Mitigating Wormhole Attacks Using Passive Monitoring in Mobile Ad Hoc Networks

Wormhole attacks, in which colluding attackers with out-of-band communication links record packets (or bits) at one location and replay at another, cause far away nodes to consider themselves as neighbors to one another. Such attacks can ruin the routing and communication capabilities of mobile ad hoc networks. This paper presents NEVO, in which nodes passively monitor (overhear) the forwarding of broadcast type packets by their neighbors and use the send and overhear times of transmissions of these packets, to mitigate these wormhole attacks. NEVO does not require synchronized clocks, special hardware support, or any special capability. NEVO can detect almost all instances of wormhole attacks and is virtually independent of the routing protocol used. NEVO is simple to implement - requires mostly network layer software changes, has low overhead, and is very robust. NEVO is implemented in the Glomosim simulator and its performance is evaluated. Simulation results show that NEVO effectively mitigates wormhole attacks (no data packets were sent through the wormholes in the simulated networks) and has low impact in normal with low to moderate traffic loads.

[1]  David A. Wagner,et al.  Secure verification of location claims , 2003, WiSe '03.

[2]  Radha Poovendran,et al.  A graph theoretic framework for preventing the wormhole attack in wireless ad hoc networks , 2007, Wirel. Networks.

[3]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[4]  David Evans,et al.  Using Directional Antennas to Prevent Wormhole Attacks , 2004, NDSS.

[5]  Issa M. Khalil,et al.  MOBIWORP: Mitigation of the Wormhole Attack in Mobile Multihop Wireless Networks , 2006, 2006 Securecomm and Workshops.

[6]  Reza Curtmola,et al.  On the Survivability of Routing Protocols in Ad Hoc Wireless Networks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[7]  Michalis Faloutsos,et al.  TrueLink: A Practical Countermeasure to the Wormhole Attack in Wireless Networks , 2006, Proceedings of the 2006 IEEE International Conference on Network Protocols.

[8]  Rajendra V. Boppana,et al.  Secure Routing Techniques to Mitigate Insider Attacks in Wireless Ad Hoc Networks , 2007 .

[9]  Bharat K. Bhargava,et al.  Visualization of wormholes in sensor networks , 2004, WiSe '04.

[10]  Mario Gerla,et al.  GloMoSim: A Scalable Network Simulation Environment , 2002 .

[11]  Jalel Ben-Othman,et al.  Logical Wormhole Prevention in Optimized Link State Routing Protocol , 2007, IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference.

[12]  Srdjan Capkun,et al.  SECTOR: secure tracking of node encounters in multi-hop wireless networks , 2003, SASN '03.

[13]  Michalis Faloutsos,et al.  Routing amid Colluding Attackers , 2007, 2007 IEEE International Conference on Network Protocols.

[14]  Panganamala Ramana Kumar,et al.  Fundamental limits on synchronization of affine clocks in networks , 2007, 2007 46th IEEE Conference on Decision and Control.

[15]  Yih-Chun Hu Packet Leashes : A Defense against Wormhole Attacks in Wireless Ad Hoc Networks , 2001 .

[16]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[17]  Issa M. Khalil,et al.  LITEWORP: a lightweight countermeasure for the wormhole attack in multihop wireless networks , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).

[18]  Jie Gao,et al.  Detecting Wormhole Attacks in Wireless Networks Using Connectivity Information , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.