packet until
delay queue time out occurs. This works on security issues and
trust establishment schemes. A proposal to effectively detect
flooding attack using AODV Protocol is discussed. A better
understanding and modeling of the security attacks is needed
in MANETs if efficient, secure routing algorithms are to be
built into the network[16]. Future work of this research can be
optimized value of threshold and improve their performance.
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
VI. FUTURE WORK
Some problems and concepts that remain unaddressed can
be performed in the future. This system can further be
extended to implement CARF-F scheme in real-time networks
where it has to deal with the flooding problem. Such as with
the help of pre-emptive approach more information can be
added to exact, timely analysis node dropping minimization
problem can easily solve. We are also working towards
embedding the developing source code of our proposed
scheme in NS2. In our proposed scheme so as to use the
benefits of an approach like open source.
ACKNOWLEDGMENT
This research work is self financed but recommended from
the institute so as to improve the CARF-F with current
techniques in Ad Hoc network using this method. Thus, the
authors thank the anonymous reviewers for their valuable
comments, which strengthened the paper. The authors also
wish to acknowledge institute administration for their support
& motivation during this research. They also like to give
thanks to Mr.Neeraj Paliwal for discussion regarding the
situational awareness system & for producing the approach
adapted for this paper.
[14]
[15]
[16]
[17]
P.Papadimitratos and Z. Hass and P.Samar. The Secure Routing
Protocol (SRP) for Ad hoc Networks. Draft-papadimitratos-securerouting-protocol-00. Text, Dec.2002.
Ping Yi, Zhoulin Dai, Yiping Zhong, Shiyong Zhang: Resisting
Flooding Attacks in Ad Hoc Networks. Coding and Computing. ITCC
2005. International Conference on Information Technology, Volume 2,
Issue, April 2005, 657 – 662.
A. A. Pirzada, A. Datta and C. McDonald, Incorporating Trust and
Reputation in the DSR protocol for Dependable Routing, Computer
Communications, Special issue on Internet Communications Security,
Vol. 29, pages 2806-2821, Elsevier Press, 2006.
Revathi Venkataraman, M. Pushpalatha, Security in Ad Hoc Networks:
An extension of dynamic Source Routing in Mobile Ad Hoc Networks.
In proceedings of the 10th IEEE International Conference on
Communication Systems, Singapore, 2006.
C.Siva Ram Moorthy, B.S. Manoj: Ad hoc Wireless Networks
Architectures and Protocols, Prentice Hall, 2004.
Y.Sun et al., Defense of trust management vulnerabilities in distributed
networks, IEEE Communications Magazine, February 2008.
Y.Sun et al., Information Theoretic Framework of Trust Modeling and
Evaluation for ad hoc networks. IEEE JSAC, Vol. 24, no. 2, Feb.2006.
Venkat Balakrishnan et al. Mitigating Flooding attacks in Mobile Ad
hoc Networks Supporting Anonymous Communications. In proceedings
of the 2nd International Conference on Wireless and Ultra Wideband
Communications (Auswireless 2007).
Yi Ping, Hou Yafei, Bong Yiping, Zhang Shiyong & Dui Zhoulin,
Flooding Attacks and Defense in Ad hoc networks. Journal of Systems
Engineering and Electronics, VoL. 17, No. 2, pp. 410- 416, 2006.
L. Zhou and Z.J. Haas. Securing Ad hoc Networks. IEEE Networks,
Vol.13, no.6, pp.24-30. 1999.
Young-Bae Ko and Nitin Vaidya, Location-Aided Routing (LAR) in
Mobile Ad Hoc Networks. In Proceedings of the Fourth International
Conference on Mobile Computing and Networking (MobiCom‘98),
pages 66–75, October 1998.
Jian-Hua Song1, 2, Fan Hong1, Yu Zhang1 ―Effective Filtering
Scheme against RREQ Flooding Attack in Mobile Ad Hoc Networks ―
Proceedings of the Seventh International Conference on Parallel and
Distributed Computing,Applications and Technologies (PDCAT'06)07695-2736-1/06 2006.
Neha Kamdar,Neeraj Paliwal CARF-F: Conditional Active RREQ
Flooding-Filter Based Prevention Scheme for AODV in MANET,
International Jounral of Computer Application, Vol.100. No.4, Augest
2014.
REFERENCES
.
[1]
[2]
[3]
[4]
George Theodorakopoulos and John S. Baras, On Trust Models and
Trust Evaluation Metrics for Ad Hoc Networks. IEEE JSAC, Vol.24.
No.2, February 2006.
Imrich Chlamtac, Marco Conti, Jennifer J.-N. Liu, Mobile ad hoc
networking: imperatives and challenges. Ad Hoc Networks I(2003)pages
13-64, Elseiver publications.
Jet Li and Jean Kato, Future Trust Management Framework for Mobile
Ad hoc Networks. IEEE Communications Magazine, April 2008
Panagiotis Papadimitratos and Zygmunt J. Haas, Secure Data
Communication in Mobile Ad hoc Networks, IEEE JSAC, Vol.24, No.2,
February 2006.
ISSN: 2231-5381
http://www.ijettjournal.org
Page 210