Abstract
Many errors in data communication cause security attacks in Internet of Things (IoT). Routing errors at network layer are prominent errors in IoT which degrade the quality of data communication. Many attacks like sinkhole attack, blackhole attack, selective forwarding attack and wormhole attack enter the network through the network layer of the IoT. This paper has an emphasis on the detection of a wormhole attack because it is one of the most uncompromising attacks at the network layer of IoT protocol stack. The wormhole attack is the most disruptive attack out of all the other attacks mentioned above. The wormhole attack inserts information on incorrect routes in the network; it also alters the network information by causing a failure of location-dependent protocols thus defeating the purpose of routing algorithms. This paper covers the design and implementation of an innovative intrusion detection system for the IoT that detects a wormhole attack and the attacker nodes. The presence of a wormhole attack is identified using location information of any node and its neighbor with the help of Received Signal Strength Indicator (RSSI) values and the hop-count. The proposed system is energy efficient hence it is beneficial for a resource-constrained environment of IoT. It also provides precise true-positive (TPR) and false-positive detection rate (FPR).
Similar content being viewed by others
Availability of data and material
The authors confirm that the data supporting the findings of this study are available within the article and its supplementary materials.
Code availability
The Code that supports the findings of this study are available from the corresponding author, [SAB] upon reasonable request.
References
Nguyen, K. T., Laurent, M., & Oualha, N. (2015). Survey on secure communication protocols for the Internet of Things. Ad Hoc Network, 32, 17–31. https://doi.org/10.1016/j.adhoc.2015.01.006
Gubbi, J., Buyya, R., Marusic, S., & Palaniswami, M. (2013). Internet of Things (IoT): vision, architectural elements, and future directions. Future Generation Computer Systems, 29(7), 1645–1660. https://doi.org/10.1016/j.future2013.01.010
Pishva, D. (2017). Internet of Things: Security and privacy issues and possible solution. In 2017 19th international conference on advanced communication technology (ICACT). IEEE. https://doi.org/10.23919/ICACT.2017.7890229
Deshmukh, S., & Sonavane, S. S. (2017). Security protocols for Internet of Things: A survey. In 2017 international conference on Nextgen electronic technologies: Silicon to software (ICNETS2). IEEE. https://doi.org/10.1109/ICNETS2.2017.8067900
Pongle, P., & Chavan, G. (2015) A survey: Attacks on RPL and 6LoWPAN in IoT. In 2015 international conference on pervasive computing (ICPC). IEEE. https://doi.org/10.1109/PERVASIVE.2015.708703
Deshmukh-Bhosale, S., & Sonavane, S. S. (2019). A real-time intrusion detection system for wormhole attack in the RPL based Internet of Things. Procedia Manufacturing, 32, 840–847. https://doi.org/10.1016/J.Promfg.2019.02.292
Kothmayr, T., Hu, W., Schmitt, C., Bruenig, M., & Carle, G. (2011). Securing the internet of things with DTLS. In Proceedings of the 9th ACM, conference on embedded networked sensor systems (pp. 345–346). ACM.
Raza, S., Duquennoy, S., Chung, A., Yazar, D., Voigt, T., & Roedig, U. (2011). Securing communication in 6LoWPAN with compressed IPsec. In 2011 international conference on distributed computing in sensor systems and workshops (DCOSS). IEEE. https://doi.org/10.1109/DCOSS.2011.5982177
Raza, S., Duquennoy, S., Höglund, J., Roedig, U., & Voigt, T. (2012). Secure communication for the Internet of Things—A comparison of link layer security and IPsec for 6LoWPAN. In Security and communication networks. Wiley Online Library. https://doi.org/10.1002/sec.406
IETF, RPL. Routing over low power and lossy networks. Accessed on August 2018.
Kushalnagar, N., Montenegro, G., & Schumacher, C. (2007). Pv6 over low power wireless personal area networks (6LoWPANs): Overview, assumptions, problem statement, and goals. IETF, RFC 4919. https://doi.org/10.17487/RFC4919
Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., & Qiu, D. (2014). Security of the Internet of Things: Perspectives and challenges. Wireless Network, 20(8), 2481–2501. https://doi.org/10.1007/s11276-014-0761-7
Weber, R. H. (2010). Internet of Things—New security and privacy challenges. Computer Law & Security Review, 26(1), 23–30. https://doi.org/10.1016/j.clsr.2009.11.008
Hernandez, G., Arias, O., Buentello, D., & Jin, Y. (2014). Smart, nest thermostat: A smart spy in your home. Black Hat USA.
Trappe, W., Howard, R., & Moore, R. S. (2015). Low-energy security: Limits and opportunities in the Internet of things. IEEE Security, Privacy, 13, 14–21. https://doi.org/10.1109/MSP.2015.7
El-hajj, M., Chamoun, M., Fadlallah, A., & Serhrouchni, A. (2017). Analysis of authentication techniques in Internet of Things (IoT), In Proceedings of the 2017 1st cyber security in networking conference (CSNet), Rio de Janeiro, Brazil, October 18–20, 2017 (pp. 1–3). https://doi.org/10.1109/CSNET.2017.8242006
Shang, W., Yu, Y., Droms, R., & Zhang, L. Challenges in IoT networking via TCP/IP architecture. Technical Report 04, NDN, Technical Report NDN-0038; Named Data Networking. http://nameddata.net/techreports.html
Azer, M., El-Kassas, S., & El-Soudani, M. (2009). A full image of the wormhole attacks towards introducing complex wormhole attacks, in wireless ad hoc networks. International Journal of Computer Science and Information Security, 1(1).
Deshmukh-Bhosale, S., & Sonavane, S. S. (2018). Wormhole attack detection in Internet of Things. International Journal of Engineering & Technology, 7(2), 749–751. https://doi.org/10.14419/ijet.v7i2.33.15488
Perazzo, P., Vallati, C., Varano, D., Anastasi, G., & Dini, G. (2018). Implementation of a wormhole attack against a RPL network: Challenges and effects. In 14th annual conference on wireless on-demand network systems and services (WONS). IEEE. https://doi.org/10.23919/WONS.2018.8311669
Ansam Khraisat, A., Gondal, I., Vamplew, P., & Kamruzzaman, J. (2019). Survey of intrusion detection systems: Techniques, datasets and challenges. Cybersecurity, 2, 20. https://doi.org/10.1186/s42400-019-0038-7
Zarpelao, B. B., Miani, R. S., Kawakani, C. T., & de Alvarenga, S. C. (2017). A survey of intrusion detection in Internet of Things. Journal of Network and Computer Applications, 84, 25–37. https://doi.org/10.1016/j.jnca.2017.02.009
Rathore, S., & Park, J. H. (2018). Semi-supervised learning based distributed attack detection framework for IoT. Applied Soft Computing, 72, 79–89. https://doi.org/10.1016/j.asoc.2018.05.049
Moustafa, N., Turnbull, B., & Choo, K. R. (2019). An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of Internet of Things. IEEE Internet of Things Journal. https://doi.org/10.1109/JIOT.2018.2871719
Kushalnagar, N., Montenegro, G., & Schumacher, C. (2007). IPv6 over low power wireless personal area networks (6LoWPANs): Overview, assumptions, problem statement, and goals. IETF, RFC 4919. https://doi.org/10.17487/RFC4919
Kasinathan, P., Pastrone, C., Spirito, M. A., & Vinkovits, M. (2013). Denial-of-service detection in 6LoWPAN based Internet of Things. In 2013 IEEE 9th international conference on wireless and mobile computing, networking and communications (WiMob). IEEE. https://doi.org/10.1109/WiMOB.2013.6673419
Kasinathan, P., Costamagna, G., Khaleel, H., Pastrone, C., & Spirito, M. A. (2013). DEMO: An IDS framework for Internet of Things empowered by 6LoWPAN. Proceedings of the ACM SIGSAC Conference on Computer & Communications Security. https://doi.org/10.1145/2508859.2512494
Dvir, A., Holczer, T., & Buttyan, L. (2011). VeRA—Version number and rank authentication in RPL. In 2011 IEEE eighth international conference on mobile ad-hoc and sensor systems. IEEE. https://doi.org/10.1109/MASS.2011.76
Perrey, H., Landsmann, M., Ugus, O., Schmidt, T. C., & Wählisch, M. (2013). TRAIL: Topology authentication in RPL. In Proceeding EWSN '16 proceedings of the 2016 international conference on embedded wireless systems and networks (pp. 59–64). arXiv:1312.0984v2
Le, A., Loo, J., Luo, Y., & Lasebae, A. (2014). The impacts of internal threats towards routing protocol for low power and Lossy network performance. In 2013 IEEE symposium on computers and communications (ISCC). IEEE. https://doi.org/10.1109/ISCC.2013.6755045.
Wallgren, L., Raza, S., & Voigt, T. (2013). Routing attacks and countermeasures in the RPL-based Internet of Things. International Journal of Distributed Sensor Networks, 9(8), 794326. https://doi.org/10.1155/2013/794326
Perazzo, P., Vallati, C., Arena, A., Anastasi, G., & Dini, G. (2017). An implementation and evaluation of the security features of RPL. In A. Puliafito, D. Bruneo, S. Distefano, & F. Longo (Eds.), Ad-hoc, mobile, and wireless networks. ADHOCNOW 2017. Lecture Notes in Computer Science. (Vol. 10517). Springer. https://doi.org/10.1007/978-3-319-67910-5_6
Mayzaud, A., Sehgal, A., Badonnel, R., Chrisment, I., & Schönwälder, J. (2014). A study of RPL DODAG version attacks. In 8th IFIP international conference on autonomous infrastructure, management and security (AIMS), Brno, Czech Republic (pp. 92–104). https://doi.org/10.1007/978-3-662-43862-6_12
Perkins, C., & Das, S. (2003). Ad hoc On-Demand Distance Vector (AODV) Routing. Network Working Group.
Xin, H.-M., & Yang, K. (2015). Routing protocols analysis for Internet of Things. In 2015 2nd international conference on information science and control engineering. https://doi.org/10.1109/ICISCE.2015.104
Sharma, R., & Sharma, P. (2016). Detection and prevention of wormhole attack in MANETs: A review. International Journal of Science, Engineering and Technology Research (IJSETR), 5(5).
Gupta, S., Kar, S., & Dharmaraja, S. (2011). WHOP: Wormhole attack detection protocol using hound packet. in Proceedings of IEEE international conference on innovations in information technology (pp. 226–231). https://doi.org/10.1109/INNOVATIONS.2011.5893822
Khan, F. I., Shon, T., Lee, T., & Kim, K. (2013). Wormhole attack prevention mechanism for RPL based LLN network. In Proceedings of fifth international conference on ubiquitous and future networks (pp. 149–154). IEEE. https://doi.org/10.1109/ICUFN.2013.6614801
Ji, S., Chen, T., Zhong, S., & Kak, S. (2014). DAWN: Defending against wormhole attacks in wireless network coding systems. In Proceedings of IEEE INFOCOM (pp. 664–672). https://doi.org/10.1109/INFOCOM.2014.6847992
Arai, M. (2015). Reliability improvement of multi-path routing for wireless sensor networks and its application to wormhole attack avoidance. In Proceedings of ubiquitous intelligence and computing and 2015 IEEE 12th international conference on autonomic and trusted computing and 2015 IEEE 15th international conference on scalable computing and communications and its associated workshops (pp. 533–536). https://doi.org/10.1109/UIC-ATC-ScalCom-CBDCom-IoP.2015.108
Acharjee, T., Borah, P., & Roy, S. (2015). A new hybrid algorithm to eliminate wormhole attack in wireless mesh networks. In Proceedings of IEEE international conference on computational intelligence and communication networks (CICN) (Vol. 157, pp. 997–1002). https://doi.org/10.1109/CICN.2015.198
Zheng, J. H., Qian, H. Y., & Wang, L. (2015). Defense technology of wormhole attacks based on node connectivity. In 2015 IEEE international conference on smart city/SocialCom/SustainCom together with DataCom 2015 and SC2 2015. https://doi.org/10.1109/SmartCity.2015.107
Sharma, M. K., & Joshi, B. K. (2016). A mitigation technique for high transmission power based wormhole attack in wireless sensor networks. In IEEE proceedings of international conference on ICT in business industry & government (pp. 1–6). https://doi.org/10.1109/ICTBIG.2016.7892698
Lai, G. H. (2016). Detection of wormhole attacks on IPv6 mobility-based wireless sensor network. EURASIP Journal on Wireless Communications and Networking, 2016(1), 274. https://doi.org/10.1186/s13638-016-0776-0
Bendjima, M., & Feham, M. (2016). Wormhole attack detection in wireless sensor networks. In Proceedings of IEEE SAI computing conference (pp. 1319–1326). https://doi.org/10.1109/SAI.2016.7556151
Patel, M., & Aggarwal, A. (2016). Detection of hidden wormhole attack in wireless sensor networks using neighbourhood and connectivity information. International Journal on AdHoc Networking Systems (IJANS), 6(1), 1–10. https://doi.org/10.5121/ijans.2016.6101
Johnson, M. O., Siddiqui, A., & Karami, A. (2017). A wormhole attack detection and prevention technique in wireless sensor networks. International Journal of Computer Applications, 174(4), 1–8. https://doi.org/10.5120/ijca2017915376
Tiruvakadu, D. S. K., & Pallapa, V. (2018). Confirmation of wormhole attack in MANETs using honeypot. Computers & Security, 76(32–49), 158. https://doi.org/10.1016/J.COSE.2018.02.004
Qazi, S., Raad, R., Mu, Y., & Susilo, W. (2018). Multirate DelPHI to secure multirate ad hoc networks against wormhole attacks. Journal of Information Security and Applications, 39, 31–40. https://doi.org/10.1016/j.jisa.2018.01.005
Luo, X., Chen, Y., Li, M., Luo, Q., Xue, K., Liu, S., & Chen, L. (2019). CREDND: A novel secure neighbor discovery algorithm for wormhole attack. IEEE Access, 7, 18194–18205. https://doi.org/10.1109/ACCESS.2019.2894637
Deshmukh-Bhosale, S., & Sonavane, S. S. (2019). Detection of security attack in IoT using received signal strength indicator. Helix, 9(3), 5042–5045. https://doi.org/10.29042/2019-5042-5045
Li, X., Shi, H., & Shang, Y. (2005). A sorted RSSI quantization based algorithm for sensor network localization. In 11th international conference on parallel and distributed systems (ICPADS'05). IEEE. https://doi.org/10.1109/ICPADS.2005.53
Lee, T.-H., Xie, X.-S., & Chang, L.-H. (2014). RSSI-based IPv6 routing metrics for RPL in low power and Lossy networks. In IEEE international conference on systems, man, and cybernetics (SMC). IEEE. https://doi.org/10.1109/SMC.2014.6974164
Shojaifar, A. (2015). A thesis on evaluation and Improvement of the RSSI-based localization algorithm. Faculty of Computing Blekinge Institute of Technology SE-371 79 Karlskrona Sweden.
Osterlind, F. (2006). A sensor network simulator for the Contiki OS. Swedish Institute of Computer Science (SICS), Technical Report T2006-05.
Eriksson, J., Österlind, F., Finne, N., & Tsiftes, N. (2009). COOJA/MSPSim: Interoperability testing for wireless sensor networks. In 2nd international conference on simulation tools and techniques, Rome, Italy (p. 7). https://doi.org/10.1145/1537614.1537650
https://www.fierceelectronics.com/iot-wireless/mica-commercialization-microsensor-motes. Accessed on July 2018.
http://www.eecs.harvard.edu/˜konrad/projects/shimmer/references/Tmote-sky-datasheet.pdf. Accessed on July 2018.
Dunkels, A., Eriksson, J., Finne, N., & Tsiftes, N. (2011). Powertrace: Network level power profiling for low-power wireless networks. SICS Technical Report T2011:05, ISSN 1100-3154.
Shahid, R., Wallgren, L., & Voigt, T. (2013). SVELTE: Real-time intrusion detection in the Internet of Things. Ad Hoc Networks, 11(8), 2661–2674. https://doi.org/10.1016/j.adhoc.2013.04.014
Funding
NA.
Author information
Authors and Affiliations
Contributions
SAB and SSS conceived of the presented idea. SAB developed the theory and performed the computations, verified the analytical methods. SSS encouraged SAB to investigate security aspect in IoT and supervised the findings of this work. Both the authors discussed the results and contributed to the final manuscript.
Corresponding author
Ethics declarations
Conflicts of interest
The Authors (SAB and SSS) declare that there is no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Bhosale, S.A., Sonavane, S.S. Wormhole Attack Detection System for IoT Network: A Hybrid Approach. Wireless Pers Commun 124, 1081–1108 (2022). https://doi.org/10.1007/s11277-021-09395-y
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-021-09395-y