Detecting Wormhole Attacks in Wireless Sensor Networks
Wormhole attacks can destabilize or disable wireless sensor networks. In a typical wormhole attack, the attacker receives packets at one point in the network, forwards them through a wired or wireless link with less latency than the network links, and relays them to another point in the network. This paper describes a distributed wormhole detection algorithm for wireless sensor networks, which detects wormholes based on the distortions they create in a network. Since wormhole attacks are passive in nature, the algorithm uses a hop counting technique as a probe procedure, reconstructs local maps for each node, and then uses a “diameter” feature to detect abnormalities caused by wormholes. The main advantage of the algorithm is that it provides the locations of wormholes, which is useful for implementing countermeasures. Simulation results show that the algorithm has low false detection and false toleration rates.
Keywords: Wireless sensor networks, wormhole detection, distributed algorithm
- S. Čapkun, L. Buttyán and J. Hubaux, SECTOR: Secure tracking of node encounters in multi-hop wireless networks, Proceedings of the First ACM Workshop on Security of Ad Hoc and Sensor Networks, pp. 21-32, 2003.Google Scholar
- L. Hu and D. Evans, Using directional antennas to prevent wormhole at- tacks, Proceedings of the Eleventh Network and Distributed System Security Symposium, pp. 131-141, 2004.Google Scholar
- Y. Hu, A. Perrig and D. Johnson, Wormhole Detection in Wireless Ad Hoc Networks, Technical Report TR01-384, Department of Computer Science, Rice University, Houston, Texas, 2002.Google Scholar
- Y. Hu, A. Perrig and D. Johnson, Packet leashes: A defense against wormhole attacks in wireless networks, Proceedings of the Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies, vol. 3, pp. 1976-1986, 2003.Google Scholar
- J. Kong, Z. Ji, W. Wang, M. Gerla, R. Bagrodia and B. Bhargava, Low- cost attacks against packet delivery, localization and time synchronization services in underwater sensor networks, Proceedings of the Fourth ACM Workshop on Wireless Security, pp. 87-96, 2005.Google Scholar
- D. Liu, P. Ning and W. Du, Attack-resistant location estimation in sensor networks, Proceedings of the Fourth International Symposium on Informa- tion Processing in Sensor Networks, pp. 99-106, 2005.Google Scholar
- S. McCanne and S. Floyd, The network simulator -ns-2 (nsnam. isi. edu/nsnam/index. php/User Information), 2007.Google Scholar
- J. Newsome, E. Shi, D. Song and A. Perrig, The sybil attack in sensor networks: Analysis and defenses, Proceedings of the Third International Symposium on Information Processing in Sensor Networks, pp. 259-268, 2004.Google Scholar
- P. Papadimitratos and Z. Haas, Secure routing for mobile ad hoc networks, Proceedings of the SCS Communication Networks and Distributed Systems Modeling and Simulation Conference, 2002.Google Scholar
- The Rice Monarch Project, Wireless and mobility extensions to ns-2 (www.monarch. cs. cmu. edu/cmu-ns. html), 2007.
- W. Wang and B. Bhargava, Visualization of wormholes in sensor networks, Proceedings of the ACM Workshop on Wireless Security, pp. 51-60, 2004.Google Scholar
- Y. Xu, J. Ford and F. Makedon, A variation on hop counting for geographic routing, Proceedings of the Third IEEE Workshop on Embedded Networked Sensors, 2006.Google Scholar
- J. Zheng, Low rate wireless personal area networks: ns-2 simulator for 802. 15. 4 (release v1. 1) (ees2cy. engr. ccny. cuny. edu/zheng/pub), 2007.Google Scholar