4th Int’l Conf.
on Recent Advances in Information Technology | RAIT-2018 |
A Survey on Black Hole Attack in Mobile Ad Hoc
Networks
Sandeep Lalasaheb Dhende
Assistant Professor, Department of Electronics and
Telecommunication Engineering,
SCTR’s Pune Institute of Computer Technology,
Pune, India.
sldhende@pict.edu
Dr. S. S. Musale
Professor, Department of Electronics and
Telecommunication Engineering,
MKSSS's Cummins College of Engineering for Women,
Pune, India.
sandeepmusale@yahoo.co.in
Abstract— A MANET consists of a group of wireless mobile
nodes. These nodes are arbitrarily moving and communicating
one another over wireless links. Due to some unique
characteristics such as open medium, changing network topology,
distributed cooperation, limited battery power, and limited
bandwidth information exchange in the MANET becomes
challenging job. In infrastructure less network node needs to
cooperate to each other to provide necessary network
functionality. AODV routing protocol is most preferably used in
MANET. An information exchange is an important task in the
security of whole network. In this article we study the routing
security problems of MANET and examine “Black hole attack”
which can easily be employed against the MANET in detail.
Index Terms — Manets, black hole, security, nodes,
routing, AODV
I. INTRODUCTION
A MANET is a group of autonomous nodes which are
capable to communicate one another without use of a fixed
infrastructure or base station. The fixed base stations are used
in an infrastructure based network which plays a vital role by
coordinating communication between the autonomous nodes.
The ad hoc network does not have fixed infrastructure, where
nodes are responsible for routing the information between
them. A wireless ad hoc network has a dynamic network
topology. In which the nodes join and leave the network at any
instant of time and their movement in the entire network is
random hence the name Mobile Ad hoc NETwork (MANET).
A MANET have many potential applications such as military
service for connecting soldiers in the battlefield, maritime
communication, vehicle networks, campus networks, robot
networks, casual meeting and so on [1]. In these networks,
978-1-5386-3039-6/18/$31.00©2018 IEEE
Dr. S. D. Shirbahadurkar
Professor, Department of Electronics and Telecommunication
Engineering,
Zeal College of Engineering and Research,
Pune, India.
s_shir00@yahoo.co.in
Shridhar K Galande
Assistant Professor, Department of Electronics and
Telecommunication Engineering,
SCTR’s Pune Institute of Computer Technology,
Pune, India.
skgalande@pict.edu
every node works as a host as well as a router, forward packets
to the intended node in the network even though it is not in the
transmission range of sender.
Unlike the conventional network, MANET has some
fundamental characteristic such as open medium, changing
network topology, distributed cooperation. There are some
other characteristics of a MANET such as limited bandwidth
and limited battery power [1]. These characteristics makes
MANET more vulnerable to several different attacks, for
instant black hole attack, wormhole attack, link spoofing
attack [2], to name a few. One of the major attacks possible in
MANET that can easily be implemented is black hole attack.
In this attack, a suspicious node utilizes the routing protocols
to advertise itself as having minimum distance to the node
whose packets it wants to drops. A gray hole attack is kind of
black hole attack, in which the suspicious node silently drops
some or all the data packets sent to it [3]. The suspicious node
forms a group and work together to have more serious attack
which is called as cooperative black hole attack.
In [4], the author survey several detection schemes for
ordinary black hole and cooperative black hole attacks to
protect routing protocol in a MANET. In [1], author surveys
the network layer attacks. Some of them are wormhole attack,
link spoofing attack and colluding misrelay attack.
In this article, authors discuss single black hole attack as
well as cooperative black hole attack in MANET. Moreover,
to protect routing protocol in MANET several black hole
attack detection and prevention methods are discussed.
The rest of article focuses reactive routing, proactive
routing and hybrid routing protocols in section II. In section
III authors describe the single and cooperative black hole
attack in AODV protocol in details and to detect and prevent
4th Int’l Conf. on Recent Advances in Information Technology | RAIT-2018 |
black hole attack several possible solutions are presented.
Finally, in section IV authors provide conclusion and future
scope.
II. ROUTING PROTOCOLS OF MANET
A MANET uses several routing protocols to establish
correct route to the intended node. In this section author
discuss reactive, proactive and hybrid routing protocols in
MANET. The examples for these routing protocols are as
follows: Reactive routing protocol: AODV, DSR, Proactive
routing protocol: DSDV, OLSR and Hybrid routing protocol:
ZRP, TORA) [5], [6].
A. Reactive Routing Protocol
The reactive routing protocol is also known as on-
demand routing protocol which is used to find a route
between source and destination as needed. The fact they are
known as reactive protocol is, they do not initiate route
discovery process by themselves until they are requested,
when source node request to find a route. Here author
describe two on-demand routing protocol which are Ad hoc
On-demand Distance Vector (AODV) routing protocol and
Dynamic Source Routing (DSR) protocol.
In AODV used network a route is generated before
any communication started [7]. Every node in a MANET
has one table, which is called as routing information table
and it contains the information about the node which is at
the next hop. It is maintained for sustaining the routing path
between sender and receiver. When a source requires route
to the destination, it is first checked with its routing table. If
a route to the destination is not available in its routing table,
it initiates a route discovery process within the network [8].
In AODV the path between source and destination is
established using the control messages such as Route
REQest (RREQ) and Route REPly (RREP). When source
node has something to send to destination, it first establishes
path with destination by sending RREQ message. This
RREQ message is sent or passed through the nodes which
are situated at the next hope from the source. These nodes
forward this message to their neighbors. This process is
continued until the destination or an intermediate node is
experienced by sent message. The destination or an
intermediate node may send RREP to the received RREQ
message sent by source node. The information about the
route is updated in the routing table of source node and the
same is used to send packets to destination node [4]. In the
meanwhile, the node which identifies or experiences link
failure sends Route ERRor (RERR) message to all other
nodes.
DSR is source routing protocol. In this routing
protocol the packets which are sent by the source node
contains the information about the route to the destination.
DSR does not initiates any route discovery process to find
route to the destination. It also doesn’t require any alternate
route for communication. The performance of DSR is
978-1-5386-3039-6/18/$31.00©2018 IEEE
depends on the mobility of network. It decreases with
increase in mobility of network.
B. Proactive Routing Protocol
It is table driven routing protocol. In this routing
protocol the routing information is periodically
broadcasted to the neighbors. The broadcasted
information is up to date and to store this information
each node requires one or more tables. The proactive
routing protocols are Destination Sequence Distance
Vector (DSDV) and Optimized Link State Routing
(OLSR) protocol [4], [6].
C. Hybrid Routing Protocol
The hybrid routing protocol is combination of
reactive and proactive routing protocols. When network is
divided into zones it uses hybrid routing protocol. The
network requires these protocols for communication
within the zone and between the zones. The Zone Routing
Protocol (ZRP) and Temporally Ordered Routing
Algorithm (TORA) are popular hybrid routing protocol
[4], [6].
III. SINGLE AND COOPERATIVE BLACK HOLE ATTACK
In a black hole attack, the shortest path to the destination is
advertised by the malicious node. When the packets are sent
through this route it is intercepted or dropped without
forwarding it to the neighbors.
A single black hole attack can easily be happened in a
MANET [4]. The figure 1 is an example of this.
Fig.1. Black hole attack
RREQ
RREP
Malicious RREP
In the above shown figure, the node 1 and 6 are the source
and destination. The node 2 represent a malicious node i.e.
black hole node. The black hole node sends false route reply to
the source node. Therefore the source node incorrectly judges
the route discovery process is completed and starts sending
data packets to node 2 which is malicious node in this case. It
is the activity of malicious node not sends the received packets
to the destination node or an intermediate node. These packets
are silently dropped or intercepted by malicious node. This
misbehaving node can be judged as black hole node in
MANETs.
4th Int’l Conf. on Recent Advances in Information Technology | RAIT-2018 |
To solve this problem or to detect single back hole attack
various mechanism have been proposed. The malicious nodes
which works together has serious damage to the network and
these nodes are called as cooperative black hole nodes.
In the following, different detection schemes for both the
type of black hole attacks are presented. The comparison of
different scheme is shown in table I.
A. Destination Based Reply and Next Hop Information
Scheme
Hengmei Deng et al. [8] propose 2 solutions to
prevent the black hole attack in MANET. The 1st solution
state that intermediate nodes are not allowed replying to
the route request. In other words only destination node
should send out replies. There are some disadvantages
associated with this solution; (i) Routing delay is
increased by a considerable amount, (ii) Malicious node
fabricates a reply message on behalf of destination node.
Due to these, first solution is not sufficient to detect black
hole node.
In the second solution, one additional path to the
intermediate node is utilized to confirm whether route to
the destination is exits or not. If there is a route to the
destination, it is used to send out the data packets. If there
is no route, the route reply from the intermediate node or
destination node is discarded and the information about
the particular node is sent to whole network to inform
about the malicious node.
The detail checking process is described below.
When source has something to send to destination, it
sends the RREQ packet. An intermediate node that has
fresh enough route to the destination sends RREP to
sender with the next hope information. After receiving
route reply from the intermediate node, the data packets
are not immediately sent by the source node. Instead the
source node extracts the next hop information from RREP
packet. The source node then sends further RREQ to next
hop to crosscheck that it has route to the intermediate
node that has sent RREP packet. It is also verified that
next hope has route to the destination node. To reduce the
network overload and for avoiding the problem of
returning back, only the requested next hop node is
allowed to send further RREP, that includes the check
result. Once the further RREP from next hope is received
by the source node, it extracts the check result from
further RREP. If the check result is correct, the route to
the destination is established and all the data packets are
sent out using the established route. If there exit a route
between the next hop and the intermediate node, but not
between the next hope and destination node, the route
reply from the intermediate node is discarded and the new
route reply is used for further communication. Now to
avoid the use of intermediate node in further
communication, the alarm message is sent to the whole
network. If there is no route between the next hop and the
requested intermediate node, and also not between the
next hope and the destination node, the source node starts
978-1-5386-3039-6/18/$31.00©2018 IEEE
the new route discovery process. To avoid the use of this
intermediate node the alarm message is sent to whole
network.
The simulation result shows that the required routing
security in AODV protocol is achieved with minimum
overhead and maximum throughput on an assumption that
the malicious node doesn’t work together.
B. Neighbors Opinion Scheme
Mehdi Medadian et al. [9] propose an approach to
mitigate black hole attack in AODV. The honest node
participates in data routing process. The honesty of node
is based on its activity in the network. In this scheme the
judgment on the honesty of replier node is made by using
numbers of rule. The node that receives first RREP sends
it to source node and initiates judgment process. The
judgment is made on the neighbor’s opinion about the
replier. All the neighbors logged their activity and send it
to the node. All the neighbors send their opinion to the
node and decision about the honesty of the replier node is
made. This decision is made to determine the suspicious
node. The numbers of rules are taken into account before
deciding the honest of the node. Some of the rules used
deciding the honesty of the node are: Rule (i): If all the
received packets are to the destination, it is considered
that the node is honest. Rule (ii): If the node sends only
some of the data packets to the destination, it is assumed
that current node is malicious node. Rule (iii): If the node
sends many route replies and the rule (ii) is correct,
therefore it is surely assumed that the current node is
malicious node. Rule (iv): When rule (ii) is correct, if the
current node has not send any RREP packet, therefore the
this node is inactive node. In the simulation result, it is
observed that the required security is achieved with
considerable delay and overhead.
C. Sequence Number Scheme
Lalit Himral et al. [10] propose an approach that can
be used to identify the safest route for communication to
the destination and prevent the black hole attack in
MANET. The difference between the sequence number of
source node and the replier node is used to detect black
hole attack in MANET. In general, the first route reply is
sent by the malicious node. This route reply is sent with
larger destination sequence number. The larger
destination sequence number is used to show how much
fresh the particular route is.
When the RREP with larger sequence number is
received by the source node, it compares this with its own
sequence number. If there exit the larger difference
between them, the replier node is malicious and it is
removed from the RREP table, where it was initially
stored.
The simulation is performed by NS-2 simulator and
the simulation result shows that safe route to the
destination is used to prevent black hole attack in
MANET.
4th Int’l Conf. on Recent Advances in Information Technology | RAIT-2018 |

TABLE I. Comparison of black hole attack detection schemes

Sr. Scheme Routing Simulator Detector type Publication Results Limitations

No. protocol year
Destination based
The Throughput of Failed to detect
reply
Single black AODV is increased malicious node
1 and next hop AODV NS-2 2002
hole attack and the overhead is which work as a
information
minimized group
scheme
Better security is
Single and
Global achieved with minimal
Neighbors opinion cooperative Few additional
2 AODV Mobile 2009 delay and overhead.
scheme black hole delay
simulator High packet delivery
attack
ratio
Packet drops is
Sequence number Single black directly proportional
3 AODV NS-2 2011 Delivers more packets
scheme hole attack to the speed and the
no. of nodes
Due to longer delay
Shared hop and
Single black Verify 80% to 99% attacker can put last
4 sequence number AODV NS-2 2004
hole attack routes sequence number in
based scheme
table
Packet delivery Detection rate is about More independent
PROPH- Single black
5 information NS-2 2010 100% and it has low method of
ET hole attack
scheme false positive rate examination
PDR is achieved up to Challenging to
Single black
6 2-ACK scheme DSR NS-2 2007 91% even if there are derive triplet
hole attack
40% malicious node information
Failed to detect
Sequence number Cooperative
Reduces false malicious node
7 and neighbors AODV - black hoe 2008
detection rate which work as a
voting scheme attack
group
DRI table and Cooperative Discover secure path
8 cross checking AODV - black hole 2003 from source and -
scheme attack destination
Without black hole
Minimize additional
Single Black node packet loss
9 Ignorance scheme AODV NS-2 2007 overhead and PDR
hole attack increased by 4% in
improved by 19%
the network
Extended data
Cooperative Malicious nodes
routing
10 - - black hole and 2013 - should work
information table
gray hole attack together as a group
(EDRI)scheme

D. Shared Hop and Sequence Number Based Scheme
Mohammad Al-Sherman et al. [11] propose 2
solutions to prevent the black hole attack in MANET. The
1st solution is to find more number of routes to the
destination (at least three). Here an author considered at
least three redundant routes to the destination. Then,
source node broadcast RREQ packet called as ping packet
to its neighbors. After receiving it neighbor’s sends the
RREP packet. The motive behind the use of this solution
is to wait for (at least three RREPs) more numbers of
RREPs from the neighbors or the intermediate nodes.
During this period of time, the source node buffers all the
packets. Once the safe route is identified, the source node
will sends all the packets. The safe route is identified
based on the shared hops. If there is no shared node, the
source node waits for more number of RREPs with shared
hops.
In the 2nd solution, the sequence number is taken in to
account to detect and mitigate the effect of black hole
attack. Each node keeps the record of the sequence
number of the last sent and received packet. This record is
maintained in a table, which is updated when any packet
sent or received. The source node sends RREQ packet to
its neighbor. After receiving these packets, the destination
node sends RREP to the source node. This RREP packet
contains the sequence number of the last sent and
received. The intermediate node that has fresh enough
routes to the destination may also send the RREP to the
source node with sequence number of last sent and
received packet. Based on the received sequence numbers
in RREP packets, the source node identifies the presence
of malicious node in MANET.
The simulation result shows that these two solutions
have less routing overhead. The second solution is better
than the first solution, because it provides fast and reliable
way to find the malicious node. The time delay is more in
first solution, because the source node waits for more
number of replies. Both the solutions are used to identify
the single black hole attack and not the cooperative attack
in MANET.

978-1-5386-3039-6/18/$31.00©2018 IEEE
4th Int’l Conf. on Recent Advances in Information Technology | RAIT-2018 |
E. Packet Delivery Information Scheme
Yanzhi Ren et al. [12] propose a solution that can
used to detect the black hole attack and mitigate the
negative impact caused by the black hole attack on the
data delivery process in DTNs. This scheme generates
secure packet delivery record for nodes which encounter
each other. This record is signed by their private keys and
these records are stored in two tables at each. These tables
are receiving record table and self-record table.
The receiving record table is used to keeps packet
exchange records generated by its encountering nodes and
the self-record table is used to keeps packet exchange
record for each node encounter. When two nodes
encounter each other, the first node sends request for
second node’s RRT. After receiving second node’s RRT,
the first node checks the packet exchange information
between them and other nodes. The first node then
calculates the packet forwarding percentage. The packet
forwarding percentage is the ratio between the total
packets forwarded by the second node and the total
packets received by the second node. By calculating the
packet forwarding percentage, the encountered node can
be detected as the malicious node or not.
Packet forwarding percentage = (Total packets
forwarded / Total packets received)
The simulation result shows that the proposed
method detects the black hole attack effectively with
100% detection rate and low false positive rate.
F. 2-ACK Scheme
Kejun liu et al. [13] proposes a 2-ACK scheme to
detect and isolate the misbehaving link in MANET. In
this method the two hop acknowledgment is sent in
opposite direction of routing path and it works in triplet.
The routing overhead is reduced by sending the fraction
of received data packets in reverse direction of routing
path.
DSR route discovery process generates route from
source to destination.. Along this route three consecutive
nodes are used in 2-ACK scheme.
Fig. 2. 2-ACK scheme
In fig. 2, suppose that the n1 is source, n5 is the
destination and n2, n3 and n4 are the three consecutive
nodes along the path from source to the destination. When
node n2 sends data packets to node n3, the node n3
forward it to the node n4. It is unclear to the node n2
whether sent packets are by the node n4 or not. Such a
978-1-5386-3039-6/18/$31.00©2018 IEEE
ambiguity exit even if there is no malicious node. This
ambiguity is overcome by using 2-ACK scheme. When
node n4 receives data packets from node n3 it sends 2-
ACK acknowledgment to the node n2, to notify that it has
received data packets. The 2-ACK scheme is used to
reduce the routing overhead by sending the fraction of
received data packets in reverse direction of routing path.
Such a 2-ACK transmission takes place for every three
consecutive nodes. Only the first node from the source
node cannot sends 2-ACK acknowledgment and the node
just before the destination node and destination node
cannot receives 2-ACK acknowledgment.
The simulation results are studied and it shows that
the 90% of PDR is achieved in the presence of 40% of
malicious nodes in MANET. The proposed solution
detects the misbehaving link and when such misbehavior
is detected the node associated with it may be detected as
a malicious node.
G. Sequence Number and Neighbors Voting Scheme
Moumita Deb [14] proposes two step solutions to
detect black hole attack in MANET. In the first step
solution, the destination sequence number is considered to
detect the black hole node in MANET. In normal state,
the sequence number of each node is depends on the
traffic condition. The sequence number increases as the
number of connections increases. This sequence number
is increased in larger amount when there is attack. In this
solution each node maintains two small sized tables to
track their neighbors. The first table is sequence table
(SnT) which maintain the sequence number of neighbor
with their ID’s and the second table is status table (ST)
which maintain the status of node. It is either safe (S),
black hole (B) or malicious (M).
When the source node has data packets to send, it
broadcast RREQ packet to its neighbors. The neighbors
send RREP to RREQ with the list of neighbors. Then, the
source node compares the sequence number of replier
with the sequence number in sequence table (SnT). If
there exit large difference between them and if this
difference is greater than threshold, the replier is assumed
as the malicious node. Once the malicious node is
detected in first solution, the second solution is executed
for further detection.
In the second step solution voter table is used to
detect cooperative attack. For further detection, the
malicious nodes next hope node is affected by the further
detection message sent by source node. The entire
malicious nodes next hop node sends RREQ to the source
node. This RREQ is sent by setting the next hope node
address as a source address. If next hope node receives
RREP from the malicious node, to check its reliability
next hope node sends a test packet (TP) through malicious
node. Now to confirm the reliability and unreliability of
malicious node next hope node sends an acknowledgment
packet (AP) through some other route to the source node.
Then, some waiting time is introduced, so that source
4th Int’l Conf. on Recent Advances in Information Technology | RAIT-2018 |
node receives the sent packets. If the source node receives
the test packets (TP), it updates the voter table by the vote
‘Y’ and if it receives the acknowledgment packet (AP), it
updates voter table by the vote ‘N’ i.e. No. If all the
entries for particular node are detected as ‘N’, the status
of the node in the status table (ST) is updated as ‘B’ i.e.
black hole node.
Once the black hole node is confirmed, the
information about it is sent to the whole network. The
proposed two step solution can be used to reduce the false
detection rate.
H. DRI Table and Cross Checking Scheme
Sanjay Ramaswamy et al. [15] propose an approach
to detect the cooperative attack in MANETs. An extra
table is maintained at each node that is called as data
routing information table (DRI). In this table, 1 and 0
represents true and false respectively. There are two bit
entries, the first bit entry stands for ‘from’ and second bit
entry stands for ‘through’. The ‘from’ entry is used for
information routing from the node and the ‘through’ entry
is used for information routing through the node.
In the table II, the entries 11 for node 4 and 00 for
node 6 imply that node 2 has and has not sent data packets
from and through the node 4 and 6 respectively.
TABLE II. DRI table example of node 2
Node Data Routing Information
ID
From Through
4 1 1 counter, BH and timer. The counter entry is used to
6 0 0
The detail description of the proposed solution is
given below. When source node has something to send to
destination it sends RREQ. Intermediate nodes (IN) that
are affected by RREQ sends RREP to source node. This
route reply contains information of next hop node (NHN)
and DRI entry for the NHN. The source node decides the
honesty of the intermediate node (IN) and to decide it
source node compares its own DRI table with received
DRI table. Once the honesty of the node is decided, the
source node sends further request to intermediate nodes
NHN. Then, the intermediate nodes NHN sends further
reply with current NHN and DRI entry for the
intermediate node. Now, the source node compares the
entries for the intermediate node (IN) in its own DRI table
with the entries in newly received DRI table. Then the
source node decides the honesty of the IN node. By
checking the DRI table entries source node judges the
malicious node in the routing path.
The propose method can be used to detect the single
as well as cooperative black hole attack.
978-1-5386-3039-6/18/$31.00©2018 IEEE
I. Ignorance Scheme
Semih Dokurer et al. [16] propose a solution which
ignores the first established route to prevent the black hole
attack in MANET. Generally the first route reply is from
the malicious node. Author modified the existing AODV
protocol and used second RREP to send data packets.
The simulation result shows that the more number of
packets are lost in presence of black hole. In the presence
of black hole node the network experiences 89.95%
packet loss. It is also observed that the proposed method
reduces the packet loss to 71.09%.
J. Extended Data Routing Information (EDRI) Table
Scheme
Gundeep Singh Bindra et al. [3] exploit extended data
routing information (EDRI) table scheme to detect the
cooperative black hole and gray hole attack in MANETs.
Each node needs to maintain one extra table which is
called EDRI table. In the EDRI table, 1and 0 are used to
represent the true and false values respectively. The entry
is composed of 5 bits from, through, counter, BH and
timer. The ‘From’ entry is used to imply that the
information is routed from the node and the ‘Through’
entry is used to imply that the information is routed
through the node.
In the table III, the ‘from and through’ entry of 01
implies that node 2 does not send any data packets to node
4 but it has received data packets from node 4. The 11
implies that the node 4 has sent and received data packets
from and through the node 3 and 00 implies that the node
4 neither sent nor received data packets from and through
the node 7. In EDRI table the next three entries are
represent how many times the node is detected as
malicious. The BH entry is used to represent the ID of
node that has been identified as malicious in the latest
interaction and the timer entry is used to represent the
time for which the node behaves maliciously.
TABLE III. EDRI table example of node 4
Node
From Through Counter BH Timer
ID
2 0 1 1 0 0
3 1 1 0 0 0
7 1 0 1 0 0
9 0 0 6 1 26
The detail description of proposed solution is given
below. The source node initiates route discovery process
by sending RREQ packets to its neighbor. The nodes that
are affected by this RREQ send RREP with EDRI table to
source node. The source node then sends data packet
along one route and checks whether sent data packets are
4th Int’l Conf. on Recent Advances in Information Technology | RAIT-2018 |
received at destination node or not by observing the
positive or negative acknowledgment over different route.
If the negative acknowledgment is received, the source
node sends refresh packet along first route over which the
data packets has been transferred. After receiving a
refresh packet the node needs to (i) sends its DRI entries,
(ii) discard the route from the route table or (iii) forward
the packets. The malicious node ignores this packet and
does not forward it to the next node. Now, the source
node begins the black hole detection procedure, for that it
sends BHID packet. The nodes that are affected by this
packet mark node as a malicious node and the counter
value is increased by one. The time for which the node
behaves malicious is calculated using timer field. When
the timer is expired the corresponding BH entry in table is
set back to the zero. It gives another chance for the node.
The cooperative attacks are easy detected using proposed
method.
IV. CONCLUSION AND FUTURE WORK
A MANET has several practical applications.
However, due to unique characteristics it is more
vulnerable to security attacks. The security of an entire
network depends on routing. It is not possible to find
general solution that can be used to detect black hole
attack in MANETs.
In this paper author summarize the positives and
negatives with popular routing protocols in MANETs
followed by the state of the art routing methods of
existing solutions and are categorized. Proposals for the
same are presented in a tabular form.
Author concludes that proactive as well as reactive
routing protocols have distinct skills. The proactive
detection method is better with respect to packet delivery
ratio (PDR) and correct detection probability, but it
periodically broadcasts packets and hence suffers from the
higher routing. The reactive detection method is used to
eliminate the routing overhead problem but it suffers from
some packet loss in the logging of routing procedure.
Our study shows that although many solutions have
been proposed they still are not applicable for non-
consecutive cooperative black hole attack. Therefore, in
future work we intended to propose and simulate a perfect
solution to detect non-consecutive cooperative black hole
attack in MANET.
REFERENCES
[1] B. Kannhavong, H. Nakayama, Y. Nemoto, N. Kato: A survey of routing
attacks in Mobile ad hoc networks, IEEE Wireless Communications,
October 2007, pp 85-91.
[2] I. Woungang, S. K. Dhurandher, R. D. Peddi, M. S. Obaidat: Detecting
Blackhole Attacks on DSR-based Mobile Ad Hoc Networks, IEEE
978-1-5386-3039-6/18/$31.00©2018 IEEE
Conference on Computer, Information and Telecommunication Systems
(CITS), 14-16 May 2012, pp 1- 5.
[3] Bindra, G.S., Kapoor A., Narang A., Agrawal A.: Detection and
Removal of Co-operative Blackhole and Grayhole Attacks in MANETs,
IEEE Conference on System Engineering and Technology (ICSET),
11-12 Sept. 2012, pp 1 - 5.
[4] F. H. Tseng, L. Chou, H.C. Chao: A survey of black hole attacks in
wireless mobile ad hoc networks, International journal on Human-
centric Computing and Information Sciences, 22 Nov 2011, pp 1-16.
[5] Krishna Gorantala: Routing Protocols in Mobile Ad-hoc Networks,
Thesis in Computing Science Umea University June 15, 2006.
[6] Dr. Luiz; A. Dasilva, Tao Lin, Tao Lin, Dr. Scott, F. Midkiff: Mobile
Ad-hoc Network Routing Protocols: Methodologies and Applications,
ECE Department, Virginia Polytechnic Institute and State University
2014.
[7] Bala Anu, Bansal M., Singh J.: Performance Analysis of MANET under
Blackhole Attack, IEEE Conference on Networks and Communications
NETCOM 27-29 Dec. 2009, pp 141-145.
[8] Hongmei Deng, Li W., Agrawal D. P.: Routing Security in Wireless Ad
Hoc Networks, IEEE Communications Magazine,Volume: 40, Issue:10,
2002 , pp 70-75.
[9] Medadian, M., Yektaie M. H., Rahmani A. M.: Combat with Black hole
attack in AODV routing protocol in MANET, International Conference
on First Asian Himalayas Internet, AH-ICI 3-5 Nov. 2009, pp 1 – 5.
[10] Lalit Himral, Vishal Vig, Nagesh Chand: Preventing AODV Routing
Protocol from Black Hole Attack, International Journal of Engineering
Science and Technology (IJEST), Vol. 3 No. 5 May 2011.
[11] Mohammad Al-Shurman, Seong-Moo Yoo, Seungjin Park: Black Hole
Attack in Mobile Ad Hoc Networks, ACMSE’04, April 2-3, 2004, pp
96-97.
[12] Yanzhi Ren, Mooi Choo Chuah, Jie Yang, Yingying Chen: Detecting
Blackhole Attacks in Disruption-Tolerant Networks through Packet
Exchange Recording, IEEE International Symposium on a World of
Wireless Mobile and Multimedia Networks (WoWMoM), 14-17 June
2010, pp 1 – 6.
[13] Kejun Liu, Jing Deng, Pramod K. Varshney, Kashyap Balakrishnan: An
Acknowledgment - Based Approach for the Detection of Routing
Misbehavior in MANETs, IEEE Transactions On Mobile Computing,
Vol. 6, NO. 5, MAY 2007, pp 488-502.
[14] Moumita Deb: A Cooperative Blackhole Node Detection Mechanism for
ADHOC Networks, Proceedings of the World Congress on Engineering
and Computer Science WCECS San Francisco, USA October 22 - 24,
2008.
[15] Sanjay Ramaswamy, Huirong Fu, Manohar Sreekantaradhya, John
Dixon, Kendall Nygard: Prevention of cooperative black hole attack in
wireless ad hoc networks: IEEE Proc. of Int’l Conf. on Wireless
Networks 2003.
[16] Dokurer S., Erten Y.M., Acar C.E.: Performance analysis of ad-hoc
networks under black hole attacks, IEEE Proceedings SoutheastCon ,
22-25 March 2007, pp 148 - 153.
[17] Jian-Ming Chang, Po-Chun Tsou, Isaac Woungang, Han-Chieh Chao,
Chin-Feng Lai: Defending Against Collaborative Attacks by Malicious
Nodes in MANETs, A Cooperative Bait Detection Approach, IEEE
Systems Journal, 09 January 2014, pp 1 – 11.
[18] Shekhar Tandan, Praneet Saurabh: A PDRR based detection technique
for blackhole attack in MANET, International Journal of Computer
Science and Information Technologies, Vol. 2 (4), 2011, pp 1513-1516.
[19] Bo Sun, Yong Guan, Jian Chen, Udo W. Pooch: Detecting Black-hole
Attack in Mobile Ad Hoc Networks, IEEE conference on Personal
Mobile Communications, 22-25 April 2003, pp 490 – 495.
[20] Latha Tamilselvan, Dr. V Sankaranarayanan: Prevention of Co-operative
Black Hole Attack in MANET, Journal Of Networks, VOL. 3, NO. 5,
MAY 2008.