Hybrid detection of Black hole and gray hole attacks in MANET

摘要

MANET performance is degraded as a result of Denial-of-service (DoS) attacks such as Black hole and gray hole attacks causing loss of packets. Though many researchers have found different approaches for the effective detection and elimination of these attacks, a single technique to detect both the attacks simultaneously is generally rare. In this paper, a novel hybrid black/gray hole detection approach is proposed for detecting both the black and gray hole attacks in Dynamic Source Routing (DSR) protocol for MANET by using the same technique. DSR protocol dynamically discovers a source route across multiple network hops to any destination in the MANET. In this hybrid approach, the initialized monitor nodes collect the packet flow informations about the neighboring nodes. Then the information distance metric is computed using which two detection thresholds are determined. Then distance metric for all the nodes are compared with the first threshold. If the information distance metric of a node is greater than the first detection threshold, then the node is considered to be malicious nodes. If the information distance metric of the nodes are below the second threshold but not less than the first threshold, the nodes are marked as gray hole attackers while if they are greater than the second threshold, the nodes are marked as black hole attackers. Experimental results show that the proposed hybrid black/gray hole detection approach detects and eliminates the attacks effectively with better throughput, packet drop rate, packet delivery ratio and routing overhead.