Stealthy Attacks in Wireless Ad Hoc Networks: Detection and Countermeasure

Stealthy packet dropping is a suite of four attacks-misrouting, power control, identity delegation, and colluding collision-that can be easily launched against multihop wireless ad hoc networks. Stealthy packet dropping disrupts the packet from reaching the destination through malicious behavior at an intermediate node. However, the malicious node gives the impression to its neighbors that it performs the legitimate forwarding action. Moreover, a legitimate node comes under suspicion. A popular method for detecting attacks in wireless networks is behavior-based detection performed by normal network nodes through overhearing the communication in their neighborhood. This leverages the open broadcast nature of wireless communication. An instantiation of this technology is local monitoring. We show that local monitoring, and the wider class of overhearing-based detection, cannot detect stealthy packet dropping attacks. Additionally, it mistakenly detects and isolates a legitimate node. We present a protocol called Sadec that can detect and isolate stealthy packet dropping attack efficiently. Sadec presents two techniques that can be overlaid on baseline local monitoring: having the neighbors maintain additional information about the routing path, and adding some checking responsibility to each neighbor. Additionally, Sadec provides an innovative mechanism to better utilize local monitoring by considerably increasing the number of nodes in a neighborhood that can do monitoring. We show through analysis and simulation experiments that baseline local monitoring fails to efficiently mitigate most of the presented attacks while SADEC successfully mitigates them.

[1]  Charles E. Perkins,et al.  Ad-hoc on-demand distance vector routing , 1999, Proceedings WMCSA'99. Second IEEE Workshop on Mobile Computing Systems and Applications.

[2]  Issa M. Khalil,et al.  LITEWORP: a lightweight countermeasure for the wormhole attack in multihop wireless networks , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).

[3]  Issa M. Khalil,et al.  MOBIWORP: Mitigation of the Wormhole Attack in Mobile Multihop Wireless Networks , 2006, 2006 Securecomm and Workshops.

[4]  David A. Maltz,et al.  DSR: the dynamic source routing protocol for multihop wireless ad hoc networks , 2001 .

[5]  K VarshneyPramod,et al.  An Acknowledgment-Based Approach for the Detection of Routing Misbehavior in MANETs , 2007 .

[6]  Richard Han,et al.  FireWxNet: a multi-tiered portable wireless system for monitoring weather conditions in wildland fire environments , 2006, MobiSys '06.

[7]  Saurabh Bagchi,et al.  Secure Neighbor Discovery in Wireless Sensor Networks , 2007 .

[8]  Deborah Estrin,et al.  An Empirical Study of Epidemic Algorithms in Large Scale Multihop Wireless Networks , 2002 .

[9]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[10]  Chris McDonald,et al.  Establishing Trust In Pure Ad-hoc Networks , 2004, ACSC.

[11]  Lisa Ann Osadciw,et al.  Jamming attack detection and countermeasures in wireless sensor network using ant system , 2006, SPIE Defense + Commercial Sensing.

[12]  Cristina Nita-Rotaru,et al.  JANUS: towards robust and malicious resilient routing in hybrid wireless networks , 2004, WiSe '04.

[13]  Peng Ning,et al.  Defending against Sybil attacks in sensor networks , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[14]  Haiyun Luo,et al.  A two-tier data dissemination model for large-scale wireless sensor networks , 2002, MobiCom '02.

[15]  Mani B. Srivastava,et al.  Reputation-based framework for high integrity sensor networks , 2004, SASN '04.

[16]  Charles E. Perkins,et al.  Highly dynamic Destination-Sequenced Distance-Vector routing (DSDV) for mobile computers , 1994, SIGCOMM.

[17]  Ravishankar K. Iyer,et al.  Neutralization of errors and attacks in wireless ad hoc networks , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).

[18]  Issa M. Khalil,et al.  UnMask: Utilizing neighbor monitoring for attack mitigation in multihop wireless sensor networks , 2010, Ad Hoc Networks.

[19]  Issa M. Khalil,et al.  SLAM: Sleep-Wake Aware Local Monitoring in Sensor Networks , 2007, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'07).

[20]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[21]  Ivan Stojmenovic,et al.  Handbook of Sensor Networks: Algorithms and Architectures , 2005, Handbook of Sensor Networks.

[22]  Glenn Shafer,et al.  A Mathematical Theory of Evidence , 2020, A Mathematical Theory of Evidence.

[23]  Richard Han,et al.  Node Compromise in Sensor Networks: The Need for Secure Systems ; CU-CS-990-05 , 2005 .

[24]  Wenke Lee,et al.  A cooperative intrusion detection system for ad hoc networks , 2003, SASN '03.

[25]  Levente Buttyán,et al.  Statistical Wormhole Detection in Sensor Networks , 2005, ESAS.

[26]  Pramod K. Varshney,et al.  An Acknowledgment-Based Approach for the Detection of Routing Misbehavior in MANETs , 2007, IEEE Transactions on Mobile Computing.

[27]  Hari Balakrishnan,et al.  Harnessing Exposed Terminals in Wireless Networks , 2008, NSDI.

[28]  Torsten Braun,et al.  A dynamic adaptive acknowledgment strategy for TCP over multihop wireless networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[29]  David Evans,et al.  Using Directional Antennas to Prevent Wormhole Attacks , 2004, NDSS.

[30]  David A. Wagner,et al.  Secure verification of location claims , 2003, WiSe '03.

[31]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[32]  Yih-Chun Hu,et al.  Rushing attacks and defense in wireless ad hoc network routing protocols , 2003, WiSe '03.

[33]  Issa M. Khalil,et al.  MISPAR: mitigating stealthy packet dropping in locally-monitored multi-hop wireless ad hoc networks , 2008, SecureComm.

[34]  Sung-Ju Lee,et al.  Split multipath routing with maximally disjoint paths in ad hoc networks , 2001, ICC 2001. IEEE International Conference on Communications. Conference Record (Cat. No.01CH37240).

[35]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[36]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[37]  S. Buchegger,et al.  A Robust Reputation System for P2P and Mobile Ad-hoc Networks , 2004 .

[38]  Reza Curtmola,et al.  ODSBR: An on-demand secure Byzantine resilient routing protocol for wireless ad hoc networks , 2008, TSEC.