Honeypot Based Black-Hole Attack Confirmation in a MANET

Many solutions are proposed to identify or prevent the attacks in a Mobile Ad hoc Network. However, sometimes these systems detect false attacks. This could lead to loss of resources in a mobile ad hoc network and cause a downgrade in quality of service. Hence mobile ad hoc networks need a system to confirm the attack before taking further actions. In our work presented in this paper, we propose an attack confirm system for a malicious attacker, called the Black-hole attacker. We present our Black-hole attack Confirmation System, which identifies and confirms the black-hole attack in a mobile ad hoc network using honeypot. The honeypot intelligently identifies all the possible types of black-hole attack using the Black-hole Attack tree, and confirms the attack using the Attack History Database. Together, the Black-hole Attack tree, and Attack History Database aid the honeypot in reducing the false alarms in the mobile ad hoc network. We have simulated the proposed system in several mobile ad hoc network environments of varying sizes of nodes and applications. On several occasions the results have demonstrated that the proposed system is efficient in confirming the black-hole attack and saving the resources and minimizing the path re-establishment.