Conference Paper

Cooperative black and gray hole attacks in mobile ad hoc networks

DOI: 10.1145/1352793.1352859 Conference: Proceedings of the 2nd International Conference on Ubiquitous Information Management and Communication, ICUIMC 2008, Suwon, Korea, January 31 - February 01, 2008
Source: DBLP


In this paper, we propose a complete protocol to detect a chain of cooperating malicious nodes in an ad hoc network that disrupts transmission of data by feeding wrong routing information. Our technique is based on sending data in equal but small sized blocks instead of sending whole of data in one continuous stream. The flow of traffic is monitored independently at the neighborhoods of both source and destination. The results of monitoring are gathered by a backbone network of trusted nodes. With assumption that a neighborhood of any node in the ad hoc network has more trusted nodes than malicious nodes, our protocol can not only detect but also remove a chain of cooperating malicious nodes (gray/black hole) by ensuring an end-to-end checking between the transmission of two blocks of data. The protocol takes O(mdBN) time for detection and removal of gray/black holes chain which betters an earlier O(n2) time bound [4] for detecting a single black hole in the network. Here, m is the number of malicious nodes in the network, dBN is the diameter of a backbone network formed out of the flat ad hoc network, and n is the total number of nodes in the ad hoc network.

Download full-text


Available from: Ratan K. Ghosh, Jan 30, 2014
  • Source
    • "Routing service can be a target of many type of DoS attacks [3]; a selfish node try to preserve its own resources while using the services of others and consuming their resources, like Blackhole and Grayhole attacks [4]. Another way to disrupt the routing service can be performed by tunneling attacks, in which two colluding nodes create the illusion that are very close to each other. "
    [Show description] [Hide description]
    DESCRIPTION: This paper proposes a statistical approach to defense against RREQ flooding attacks in mobile ad hoc networks (MANETs)
    • "A further extension of our work would imply the combination and evaluation of our technique with others which specifically deal with collusion attacks. For instance, our scheme might be complemented by performing some end-to-end checking, like the one proposed in [31]. This would determine if data packets truly reach the destination and, therefore, chains of colluding attackers could be detected. "
    [Show abstract] [Hide abstract]
    ABSTRACT: This work introduces a model of data forwarding in MANETs which is used for recognizing malicious packet dropping behaviors. First, different legitimate packet discard situations are modeled, such as those generated by collisions, channel errors or mobility related droppings. Second, we propose an anomaly-based IDS system based on an enhanced windowing method to carry out the collection and analysis of selected cross-layer features. Third, a real deployment of the IDS is also considered by suggesting a methodology for the collection of the selected features in a distributed manner. We evaluate our proposal in a simulation framework and the experimental results show a considerable enhancement in detection results when compared with other approaches in the literature. For instance, our scheme shows a 22% improvement in terms of true positives rate and a remarkable 83% improvement in terms of false positives rate when compared to previous well-known statistical solutions. Finally, it is notable the simplicity and lightweightness of the proposal.
    Computer Networks 05/2015; 87. DOI:10.1016/j.comnet.2015.05.012 · 1.26 Impact Factor
  • Source
    • "Piyush [6] proposed a solution where source and destination nodes carry out end-to-end checking to determine whether the data packets have reached the destination or not. If the checking fails then the backbone network initiates a "
    [Show abstract] [Hide abstract]
    ABSTRACT: Due to wireless communication, dynamic topology, limited resources and lack of centralized administration, MANETs are vulnerable to various types of DoS attacks on network layer. In Gray hole and Black hole attacks malicious nodes deliberately disrupt data transmission in the network by sending incorrect routing information. It is a challenge to keep the communication route free from such attackers. In this paper, we propose a scheme for Ad-hoc On-demand Distance Vector (AODV) protocol, in which an intermediate node detects the malicious node sending false routing information, routing packets are used not only to pass routing information, but also to pass information about malicious nodes. The proposed scheme not only detects but also removes malicious node by isolating it, to make safe and secure communication.
Show more