No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
NTTM: Novel Transmission Time Based Mechanism to Detect Wormhole Attack
Abstract
The cooperative nature and absence of infrastructure gives rise to lot of scope for research in the area of Mobile Ad-hoc Networks (MANETs). The dynamic topology, absence of central control and broadcast nature of communication open security threats for MANETs. Many security attacks have been identified by the researchers, but wormhole attack is one of the most devastating attacks. Novel Transmission Time based Mechanism (NTTM) detects wormhole attacks by keeping every node under the surveillance of its neighbors. Based on the Round Trip Time (RTT) computed by each node on a route, the source node computes RTT between each neighbor. If the RTT between a pair of nodes is more than the threshold value, it is assumed that there is wormhole attack between these nodes. The performance of NTTM is evaluated using dynamic source routing (DSR) protocol under wormhole attack.
ResearchGate has not been able to resolve any citations for this publication.
The lack of centralised infrastructure in ad hoc network makes it vulnerable to various attacks. MANET routing disrupts if participating node do not perform its intended function and start performing malicious activity. A specific attack called Wormmhole attack enables an attacker to record packets at one location in the network, tunnels them to another location, and retransmits them into the network. In this paper, we present a protocol for detecting wormhole attacks without use of any special harware such as directional antenna and precise synchronised clock and the protocol is also independent of physical medium of wireless network. After the route discovery, source node initiates wormhole detection process in the established path which counts hop difference between the neighbours of the one hop away nodes in the route. The destination node detects the wormhole if the hop difference between neighbours of the nodes exceeds the acceptable level. Our simulation results shows that the WHOP is quite excellent in detecting wormhole of large tunnel lengths.
Important applications of Wireless Ad Hoc Networks make them very attractive to attackers, therefore more research is required to guarantee the security for Wireless Ad Hoc Networks. In this paper, we proposed a transmission time based mechanism (TTM) to detect wormhole attacks - one of the most popular & serious attacks in Wireless Ad Hoc Networks. TTM detects wormhole attacks during route setup procedure by computing transmission time between every two successive nodes along the established path. Wormhole is identified base on the fact that transmission time between two fake neighbors created by wormhole is considerably higher than that between two real neighbors which are within radio range of each other. TTM has good performance, little overhead and no special hardware is required.
In mobile ad hoc networks, data transmission is performed within an untrusted wireless environment. Various kinds of attack have been identified and corresponding solutions have been proposed. Wormhole attack is one of the serious attacks which forms a serious threat in the networks, especially against many ad hoc wireless routing protocols and location-based wireless security system. We identify two types of wormhole attacks. In the first type, malicious nodes do not take part in finding routes, meaning that, legitimate nodes do not know their existence. In the second type, malicious nodes do create route advertisements and legitimate nodes are aware of the existence of malicious nodes, just do not know they are malicious. Some researchers have proposed detection mechanisms for the first type. In this paper, we propose an efficient detection method called delay per hop indication (DelPHI). By observing the delays of different paths to the receiver, the sender is able to detect both kinds of wormhole attacks. This method requires neither synchronized clocks nor special hardware equipped mobile nodes. The performance of DelPHI is justified by simulations.
A Wireless ad-hoc network is a temporary network set up by wireless mobile computers (or nodes) moving arbitrary in the places that have no network infrastructure. Due to security vulnerabilities of the routing protocols, wireless ad-hoc networks are unprotected to attacks of the malicious nodes. The wormhole attack is possible even if the attacker has not compromised any hosts, and even if all communication provides authenticity and confidentiality. In the wormhole attack, an attacker records packets (or bits) at one location in the network, tunnels them to another location, and retransmits them there into the network. The wormhole attack can form a serious threat in wireless networks, especially against many ad hoc network routing protocols and location-based wireless security systems. For example, most existing ad hoc network routing protocols, without some mechanism to defend against the wormhole attack, would be unable to send routes longer than one or two hops, severely disrupting communication. We present a new, general mechanism, called MultiPath Routing, for detecting and thus defending against wormhole attacks.
The infrastructure of a Mobile Ad hoc Network (MANET) has no routers for routing, and all nodes must share the same routing protocol to assist each other when transmitting messages. However, almost all common routing protocols at present consider performance as first priority, and have little defense capability against the malicious nodes. Many researches have proposed various protocols of higher safety to defend against attacks; however, each has specific defense objects, and is unable to defend against particular attacks. Of all the types of attacks, the wormhole attack poses the greatest threat and is very difficult to prevent; therefore, this paper focuses on the wormhole attack, and proposes a secure routing protocol based on the AODV (Ad hoc On-demand Distance Vector) routing protocol, which is named WARP (Wormhole-Avoidance Routing Protocol). WARP considers link-disjoint multipaths during path discovery, and provides greater path selections to avoid malicious nodes, but eventually uses only one path to transmit data. Based on the characteristic that wormhole nodes can easily grab the route from the source node to the destination node, WARP enables the neighbors of the wormhole nodes to discover that the wormhole nodes have abnormal path attractions. Then, the wormhole nodes would be gradually isolated by their normal neighboring nodes, and finally be quarantined by the whole network.
Wormhole attack is a severe attack in wireless ad hoc networks. Most of the previous work eliminate the effect of wormhole attack by examining the distance or communication time over each link during the route establishment, which requires special hardware or causes overhead on all links even though only one link on each route could be affected by a wormhole attack. In this article, we propose an end-to-end detection of wormhole attack (EDWA) in wireless ad-hoc networks. We first present the wormhole detection which is based on the smallest hop count estimation between source and destination. If the hop count of a received shortest route is much smaller than the estimated value an alert of wormhole attack is raised at the source node. Then the source node will start a wormhole TRACING procedure to identify the two end points of the wormhole. Finally, a legitimate route is selected for data communication. Both our analysis and simulation results show that the end-to-end wormhole detection method is effective when the source and destination are not too far away.
As mobile ad hoc network applications are deployed, security emerges as a central requirement. In this paper, we introduce the wormhole attack, a severe attack in ad hoc networks that is particularly challenging to defend against. The wormhole attack is possible even if the attacker has not compromised any hosts, and even if all communication provides authenticity and confidentiality. In the wormhole attack, an attacker records packets (or bits) at one location in the network, tunnels them (possibly selectively) to another location, and retransmits them there into the network. The wormhole attack can form a serious threat in wireless networks, especially against many ad hoc network routing protocols and location-based wireless security systems. For example, most existing ad hoc network routing protocols, without some mechanism to defend against the wormhole attack, would be unable to find routes longer than one or two hops, severely disrupting communication. We present a new, general mechanism, called packet leashes,for detecting and thus defending against wormhole attacks, and we present a specific protocol, called TIK, that implements leashes.