Critical Infrastructure Protection

Volume 253 of the series IFIP International Federation for Information Processing pp 267-279

Detecting Wormhole Attacks in Wireless Sensor Networks

  • Yurong XuAffiliated withDartmouth College
  • , Guanling ChenAffiliated withComputer Science, University of Massachusetts-Lowell
  • , James FordAffiliated withComputer Science and Engineering, University of Texas at Arlington
  • , Fillia MakedonAffiliated withComputer Science and Engineering, University of Texas at Arlington

Wormhole attacks can destabilize or disable wireless sensor networks. In a typical wormhole attack, the attacker receives packets at one point in the network, forwards them through a wired or wireless link with less latency than the network links, and relays them to another point in the network. This paper describes a distributed wormhole detection algorithm for wireless sensor networks, which detects wormholes based on the distortions they create in a network. Since wormhole attacks are passive in nature, the algorithm uses a hop counting technique as a probe procedure, reconstructs local maps for each node, and then uses a “diameter” feature to detect abnormalities caused by wormholes. The main advantage of the algorithm is that it provides the locations of wormholes, which is useful for implementing countermeasures. Simulation results show that the algorithm has low false detection and false toleration rates.

Keywords: Wireless sensor networks, wormhole detection, distributed algorithm