Académique Documents
Professionnel Documents
Culture Documents
BLACKHOLE ATTACK
➢ MANET uses a reactive routing protocol such as Ad hoc on demand
Distance Vector (AODV), Dynamic Source Routing (DSR), and Secure
Aware routing (SAR) for the routing of the data packets.
➢ When the AODV routing protocol is used to discover the routes, it works
based on two types packets such as Route request (RREQ) packet and
Route reply (RREP) packet. The source node sends the RREQ packets to
all other nodes to find the shortest route between the source and the
destination in the network.
➢ The malicious node receives the RREQ packet and claim that it is having
the shortest route or optimum path to the node it wanted to actually transmit
(destination). The malicious node sends the response by using the RREP
packet that is having the shortest and fresh route for the destination from
the source. It is the fake RREP with extremely short route.
➢ Upon sending the fake RREP packet to the source node, the malicious
node can able to place itself in the communicating network. It means that
the transmitting packets are should be passed only by this malicious node
only.
➢ After sending the RREP packet, the malicious node receives the data
packets from the source and does not forwards to the neighbour nodes or
simply drops the packets that they received without sending to the
destination node.
BYZANTINE ATTACK
Attacks where adversaries have full control of a number of authenticated devices
and behave arbitrarily to disrupt the network are referred to as Byzantine attacks.
Once the active set of insider nodes in the network are turned to be malicious by
the attackers then the whole network will be under the control of adversaries and
further secured data transmission is not possible. This is very crucial in case of
mobile devices used in military fields and medical fields for transferring patient
reports and medical advises. A byzantine adversary can prevent the route
establishment by dropping the route request or response packets, modify the route
selection metrics such as packet ids, hop counts, drops packets selectively, creates
routing loops, forwards the packets through non-optimal paths for time and
bandwidth consuming purpose and so on. Are the attacks in which a single node
or a set of nodes works together to create loops, forwards packets through non-
optimal paths or selectively drops the packets which results in disruption or
degradation of the routing services and network performance.
ROUTING ATTACKS
1. Denial of Service attacks: – The DoS attack is done by the attacker who has
the motive of flooding request to the router or other devices affecting the
availability. Sending more number of ICMP packets from multiple sources
makes the router unable to process traffic. If the router is unable to process
traffic it is unable to provide services in the network and the whole network
goes down affecting daily activity of organization.
2. Packet Mistreating Attacks: – In this type of attack after the router is injected
with malicious codes the router simply mistreats the packets. Router cannot
handle its own routing process and starts mishandling the packet. The
malicious router is unable to process the packets properly and creates loops,
denial-of-service, and congestion and so on in the network. This type of attack
is very difficult to find and debug.
3. Routing table poisoning: – Routers use routing table to send packets in the
network. The router moves the packets by looking into the routing table. The
routing table is formed by exchanging routing information between routers.
Routing table poisoning means the unwanted or malicious change in routing
table of the router. This is done by editing the routing information update
packets which are advertised by routers. This attack can cause severe damage
in the network by entering wrong routing table entries in the routing table.
4. Hit-and-Run Attacks: – This attack is also called test attack where the
attacker injects malicious packets into the router and sees if the network is
online and functioning or not. If yes, the attacker sends further more malicious
packets to harm the router. This attack can cause router to do unusual activities
that depends upon the code injected by the attacker. This type of attack is hard
to identify and can cause severe damage to the router’s work.
5. Persistent Attacks: – Unlike hit and run attack in this attack the attacker
repeatedly injects malicious packets into the router causing the router to
exploit vulnerabilities. This attack is very severe in nature and can cause heavy
damage. The router can stop functioning from continuous malicious packet
injection. This type of attack is easier to detect compared to another router
attack.