SINK HOLE ATTACK IN MANET

Introduction

Mobile Ad hoc Network (MANET) is a temporary network of mobile nodes, interconnected via
wireless links without any central administration or fixed infrastructure. Nodes within transmission
range of each other can communicate directly. But nodes which are outside the range of each other
rely on other nodes to communicate, that is each node in the network has to forward the traffic of
other nodes also. So every node works as a host and as a router. In MANET, as nodes are mobile,
network topology is highly dynamic and very unpredictable.

Figure 1.1 MANET Structure

The unique inherent characteristics of the MANETs like open medium, lack of central monitoring,
dynamic topology and having nodes with limited battery based energy, make them vulnerable to
various attacks. Attackers can easily join the network and then tap information being
communicated, change that information or may disrupt the network operation and then without
being detected, leave the network. Almost all routing protocols in MANETs inherently assume
that nodes will behave well or are cooperative so even a single malicious or non-cooperating node
can disrupt the network functioning. Also nodes in MANET are battery operated. So traffic
forwarding for other nodes in the network consumes lot of energy .

Attacks in MANET
Security involves the identification of possible attacks and susceptibilities or unauthorized access
which confrontations the confidentiality, availability, and integrity of any system . Attacks can be
distinguished into passive and active attacks. A passive attack is very durable to discover as it
determines valuable material by snooping on to the routing traffic without disturbing or operating
the routing protocol. Malicious nodes trigger an active attack to advance illegal access to the
system by introducing fake packets or changing the existing packet transmission. Active attack
can further be divided into external attacks and internal attacks. In an external attack the nodes are
a portion of external network which try to interrupt an internal network. In an internal attack, the
cooperated or hijacked nodes and the attacking nodes both fit to the similar network. Further down,
some of the common attacks are itemized which affects the routing process adversely.

1. Black Hole: In a black hole attack a lethal node places itself among the interactive nodes by
presenting a false optimum route to trap the packets in the communication stream.

2. Replay: An attacker in replay attack misuses the flexibility feature in MANETs by resending
previously recorded packet and producing other nodes in the system to supply stale route in their
routing tables.

3. Blackmail: In this group of attacks malicious nodes attempt to blacklist permitted nodes by
cooking up false information which directs that they are malignant .

4. Link Withholding and Link Spoofing Attacks: In this category of attacks vital material
about links are suspended or false routing data is announced to disturb the network.

5. Worm Hole: Attackers keep the packets from reaching the destination node by always
tunneling the packets between the malicious nodes.

6. Sink Hole: Here a vicious module falsely announces itself as the end to receive the complete
network traffic. It then confuses the network by falling these packets after creating important
changes which unintentionally affects the network.

Sink hole attack in manet

Sinkhole attack is one of the dangerous and biggest attacks in wireless ad hoc network. A
malicious node is introduced. This node starts giving wrong routing information in order to
become a specific node and then receives the traffic of the whole network itself. After getting
the whole network traffic, the secret information is modified, such that the data packet is
changed to make it more complicated. A harmful node tries to attract the secure data or
information from all neighboring nodes. the performance of ad hoc networks protocols such as
AODV, DSR etc is affected by sinkhole. Thus, the malicious node gets access to all the traffic
and is free to tamper the data as it wishes.

METHODOLOGY

Sinkhole attack is one of the most dreadful security problems in Manet. The main aim is to detect
and isolate the sinkhole node in mobile ad hoc networks and its security is critical challenge
because its nature is independent network creation with frequently topology changes. That’s why
MANET is survival from physical to application layer unsecure. But security is major issue for the
communication so we study number of prevention mechanisms and protect thread-hoc network
through different attack.Sinkhole attack is a type of attack where network traffic is attracted by the
comprised nodes by advertising the fake routing update. Other affect of sinkhole attack is that it
allows other attacks like selective forwarding attack.

Applications of manet
Most of these applications demand a specific security guarantees and reliable communication,
Some well known applications are:
1.Military Tactical Operations: For fast and possibly short term establishment of military
communications and troop deployments in hostile and/or unknown environments.
2.Search and Rescue Operations: For communication in areas with little or no wireless
infrastructure support.
3.Disaster Relief Operations: For communication in environments where the existing
infrastructure is destroyed or left inoperable.
4.Law Enforcement: For secure and fast communication during law enforcement operations.
5.Commercial Use: For enabling communications in exhibitions, conferences and large gatherings.
For some business scenarios, the need for collaborative computing might be more important
outside office environments than inside a building. After all, it is often the case where people do
need to have outside meetings to cooperate and exchange information on a given project.
5.emergency/rescue operations,intelligent transportation systems, conferences, patient monitoring,
environment control and other security sensitive applications

Network Simulator(NS)
NS (from network simulator) is a name for a series of discrete event network simulators,
specifically NS-1, and NS-2. All of them are discrete-event computer network simulators,
primarily used in research and teaching.
We are mainly using NS2 simulator. NS2 stands for Network Simulator Version 2. It is an open-
source event-driven simulator designed specifically for research in computer communication
networks.
Features of ns2 are as follows

 It is a discrete event simulator for networking research.

 It provides substantial support to simulate bunch of protocols like TCP, FTP, UDP, https
and DSR.
 It simulates wired and wireless network.

 It is primarily Unix based.

 Uses TCL as its scripting language
 Discrete event scheduler
Basic Architecture

NS2 consists of two key languages: C++ and Object-oriented Tool Command Language (OTcl).
While the C++ defines the internal mechanism (i.e., a backend) of the simulation objects, the OTcl
sets up simulation by assembling and configuring the objects as well as scheduling discrete events.
The C++ and the OTcl are linked together using TclCL

Code
#===================================
# Simulation parameters setup
#===================================
set val(chan) Channel/WirelessChannel ;# channel type
set val(prop) Propagation/TwoRayGround ;# radio-propagation model
set val(netif) Phy/WirelessPhy ;# network interface type
set val(mac) Mac/802_11 ;# MAC type
set val(ifq) Queue/DropTail/PriQueue ;# interface queue type
set val(ll) LL ;# link layer type
set val(ant) Antenna/OmniAntenna ;# antenna model
set val(ifqlen) 50 ;# max packet in ifq
set val(nn) 7 ;# number of mobilenodes
set val(rp) AODV ;# routing protocol
set val(x) 800 ;# X dimension of topography
set val(y) 541 ;# Y dimension of topography
set val(stop) 100.0 ;# time of simulation end

#Create a ns simulator
set ns [new Simulator]

#Setup topography object

set topo [new Topography]
$topo load_flatgrid $val(x) $val(y)
create-god $val(nn)

#Open the NS trace file

set tracefile [open sinkhole.tr w]
$ns trace-all $tracefile

#Open the NAM trace file

set namfile [open sinkhole.nam w]
$ns namtrace-all $namfile
$ns namtrace-all-wireless $namfile $val(x) $val(y)
set chan [new $val(chan)];#Create wireless channel

#===================================
# Mobile node parameter setup
#===================================
$ns node-config -adhocRouting $val(rp) \
-llType $val(ll) \
-macType $val(mac) \
-ifqType $val(ifq) \
-ifqLen $val(ifqlen) \
-antType $val(ant) \
-propType $val(prop) \
-phyType $val(netif) \
-channel $chan \
-topoInstance $topo \
-agentTrace ON \
-routerTrace ON \
-macTrace OFF \
-movementTrace ON

#===================================
# Nodes Definition
#===================================
#Create 7 nodes
set n0 [$ns node]
$n0 set X_ 99
$n0 set Y_ 299
$n0 set Z_ 0.0
$ns initial_node_pos $n0 20
set n1 [$ns node]
$n1 set X_ 299
$n1 set Y_ 297
$n1 set Z_ 0.0
$ns initial_node_pos $n1 20
set n2 [$ns node]
$n2 set X_ 499
$n2 set Y_ 298
$n2 set Z_ 0.0
$ns initial_node_pos $n2 20
set n3 [$ns node]
$n3 set X_ 900
$n3 set Y_ 599
$n3 set Z_ 0.0
$ns initial_node_pos $n3 20
set n4 [$ns node]
$n4 set X_ 199
$n4 set Y_ 350
$n4 set Z_ 0.0
$ns initial_node_pos $n4 20
set n5 [$ns node]
$n5 set X_ 599
$n5 set Y_ 350
$n5 set Z_ 0.0
$ns initial_node_pos $n5 20
set n6 [$ns node]
$n6 set X_ 600
$n6 set Y_ 200
$n6 set Z_ 0.0
$ns initial_node_pos $n6 20

set n7 [$ns node]

$n7 set X_ 800
$n7 set Y_ 400
$n7 set Z_ 0.0
$ns initial_node_pos $n7 20

# Node 5 is given RED Color and a label- indicating it is a Blackhole Attacker

$n2 color red
$ns at 0.0 "$n2 color red"
$ns at 0.0 "$n2 label Attacker"

# Node 0 is given GREEN Color and a label - acts as a Source Node

$n0 color green
$ns at 0.0 "$n0 color green"
$ns at 0.0 "$n0 label Source"

# Node 3 is given BLUE Color and a label- acts as a Destination Node

$n3 color blue
$ns at 0.0 "$n3 color blue"
$ns at 0.0 "$n3 label Destination"

#===================================
# Set node 5 as attacker
#===================================
#$ns at 0.0 "[$n5 set rangent_] malicious" #[$n5 set ragent_]

#===================================
# Agents Definition
#===================================
#Setup a UDP connection
set udp0 [new Agent/UDP]
$ns attach-agent $n0 $udp0

set null1 [new Agent/Null]

$ns attach-agent $n3 $null1
$ns connect $udp0 $null1
$udp0 set packetSize_ 3000

#===================================
# Applications Definition
#===================================
#Setup a CBR Application over UDP connection
set cbr0 [new Application/Traffic/CBR]
$cbr0 attach-agent $udp0
$cbr0 set packetSize_ 1000
$cbr0 set rate_ 0.1Mb
$cbr0 set random_ null
$ns at 1.0 "$cbr0 start"
$ns at 100.0 "$cbr0 stop"
#===================================
# Termination
#===================================
#Define a 'finish' procedure
proc finish {} {
global ns tracefile namfile
$ns flush-trace
close $tracefile
close $namfile
exec nam sinkhole.nam &
exit 0
}
for {set i 0} {$i < $val(nn) } { incr i } {
$ns at $val(stop) "\$n$i reset"
}
$ns at $val(stop) "$ns nam-end-wireless $val(stop)"
$ns at $val(stop) "finish"
$ns at $val(stop) "puts \"done\" ; $ns halt"
$ns run

Output

Fig1.Transmission Without Malicious Node

 Fig2.Transmission With Malicious Node

Conclusion

The Mobile Ad hoc Network (MANET) is a dynamic cost-effective network and provides
communication with random movement of mobile nodes. The security is the major problem
in this kind of decentralized network. The centralized administrator control absence is
venerable to network from different attacks. In this research we study the sinkhole attack,
security and normal routing in networks and find its affects.
MANETs are popular networks used broadly due to their dynamic nature. These types of
networks are suffered from the sinkhole attack as there is no centralized security
management.

Reference

1. C. Piro, C. Shields, and B. N. Levine, “Detecting the Sybil attack in mobile ad hoc
networks,” in Proc. Securecomm Workshops, 2006
2. C. Chen, M. Song, G. Hsieh, "lntrusion detection of sinkhole attacks in large-scale
wireless sensor networks", Wireless Communications Networking and Information
Security (WCNIS) 2010 IEEE International Conference on, pp.
3. Ahmad Salehi, S., M. A., Parisa Razzaque, Naraei, "Detection of sink hole Attack in
wireless sensor networks", IEEE International Conference on Space Science and
Communication

4. http://www.ijcttjournal.org/2017/Volume48/number-2/IJCTT-V48P111.

5. http://ieeexplore.ieee.org/document/7938914/?anchor=references