IJIRST International Journal for Innovative Research in Science & Technology| Volume 3 | Issue 07 | December 2016

ISSN (online): 2349-6010

Analysis of Secure Routing Scheme against

Vampire Attack for MANET
Pratibha Rathore Ashish Tiwari
M. Tech. Student Assistant Professor
Department of Computer Engineering Department of Computer Engineering
Vindhya Group of Technology and Science Khandwa Road, Vindhya Group of Technology and Science Khandwa Road,
Indore, India Indore, India

Himangni Rathore
Employee
Samarth Consultancy, Surat, India

Abstract
Wireless networks are gaining popularity to its peak today, as the users want wireless connectivity irrespective of their
geographic position. There is an increasing threat of attacks on the Mobile Ad-hoc Networks (MANET). Vampire attack is one
of the security threat in which the traffic is redirected to such a node that actually does not exist in the network. Its an analogy to
the Vampire in the universe in which things disappear. The node presents itself in such a way to the node that it can attack other
nodes and networks knowing that it has the shortest path. MANETs must have a secure way for transmission and communication
which is quite challenging and vital issue. In order to provide secure communication and transmission, researcher worked
specifically on the security issues in MANETs, and many secure routing protocols and security measures within the networks
were proposed. Previously the works done on security issues in MANET were based on reactive routing protocol like dynamic
source routing (DSR). Different kinds of attacks were studied, and their effects were elaborated by stating how these attacks
disrupt the performance of MANET. The general purpose of this project is to study the effects of Vampire attack in MANET
using Reactive routing protocol Ad-Hoc on Demand Distance Vector (AODV). Comparative analysis of Vampire attack for both
protocols is taken into account. The impact of Vampire attack on the performance of MANET is evaluated finding out which
protocol is more vulnerable to the attack and how much is the impact of the attack on both protocols. The measurements were
taken in the light of throughput, end-to-end delay and network load. Simulation is done in Network Simulator. (NS-2).
Keywords: AODV, MANET, Vampire, NS-2
_______________________________________________________________________________________________________

I. INTRODUCTION

A malicious node in the network receiving an RREQ message replies to source nodes by sending a false RREP message that
contains desirable parameters to be chosen for packet delivery to destination nodes. After promising (by sending a fake RREP to
confirm it has a path to a destination node) to source nodes that has actual path to forward data, a malicious node starts to lose all
the network traffic it receives from source nodes. Some active attacks that can be easily performed against MANETs are vampire
attack [3].
We develop a methodology to identify vampire node. The technique works with slightly modified AODV protocol give the
method of Preventing Vampire attack by using IDS algorithm. We propose a solution that is an enhancement of the basic AODV
routing protocol, which will be capable to avoid vampire attack. To reduce the probability of vampire attack, it is proposed IDS
based methodology for prevent Vampire and find safe route to reach the neighboring nodes. A wireless IDS monitors wireless
network traffic and analyzes its wireless networking Protocol to identify suspicious activity.
This work uses normal Secure-AODV in which a node receives the Route reply (RREP) packet which first checks the value of
sequence number in its routing table. The RREP is accepted if its sequence is higher than that in the routing table. In this thesis
algorithm also check whether the sequence number is higher than the threshold value, if it is higher than threshold value than it is
considered as the malicious node. The value of the threshold value is not dynamically updated in the time interval and value of
threshold is assumed and fix for entire mobile Ad-Hoc Network. The node that is detected as the anomaly is listed and ICMP
packet is sent so that the RREP packet from that malicious node is discarded. The routing table for that node is not updated nor is
the packet forwarded to others. The main advantage of this protocol is that the source node announces the vampire to its
neighboring nodes in order to be ignored and eliminated. Their solution increases the Packet Delivery Ratio and throughput.

II. OBJECTIVE

The main aim of this research is to develop secure on-demand routing protocols for data transmission under Vampire attack in
MANET. The proposed protocols must be efficient in terms of Packet Delivery Ratio, End-to-End Delay and Throughput. Based

All rights reserved by www.ijirst.org 113

 Analysis of Secure Routing Scheme against Vampire Attack for MANET
(IJIRST/ Volume 3 / Issue 07/ 019)

on the motivations to provide new security features to be incorporated in popular routing protocols AODV, the aim has been
further segregated down into a number of objectives:
1) Implement secure on-demand routing (TAODV) protocols for data transmission in MANET.
2) Detect vampire node in MANET scenario using TAODV protocol.
3) Prevent the network from vampire attack and improve the packet delivery fraction, throughput and end-to-end delay, even
with the presence of Vampire attacks.
4) The results of both AODV and TAODV compare to analyze which of these two types of protocols gives better
performance.

III. METHODOLOGY

Mobile Ad-hoc Network consists of some nodes that are standing randomly in operational environment without any predefined
infrastructure and mobility which are vulnerable for intrusion and attack. Security is an important field in this type of network.
Use IDS (intrusion detection system) based approach to detect and prevent Vampire in MANET. IDS detect and report the
malicious activity in ad hoc network. Intrusion detection systems (IDSs) do just that: monitor audit data, look for intrusions to
the system, and initiate a proper response

IV. FLOW CHART

Fig. 1: Flow chart of TAODV protocol

All rights reserved by www.ijirst.org 114

 Analysis of Secure Routing Scheme against Vampire Attack for MANET
(IJIRST/ Volume 3 / Issue 07/ 019)

This work proposes a solution based on trust detection to detect attacks on AODV. This approach specifies the correct AODV
routing behavior and distributed in the network. Trust Mechanism monitors network for detecting run-time violation of the
specifications. Aim of Trust Mechanism is to secure the AODV protocol. Dynamic topologies make it difficult to obtain a global
view of the network. Traffic monitoring in wired networks is usually performed at switches, routers and gateways, but an Ad
Hoc network does not have these types of network elements so here Trust Mechanism can collect audit data for the entire
network. Trust Value is defined as a sequence of related actions performed by a malicious adversary that results in the
compromise of a target network. The existence of a security policy that states which actions are considered malicious should be
prevented is a key requisite for an intrusion detection system to work. Trust detection is the process of identifying and
responding to malicious activities target at computing and network resources.
Figure shows the Flow Chart of proposed algorithm. At the initial point assign a fix threshold value (assumed) to the Ad-hoc
network and start Route discovery process by following STEP-I where source node wait for route reply. If Route is establish so
then call Trust Detection step and check the Sequence number of Reply node, if sequence number lie within the threshold value,
node is trustworthy and send data packet to the destination ELSE If sequence number is greater than assigned value, detect the
Node as a malicious node and now call Trust Value for informing neighbours node about the malicious node. Source send ICMP
packet along the route path for deleting malicious node entry from routing table and then again initialize route discovery process
in the Network. Now going to the else part of step-I, If route reply is not come then call STEP-II LREPAIR (local repair). If
route is repair with in time to leave period, Route is established and calls STEP-III Trust Detect otherwise node increment
sequence number and again start Route discovery. To follow this algorithm TAODV protocol detect malicious node and prevent
the network from vampire attack.

V. ALGORITHM STUDY

The proposed algorithm is based on the trust values of individual nodes. All the nodes of wireless ad-hoc network have a specific
trust value. The algorithm encompasses the following steps:
Initialization
Trust values of all the participating nodes are set to be initialized by specific previously assigned trust value.
Initialize the trust value of every node with 100.
Assumption: 1 trust value = 10 packets dropped.
Updating of trust values
If the packets are correctly transmitted from one node to another node
If the correctly transmitted no of packets is between 1 and 10, then trust values of the respective nodes will be incremented
by one time.
Updated trust value = old trust value + 1;
If the correctly transmitted number of packets is greater than 10, then the updated trust value will be:
Updated trust value = old trust value + (correctly transmitted packets / 10);
If the packets are dropped/delayed
The number of dropped or delayed packets is between 1 and 10, and then trust value of that particular node is decremented
by one.
Updated trust value = old trust value 1;
The numbers of dropped or delayed packets are greater than 10, then trust value of that particular node will be,
Updated trust value = old trust value (Packet dropped or delayed / 10);
If the trust value of particular node is negative, then print Invalid node.
Isolating the Packet drop node from the network
If (Updated trust value < Threshold trust value)
Then the particular node is treated as malicious node (vampire node)
If (Updated trust value > Threshold trust value)
Then the particular node is treated as legitimate node.
Stop comparing the trust values of nodes with threshold

VI. RESULTS

Simulation Results for Packet Delivery Ratio

This is the fraction of the data packets received by the destination to those sent by the source. This classifies the ability of the
protocol to discover routes. Figure and table shows the Packet delivery ratio under Vampire attack detection and its prevention
through Trust based mechanism i.e. Attack, Without and Prevention for the various node density.

All rights reserved by www.ijirst.org 115

 Analysis of Secure Routing Scheme against Vampire Attack for MANET
(IJIRST/ Volume 3 / Issue 07/ 019)

Table - 1
Packet Delivery Ratios comparisons
No of Nodes Attack Without Pre
20 0.990 0 0.617
40 0.995 0 0.434
60 0.982 0 0.351

Fig. 2: Packet Delivery Ratios comparisons

Simulation Results for Throughput

This is the fraction of the data packets received by the destination to those sent by the source. This classifies the ability of the
protocol to discover routes. Figure and table shows the Throughput under Vampire attack detection and its prevention through
Trust based mechanism i.e. Attack, Without and Prevention for the various node densities.
Table - 2
Throughputs comparisons
No. of Nodes Without Attack Pre
20 38.42 0 38.50
40 38.53 0 38.51
60 38.53 0 38.50

Fig. 3: Throughputs comparisons

Simulation Results for End To End Delay

This is the average delay between the sending of the data packet by the source and its receipt at the corresponding receiver. This
includes all the delays caused during route acquisition, buffering and processing at intermediate nodes. Figure and table shows
the End to End Delay under Vampire attack detection and its prevention through Trust based mechanism i.e. Attack, Without and
Prevention for the various node density.

All rights reserved by www.ijirst.org 116

 Analysis of Secure Routing Scheme against Vampire Attack for MANET
(IJIRST/ Volume 3 / Issue 07/ 019)

Table 3
End to End Delays comparisons
No of Nodes Without Attack Pre
20 19.281 0.979 16.805
40 11.191 0.979 14.964
60 24.567 1.515 11.440

Fig. 4: End to End Delays comparisons

Simulation Results for Residual Energy

It is the total amount of remaining energy by the nodes after the completion of Communication or simulation. If a node is having
100% energy initially and having 70% energy after the simulation than the energy consumption by that node is 30%.The unit of
it will be in Joules. Figure and table shows the Residual Energy under Vampire attack detection and its prevention through Trust
based mechanism i.e. Attack, Without and Prevention for the various node density.
Table 4
Residual Energy comparisons
No of Nodes Without Attack Pre
20 60.655 56.075 10.461
40 60.614 56.067 23.138
60 70.410 56.516 21.140

Fig. 5: Residual Energy comparisons

VII. CONCLUSION

In this work, we simulated AODV protocol with different density, where each one has 20 nodes, 40 nodes, 60 nodes and also
simulated the same scenarios after introducing single vampire Node into the network. Moreover, we simulated Secure AODV as

All rights reserved by www.ijirst.org 117

 Analysis of Secure Routing Scheme against Vampire Attack for MANET
(IJIRST/ Volume 3 / Issue 07/ 019)

per algorithm for detection of vampire attack. Finally compare the results of solution with High without Attack under attack by
varying different network parameters using same scenarios in NS-2.Our simulation results are analyzed below:
Analyzing the results of PDR v/s Node Density shows the Packet Delivery Ratio of High Without Attack, Prevention are
Moderate under vampire attack, poor Attack under vampire attack; we found that there is 60-65%increase in PDR for Secure
AODV. This clearly shows that there is a significant benefit when the solution against vampire attacks is applied.
Analyzing the results of Throughput v/s Node Density shows the Throughput of Normal AODV, AODV under vampire attack,
TAODV under vampire attack, where vampire were fixed but number of nodes varied, there was significant rise of 60%-80% in
Secure AODV against normal AODV under vampire Attack, which indicates solution work better even though number of nodes
increases.
Analyzing the results of End-to-End Delay v/s Node Density shows the End-to-End Delay of Normal AODV, AODV under
vampire attack, TAODV under vampire attack; we found that there is a 2-5% decrease in End-to-End Delay for Secure AODV
compared to normal AODV. From the above cases, we can conclude that Secure AODV give significant improvement in End-to-
End Delay compared to that of normal AODV during vampire attack.

ACKNOWLEDGEMENT

This research paper is made possible through the help and support from everyone, including: parents, teachers, family, friends,
and in essence, all sentient beings. I would like to express my deep gratitude to Mr. Ashish Tiwari, my research supervisors, for
their patient guidance, enthusiastic encourage-ment and useful critiques of this research work.
Finally, I offer my deep gratitude to my parents who have appreciated, encouraged and assisted in our endeavour.

REFERENCES
[1] S. jayashree, T.Mohanraj vampire attack detection in wireless sensor networks, international journal of innovative research in computer and
communication engineering, February: 2015, ISSN no: 2320-9801, vol.3, issue 2, copyright to IJIRCCE.
[2] Eugene Y. Vasserman, Nicholas Hopper vampire attacks: draining life from wireless ad-hoc sensor networks, IEEE transactions on mobile computing,
2013, vol.12, No.2
[3] C. E. Perkins and E. M. Royer, Ad Hoc On-Demand Distance Vector Routing, Proc. 2nd IEEE Wksp. Mobile comp. Sys. and Apps. Feb, 1999, pp. 90-
100
[4] P.Ning, K. Sun, How to misuse AODV: A Case Study of Insider Attacks Against Mobile Adhoc Routing Protocols; Info Assurance Wksp, IEEE
sys, Man and Cybernetics Soc, june 2003, pp. 60-67
[5] Davide Cerri, Alessandro Ghioni, Securing AODV: The A-SAODV Secure Routing Prototype, IEEE Communication Magazine; Volume 46, Issue 2,
February 2008 pp.120 - 125
[6] Ms. Raisa l. Mulla, Prof. Rahul N. Patil, Efficient prevention of Vampire attack in ad-hoc Wireless sensor network, International journal of engineering
research and general science; September-October, 2015 ; volume 3, issue 5, ISSN no: 2091-2730
[7] Tawswwf ahmad naqishbandi , Imthyaz sheriff C, A resilient strategy against energy attacks in ad-hoc WSN and future IoT, International journal of
advanced research in computer science and software engineering; February 2014, volume 4, issue 2; ISSN no- 2277128X
[8] P. Papadimitratos, Z. Haas, Secure Routing for Mobile Ad Hoc Network, In Proceedings of the SCS Communication Networks and Distributed Systems
Modeling and Simulation Conference (CNDS), 2002 pp. 1-13
[9] Liu Jinghua, Geng Peng, Qiu Yingqiang, Feng Gui, A Secure Routing Mechanism in AODV for Ad Hoc Networks, Proceedings of International
Symposium on Intelligent Signal Prcessing and Communiction System, 2007 pp. 435-438
[10] Mohammad Ilyas, The Hand Book of Ad Hoc Wireless Networks, CRC Press
[11] Yuxia Lin, A. Hamed Mohsenian Rad, Vincent W.S. Wong, Joo-Han Song, Experimental Comparisons between SAODV and AODV Routing Protocols,
Proceedings of the 1st ACM workshop on Wireless multimedia networking and performance modeling, 2005, pp. 113 122.
[12] Thomas H. Clausen and Philippe Jacquet, Optimized link state routing protocol (OLSR), 2003.
[13] Jing Deng, Richard Han, and Shivakant Mishra, Defending against path based DoS attacks in wireless sensor networks, ACM workshop on security of ad
hoc and sensor networks, 2005.
[14] INSENS: Intrusion-tolerant routing for wireless sensor networks,Computer Communications 29 (2006), no. 2.
[15] Sheetalkumar Doshi, Shweta Bhandare, and Timothy X. Brown, An ondemand minimum energy routing protocol for a wireless ad hoc network, ACM
SIGMOBILE Mobile Computing and Communications Review 6 (2002), no. 3.
[16] John R. Douceur, The Sybil attack, International workshop on peer-topeer systems, 2002.
[17] Hans Eberle, Arvinderpal Wander, Nils Gura, Sheueling Chang-Shantz, and Vipul Gupta, Architectural extensions for elliptic curve cryptography over
GF(2m) on 8-bit microprocessors, ASAP, 2005.
[18] T. English, M. Keller, Ka Lok Man, E. Popovici, M. Schellekens, and W. Marnane, A low-power pairing-based cryptographic accelerator for embedded
security applications, SOCC, 2009.
[19] Laura M. Feeney, An energy consumption model for performance analysis of routing protocols for mobile ad hoc networks, Mobile Networks and
Applications 6 (2001), no. 3.
[20] Martin Feldhofer, Sandra Dominikus, and Johannes Wolkerstorfer, Strong authentication for RFID systems using the AES algorithm, CHES, 2004.
[21] Rodrigo Fonseca, Sylvia Ratnasamy, Jerry Zhao, Cheng T. Ee, David Culler, Scott Shenker, and Ion Stoica, Beacon vector routing: Scalable point-to-point
routing in wireless sensornets, NSDI, 2005.

All rights reserved by www.ijirst.org 118