Skip to main content
SpringerLink
Log in

Wormhole Attack Detection System for IoT Network: A Hybrid Approach

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Many errors in data communication cause security attacks in Internet of Things (IoT). Routing errors at network layer are prominent errors in IoT which degrade the quality of data communication. Many attacks like sinkhole attack, blackhole attack, selective forwarding attack and wormhole attack enter the network through the network layer of the IoT. This paper has an emphasis on the detection of a wormhole attack because it is one of the most uncompromising attacks at the network layer of IoT protocol stack. The wormhole attack is the most disruptive attack out of all the other attacks mentioned above. The wormhole attack inserts information on incorrect routes in the network; it also alters the network information by causing a failure of location-dependent protocols thus defeating the purpose of routing algorithms. This paper covers the design and implementation of an innovative intrusion detection system for the IoT that detects a wormhole attack and the attacker nodes. The presence of a wormhole attack is identified using location information of any node and its neighbor with the help of Received Signal Strength Indicator (RSSI) values and the hop-count. The proposed system is energy efficient hence it is beneficial for a resource-constrained environment of IoT. It also provides precise true-positive (TPR) and false-positive detection rate (FPR).

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

Availability of data and material

The authors confirm that the data supporting the findings of this study are available within the article and its supplementary materials.

Code availability

The Code that supports the findings of this study are available from the corresponding author, [SAB] upon reasonable request.

References

  1. Nguyen, K. T., Laurent, M., & Oualha, N. (2015). Survey on secure communication protocols for the Internet of Things. Ad Hoc Network, 32, 17–31. https://doi.org/10.1016/j.adhoc.2015.01.006

    Article  Google Scholar 

  2. Gubbi, J., Buyya, R., Marusic, S., & Palaniswami, M. (2013). Internet of Things (IoT): vision, architectural elements, and future directions. Future Generation Computer Systems, 29(7), 1645–1660. https://doi.org/10.1016/j.future2013.01.010

    Article  Google Scholar 

  3. Pishva, D. (2017). Internet of Things: Security and privacy issues and possible solution. In 2017 19th international conference on advanced communication technology (ICACT). IEEE. https://doi.org/10.23919/ICACT.2017.7890229

  4. Deshmukh, S., & Sonavane, S. S. (2017). Security protocols for Internet of Things: A survey. In 2017 international conference on Nextgen electronic technologies: Silicon to software (ICNETS2). IEEE. https://doi.org/10.1109/ICNETS2.2017.8067900

  5. Pongle, P., & Chavan, G. (2015) A survey: Attacks on RPL and 6LoWPAN in IoT. In 2015 international conference on pervasive computing (ICPC). IEEE. https://doi.org/10.1109/PERVASIVE.2015.708703

  6. Deshmukh-Bhosale, S., & Sonavane, S. S. (2019). A real-time intrusion detection system for wormhole attack in the RPL based Internet of Things. Procedia Manufacturing, 32, 840–847. https://doi.org/10.1016/J.Promfg.2019.02.292

    Article  Google Scholar 

  7. Kothmayr, T., Hu, W., Schmitt, C., Bruenig, M., & Carle, G. (2011). Securing the internet of things with DTLS. In Proceedings of the 9th ACM, conference on embedded networked sensor systems (pp. 345–346). ACM.

  8. Raza, S., Duquennoy, S., Chung, A., Yazar, D., Voigt, T., & Roedig, U. (2011). Securing communication in 6LoWPAN with compressed IPsec. In 2011 international conference on distributed computing in sensor systems and workshops (DCOSS). IEEE. https://doi.org/10.1109/DCOSS.2011.5982177

  9. Raza, S., Duquennoy, S., Höglund, J., Roedig, U., & Voigt, T. (2012). Secure communication for the Internet of Things—A comparison of link layer security and IPsec for 6LoWPAN. In Security and communication networks. Wiley Online Library. https://doi.org/10.1002/sec.406

  10. IETF, RPL. Routing over low power and lossy networks. Accessed on August 2018.

  11. Kushalnagar, N., Montenegro, G., & Schumacher, C. (2007). Pv6 over low power wireless personal area networks (6LoWPANs): Overview, assumptions, problem statement, and goals. IETF, RFC 4919. https://doi.org/10.17487/RFC4919

  12. Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., & Qiu, D. (2014). Security of the Internet of Things: Perspectives and challenges. Wireless Network, 20(8), 2481–2501. https://doi.org/10.1007/s11276-014-0761-7

    Article  Google Scholar 

  13. Weber, R. H. (2010). Internet of Things—New security and privacy challenges. Computer Law & Security Review, 26(1), 23–30. https://doi.org/10.1016/j.clsr.2009.11.008

    Article  Google Scholar 

  14. Hernandez, G., Arias, O., Buentello, D., & Jin, Y. (2014). Smart, nest thermostat: A smart spy in your home. Black Hat USA.

    Google Scholar 

  15. Trappe, W., Howard, R., & Moore, R. S. (2015). Low-energy security: Limits and opportunities in the Internet of things. IEEE Security, Privacy, 13, 14–21. https://doi.org/10.1109/MSP.2015.7

    Article  Google Scholar 

  16. El-hajj, M., Chamoun, M., Fadlallah, A., & Serhrouchni, A. (2017). Analysis of authentication techniques in Internet of Things (IoT), In Proceedings of the 2017 1st cyber security in networking conference (CSNet), Rio de Janeiro, Brazil, October 18–20, 2017 (pp. 1–3). https://doi.org/10.1109/CSNET.2017.8242006

  17. Shang, W., Yu, Y., Droms, R., & Zhang, L. Challenges in IoT networking via TCP/IP architecture. Technical Report 04, NDN, Technical Report NDN-0038; Named Data Networking. http://nameddata.net/techreports.html

  18. Azer, M., El-Kassas, S., & El-Soudani, M. (2009). A full image of the wormhole attacks towards introducing complex wormhole attacks, in wireless ad hoc networks. International Journal of Computer Science and Information Security, 1(1).

  19. Deshmukh-Bhosale, S., & Sonavane, S. S. (2018). Wormhole attack detection in Internet of Things. International Journal of Engineering & Technology, 7(2), 749–751. https://doi.org/10.14419/ijet.v7i2.33.15488

    Article  Google Scholar 

  20. Perazzo, P., Vallati, C., Varano, D., Anastasi, G., & Dini, G. (2018). Implementation of a wormhole attack against a RPL network: Challenges and effects. In 14th annual conference on wireless on-demand network systems and services (WONS). IEEE. https://doi.org/10.23919/WONS.2018.8311669

  21. Ansam Khraisat, A., Gondal, I., Vamplew, P., & Kamruzzaman, J. (2019). Survey of intrusion detection systems: Techniques, datasets and challenges. Cybersecurity, 2, 20. https://doi.org/10.1186/s42400-019-0038-7

    Article  Google Scholar 

  22. Zarpelao, B. B., Miani, R. S., Kawakani, C. T., & de Alvarenga, S. C. (2017). A survey of intrusion detection in Internet of Things. Journal of Network and Computer Applications, 84, 25–37. https://doi.org/10.1016/j.jnca.2017.02.009

    Article  Google Scholar 

  23. Rathore, S., & Park, J. H. (2018). Semi-supervised learning based distributed attack detection framework for IoT. Applied Soft Computing, 72, 79–89. https://doi.org/10.1016/j.asoc.2018.05.049

    Article  Google Scholar 

  24. Moustafa, N., Turnbull, B., & Choo, K. R. (2019). An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of Internet of Things. IEEE Internet of Things Journal. https://doi.org/10.1109/JIOT.2018.2871719

    Article  Google Scholar 

  25. Kushalnagar, N., Montenegro, G., & Schumacher, C. (2007). IPv6 over low power wireless personal area networks (6LoWPANs): Overview, assumptions, problem statement, and goals. IETF, RFC 4919. https://doi.org/10.17487/RFC4919

  26. Kasinathan, P., Pastrone, C., Spirito, M. A., & Vinkovits, M. (2013). Denial-of-service detection in 6LoWPAN based Internet of Things. In 2013 IEEE 9th international conference on wireless and mobile computing, networking and communications (WiMob). IEEE. https://doi.org/10.1109/WiMOB.2013.6673419

  27. Kasinathan, P., Costamagna, G., Khaleel, H., Pastrone, C., & Spirito, M. A. (2013). DEMO: An IDS framework for Internet of Things empowered by 6LoWPAN. Proceedings of the ACM SIGSAC Conference on Computer & Communications Security. https://doi.org/10.1145/2508859.2512494

    Article  Google Scholar 

  28. Dvir, A., Holczer, T., & Buttyan, L. (2011). VeRA—Version number and rank authentication in RPL. In 2011 IEEE eighth international conference on mobile ad-hoc and sensor systems. IEEE. https://doi.org/10.1109/MASS.2011.76

  29. Perrey, H., Landsmann, M., Ugus, O., Schmidt, T. C., & Wählisch, M. (2013). TRAIL: Topology authentication in RPL. In Proceeding EWSN '16 proceedings of the 2016 international conference on embedded wireless systems and networks (pp. 59–64). arXiv:1312.0984v2

  30. Le, A., Loo, J., Luo, Y., & Lasebae, A. (2014). The impacts of internal threats towards routing protocol for low power and Lossy network performance. In 2013 IEEE symposium on computers and communications (ISCC). IEEE. https://doi.org/10.1109/ISCC.2013.6755045.

  31. Wallgren, L., Raza, S., & Voigt, T. (2013). Routing attacks and countermeasures in the RPL-based Internet of Things. International Journal of Distributed Sensor Networks, 9(8), 794326. https://doi.org/10.1155/2013/794326

    Article  Google Scholar 

  32. Perazzo, P., Vallati, C., Arena, A., Anastasi, G., & Dini, G. (2017). An implementation and evaluation of the security features of RPL. In A. Puliafito, D. Bruneo, S. Distefano, & F. Longo (Eds.), Ad-hoc, mobile, and wireless networks. ADHOCNOW 2017. Lecture Notes in Computer Science. (Vol. 10517). Springer. https://doi.org/10.1007/978-3-319-67910-5_6

    Chapter  Google Scholar 

  33. Mayzaud, A., Sehgal, A., Badonnel, R., Chrisment, I., & Schönwälder, J. (2014). A study of RPL DODAG version attacks. In 8th IFIP international conference on autonomous infrastructure, management and security (AIMS), Brno, Czech Republic (pp. 92–104). https://doi.org/10.1007/978-3-662-43862-6_12

  34. Perkins, C., & Das, S. (2003). Ad hoc On-Demand Distance Vector (AODV) Routing. Network Working Group.

  35. Xin, H.-M., & Yang, K. (2015). Routing protocols analysis for Internet of Things. In 2015 2nd international conference on information science and control engineering. https://doi.org/10.1109/ICISCE.2015.104

  36. Sharma, R., & Sharma, P. (2016). Detection and prevention of wormhole attack in MANETs: A review. International Journal of Science, Engineering and Technology Research (IJSETR), 5(5).

  37. Gupta, S., Kar, S., & Dharmaraja, S. (2011). WHOP: Wormhole attack detection protocol using hound packet. in Proceedings of IEEE international conference on innovations in information technology (pp. 226–231). https://doi.org/10.1109/INNOVATIONS.2011.5893822

  38. Khan, F. I., Shon, T., Lee, T., & Kim, K. (2013). Wormhole attack prevention mechanism for RPL based LLN network. In Proceedings of fifth international conference on ubiquitous and future networks (pp. 149–154). IEEE. https://doi.org/10.1109/ICUFN.2013.6614801

  39. Ji, S., Chen, T., Zhong, S., & Kak, S. (2014). DAWN: Defending against wormhole attacks in wireless network coding systems. In Proceedings of IEEE INFOCOM (pp. 664–672). https://doi.org/10.1109/INFOCOM.2014.6847992

  40. Arai, M. (2015). Reliability improvement of multi-path routing for wireless sensor networks and its application to wormhole attack avoidance. In Proceedings of ubiquitous intelligence and computing and 2015 IEEE 12th international conference on autonomic and trusted computing and 2015 IEEE 15th international conference on scalable computing and communications and its associated workshops (pp. 533–536). https://doi.org/10.1109/UIC-ATC-ScalCom-CBDCom-IoP.2015.108

  41. Acharjee, T., Borah, P., & Roy, S. (2015). A new hybrid algorithm to eliminate wormhole attack in wireless mesh networks. In Proceedings of IEEE international conference on computational intelligence and communication networks (CICN) (Vol. 157, pp. 997–1002). https://doi.org/10.1109/CICN.2015.198

  42. Zheng, J. H., Qian, H. Y., & Wang, L. (2015). Defense technology of wormhole attacks based on node connectivity. In 2015 IEEE international conference on smart city/SocialCom/SustainCom together with DataCom 2015 and SC2 2015. https://doi.org/10.1109/SmartCity.2015.107

  43. Sharma, M. K., & Joshi, B. K. (2016). A mitigation technique for high transmission power based wormhole attack in wireless sensor networks. In IEEE proceedings of international conference on ICT in business industry & government (pp. 1–6). https://doi.org/10.1109/ICTBIG.2016.7892698

  44. Lai, G. H. (2016). Detection of wormhole attacks on IPv6 mobility-based wireless sensor network. EURASIP Journal on Wireless Communications and Networking, 2016(1), 274. https://doi.org/10.1186/s13638-016-0776-0

    Article  Google Scholar 

  45. Bendjima, M., & Feham, M. (2016). Wormhole attack detection in wireless sensor networks. In Proceedings of IEEE SAI computing conference (pp. 1319–1326). https://doi.org/10.1109/SAI.2016.7556151

  46. Patel, M., & Aggarwal, A. (2016). Detection of hidden wormhole attack in wireless sensor networks using neighbourhood and connectivity information. International Journal on AdHoc Networking Systems (IJANS), 6(1), 1–10. https://doi.org/10.5121/ijans.2016.6101

    Article  Google Scholar 

  47. Johnson, M. O., Siddiqui, A., & Karami, A. (2017). A wormhole attack detection and prevention technique in wireless sensor networks. International Journal of Computer Applications, 174(4), 1–8. https://doi.org/10.5120/ijca2017915376

    Article  Google Scholar 

  48. Tiruvakadu, D. S. K., & Pallapa, V. (2018). Confirmation of wormhole attack in MANETs using honeypot. Computers & Security, 76(32–49), 158. https://doi.org/10.1016/J.COSE.2018.02.004

    Article  Google Scholar 

  49. Qazi, S., Raad, R., Mu, Y., & Susilo, W. (2018). Multirate DelPHI to secure multirate ad hoc networks against wormhole attacks. Journal of Information Security and Applications, 39, 31–40. https://doi.org/10.1016/j.jisa.2018.01.005

    Article  Google Scholar 

  50. Luo, X., Chen, Y., Li, M., Luo, Q., Xue, K., Liu, S., & Chen, L. (2019). CREDND: A novel secure neighbor discovery algorithm for wormhole attack. IEEE Access, 7, 18194–18205. https://doi.org/10.1109/ACCESS.2019.2894637

    Article  Google Scholar 

  51. Deshmukh-Bhosale, S., & Sonavane, S. S. (2019). Detection of security attack in IoT using received signal strength indicator. Helix, 9(3), 5042–5045. https://doi.org/10.29042/2019-5042-5045

    Article  Google Scholar 

  52. Li, X., Shi, H., & Shang, Y. (2005). A sorted RSSI quantization based algorithm for sensor network localization. In 11th international conference on parallel and distributed systems (ICPADS'05). IEEE. https://doi.org/10.1109/ICPADS.2005.53

  53. Lee, T.-H., Xie, X.-S., & Chang, L.-H. (2014). RSSI-based IPv6 routing metrics for RPL in low power and Lossy networks. In IEEE international conference on systems, man, and cybernetics (SMC). IEEE. https://doi.org/10.1109/SMC.2014.6974164

  54. Shojaifar, A. (2015). A thesis on evaluation and Improvement of the RSSI-based localization algorithm. Faculty of Computing Blekinge Institute of Technology SE-371 79 Karlskrona Sweden.

  55. Osterlind, F. (2006). A sensor network simulator for the Contiki OS. Swedish Institute of Computer Science (SICS), Technical Report T2006-05.

  56. Eriksson, J., Österlind, F., Finne, N., & Tsiftes, N. (2009). COOJA/MSPSim: Interoperability testing for wireless sensor networks. In 2nd international conference on simulation tools and techniques, Rome, Italy (p. 7). https://doi.org/10.1145/1537614.1537650

  57. https://www.fierceelectronics.com/iot-wireless/mica-commercialization-microsensor-motes. Accessed on July 2018.

  58. http://www.eecs.harvard.edu/˜konrad/projects/shimmer/references/Tmote-sky-datasheet.pdf. Accessed on July 2018.

  59. Dunkels, A., Eriksson, J., Finne, N., & Tsiftes, N. (2011). Powertrace: Network level power profiling for low-power wireless networks. SICS Technical Report T2011:05, ISSN 1100-3154.

  60. Shahid, R., Wallgren, L., & Voigt, T. (2013). SVELTE: Real-time intrusion detection in the Internet of Things. Ad Hoc Networks, 11(8), 2661–2674. https://doi.org/10.1016/j.adhoc.2013.04.014

    Article  Google Scholar 

Download references

Funding

NA.

Author information

Authors and Affiliations

  1. RMD Sinhgad School of Engineering, SPPU, Warje, Pune, India

    Snehal A. Bhosale

  2. Vijaybhoomi University, Karjat, Navi Mumbai, India

    S. S. Sonavane

Authors
  1. Snehal A. Bhosale
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. S. S. Sonavane
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

SAB and SSS conceived of the presented idea. SAB developed the theory and performed the computations, verified the analytical methods. SSS encouraged SAB to investigate security aspect in IoT and supervised the findings of this work. Both the authors discussed the results and contributed to the final manuscript.

Corresponding author

Correspondence to Snehal A. Bhosale.

Ethics declarations

Conflicts of interest

The Authors (SAB and SSS) declare that there is no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bhosale, S.A., Sonavane, S.S. Wormhole Attack Detection System for IoT Network: A Hybrid Approach. Wireless Pers Commun 124, 1081–1108 (2022). https://doi.org/10.1007/s11277-021-09395-y

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-021-09395-y

Keywords

Search

Navigation