DETECTION OF BLACK HOLE ATTACK ON AODV ROUTING PROTOCOL ON MANET USING STATISITCAL ANOMALOUS DETECTION WITH DYNAMIC TRAINING

Abstract

Mobile Ad Hoc network (MANET) is an autonomous collection of mobile nodes that communicate with each other without any pre-existing infrastructure. The lack of central authority or infrastructure and the mobility nature of MANET environment make it more vulnerable to malicious network attack attacks than wired networks. Black hole attack is one of the most severe security problems in MANET routing protocols. It is an attack in which malicious node fabricating the sequence number, hence pretending to have the shortest and freshest route to the destination and consequently deprives data traffic from the source node, and then it chooses to drop the packets to perform a denial-of-service attack, or alternatively uses its place on the route as the first step in a man-in-the-middle attack. The objective of this work is to develop a new detection and eliminate schemes for black hole attack against AODV routing protocol in MANET. The DEAODV protocol which is use second route for message delivery is proposed to reduce the effect of black hole attack. The proposed DEAODV protocol show the improvement of the network performance under black hole attack. In conventional schemes, anomaly detection is achieved by defining the normal state from static training data. However, in MANET such static training method could not be used efficiently because of dynamic topology and lake of centralize management security of MANET. For detection, new anomaly-detection scheme is proposed based on a dynamic learning process that allows the training data to be updated at particular time intervals. The performance of the proposed schemes has been evaluated using Network Simulator2 (NS2).The proposed dynamic anomaly-detection scheme have significantly enhanced network performance by providing significant effectiveness in detecting the black hole attack against AODV. A comparative study is performed to compare the proposed scheme performance with other existing schemes in terms of detection rate and false positive alarm. According to the results, the proposed scheme improves the network performance with high detection rate and low false positive alarms.