# INTRODUCTION obile ad hoc network (MANET) is a collection of wireless mobile nodes which have the ability to communicate with each other without having fixed network infrastructure or any central base station. Since mobile nodes are not controlled by any other controlling entity, and network management are done, they have unrestricted mobility and connectivity to others. Nodes routes cooperatively by each other nodes. Due to limited transmission power, multi hop architecture is needed for one node to communicate with another through network. In this multi hop architecture, each node works as a host and as well as a router that forwards packets for other nodes that may not be within a direct communication range. Each node participates in an ad hoc route discovery protocol which finds out multi hop routes through the mobile network between any two nodes. These infrastructure-less mobile nodes in ad hoc networks dynamically create routes among themselves to form own wireless network on the fly. Thus, mobile ad hoc networks provide an extremely flexible communication method for any place where geographical or terrestrial constraints are present and any fixed architecture, such as battlefields, and some disaster management situations. Recent research on MANET shows that the MANET has larger security issues than conventional networks [1,2]. In our study, we simulated the blackhole attack on AODV routing protocol. Extensive simulations have been carried out using NS-2.34 simulator. We have analyzed the network performance with and without blackhole attack. This paper is organized as follows; section II describes the background or related work and section III explains about the AODV. Section IV describes blackhole attack. In section V simulation results shows the impact of blackhole attack on the performance of routing protocols which is followed by conclusion in section VI. # II. # BACKGROUND The problem of security has received considerable attention by researchers in the ad hoc network community. In this section, some of these contributions are presented. The problem of securing the routing layer using cryptographically secure messages is addressed by Hu et al. [4], Papadimitratos and Haas [5], and Sanzgiri et al. [6]. Schemes to handle authentication in ad hoc networks assuming trusted certificate authorities have been proposed by Kong et al. [7]. Hubaux et al. [8] have employed a self-organized PGPbased scheme to authenticate nodes using chains of certificates and transitivity of trust. Stajano and Anderson [9] authenticate users by imprinting in analogy toducklings acknowledging the first moving subject they see as their mother. In contrast to securing the routing layer of ad hoc networks, some researchers have also focused on simply detecting and reporting misleading routing misbehavior. Watchdog and Pathrater [10] use observation-based techniques to detect misbehaving nodes, and report observed misbehavior back to the source of the traffic. Pathrater manages trust and route selection based on these reports. This allows nodes to choose better paths along which to route their traffic by routing around the misbehaving nodes. However, the scheme does not punish malicious nodes; instead, they are relieved of their packet forwarding burden. CONFIDANT [11] detects misbehaving nodes by means of observation and more aggressively informs other nodes of this misbehavior through reports sent around the network. Each node in the network hosts a monitor for observations, reputation records for firsthand and trusted second-hand reports, trust records to control the trust assigned to the received warnings, and a path manager used by nodes to adapt their behavior according to reputation information. Subsequent research has found that reputation schemes can be beneficial for fast misbehavior detection, but only when one can deal with false accusations [12]. Researchers have also investigated means of discouraging selfish routing behavior in ad hoc networks, generally through payment schemes [13]. These approaches either require the use of tamperproof hardware or central bankers to do the accounting securely, both of which may not be appropriate in some truly ad hoc network scenarios. In the per-hop payment scheme proposed by Buttyan and Hubaux [15], the payment units are called nuglets and reside in a secure tamper-proof module in each node. They have observed that given such a module, increased cooperation is beneficial not only for the entire network but also for individual nodes. The scheme can result in unfairness to some hosts, but its simplicity and performance may be appropriate in some cases. Bansal and Baker [14] have proposed a scheme that relies on first-hand observations. Directly observed positive behavior increases the rating of a node, while directly observed negative behavior decreases it by an amount larger than that is used for positive increments. If the rating of a node dips below the faulty threshold, the node is added to a faulty list. The faulty list is appended to the route request by each node broadcasting it to be used as a list of nodes to be avoided. A route is rated good or bad depending on whether the next hop is on the faulty list. If the next hop of a route is in the faulty list, the route is rated as bad. As a response to misbehavior of a node, all traffic from that node is rejected. A second chance mechanism for redemption employs a timeout after an idle period. After a timeout, the node is removed from the faulty list with its rating remaining unchanged. Sen et al. have presented a scheme for detection of malicious packet dropping nodes in a MANET [15]. The mechanism is based on local misbehavior detection and flooding of the detection information in a controlled manner in the network so that the malicious node is detected even if moves out a local neighborhood. Deng, Li and Agarwal [3] have suggested a mechanism of defense against black hole attack in adhoc networks. In their proposed scheme, as soon as the RouteReply packet is received from one of the intermediate nodes, another RouteRequest is sent from the source node to a neighbor node of the intermediate node in the path. This is to ensure that such a path exists from the intermediate node to the destination node. For example, let the source node S send RouteRequest packets and receive RouteReply through the intermediate malicious node M. The RouteReply packet of M contains information regarding its nexthop neighbor node. Let it contain information about the neighbor E. Then, the source node S sends FurtherRouteRequest packets to this neighbor node E. Node E responds by sending a FurtherRouteReply packet to source node S. Since node M is a malicious node, and thus not present in the routing list of node E, the FurtherRouteReply packet sent by node E will not contain a route to the malicious node M. But if it contains a route to the destination node D, then the new route to the destination through node E is selected, and the earlier selected route through node M is rejected. While this scheme completely eliminates the black hole attack by a single attacker, it fails completely in identifying a cooperative black hole attack involving multiple malicious nodes. # III. # AODV In this section, a brief overview of the AODV routing protocol is presented and the security threat that are associated with this routing protocol are briefly discussed. AODV is a reactive routing protocol that does not require maintenance of routes to destination nodes that are not in active communication. Instead, it allows mobile nodes to quickly obtain routes to new destination nodes. Every mobile node maintains a routing table that stores the next hop node information for a route to the destination node. When a source node wishes to route a packet to a destination node, it uses the specified route if a fresh enough route to the destination node is available in its routing table. If such a route is not available in its cache, the node initiates a route discovery process by broadcasting a RouteRequest (RREQ) message to its neighbors. On receiving a RREQ message, the intermediate nodes update their routing tables for a reverse route to the source node. All the receiving nodes that do not have a route to the destination node broadcast the RREQ packet to their neighbors. Intermediate nodes increment the hop count before forwarding the RREQ. A RouteReply (RREP) message is sent back to the source node when the RREQ query reaches either the destination node itself or any other intermediate node that has a current route to the destination. As the RREP propagates to the source node, the forward route to the destination is updated by the intermediate nodes receiving a RREP. The RREP message is a unicast message to the source node. AODV uses sequence numbers to determine the freshness of routing information and to guarantee loop-free routes. In case of multiple routes, a nodeselects the route with the highest sequence number. If multiple routes have the same sequence number, then the node chooses the route with the shortest hop count. Timers are used to keep the route entries fresh. When a link break occurs, RouteError (RERR) packets are propagated along the reverse path to the source invalidating all broken entries in the routing table of the intermediate nodes. AODV also uses periodic hello messages to maintain the connectivity of neighboring nodes. Since AODV has no security mechanisms, malicious nodes can perform many attacks just by not behaving according to the AODV rules. A malicious node M can carry out many attacks against AODV. This paper provides routing security to the AODV routing protocol by eliminating the threat of 'Black Hole' attacks. # Global Journal of Researches in Engineering IV. # BLACK HOLE ATTACK In black hole attack [17], all network traffics are redirected to a specific node, which does not exist at all. Because traffics disappear into the special node as the matter disappears into Black hole in universe. So the specific node is named as Black hole. A black hole has two properties. First, the node exploits the ad hoc routing protocol, such as AODV, to advertise itself as having a valid route to a destination node, even though the route is spurious, with the intention of intercepting packets. Second, the node consumes the intercepted packets. Black hole attacks in AODV protocol routing level can be classified into two categories --RREQ Blackhole attack and RREP Blackhole attack. a) Black hole attack caused by RREQ An attacker can send fake RREQ messages to form black hole attack [17]. In RREQ Blackhole attack, the attacker pretends to rebroadcast a RREQ message with a non-existent nodes will update their route to pass by the non destination node. The Fig. 3 shows the effect to measured for the AODV protocol when the node increased. The result shows both the cases, with the blackhole and without the blackhole attack. It is measured that the packet delivery ratio is dramatically decreases nodes in the network. For example, the packet when there is no effect of Blackhole attack and moving at the speed 50 m/s. but due to effect of the Blackhole the packet delivery ratio From the figure 5 it can be observed that, there is slight increase in the average end-to-end delay without the effect of blackhole, as compared to the effect of blackhole attack, This is due to the immediate reply from the malicious node i.e. the nature of malicious node here is it would not check its routing table. It is observed from the figure 6 that, avg. jitter between the nodes is more without the blackhole attack, as compared to the Avg jitter between the nodes with the effect of blackhole attack. This is due to the malicious nodes provides the path with fewer number of nodes, or smaller path. Thus average jitter between the nodes is reduces. ![Performance Evaluation of AODV based on black hole attack in ad hoc network](image-2.png "VolumeF") 12![Fig.1 : Black hole is formed by Faked RREQ](image-3.png "Fig. 1 :Fig. 2 :") 3![Fig.3 : Impact of Blackhole attack on packet delivery ratio Figure 4 shows the effect of throughput for AODV protocol when node mobility is increased. The result shows the cases, with blackhole and without blackhole attack on AODV. It has been measured that throughput decreases with blackhole nodes in the Ad hoc network on AODV routing protocol as compared to without blackhole nodes.](image-4.png "Fig. 3 :F") 4![Fig.4 : Impact of Blackhole attack on the Network Throughput.](image-5.png "Fig. 4 :") 5![Fig.5 : Impact of Blackhole attack on the Avg. E -E delay.](image-6.png "Fig. 5 :") 6![Fig.6 : Impact of Blackhole attack on Avg. Jitter](image-7.png "Fig. 6 :F") © 2012 Global Journals Inc. (US) * Security issues in mobile code systems DMChess Proc. Conf. on Mobile Agent Security Conf. on Mobile Agent Security 1998 LNCS 1419 * Searching for blackhole faults in a network using multiple agents CCooper RKlasing TRadzik Proc. 10th Int. Conf. on Principles of Distributed Systems (OPODIS 2006) 10th Int. Conf. on Principles of Distributed Systems (OPODIS 2006) 2006 * Routing security in wireless ad hoc networks HDeng HLi D IEEE Communications Magazine 40 10 Oct 2002 * Ariadne: A secure on -demand routing protocol for ad hoc networks YHu APerrig DJohnson Proceedings of the 8 th International Conference on Mobile Computing and Networking the 8 th International Conference on Mobile Computing and NetworkingAtlanta, GA ACM Mobicm 2002. Sept 2002 * Secure routing for mobile ad hoc networks PPapadimitratos ZHaas SCS Communications Networks and Distributed Systems Modeling and Simulation Conference (CNDS 2002) San Antonio, TX Jan 2002 * A secure routing protocol for ad References Références Referencias F hoc networks KSanzgiri BDahill BLevine CShields EBelding-Royer International Conference on Network Protocols (ICNP) Paris, France Nov 2002 * Providing robust and ubiquitous security support for m obile ad hoc networks JKong PZerfos HLuo SLu LZhang Innternational Conference on Network Protocols (ICNP) 2001 * The quest for security in mobile ad hoc networks JHubaux LButtyan SCapkun Proceedings of the ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC) the ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC) 2001 * The resurrecting duckling FStajano RAnderson Lecture Notes in Computer Science 1999 Springer-Verlag * Mitigating routing misbehavior in mobile ad hoc networks SMarti TGiuli KLai MBaker Proceedings of MOBICOM 2000 MOBICOM 2000 2000 * Performance analysis of the ONFIDANT protocol: Cooperation Of Nodes -Fairness In Dynamic Ad hoc NeTworks SBuchegger JBoudec Proceedings of IEEE/ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC) IEEE/ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC)Lausanne, CH Jun 2002 * The effect of rumor spreading in reputation systems for mobile ad hoc networks SBuchegger JBoudec WiOpt '03: Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks Mar 2003 * A micropayment scheme encouraging collaboration in multihop cellular networks MJakobsson JHubaux LButtyan Proceedings of Financial Crypto Financial Crypto 2003 * OCEAN: Observationbased cooperation enforcement in ad hoc networks SBansal MBaker 2003 Stanford University Technical Report * Security aware ad hoc routing for wireless networks SKi PNaldurg RKravets Proceedings of the 2nd ACM Symposium on Mobile Ad Hoc Networking and Computing the 2nd ACM Symposium on Mobile Ad Hoc Networking and ComputingLong Beach, California Poster Session October 2001 * A novel security agent scheme for AODV routing protocol based on thread state transition ChenHongsong JiZhenzhou HuMingzeng 150001 Department of Computer Science and Technology Harbin Institute of Technology