Blackhole attack:
In this attack, adversary node drops all the packets passed through it. In order to do this, the adversary node attracts the neighbor node with false route reply with less hop count and greater sequence number. Once, route is established through that node then the neighbor node starts sending packets and eventually all packets will be dropped at adversary. Many wireless routing protocols such as AODV, DSR, HWMP, DSDV etc. are vulnerable to Blackhole attack.
Blackhole attack implementation in AODV routing protocol
The following scenario consists of 25 nodes, in which 1,7 and 13 nodes are blackhole nodes and other nodes are non-malicious.
To create multiple blackhole attackers in AODV protocol
i) In aodv.h the following blue colour lines needs to be added to define balckhole attackers
/*
* History management
*/
double PerHopTime(aodv_rt_entry *rt);
nsaddr_t malicious;
ii) In aodv.cc the following blue colour lines needs to be added to initialize the attackers
int
AODV::command(intargc, const char*const* argv) {
if(argc == 2) {
Tcl&tcl = Tcl::instance();
if(strncasecmp(argv[1], "id", 2) == 0) {
tcl.resultf("%d", index);
return TCL_OK;
}
if(strncasecmp(argv[1], "blackhole", 9) == 0) {
malicious=1000;
return TCL_OK;
}
AODV::AODV(nsaddr_t id) : Agent(PT_AODV),
btimer(this), htimer(this), ntimer(this),
rtimer(this), lrtimer(this), rqueue() {
index = id;
seqno = 2;
bid = 1;
LIST_INIT(&nbhead);
LIST_INIT(&bihead);
malicious=999;
Malicious nodes 1,7 and 13 generates fake route replies using following blue colour code
//add in receive route request
if(rq->rq_dst == index) {
#ifdef DEBUG
fprintf(stderr, "%d - %s: destination sending reply\n",
index, __FUNCTION__);
#endif // DEBUG
// Just to be safe, I use the max. Somebody may have
// incremented the dstseqno.
seqno = max(seqno, rq->rq_dst_seqno)+1;
if (seqno%2) seqno++;
sendReply(rq->rq_src, // IP Destination
1, // Hop Count
index, // Dest IP Address
seqno, // Dest Sequence Num
MY_ROUTE_TIMEOUT, // Lifetime
rq->rq_timestamp); // timestamp
Packet::free(p);
}
//blackhole attackers
else if(malicious==1000)
{
seqno = max(seqno, rq->rq_dst_seqno)+1;
if (seqno%2) seqno++;
sendReply(rq->rq_src, // IP Destination
1, // Hop Count
rq->rq_dst,
seqno,
MY_ROUTE_TIMEOUT,
rq->rq_timestamp); // timestamp
//rt->pc_insert(rt0->rt_nexthop);
Packet::free(p);
}
Since, all attackers do not have route to destination, attackers have to disable the send (error).
The following blue colour code disables the send (error)
// add in route resolve function (AODV::rt_resolve(Packet *p) )
else {
Packet *rerr = Packet::alloc();
structhdr_aodv_error *re = HDR_AODV_ERROR(rerr);
/*
* For now, drop the packet and send error upstream.
* Now the route errors are broadcast to upstream
* neighbors - Mahesh 09/11/99
*/
assert (rt->rt_flags == RTF_DOWN);
re->DestCount = 0;
re->unreachable_dst[re->DestCount] = rt->rt_dst;
re->unreachable_dst_seqno[re->DestCount] = rt->rt_seqno;
re->DestCount += 1;
#ifdef DEBUG
fprintf(stderr, "%s: sending RERR...\n", __FUNCTION__);
#endif
if(malicious==1000);
else
sendError(rerr, false);
drop(p, DROP_RTR_NO_ROUTE);
After replacing original aodv.cc and aodv.h files,
first perform $make clean operation in ns-allinone-2.xx\ns-2.xx folder then
$make
iii) To define the blackhole attackers in tcl add these lines after node initialization
$ns at 0.0 "[$n1 set ragent_] blackhole1"
$ns at 0.0 "[$n7 set ragent_] blackhole2"
$ns at 0.0 "[$n13 set ragent_] blackhole3"
Above scenario example tcl file blackhole attacks scenario
---------------------------------------------------------------------
Goodput calculation file goodput
To calculate goodput: type-> perl goodput.pl outputfile name granularity(for 1 or 2... n seconds) > filename