CN106658482B - Black hole attack defense method in route discovery - Google Patents

Black hole attack defense method in route discovery Download PDF

Info

Publication number
CN106658482B
CN106658482B CN201610876755.7A CN201610876755A CN106658482B CN 106658482 B CN106658482 B CN 106658482B CN 201610876755 A CN201610876755 A CN 201610876755A CN 106658482 B CN106658482 B CN 106658482B
Authority
CN
China
Prior art keywords
route
node
black hole
packet
nodes
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610876755.7A
Other languages
Chinese (zh)
Other versions
CN106658482A (en
Inventor
马建峰
孙聪
李腾
魏大卫
袁涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201610876755.7A priority Critical patent/CN106658482B/en
Publication of CN106658482A publication Critical patent/CN106658482A/en
Application granted granted Critical
Publication of CN106658482B publication Critical patent/CN106658482B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W40/00Communication routing or communication path finding
    • H04W40/24Connectivity information management, e.g. connectivity discovery or connectivity update
    • H04W40/28Connectivity information management, e.g. connectivity discovery or connectivity update for reactive routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a method for defending black hole attacks in route discovery, which mainly solves the problems that the prior art can not detect internal attacks and can not defend the black hole attacks in the route discovery. The technical scheme is as follows: the node establishes and compares the contents of the received route request table and the received route response table, judges whether a suspicious node exists, if so, compares the threshold determined in the training set with the destination sequence number of the received route response packet: if the target serial number is larger than the threshold value, judging that the node sending the route response packet is a black hole node, and otherwise, judging that the node sending the route response packet is a normal node; in the subsequent route discovery, only the data packet of the normal node is forwarded or received, and the data packet from the black hole node is not forwarded or received. The invention is completely finished by the nodes in the wireless self-organizing network without introducing a third party, meets the safety requirement of the wireless self-organizing network route, and can be used for defending black hole attacks in the route discovery of the wireless self-organizing network.

Description

Black hole attack defense method in route discovery
Technical Field
The invention belongs to the technical field of wireless network communication, and particularly relates to a method for defending black hole attacks in route discovery, which can be used in a wireless ad hoc network.
Background
With the rapid development of the internet and digital technology, the demand of people for network bandwidth increases year by year, and higher demands are made on the convenience and security of network access. As a novel networking form, compared with the traditional wired network, the wireless ad hoc network has the characteristics of strong mobility, large coverage area, flexible deployment, low deployment cost and the like, and the wireless ad hoc network access becomes the most important mode for people to access the internet. However, the wireless ad hoc network has inherent defects of equal node status, limited node energy, limited node computing capability and the like, and the routing protocol does not consider internal security problems at the beginning of design, so that the above problems cause the routing discovery phase to be extremely vulnerable to black hole attacks. A black hole attack can easily impersonate a destination node or lie itself with an optimal route to the destination node without being suspected by other normal nodes. Besides the black hole attack of the malicious node, the black hole attack to the network can also be caused for the node which can not forward the data packet due to the conditions of energy exhaustion and the like. For a network suffering from black hole attack, because the nodes are equal in status, data packets sent by a source node all pass through the black hole nodes, and the problems of serious privacy disclosure, poor network availability and the like are caused.
In the normal route discovery process of the wireless self-organizing network, a source node searches a destination node in the network by broadcasting an RREQ packet; after receiving the RREQ packet, the intermediate node firstly establishes a reverse route to the source node, then searches a route table of the intermediate node, if the route table of the intermediate node has a route to the destination node, the intermediate node sends the RREP packet to the source node through the reverse route, otherwise, the intermediate node continuously broadcasts and forwards the received RREQ packet; after the real destination node receives the RREQ packet, the RREP packet is sent to the source node according to the reverse route to the source node; after receiving the RREP packet, the source node extracts the destination sequence number, if the sequence number is larger than the sequence number of the source node, the route is added as the route to the destination node, otherwise, the route is not added. However, the network environment has the problems that the positions of all nodes are equal, and the introduction of a third party is difficult. Therefore, how to efficiently and accurately detect the possible internal malicious nodes in the route discovery phase of the ad hoc network is a key for the wireless ad hoc network to defend against the black hole attack in the route discovery phase.
The black hole attacks aiming at the wireless self-organizing network in the route discovery stage are divided into two types, namely single-node black hole attacks and multi-node collusion black hole attacks. The single-node black hole attack is that in a route discovery stage, after a malicious node receives a RREQ packet of a source node, the RREP packet is independently sent to the source node, so that the source node mistakenly considers that the malicious node has an optimal route to a destination node, and the source node is tricked to establish a communication link from the source node to the destination node with the source node. After the link is established, all data packets sent by the source node to the destination node pass through the malicious node, and the malicious node can take a series of attack actions such as discarding, tampering and replaying on the data packets to form a data packet 'black hole'; the multi-node collusion black hole attack means that in a route discovery stage, a plurality of malicious nodes collude to initiate attack, one or a plurality of malicious nodes send RREP packets to a source node after receiving RREQ packets of the source node, the source node is tricked together to regard one of the malicious nodes as a real destination node and establish a route to the malicious node, and in the subsequent data sending process, the malicious node can attack in modes of discarding, tampering and the like, and the security of the wireless self-organizing network is seriously influenced.
In the black hole attack, the black hole node sets the sequence number of the RREP packet sent by the black hole node to be as large as possible intentionally, so that the RREP packet sent by the black hole node becomes the fresest RREP packet and the source node establishes a route to the destination node according to the RREP packet. This results in a large difference between the RREP packet sequence numbers sent by the true destination node and the black hole node in the network during the route discovery phase.
In order to defend against black hole attacks in the route discovery stage, researchers propose a method for setting a static threshold or a dynamic threshold for the sequence number of the RREP packet.
The static threshold method is that the threshold value is set to a value which does not change along with the network state, when the destination serial number of the RREP packet received by the source node is larger than the threshold value, the source node considers that the black hole attack occurs, and discards the RREP packet; otherwise, no black hole attack is considered to occur. However, the method of such static threshold is too flexible, and when the network has large traffic volume, the destination sequence number of the RREP packet is increased quickly, so that the method generates a large amount of false alarms.
The dynamic threshold method is to set the threshold value as a value changing with the network flow, and the calculation formula is as follows: 2 XN + max (seq)RREP) Where N is the number of nodes in the network, seqRREPMax (x) is the maximum value of all x, which is the sequence number of the RREP packet. The main drawback of this method is the excessive threshold, especially the problem of too many false positives that can occur if the network has a small traffic volume.
In the existing patent, defense methods facing the wireless self-organizing network black hole attack include an active detection method and a trusted third party detection method.
The active detection method is that by establishing a plurality of detection routes, the nodes record whether the nodes are attacked by black holes, if the nodes are attacked by the black holes, the trust level of the nodes is reduced, and the trust level of the nodes which succeed in routing is improved. However, the active detection method establishes a plurality of detection routes, consumes excessive node energy and reduces the availability of the network.
The trusted third-party detection method is characterized in that trusted nodes are deployed near all cluster heads in a clustering self-organizing network, the trusted nodes are used for monitoring all cluster head areas in real time, if the change of the data flow of the cluster head nodes is abnormal, black hole attacks exist, and otherwise, the black hole attacks do not exist. However, in the wireless ad hoc network, it is difficult to introduce a trusted third party, so that the practical applicability of the method is low.
Disclosure of Invention
The present invention aims to provide a black hole attack defense method in route discovery to overcome the defects of the prior art, so as to reduce the false negative or false positive of a self-organizing network defense mechanism on a black hole node under the condition of different communication volumes, and ensure that a source node can establish a correct route to a destination node.
In order to achieve the purpose, the technical scheme of the invention comprises the following steps:
1. a method for defending against black hole attacks in route discovery is characterized by comprising the following steps:
(1) a suspicious node acquisition step:
(1a) two tables are established for each node in the network, which are respectively a table T for receiving the routing requestqReceiving route response table Tp
(1b) Every other time interval delta t in the route establishing phaseiCompare the once received route request table TqAnd receiving a route response table Tp: if TpAll IP addresses in (1) are at TqIf the route is in the middle, no black hole attack occurs in the route establishment stage, and T is usedpAnd TqThe IP addresses in (1) are arranged to form a trust table Tt(ii) a Otherwise, recording suspicious nodes and executing the step (2) if the possibility of black hole attack exists;
(2) confirming the network state:
(2a) establishing a training set TR ═ { TR | TR ═ AiIn which A isiTR is a threshold value of a destination sequence number of the routing response packet, and is an element of a training set TR;
(2b) let A be the last element in the training setTRWhen the node receives a route response packet, the destination sequence number D in the packet is extracted and compared with the last element A' in the training set, if D is>A', considering that black hole attack occurs in the route discovery phase, recording the IP address of the node sending the route response packet by the node, executing the step (3), otherwise, considering that no black hole attack occurs, and calculating the target sequence number threshold value of the route request packet at the current moment by using all elements in the training set TR and the target sequence number D
Figure BDA0001126308440000031
Wherein λs=e-(s-i-1)Representing a memory curve function, AsObtaining A for the destination sequence number threshold of all route request packets at the first i momentsi+1Then it is put at the end of the training set TR;
(3) and discovering and deleting black hole nodes:
(3a) reception route response table T at all nodespSearching the IP address recorded in (2b), if a certain node receives the routing response table TpIf the IP address recorded in (2b) can be found, the IP address corresponds toThe nodes are black hole nodes;
(3b) the node removes the black hole node from the network, namely, the IP addresses of the black hole node are arranged to form a blacklist TbWill receive the route response table TpAnd receiving a route request table TqArranging other IP addresses except the IP address of the black hole node to form a trust table TtAnd in the subsequent route discovery process, the route request packet is not forwarded to the nodes in the blacklist any more, and the route response packet sent by the nodes in the blacklist is not received.
The invention has the following advantages:
1. has self-verification
The invention introduces the distributed verification method among the internal nodes, does not need to introduce an additional trusted third party or a trusted node for verification, obtains the suspicious node, confirms the network state and finds out all verification information of the black hole node in a distributed way on all the internal nodes, and can ensure the safety of the global routing information as long as not all the nodes are broken, thereby preventing all the routing information from being leaked after the trusted third party or the trusted node is introduced and broken.
2. Has strong adaptability
The invention introduces a machine learning algorithm to train the threshold value, and ensures that the threshold value can change according to the change of the busy degree of the network. When the network load is small, the maximum value of the serial number in the network is smaller, and the calculated threshold value is smaller; when the network load is high, the maximum value of the serial number in the network is larger, and the calculated threshold value is also larger. Therefore, the dynamic threshold algorithm has good adaptability and can be ensured to be suitable for networks with various busy degrees.
3. Having the ability to detect internal attacks
The invention can judge whether the black hole attack exists in the network by comparing the target serial number of the RREP packet with the threshold value by utilizing the dynamic threshold value, and realizes the purpose of defending the black hole attack initiated from the inside in the route discovery stage.
4. Strong expandability
The defense methods provided by the invention are all deployed on the internal nodes without introducing additional nodes, so that the method does not need to be changed when the network scale is enlarged, the defense methods only need to be simply configured on the newly deployed nodes, and the method has good expandability.
5. Capability of defending black hole attack in route discovery phase
The existing security mechanism for defending the black hole attack in the wireless self-organizing network takes the correct establishment of the route as a precondition and plays a role in the data transmission stage after the correct establishment of the route.
6. Increased network availability
The invention adopts a distributed method to compare the RREP packet destination sequence number and the threshold value, and does not transfer the comparison of the RREP packet destination sequence number and the threshold value to the source node for processing as in the prior method. The improvement can improve the processing speed and the network availability on the basis of effectively reducing the load of the source node and saving the energy of the source node.
Drawings
FIG. 1 is a flow chart of an implementation of the present invention;
FIG. 2 is a sub-flow diagram of the calculation of a threshold in the present invention;
fig. 3 is a schematic diagram of machine learning in the present invention.
Detailed Description
The invention uses a reception-based routing request table TqAnd receiving a route response table TpThe method for comparing obtains a suspicious node set, then uses a machine learning algorithm to obtain a destination serial number threshold of a route response packet, then the source node compares the destination serial number of the received route response packet with the threshold to judge whether the black hole attack occurs, and obtains the black hole node by comparing the two tables again.
The invention receives the route request table TqReceiving route response table TpThe comparison step and the step of dynamically calculating the serial number threshold value by applying a machine learning algorithm apply the knowledge of ensemble theory and engineering optimization, and the symbols used are shown in table 1.
Figure BDA0001126308440000051
Figure BDA0001126308440000061
Note: 0< i < N
The present invention is described in further detail below with reference to the attached drawings.
Referring to fig. 1, the implementation of the present invention is as follows:
step 1, obtaining suspicious nodes
(1a) After receiving the route request packet sent by the neighbor node, the node adds the IP address of the neighbor node sending the route request packet into a receiving route request table set Q to form a receiving route request table Tq
(1b) After receiving the route response packet sent by the neighbor node, the node adds the IP address of the neighbor node sending the route response packet into the received route response table set P to form a received route response table Tp
(1c) At each moment, all nodes compare the respective receiving route request table set Q and the receiving route response table set P once, and judge whether the black hole attack exists according to the comparison result;
(1c1) all nodes calculate the difference C of the respective receiving route response table set P and the receiving route request table set Q, which is P-Q, if C is phi, the current route discovery stage is indicated to have no black hole attack, the set E is made to be P ∪ Q, the elements in the set E are arranged to form a trust table TtIf C is not equal to phi, indicating that black hole attack may occur in the current route discovery stage, recording suspicious nodes, and forming a suspicious set S, namely S is equal to C;
step 2, confirming the network state
(2a) Obtaining an initial threshold A using a PCA algorithm1
Referring to fig. 2, the implementation steps of this step are as follows:
(2a1) creating a safe time T for the initial phase of route discoverysThe T issComprising k time slices Δ tiAt each time slice Δ tiThe network sequence number state vector in is xi=(xi1,xi2,xi3),0≤i<k;
(2a2) Calculating a safe time TsInner network sequence number state vector xiMean value
Figure BDA0001126308440000062
Figure BDA0001126308440000063
(2a3) Calculating a safe time TsAll network sequence number state vector xiState vector mean to network sequence number
Figure BDA0001126308440000064
Distance d (x)i
Figure BDA0001126308440000065
(2a4) According to the k distances d (x) calculated in the step (2a3)iCalculating an initial threshold A1
A1=d(x)I,I=argmaxd(x)i,<3>
(2b) Let training set TR ═ { TR | TR ═ aiCalculating a threshold value of each time slice based on a machine learning algorithm;
referring to fig. 3, this step is implemented as follows:
(2b1) calculating the initial threshold A of (2a4)1Adding the initial element into a training set TR as an initial element of the training set TR;
(2b2) setting the last element in the training setA' is a|TR|When the safety time is over, the network enters a route discovery phase with unknown safety, and each time slice is delta ti
(2b3) At each time slice Δ tiIn the method, the node extracts the destination sequence number D of each received routing request packet, compares the destination sequence number D with the last element A 'in the training set TR, and if D is the last element A', the node selects the destination sequence number D>A', considering that black hole attack occurs in the route discovery phase, recording the IP address of the node sending the route response packet by the node, and executing the step (3), otherwise considering that no black hole attack occurs in the route discovery phase, and executing the step (2b 4);
(2b4) calculating the current network sequence number threshold Ai+1
Figure BDA0001126308440000071
Wherein A issThreshold value of sequence number, lambda, of destination for all route request packets at the first i momentss=e-(s-i-1)Representing a memory curve function to obtain a current network serial number threshold value Ai+1Then put it into training set TR, i.e. Ai+1∈TR。
Step 3, deleting black hole nodes
(3a) Reception route response table T at all nodespSearching (2b3) for the IP address recorded in (2b3), if a certain node receives the routing response table TpIf the IP address recorded in (2b3) can be found, the node corresponding to the IP address is a black hole node;
(3b) the node arranges the IP addresses of the black hole nodes to form a blacklist Tb
(3c) The node will receive the routing response table TpAnd receiving a route request table TqArranging other IP addresses except the IP address of the black hole node to form a trust table Tt
(3d) The node deletes the black hole node, that is, the node only receives the trust table T in the following route discovery processtRouting response packet sent by node corresponding to middle IP address only to trust table TtNode corresponding to medium IP addressSending route request packet without going to blacklist TbThe node corresponding to the middle IP address sends a routing request packet and does not receive the blacklist TbAnd the routing response packet sent by the node corresponding to the intermediate IP address realizes the defense against the black hole attack.
The above description is only one specific example of the present invention and should not be construed as limiting the invention in any way. It will be apparent to persons skilled in the relevant art that various modifications and changes in form and detail can be made therein without departing from the principles and arrangements of the invention, but these modifications and changes are still within the scope of the invention as defined in the appended claims.

Claims (3)

1. A method for defending against black hole attacks in route discovery is characterized by comprising the following steps:
(1) a suspicious node acquisition step:
(1a) two tables are established for each node in the network, which are respectively a table T for receiving the routing requestqReceiving route response table Tp
(1b) Every other time interval delta t in the route establishing phaseiComparing the received route request table T onceqAnd receiving a route response table TpAfter receiving the routing request packet sent by the neighbor node, the node adds the IP address of the neighbor node sending the routing request packet into a receiving routing request table set Q to form a receiving routing request table Tq(ii) a After receiving the route response packet sent by the neighbor node, the node adds the IP address of the neighbor node sending the route response packet into the received route response table set P to form a received route response table Tp: if TpAll IP addresses in (1) are at TqIf the route is in the middle, no black hole attack occurs in the route establishment stage, and T is usedpAnd TqThe IP addresses in (1) are arranged to form a trust table Tt(ii) a Otherwise, recording suspicious nodes and executing the step (2) if the possibility of black hole attack exists;
(2) confirming the network state:
(2a) establish oneTraining set TR ═ { TR | TR ═ aiIn which A isiTR is a threshold value of a destination sequence number of the routing response packet, and is an element of a training set TR;
(2b) let A be the last element in the training set|TR|Every time after the node receives a route response packet, extracting a destination serial number D in the packet, comparing the destination serial number D with the last element A 'in the training set, if D is larger than A', considering that black hole attack occurs in the route discovery stage, recording the IP address of the node sending the route response packet by the node, executing the step (3), otherwise, considering that no black hole attack occurs, calculating the destination serial number threshold value of the route request packet at the current moment by using all elements in the training set TR and the destination serial number D
Figure FDA0002325344700000011
Wherein λs=e-(s-i-1)Representing a memory curve function, AsObtaining A for the destination sequence number threshold of all route request packets at the first i momentsi+1Then it is put at the end of the training set TR;
(3) and discovering and deleting black hole nodes:
(3a) reception route response table T at all nodespSearching the IP address recorded in (2b), if a certain node receives the routing response table TpIf the IP address recorded in the step (2b) can be found, the node corresponding to the IP address is a black hole node;
(3b) the node removes the black hole node from the network, namely, the IP addresses of the black hole node are arranged to form a blacklist TbWill receive the route response table TpAnd receiving a route request table TqArranging other IP addresses except the IP address of the black hole node to form a trust table TtAnd in the subsequent route discovery process, the route request packet is not forwarded to the nodes in the blacklist any more, and the route response packet sent by the nodes in the blacklist is not received.
2. The method of claim 1, wherein two tables are created per node in step (1a) by the steps of:
(1a1) after each node receives the route request packet, the IP addresses of the nodes forwarding the packet are arranged according to the arrival sequence of the route request packet to form a received route request table Tq
(1a2) After each node receives the route response packet, the IP addresses of the nodes forwarding the packet are arranged according to the arrival sequence of the route response packet to form a receiving route response table Tp
3. The method of claim 1, wherein the establishing of the training set TR in step (2a) is performed by calculating an initial threshold a of a sequence number of an initial element of the training set TR, i.e. a route response packet, using a PCA algorithm1And an initial threshold A1Put into a training set TR, i.e. A1Belongs to TR; obtaining an initial threshold A using a PCA algorithm1The implementation steps are as follows:
(2a1) creating a safe time T for the initial phase of route discoverysThe T issComprising k time slices Δ tiAt each time slice Δ tiThe network sequence number state vector in is xi=(xi1,xi2,xi3),0≤i<k;
(2a2) Calculating a safe time TsInner network sequence number state vector xiMean value
Figure FDA0002325344700000021
Figure FDA0002325344700000022
(2a3) Calculating a safe time TsAll network sequence number state vector xiState vector mean to network sequence number
Figure FDA0002325344700000023
Distance d (x)i
Figure FDA0002325344700000024
(2a4) According to the k distances d (x) calculated in the step (2a3)iCalculating an initial threshold A1
A1=d(x)I,I=arg max d(x)i
CN201610876755.7A 2016-10-08 2016-10-08 Black hole attack defense method in route discovery Active CN106658482B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610876755.7A CN106658482B (en) 2016-10-08 2016-10-08 Black hole attack defense method in route discovery

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610876755.7A CN106658482B (en) 2016-10-08 2016-10-08 Black hole attack defense method in route discovery

Publications (2)

Publication Number Publication Date
CN106658482A CN106658482A (en) 2017-05-10
CN106658482B true CN106658482B (en) 2020-04-07

Family

ID=58854345

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610876755.7A Active CN106658482B (en) 2016-10-08 2016-10-08 Black hole attack defense method in route discovery

Country Status (1)

Country Link
CN (1) CN106658482B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109756515B (en) * 2019-03-01 2020-12-25 重庆邮电大学 Black hole attack detection and tracking method based on suspicion degree accumulation
CN111247818A (en) * 2019-11-18 2020-06-05 深圳市汇顶科技股份有限公司 Path selection method and BLE device
CN112911584A (en) * 2020-12-16 2021-06-04 中南大学 Method for avoiding black hole node attack based on detection route to obtain node trust value in energy collection wireless sensor network
CN115297470B (en) * 2022-08-03 2024-04-19 中南大学 Black hole node detection method based on combination of active detection and backtracking in self-organizing sensor network

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101895889A (en) * 2010-08-13 2010-11-24 深圳市兆讯达科技实业有限公司 Method for detecting black hole attack in wireless ad hoc network
CN102333314A (en) * 2011-10-19 2012-01-25 南京信息工程大学 Routing method of wireless ad hoc network
CN104410646A (en) * 2014-12-18 2015-03-11 重庆邮电大学 Data forwarding method with black hole attack detection function

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7444417B2 (en) * 2004-02-18 2008-10-28 Thusitha Jayawardena Distributed denial-of-service attack mitigation by selective black-holing in IP networks

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101895889A (en) * 2010-08-13 2010-11-24 深圳市兆讯达科技实业有限公司 Method for detecting black hole attack in wireless ad hoc network
CN102333314A (en) * 2011-10-19 2012-01-25 南京信息工程大学 Routing method of wireless ad hoc network
CN104410646A (en) * 2014-12-18 2015-03-11 重庆邮电大学 Data forwarding method with black hole attack detection function

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Mitigation Algorithm against Black Hole Attack sing Real Time Monitoring for AODV Routing Protocol in MANET;Anishi Gupta;《IEEE》;20151231;第134-138页 *
一种针对AODV 协议黑洞攻击的检测策略;卜飞飞等;《计算机应用与软件》;20150531;第273-277页 *

Also Published As

Publication number Publication date
CN106658482A (en) 2017-05-10

Similar Documents

Publication Publication Date Title
CN106658482B (en) Black hole attack defense method in route discovery
Zhen et al. Preventing replay attacks for secure routing in ad hoc networks
Sarma et al. A survey of black hole attack detection in manet
Zhang et al. TOHIP: A topology-hiding multipath routing protocol in mobile ad hoc networks
Aluvala et al. An empirical study of routing attacks in mobile ad-hoc networks
Raju et al. A simple and efficient mechanism to detect and avoid wormhole attacks in mobile ad hoc networks
Gupta et al. Black hole detection and prevention using digital signature and SEP in MANET
John et al. Prevention and detection of black hole attack in AODV based mobile ad-hoc networks-a review
Behzad et al. A survey over black hole attack detection in mobile ad hoc network
CN108900517B (en) Safety route defense method based on HWMP protocol
Ahamad Detection and defense against packet drop attack in MANET
Aldaej et al. AAODV (aggrandized ad hoc on demand vector): a detection and prevention technique for manets
Araghi et al. A secure model for prevention of black hole attack in wireless mobile ad hoc networks
Balaji et al. Gray-Hole Attack Minimization in IoMT with 5G Based D2D Networks.
Mohite et al. Cooperative security agents for MANET
Nafaa et al. Analysis of security attacks in AODV
Diwaker et al. Detection Of Blackhole Attack In Dsr Based Manet
Yadav et al. A review on black hole attack in MANETs
Acharjee et al. A new hybrid algorithm to eliminate wormhole attack in wireless mesh networks
Singh et al. DETECTION AND REMOVAL OF MALICIOUS NODE IN AD-HOC NETWORK USING DSR ROUTING ALGORITHM AND CBDS METHOD
Garg et al. A literature survey of black hole attack on aodv routing protocol
Mapenduka Methods for detecting attacks in mobile/wireless ad-hoc networks: A Survey
Bhalodiya et al. Study of Detection and Prevention Techniques for Flooding attack on AODV in MANET
Verma et al. Detection of vampire attack in wireless sensor networks
Makwana et al. Cooperative Gray Hole Attack Detection and Prevention Techniques in MANET

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant