Enhancing MANET Security by eliminating Flooding and black hole attacks رسالة ماجستير

Abstract

Mobile Ad-hoc Network (MANET) is an infrastructure-less network with no central unit that controls and coordinates the communication between nodes in the network. The topology of the network keeps changing due to the randomized movement of the nodes in the network. Different types of routing protocols are used to adapt to the changes in the topology of the network and to connect nodes with each other in order to exchange data and information between them. Ad Hoc On-Demand Distance Vector (AODV) is a reactive routing protocol type where nodes exchange information about other nodes only when a route is needed by flooding the network with requests to the desired nodes. AODV is vulnerable to different types of attacks that affect its performance and functionality in the network such as Black-hole and Flooding attack. AODV should be enhanced with different algorithms in order to resist different types of attacks. In this thesis, different types of attacks especially Black-hole and Flooding attack were presented which affect the functionality and performance of AODV routing protocol. The effects of Black-hole and Flooding attacks on the performance of AODV under different performance metrics were shown, such as Packet Delivery Ratio, End to End Delay and Throughput, by simulating these attacks in different scenarios like nodes density and mobility. The results show that these attacks have a huge impact on the performance of AODV under different performance metrics, which leads us to the importance of enhancing and improving AODV with different algorithms to resist these attacks. AODV was enhanced with two different algorithms to resist Black-hole and Flooding attack. two new models were proposed that detect and isolate the Black-hole and flooding attacker nodes in the network. A simulation for these models was carried out in different scenarios and compared them with other proposed models to prove their efficiency. The simulations results VI show the effectiveness of the proposed models in resisting Black-hole and flooding attack under different performance metrics. We discuss the results of the proposed models in the last two chapters. To resist Black-hole attack a new model called Timer Based Baited Technique (TBBT) was proposed that consist of a bait-timer that whenever this timer reaches its determined time it broadcast a fake request to bait the Black-hole nodes. Whenever a node in the network receives a reply for any fake request it simply adds the ID reply sending node in the blacklist to avoid interacting with this node. To resist RREQ flooding attack a new model called Avoiding and Isolating Flooding attack (AIF) was proposed that depends on tables that record the number of the requests received by a node in the network. Whenever a node sends a number of requests higher than a determined limit value, the ID of the requesting node is added a suspicious list. Any node in the suspicious list has a limited amount of request that could be processed which is half of the determined limit. Based on our assumption there is no node in the network wants to communicate with a large number of nodes in the same second. So, if the requester node sends requests for many nodes ID which is higher than the determined ID_limit value then the node is moved to the blacklist to avoid processing requests for it. The comparison between TBBT and the other proposed models show that TBBT has a better performance in terms of Throughput but not in terms of End-to-End Delay. AIF also shows a better performance in terms of Throughput but not in terms of End-to-End Delay compared to other proposed models.