Co-operative Black Hole Detection

and Prevention in Mobile ad hoc

network: Survey

By

SUMAN MANDAL

UNDER THE GUIDANCE OF

TANUMOY NAG

Assistant Professor

Dinabandhu Andrews Institute of Technology & Management

SURVEY REPORT SUBMITTED IN PARTIAL FULFILLMENT OF THE

REQUIREMENTS FOR THE POST GRADUATE DEGREE

OF

MASTER OF SCIENCE IN COMPUTER SCIENCE

DINABANDHU ANDREWS INSTITUTE OF TECHNOLOGY & MANAGEMENT

Session 2016 – 2018.

DEPARTMENT OF COMPUTER SCIENCE

DINABANDHU ANDREWS INSTITUTE OF TECHNOLOGY & MANAGEMENT

[Affiliated to MAULANA ABUL KALAM AZAD UNIVERSITY OF TECHNOLOGY, WEST BENGAL]

BAISHNABGHATA, PATULI, KOLKATA-700084

CERTIFICATE OF APPROVAL

The foregoing Survey is hereby accepted as a credible study of a Computer

Science subject carried out and presented in a manner satisfactory to warrant its

acceptance as a prerequisite to the degree for which it has been submitted. It is

understood that by this approval the undersigned do not necessarily endorse or approve

any statement made, opinion expressed or conclusion drawn therein, but approve the

survey only for the purpose for which it is submitted.

————————————— __________________________

Signature of Examiner Signature of Head of Department

ACKNOWLEDGEMENT

I would like to express my sincere thanks to all the people who have helped me most throughout

my project. First of all, I am grateful to my project supervisor Mr. Tanumoy Nag for his invaluable

guidance and constant support throughout the project.

A special thank of mine goes to Mrs Paromita Roy, Head of the Department (Computer Science)

and also my college authorities for providing me with all the necessary resources and facilities

necessary for carrying out the project.

I also wish to thank my parents for their personal support and attention. Last but not the least, I

would like to thank my friends who treasured me for my hard work and encouraged me.

————————————

Suman Mandal

Table of Contents:

Abstract

Keywords

1. Introduction

2. Protocols

2.1. Proactive (table-driven) Routing Protocol

2.2. Reactive (on-demand) Routing Protocol

2.2.1. AODV Routing Protocol

2.2.2. DSR Touting Protocol

2.3. Hybrid Routing Protocol

3. Important parameters in MANET security

3.1. Network Overhead

3.2. Processing Time

3.3. Energy Consumption

4. Security Challenges

4.1. Security Services

4.1.1. Availability

4.1.2. Authentication

4.1.3. Data Confidentially

4.1.4. Integrity

4.1.5. Non Repudiation

4.2. Attacks

4.2.1. Black Hole Attack

4.2.2. Worm Hole Attack

4.2.3. Byzantine Attack

4.2.4. Snooping Attack

4.2.5. Routing Attack

4.2.6. Resource Consumption Attack

4.2.7. Session Hijacking

4.2.8. Denial of Service

4.2.9. Jamming Attack

4.2.10. Impersonation Attack

4.2.11. Modification Attack

4.2.12. Fabrication Attack

4.2.13. Man-In-the Middle Attack

4.2.14. Gray Hole Attack

4.2.15. Traffic Analyze Attack

5. Cooperative Black Hole Attack

5.1. DRI Table and Cross Checking Scheme

5.2. Distributed Cooperative Mechanism

5.3. Hash-based Scheme

5.4. Hashed-based MAC and Hash-based PRF Scheme

5.5. Backbone Nodes (BBN) and Restricted IP (RIP) Scheme

5.6. Bait DSR (BDSR) based on Hybrid Routing Scheme

6. Conclusion

References

Abstract: MANET is one type of wireless ad hoc network, based on mobile wireless nodes.

Because of its special characteristics like dynamic topology, hop-by-hop

communications, and easy and quick setup, MANET faced lots of challenges, mostly on

security. MANET has self-configuring ability, because of that security challenges arise.

In this paper I mainly focused on “Black Hole Attack”, analysis the type of black

hole attack, detecting black hole and prevention technic.

Keywords: Mobile ad hoc networking protocol collaborative black hole attack.

1. Introduction: Mobile ad hoc network (MANET) is self-configuring network which is formed by several

movable tools (also called node). MANET is also infrastructure independent. It has some

exceptional characteristics like dynamic topology, open network boundary, distributed

network, easy implementation, hop-by-hop communication. Such characteristics have

made MANET more popular. It mostly used in military, disaster management, personal

area network and so on. Because of its special characteristics, MANET faced many

challenges, such as security problem, dynamic link establishment, reliable data delivery,

finite transmission bandwidth, abusive broadcasting message and restricted hardware

caused processing capabilities.

In MANET, the most active research area is security. It has a few number of

security challenges. It has a special feature that, all nodes are free to join and leave the

network, open network boundary. That’s why security challenges are arrived. Most

popular security challenge is ‘Black Hole Attack’. In this paper black hole attack and its

preventions are described by survey with the help of some papers.

2. Protocols: In MANET there has different types of protocols. Before a source node wants to

communicate with target node, it should broadcast its present status to the neighbors

due to the current routing information is unfamiliar. According to how the information

is acquired, the routing protocols classified into proactive, reactive and hybrid routing.

2.1. Proactive (table-driven) Routing Protocol: The proactive routing protocol is also called table-driven routing protocol. In this

protocol all nodes are broadcast their routing information periodically. Each node needs

to maintain their routing table that records routing information of all nodes in the

network. The main disadvantage is, because of recording all routing information, the

network overhead increases. However, if any malicious node is included, the routing

table information is changed. It is the advantage of proactive routing protocol. The most

familiar proactive type protocols are destination sequence distance vector (DSDV)

routing protocol and optimized linked state routing (OLSR) protocol.

2.2. Reactive (on-demand) Routing Protocol:

Reactive routing protocol is known as on-demand routing protocol. Unlike proactive

routing protocol it never needs to record all node’s routing information. So it doesn’t

need to periodically broadcast routing information and therefore required bandwidth is

reduced and also network overhead. It remain active throughout the packet

transmission. For this passive routing method the packet drop is increases and it doesn’t

understand any malicious node is included. Some of this type routing protocols are ad

hoc on-demand distance vector (AODV) and dynamic source routing (DSR) protocol.

2.2.1. AODV Routing Protocol: AODV protocol is constructed based on DSDV

routing. In AODV protocol each node records only next hop routing information in its

routing table and maintains it to sustaining rout information from source to destination

node. If source node doesn’t found any route to destination then route discovery

process is started and it broadcast rout request (RREQ) packet immediately. All the

intermediate nodes receive the RREQ packet and a parts of them send rout reply (RREP)

packet to the source node if destination rout information occurred in their routing

table. The route maintainance process is started when the network topology has

changed or connection has failed. First, the source node informed by route error (RRER)

packet. Then it utilize the present route information to find a new routing path or

restart the route discovery process to update routing table information.

A

B

C D

E

F

G

Source

Destination

Figure 1: AODV Routing Protocol

2.2.2. DSR Routing Protocol: The DSR protocol is constructed based on source routing. That’s why each data

packet contains the routing path from source to destination. All the nodes maintain

their routing table information from source to destination. The source node decide the

path because each node recorded information from source to destination path. The

performance of DSR decreases with the mobility of network increases, lower packet

delivery with higher network mobility.

2.3. Hybrid Routing Protocol: Hybrid routing protocol combines proactive and reactive routing protocol and takes

their advantages. This routing protocol designed as a hierarchical or layered network

framework. At the beginning this protocol uses proactive routing protocol to gather

unknown routing information and then uses reactive routing protocol to maintain the

rout information when network topology changes. The well-known hybrid routing

protocols are zone routing protocol (ZRP) and temporally-ordered routing algorithm

(TORA).

3. Important parameters in MANET security: There are some important parameters in MANET. They are very important in security

approach otherwise security approach may be useless. Relation between security

parameters and security challenges shows in figure 1.Each security approach must be

aware of this relation.

Figure 2: Relation between security parameters and Security aspects

3.1. Network Overhead:

Security Parameters

Security Service Attacks detection,

prevention and

elimination approaches

This parameter refer to number of control packets generated by security

approaches. So additional control packets increases collision and congestion in

MANET. This congestion and collision lead to packet lost. Therefore high network

overhead slow down the packet transmission rate, increases retransmission rate,

and easily nodes are loses their energy.

3.2. Processing Time:

When a malicious node attacks, each security approach needs time to detect

them. It is possible to break route between two nodes because of dynamic

topology of MANET. So decreasing the detection time of a security approach is

required, as much as possible.

3.3. Energy Consumption:

Each node in MANET has limited power source. More power consumption

decreases the lifetime of these nodes and of the network. So decrease the power

consumption is needed for the flexibility of node and network.

These three parameters are very important to aware about for each security

protocols. Disregard these parameters are not efficient for any security approach.

4. Security Challenges: Generally there are two important aspects in security: Security services and Attacks.

Security services provide secure path and transmission in MANET. In other hand attacks

are try to break security in MANET. These two challenges discussed below.

4.1. Security Services: The main goal of security services is to provide more security that prevent attacks by

malicious nodes and make harder to break security by a malicious node. Because of

special feature of MANET this services faced lots of challenges. Each service needs to

cooperate with other services, if each services guaranteed security without noticing

others then security will fail. The main problem is to provide each service one-by-one

and presenting a way to guarantee each service. In the following five important security

services and their challenges are discussed.

4.1.1. Availability:

According to this service, each authorized node must have access to all data and

services in the network. Availability challenges are arise because of dynamic topology of

MANET. Accessing time is important because time is one of the important parameter in

security. The time in with a node access packet and network services decreased due to

lots of authentication and security levels. One of the most known proposed approach

which is known as ABTMC (Availability Based Trust Model of Clusters), propose the

solution of this problem. Using ABTMC the hostile node in a cluster is identified and

should be isolated from the network.

4.1.2. Authentication:

The goal of this service is provide trustable communication between two nodes.

When a node receives packets from source, the node must be sure about identity of the

source node. Using certification is the way to provide this service. However, in absence

of central control unit key distribution and key management is challengeable.

4.1.3. Data Confidentially:

According to this service, each node must have access to a specific service that it

has the permission to access. Most of services that are provided by data confidentially

use encryption method but in MANET as there is no central management, key

distribution faced lot of challenges and sometimes impossible.

4.1.4. Integrity:

According to this security service only authorized node can create, edit and

delete packets. For example, Man-In-The-Middle attack is against this service. In this

attack the attacker capture all packets and then removes or modifies them.

4.1.5. Non-Repudiation:

According to this service, source and destination cannot repudiate their behavior

or data. For example, if a node receive a packet from node2, and send a reply, node2

cannot repudiate that packet that it has been sent.

4.2. Attacks: For the special feature like hop-by-hop communication, wireless media, open area and

self-configuration, MANET become popular to the malicious node. Some of the attacks

in MANET are follows:

4.2.1. Black Hole Attacks:

One of the most popular attack is black hole attack. This is one type of Reactive

Routing Protocol. In this attack, the malicious node reply to the source node, the false

routing information, and leads the packets to it. After that it receives all the packets and

discard them.

There are two types of black hole attack. Such as single black hole attack and co-

operative black hole attack. However, single black hole attack detection is easy compare

to co-operative black hole attack. I discuss co-operative black hole attack in detail later

in this paper.

4.2.2. Worm Hole Attack:

In this attack the malicious node record packet at one location and tunnel them

to another location. This fault routing information may halt the packet transmission. The

proposed solution for this attack is encryption and node location information.

4.2.3. Byzantine Attack:

In this attack malicious node injects fault routing information to the source node,

in order to locate packet into loop. There has one solution for this attack is using

authentication. The well-known proposed solution is RSA authentication.

Source

Black hole

Destination

RREQ

RREP

Fake Reply

Figure 3: Black Hole Attack

4.2.4. Snooping Attack:

Accessing the other node’s packets without permission is the main goal of this

attack. MANET is hop-by-hop packet transmission network. So, malicious node can

capture other node’s packet.

4.2.5. Routing Attack:

In this attack malicious node tries to delete or modify node’s routing table. The

malicious node destroys routing table information of an ordinal node, and thus network

overhead and transmission time is increases.

4.2.6. Resource Consumption Attack:

In this attack malicious node waste network resources in some way. For result,

malicious node leads the packet to a loop by using ordinary nodes. Thus nodes energy is

used for transmitting fault packet and packet lost and congestion is increases.

4.2.7. Session Hijacking:

Session hijacking is a critical error and give opportunity to malicious node to

behave like a legal system. In this attack malicious node react instead of legal node in

communication. Cryptography is one of the most efficient solution to defeat this attack.

4.2.8. Denial of Service:

In denial of service, malicious node prevents the authorized nodes to access

network data or service. In this attack, specific node or service will be inaccessible and

network resource like bandwidth will be wasted. As a result, packet delay and

congestion increases.

4.2.9. Jamming Attack:

Jamming attack is a kind of DOS attack. The objective of a jammer is to interfere

with legal wireless communications. This goal can be achieved by preventing a packet

from sending out or by preventing the reception of legal packets.

4.2.10. Impersonation Attack:

In this attack attacker can pretend itself as another node and provide wrong

routing information to the network. As MANET has open boundary and hop by hop

communication, it’s hardly permeable against this attack.

4.2.11. Modification Attack:

In this attack malicious node sniff the network for a period of time. Then, explore

wireless frequencies and modify packets. Man-in-the-middle is a kind of modification

attack.

4.2.12. Fabrication Attack:

In this attack, malicious node destroys routing table by providing fault routing

information. Malicious node creates fault routing path. As a result, nodes send their

packets to fault routes. Therefore, network resources wasted, packet delivery rate

decreases and packet lost increases.

4.2.13. Man-In-The-Middle Attack:

In this attack malicious node put itself between source and destination. Then

capture all packets and drops or modify them. Authentication and cryptography are the

most effective way to defeats this attack.

4.2.14. Grey Hole Attack:

The attack is similar to black hole. In black hole, malicious node drops all packets,

while in this attack malicious node drops packets with different probabilities. As it relays

some packets, detecting this attack is more complicated than black hole and some

detecting approaches like sniffing or watchdog will be useless in it.

4.2.15. Traffic Analysis Attack:

The goal of this attack is sniffing network traffic to use them in another attack or

in specific time. Malicious node captures all packets to use them later.

5. Co-operative Black Hole Attack: There are various mechanism has been proposed for solving single black hole attack.

However many detection schemes are failed in discussing collaborative black hole

attack. Some malicious node collaborate together in order to distract the normal into

their fabricated routing information, moreover, hide from the existing detection

scheme. As a result several co-operative detection schemes are proposed to prevent

collaborative black hole attack.

In the following, different detection schemes for the co-operative black hole attack are

presented. The comparison of different schemes is shown in the table.

Schemes Routing Protocol

Publication Year

Results Defects

DRI and cross checking[1]

AODV 2003 No simulation results

-

DRI table and cross checking using FREQ and FREP[2]

AODV 2007 A higher throughput performance almost 50% than AODV

5%-8% more communication overhead of route request

DCM[3] AODV 2007 The PDR is improved from 64.14% to 92.93% and the detection rate is higher than 98%

A higher control overhead than AODV

Hash based Hashed-based[4]

DSR 2009 No simulation result

-

MAC and Hash-based PRF Scheme[5]

AODV 2009 The PDR is higher than 90% when AODV is inaccessible 50%

A malicious node is able to inject a fake reply to dodge the detection scheme

BBN and RIP[6]

AODV 2010 No simulation result

-

BDSR[7] DSR 2011 The PDR of BDSR is always

The overhead is minimal higher than DSR, but lower

higher than 90%

than WD approach

Table 1: Comparison of collaborative Black Hole Attack Detection Schemes

5.1. DRI Table and Cross Checking Scheme[1, 2]: Sanjay Ramaswamy exploit data routing information (DRI) table and cross checking

method to identify the co-operative black hole nodes, and utilized modified AODV

routing protocol to achieve this methodology.

In this scheme, every node needs to maintain an extra DRI table, 1 for true and 0 for

false. The entry is composed of two bits, “From” and “Through” which stands for

information on routing data packet from the node and trough the node respectively. In

the following table the entry 11 implies that node 1 has successfully routed data packet

from or through node 6, and the entry 00 means that node 1 has not routed any data

packets from or through node 3. The entry 01 means that node 1 has not routed data

from node 5 but routed data trough node 5.

Node ID Data routing information

From Through

2 0 0

5 0 1

6 1 1

Table 2: DRI table

The procedure of proposed solution: The source node sends RREQ to each node and

sends packet to the node which reply RREP packet. The intermediate node transmit and

DRI table to the source node, then the source node cross check its own table and

received DRI table to determine the intermediate node’s honesty. After that source

node sends the further request to intermediate node’s next hop node for asking its

routing information, including the current next hope node, the next hop node’s DRI

table and own DRI table. Finally source node compare the information by cross checking

to judge the malicious nodes in routing path.

The experiment result shows that this solution performs almost 50% better than other

solutions. However it waste 5% to 8% network overhead and slightly increase the packet

loss percentage because of the secure route discovery delay.

5.2. Distributed Cooperative Mechanism (DCM)[3]: Distributed cooperative mechanism (DCM) is proposed, by Chang Wu Yu, to solve

collaborative black hole attacks. In this mechanism nodes are work cooperatively. So,

they can detect, analyze and mitigate multiple black hole attacks. The DCM is composed

of four sub-modules shown in the figure.

Figure 4: DCM sub-modules

The procedure of proposed solution: The above figure is working produces and the four

sub-modules of Distributed Cooperative Mechanism (DCM). In the local data collection

phase an estimated table is constructed and maintained by each node in the network.

Each node evaluate the information of overhearing packets to determine whether the

malicious node is present or not. If one suspicious node is detected, the detect node

initiates local detection phase to determine there has any possible black hole or not.

The initial detect node sends the check packet to ask the cooperative node. If the

inspection value is positive then the questionable node is regarded as normal node.

Otherwise initial detection node starts the cooperative detection procedure, and deals

with broadcasting and notifying all the neighbor nodes to participate in the decision

making. Finally, the global reaction phase is executed to set up a notification system,

and sends warning messages to the whole network.

Because the notify mode uses broadcasting method, the network traffic is

increases. A constrained broadcasting algorithm is used to restrict the notification range

within a fixed number of nodes. A threshold represent the maximum hop count range of

cooperative detection message. There are some reaction mode in global reaction phase.

Though the first reaction mode notify all nodes in the network, but waste lots of

communication overhead. Each node only concern its own black hole list and arrange its

transmission route in other mode, however it might be exploited by malicious node and

need more operation time.

In the simulation result the notification delivery rate is from 64.12% to 92.93% when

different threshold values are used. Compare with the popular AODV protocol in

MANET, the simulation result shows that DCM has higher data delivery ratio and

detection rate even there are various malicious nodes. DCM wastes few overhead.

Local Data

Collection Local

Detection

Cooperative

Detection Global

Reaction

5.3. Hash Based Scheme[4]: This scheme is proposed by Weichao Wang. This method is designed to generate node

behavioral proofs which involve the data traffic information within the routing path. The

developing mechanism is based on auditing technique for preventing collaborative black

hole attack. The proposed solution method is originated from Reactive based detection

method (REAct). The vulnerability REAct system is that cooperative enemy can specialize

in attacker identification phase by sharing Bloom filters of packets between them. The

major difference between these two schemes is as follows:

The hash based node behavioral proofs is proposed to defend the collaborative

attacks. The audited node is needed and settled by the source node, and then source

node sends the sequence number of selected packets to auditing node. After source

node sends out these packets, an additional random number is attached to the tail of

every packet. The intermediate node combines the received packet and its own random

number to calculate its value, and this operation is continues within every intermediate

node until received the packet.

5.4. Hashed-based MAC and Hash-based PRF Scheme[5]: These scheme are proposed by Zhao Min and Zhou Jiliu. These are hash-based

authentication mechanism, the message authentication code (MAC) and the pseudo

random function (PRF). These two proposals are offered to fast message verification and

group identification, find the collaborative suspicious black hole nodes, and discover the

secure routing path to prevent cooperative black hole attacks.

The public key infrastructure (PKI) is difficult to utilize because of no centralized

infrastructure. The author overcomes this difficulty and design an authentication

mechanism.

Working procedure: The key point of this solution is that each node acquires a secret

key Ki, and Ki = Gk(Ri). The sharing key Ki is undisclosed to all other nodes, hence, it is

formulated by choosing a random number Ri and repeatedly apply PRF on Ri by K times.

When source node receives a packet, it checks Ki-d to find out whether the key used for

the MAC is disclosed or not, and checks the MAC when Ki is disclosed. After checking the

above two conditions, this packet is regarded as available packet and route is confirmed

as a secure route. On the other hand author proposed a solution based on time stamp

method and global symmetric cryptosystem. The global symmetric cryptosystem is

designed based on accompanying the time delay range.

The simulation result shows that both solutions have better data delivery rate than

AODV routing protocol, but the detection time increases as the pause time arises, and

the control overhead of both solutions is higher than ordinary AODV. Moreover, the

malicious node is able to forge the false reply packets and try to avoid detection

mechanism.

5.5. Backbone Nodes (BBN) and Restricted IP (RIP) Scheme[6]: These mechanisms are proposed by Vishnu K. and Amos J. Paul. These mechanisms are

proposed to detect and remove collaborative black hole attack and gray hole attack.

This solution is able to find the collaborative malicious nodes which introduce massive

packet drop percentage. The idea of the group of backbone nodes used in MANET. The

author refer this method to penetrate their system model, and also add a scheme

Restricted IP (RIP) to avoid collaborative black hole attack and gray hole attack.

Working procedure: In this solution initially a backbone network is established which

constructed from a set of strong backbone nodes (BBN) over the ad hoc network. These

trusted nodes can be allowed to allocate the RIP when there is new arrival node joining.

A node acquire a RIP which means that it is provided with the routing authority. The

source node request the nearest BBN to allot a RIP before transmitting data packets,

then sending RREQ to the destination node and the address of RIP. If the source node

only receive the destination node’s RREP, it means that there is no black hole in the

route. In the case when the source obtain the RREP packet from RIP, it implies there a

suspicious node might be existed in the network. The RIP’s neighbor node change to

promiscuous mode, as a result the source node monitor message to alert them. These

neighborhoods not only monitor the packets of designate nodes but also the suspicious

nodes. Furthermore, the source node sends few dummy data packet to test the

malicious node. The neighbor node monitor the data packet flow and regard it as a black

hole, if the data packet loss rate exceeds the normal threshold, and notify the source

node that it is a malicious attacker, then the neighbor nodes broad this alert message

through the whole network, and add the malicious node to the blackhole lists. Finally,

the attacker’s authorization will be deleted.

The response solution not only detects black hole but also gray hole attacks, since its

methodology does not use the trust based method. However, it’s hard to realize that

how is the enhanced performance because there is no simulation result or experiment

outcome. Moreover, the proposed system might be crushed if the numbers of attackers

are higher than the numbers of normal nodes.

5.6. Bait DSR (BDSR) based on Hybrid Routing Scheme[7]: This scheme is proposed by Po-Chun Tsou. This scheme is designed to prevent

collaborative black hole attacks. The proposed mechanism is composed of proactive and

reactive protocol to form hybrid routing protocol, and the major essence is the DSR on-

demand routing. This solution is discussed below:

Working method: In the beginning of the routing stage, the source node sends bait

RREQ packet before starting route discovery. The target address of bait RREQ is random

and non-existent. To avoid the RREQ including the traffic jam problem, BDSR use the

same method with DSR. That is all bait RREQ packet only survive a period time. The

malicious nodes are easily expelled from initial phase, because the bait RREQ is able to

attract the forge RREP from black hole node. In this mechanism the generation of RREP

is recorded in the RREQ’s additional field. Therefore the source node can recognize the

location of the attacker from the reply location of RREP. All of the response sent by the

suspicious node should be drop. After the initial phase, the original DSR rout discovery

processes is employed. If the data delivery rate is lower than predefined threshold

value, the bait procedure will be triggered again to examine the uncertainly suspicious

nodes.

Compare with primitive DSR scheme and Watch Dog method, the simulation result show

that BDSR provides an excellent packet delivery rate. The packet delivery ratio of BDSR

is 90% which is more superior to DSR and WD approach. Moreover, the communication

overhead is also lower than Watch Dog (WD) scheme but slightly higher than the

original DSR routing protocol.

6. Conclusion: It has been known that co-operative black hole attack detection and prevention is harder

than the single black hole attack. Many authors proposed their solution, but every solution

has some drawbacks. Because of MANET is a popular network and becoming more popular,

so the security challenges must be decreased.

According to proactive and reactive protocols, we know that every protocol has

advantages and disadvantages. To use both protocols advantages hybrid protocol is arrived.

Still, it needs to secure the MANET from the attackers. So, research will go on to find out

more secure method.

References:

[1]. Ramaswamy S, Fu H, Shreekantaradhya M, Dixon J, Nygard K: Prevention of

Cooperative Black Hole Attack in Wireless Ad Hoc Networks.

[2]. Weerasinghe H, Fu H: Preventing Cooperative Black Hole Attacks in Mobile Ad Hoc

Networks: Simulation Implementation and Evaluation.

[3]. Yu CW, Wu T-K, Cheng RH, Chang SC: A Distributed and Cooperative Black Hole

Node Detection and Elimination Mechanism for Ad Hoc Network.

[4]. Wang W, Bhargava B, Linderman M: Defending against Collaborative Packet Drop

Attacks on MANETs.

[5]. Min Z, Jiliu Z: Cooperative Black Hole Attack Prevention for Mobile Ad Hoc

Networks.

[6]. Vishnu KA, Paul J: Detection and Removal of Cooperative Black/Gray hole attack in

Mobile Ad Hoc Network.

[7]. Tsou P-C, Chang J-M, Lin Y-H, Chao H-C, Chen J-L: Developing a BDSR Scheme to

Avoid Black Hole Attack Based on Proactive and Reactive Architecture in MANETs.