SeRWA: A secure routing protocol against wormhole attacks in sensor networks

A wormhole attack is particularly harmful against routing in sensor networks where an attacker receives packets at one location in the network, tunnels and then replays them at another remote location in the network. A wormhole attack can be easily launched by an attacker without compromising any sensor nodes. Since most of the routing protocols do not have mechanisms to defend the network against wormhole attacks, the route request can be tunneled to the target area by the attacker through wormholes. Thus, the sensor nodes in the target area build the route through the attacker. Later, the attacker can tamper the data, messages, or selectively forward data messages to disrupt the functions of the sensor network. Researchers have used some special hardware such as the directional antenna and the precise synchronized clock to defend the sensor network against wormhole attacks during the neighbor discovery process. In this paper, we propose a Secure Routing protocol against wormhole attacks in sensor networks (SeRWA). SeRWA protocol avoids using any special hardware such as the directional antenna and the precise synchronized clock to detect a wormhole. Moreover, it provides a real secure route against the wormhole attack. Simulation results show that SeRWA protocol only has very small false positives for wormhole detection during the neighbor discovery process (less than 10%). The average energy usage at each node for SeRWA protocol during the neighbor discovery and route discovery is below 25 mJ, which is much lower than the available energy (15 kJ) at each node. The cost analysis shows that SeRWA protocol only needs small memory usage at each node (below 14 kB if each node has 20 neighbors), which is suitable for the sensor network.     

Detecting and avoiding wormhole attacks in wireless ad hoc networks [security in mobile ad hoc]

A particularly severe attack on routing protocols in ad hoc networks is the so-called worm- hole attack in which two or more colluding attackers record packets at one location, and tunnel them to another location for replay at that remote location. When this attack targets specifically routing control packets, the nodes that are close to the attackers are shielded from any alternative routes with more than one or two hops to the remote location. All routes are thus directed to the wormhole established by the attackers. In the optimized link state routing protocol, if a wormhole attack is launched during the propagation of link state packets, the wrong link information percolates throughout the network, leading to routing disruption. In this article we devise an efficient method to detect and avoid wormhole attacks in the OLSR protocOLSR protocolol. This method first attempts to pinpoint links that may potentially be part of a wormhole tunnel. Then a proper wormhole detection mechanism is applied to suspicious links by means of an exchange of encrypted probing packets between the two supposed neighbors (endpoints of the wormhole). The proposed solution exhibits several advantages, among which are its nonreliance on any time synchronization or location information, and its high detection rate under various scenarios.     

Detection of Wormhole Attack and Secure Path Selection in Wireless Sensor Network

In Wireless Sensor Network (WSN), securable data transmission is one of the most challenges. During the transmission between the source and a destination node, routing information of the particular path may be misbehaved by the particular nodes which are known as wormhole nodes/attackers. The paths which include the wormhole nodes are known as wormhole attacked paths. For improving security in WSN, these wormhole attacked paths should be identified. To achieve this, wormhole attack detection method and optimal or secure path selection are presented in this paper. Initially, ‘K’ paths or multiple paths are generated between source and destination using Ad-hoc On demand Multipath Distance Vector (AOMDV) routing protocol. Then, the source node identifies the wormhole attacked path by verifying the Detection Packet (DP) and Feedback Packet (FP) from the destination. After detecting the wormhole attacked paths, the source node selects the optimal path among the attacker free paths using Particle Swarm Optimization (PSO) algorithm. Simulation results show that the performance of the proposed approach improves energy efficiency and network lifetime of the network.

     

Agent‐based secure routing for underwater acoustic sensor networks

The underwater networks have severe security implications and are vulnerable to various types of attacks such as selective forwarding, wormhole, and sinkhole. Neighbor discovery, a fundamental requirement for routing is vulnerable to wormhole attack, which enables false neighbor acceptance, thereby degrading the routing performance. The proposed agent‐based secured routing scheme enhances the quality of service by discovering the wormhole resilient secure neighbors and route the information through the secure path. This scheme uses 4 agencies, namely, security, routing, underwater gateway, and vehicle, which are embedded with static and mobile agents. (1) Agents in security agency of a node discover secured neighbors by using the direction of arrival estimation and authentication, (2) agents in routing agency of a node establish secured routes from source to surface gateway, (3) agents in Underwater Gateway Agency communicate with Autonomous Underwater Vehicles (AUVs) and underwater nodes for key distribution, and (4) vehicle traversing agency in AUV coordinates with Underwater Gateway Agency for changing AUVs traversal to cover the isolated network area. The proposed scheme depicts the improved performance compared to basic neighbor discovery and channel aware routing protocol in terms of failure detection, energy consumption, and overheads.     

移动Ad hoc网络按需路由协议中的虫洞问题研究

由于移动Ad hoc网络具有动态变化的特性以及自组织和多跳性的特点,更容易遭受多种恶意攻击。其中虫洞攻击就是最严重的一种攻击。本文详细剖析了虫洞问题,在总结已有解决方案的基础上提出了一种简洁的解决方案。此方案利用路由发现过程中中间结点计算的MAC值以及邻居维护机制提供的认证信息一起能够很好的抵抗虫洞攻击,提高了路由协议的安全性。     

无线传感器网络中的虫洞攻击和防御

无线传感器网络被誉为21世纪三大技术之一,其安全问题受到了越来越多的关注.文章首先介绍了无线传感器网络的特征,分析了安全问题的根源,然后详细介绍了无线传感器网络中虫洞攻击的原理和破坏性,提出引入简化的marsh信任模型,将邻居节点以往表现作为信任评估的经验来源,通过具体分析确定节点的位置关系,从而避免传感器网络中的虫洞攻击,最后指出了下一步研究的方向.     

Wormhole-Free Routing and DoS Attack Defense in Wireless Mesh Networks

Owing to the growth in several applications, Wireless Mesh Networks (WMN) is emerging as a vital technology for future wireless networks. Wormhole attack is one of the major security threats, which can disturb majority of routing communications, even when placed strategically. Therefore, a technique that can find wormhole-free routes in the network is required. In order to achieve this, in this paper, we propose a Monitoring Technique for Wormhole-Free Routing and DoS Attack Defense in WMNs. Initially, finite state model is applied where the node keeps the information about its sender and neighborhood receiver. Then, wormhole-aware secure routing is implemented to find wormhole free routes in the network. Finally, the priority mechanism is applied where the data packets are transmitted based on their priority. Based on the finite state model and priority mechanism, the malicious or wormhole nodes in the network are removed.     

无线Mesh网络中的虫洞攻击检测研究

为了有效检测出无线mesh网络中的虫洞攻击,针对微软提出的支持多射频的链路质量源路由MR-LQSR(multi-radio link-quality souse routing)协议提出了一种虫洞攻击模型,并根据虫洞攻击及无线mesh网的特点,在基于端到端的虫洞攻击检测算法、投票机制、邻居检测机制和基于身份加密技术的基础上提出一种基于端到端的虫洞攻击检测机制.最后通过理论分析和实验证实了该机制能有效地抵御无线mesh网中的虫洞攻击和提高无线mesh网的安全性.     

Wormhole Attack Detection System for IoT Network: A Hybrid Approach

Many errors in data communication cause security attacks in Internet of Things (IoT). Routing errors at network layer are prominent errors in IoT which degrade the quality of data communication. Many attacks like sinkhole attack, blackhole attack, selective forwarding attack and wormhole attack enter the network through the network layer of the IoT. This paper has an emphasis on the detection of a wormhole attack because it is one of the most uncompromising attacks at the network layer of IoT protocol stack. The wormhole attack is the most disruptive attack out of all the other attacks mentioned above. The wormhole attack inserts information on incorrect routes in the network; it also alters the network information by causing a failure of location-dependent protocols thus defeating the purpose of routing algorithms. This paper covers the design and implementation of an innovative intrusion detection system for the IoT that detects a wormhole attack and the attacker nodes. The presence of a wormhole attack is identified using location information of any node and its neighbor with the help of Received Signal Strength Indicator (RSSI) values and the hop-count. The proposed system is energy efficient hence it is beneficial for a resource-constrained environment of IoT. It also provides precise true-positive (TPR) and false-positive detection rate (FPR).

     

Secure and Energy-Efficient Traffic-Aware Key Management Scheme for Wireless Sensor Network

In Wireless Sensor Network (WSN), a sensor node may communicate with a small set of neighbor sensor nodes. Existing key management schemes, did not consider this communication between these nodes. They establish shared keys for all pairs of neighbor sensor nodes. When the number of sensor nodes in WSN is augmented, large number of keys is to be loaded in each sensor node, which in turn causes supplementary energy consumption. If any two close sensor nodes are seldom in the active-state the assignment of shared keys may be gratuitous, since they may be hardly exploited.In this paper, based on this information, secure and Energy-Efficient Traffic Aware key Management (EETKM) is developed for WSN. This determines shared keys for active sensors which takes part in the direct communication. In order to broadcast keys without retransmission or acknowledgements, the proposed scheme gives an efficient Re-keying mechanism. The proposed scheme attains high connectivity which is shown through numerical results. The proposed scheme is applied for various routing protocols and the simulation results shows the stronger resilience, low energy consumption and increased delivery ratio.     

Wormhole attacks in wireless networks

As mobile ad hoc network applications are deployed, security emerges as a central requirement. In this paper, we introduce the wormhole attack, a severe attack in ad hoc networks that is particularly challenging to defend against. The wormhole attack is possible even if the attacker has not compromised any hosts, and even if all communication provides authenticity and confidentiality. In the wormhole attack, an attacker records packets (or bits) at one location in the network, tunnels them (possibly selectively) to another location, and retransmits them there into the network. The wormhole attack can form a serious threat in wireless networks, especially against many ad hoc network routing protocols and location-based wireless security systems. For example, most existing ad hoc network routing protocols, without some mechanism to defend against the wormhole attack, would be unable to find routes longer than one or two hops, severely disrupting communication. We present a general mechanism, called packet leashes, for detecting and, thus defending against wormhole attacks, and we present a specific protocol, called TIK, that implements leashes. We also discuss topology-based wormhole detection, and show that it is impossible for these approaches to detect some wormhole topologies.     

A New Energy Efficient Hierarchical Routing Protocol for Wireless Sensor Networks

Wireless sensor networks consist of low cost sensor nodes which have limited power supplies, memory capacity, processing capability and transmission rate. Sensor nodes gather information from the environment and send the collected information to base station with help of a routing cooperation. Because of limited resources in Wireless Sensor Networks, fulfilling these routing operations is a major problem. Routing protocols are used to perform these operations. The most important thing by considering while these protocols are designed is energy efficiency. Because wireless sensor networks are widely used in intelligent systems, the energy efficiency of these networks is very important in IoT. Researchers have proposed several hierarchical routing protocols such as LEACH, PEGASIS, TEEN and APTEEN. In this study, an energy efficient routing protocol is developed which is more efficient than currently avaliable routing protocols. The developed protocol involves mapping of the network, sleep–wake/load balancing, data merge processes. The proposed protocol gives better results than other protocols in number of surviving nodes and amount of energy consumed criterias.     

A graph theoretic framework for preventing the wormhole attack in wireless ad hoc networks

Wireless ad hoc networks are envisioned to be randomly deployed in versatile and potentially hostile environments. Hence, providing secure and uninterrupted communication between the un-tethered network nodes becomes a critical problem. In this paper, we investigate the wormhole attack in wireless ad hoc networks, an attack that can disrupt vital network functions such as routing. In the wormhole attack, the adversary establishes a low-latency unidirectional or bi-directional link, such as a wired or long-range wireless link, between two points in the network that are not within communication range of each other. The attacker then records one or more messages at one end of the link, tunnels them via the link to the other end, and replays them into the network in a timely manner. The wormhole attack is easily implemented and particularly challenging to detect, since it does not require breach of the authenticity and confidentiality of communication, or the compromise of any host. We present a graph theoretic framework for modeling wormhole links and derive the necessary and sufficient conditions for detecting and defending against wormhole attacks. Based on our framework, we show that any candidate solution preventing wormholes should construct a communication graph that is a subgraph of the geometric graph defined by the radio range of the network nodes. Making use of our framework, we propose a cryptographic mechanism based on local broadcast keys in order to prevent wormholes. Our solution does not need time synchronization or time measurement, requires only a small fraction of the nodes to know their location, and is decentralized. Hence, it is suitable for networks with the most stringent constraints such as sensor networks. Finally, we believe our work is the first to provide an analytical evaluation in terms of probabilities of the extent to which a method prevents wormholes. Radha Poovendran received the Ph.D. degree in electrical engineering from the University of Maryland, College Park, in 1999. He has been an Assistant Professor in the Electrical Engineering Department, University of Washington, Seattle, since September 2000. His research interests are in the areas of applied cryptography for multiuser environment, wireless networking, and applications of information theory to security. Dr. Poovendran is a recipient of the Faculty Early Career Award from the National Science Foundation (2001), Young Investigator Award from the Army Research Office (2002), Young Investigator Award from the Office of Naval Research (2004), and the 2005 Presidential Early Career Award for Scientists and Engineers, for his research contributions in the areas of wired and wireless multiuser security. Loukas Lazos received the B.S. and M.S. degrees from the Electrical Engineering Department, National Technical University of Athens, Athens, Greece, in 2000 and 2002, respectively. He is currently working towards the Ph.D. degree in the Electrical Engineering Department, University of Washington, Seattle. His current research interests focus on cross-layer designs for energy-efficient key management protocols for wireless ad-hoc networks, as well as secure localization systems for sensor networks.     

On providing wormhole‐attack‐resistant localization using conflicting sets

Wormhole attack is a severe attack that can be easily mounted on a wide range of wireless networks without compromising any cryptographic entity or network node. In the wormhole attack, an attacker sniffs packets at one point in the network and tunnels them through the wormhole link to another point. Such kind of attack can deteriorate the localization procedure in wireless sensor networks. In this paper, we first analyze the impacts of the wormhole attack on the localization procedure. Then, we propose a secure localization scheme against the wormhole attacks called SLAW including three phases: wormhole attack detection, neighboring locators differentiation, and secure localization. The main idea of the SLAW is to build a so‐called conflicting set for each locator based on the abnormalities during the message exchanges, which can be used to differentiate the dubious locators to achieve secure localization. We first consider the simplified system model in which there is no packet loss and all the nodes have the same transmission range. We further consider the general system model where the packet loss exists and different types of nodes have different transmission radii. We conduct the simulations to illustrate the effectiveness of the proposed secure localization scheme and compare it with the existing schemes under different network parameters. Copyright © 2014 John Wiley & Sons, Ltd.     

Biologically inspired artificial intrusion detection system for detecting wormhole attack in MANET

A mobile ad hoc network (MANET) does not have traffic concentration points such as gateway or access points which perform behaviour monitoring of individual nodes. Therefore, maintaining the network function for the normal nodes when other nodes do not forward and route properly is a big challenge. One of the significant attacks in ad hoc network is wormhole attack. In this wormhole attack, the adversary disrupts ad hoc routing protocols using higher bandwidth and lower-latency links. Wormhole attack is more hidden in character and tougher to detect. So, it is necessary to use mechanisms to avoid attacking nodes which can disclose communication among unauthorized nodes in ad hoc networks. Mechanisms to detect and punish such attacking nodes are the only solution to solve this problem. Those mechanisms are known as intrusion detection systems (IDS). In this paper, the suggested biological based artificial intrusion detection system (BAIDS) include hybrid negative selection algorithm (HNSA) detectors in the local and broad detection subsection to detect anomalies in ad hoc network. In addition to that, response will be issued to take action over the misbehaving nodes. These detectors employed in BAIDS are capable of discriminating well behaving nodes from attacking nodes with a good level of accuracy in a MANET environment. The performance of BAIDS in detecting wormhole attacks in the background of DSR, AODV and DSDV routing protocols is also evaluated using Qualnet v 5.2 network simulator. Detection rate, false alarm rate, packet delivery ratio, routing overhead are used as metrics to compare the performance of HNSA and the BAIDS technique.     

Defending against wormhole attacks in mobile ad hoc networks

In ad hoc networks, malicious nodes can deploy wormhole attacks to fabricate a false scenario on the proximity relationship among mobile nodes. A classification of the attacks according to the format of the wormholes is proposed. This forms a basis to identify the detection capability of various approaches. An analysis shows that earlier approaches focus on the prevention of wormholes among neighbors that trust each other. As a more generic approach, we present an end‐to‐end scheme that can detect wormholes on a multi‐hop route. Only the trust between the source and the destination is assumed. The mechanism uses geographic information to detect anomalies in neighbor relations and node movements. To reduce the computation and storage overhead, we present a scheme called cell‐based open tunnel avoidance (COTA) to manage the information. COTA requires a constant space for every node on the path and the computation overhead increases linearly to the number of detection packets. We prove that the savings do not deteriorate the detection capability. Various schemes to control communication overhead are studied. The simulation and experiments on real devices show that the proposed mechanism can be combined with existent routing protocols to defend against wormhole attacks. Copyright © 2006 John Wiley & Sons, Ltd.     

Topological comparison‐based wormhole detection for MANET

Wormhole attack is considered one of the most threatening security attacks for mobile ad hoc networks. In a wormhole attack, a tunnel is setup in advance between two colluders. The colluders record packets at one location and forward them through the tunnel to another location in the network. Depending on whether or not the colluders are participating in the network functions, the wormhole attack can be further divided into two categories: traditional wormhole attack and Byzantine wormhole attack. Existing researches focusing on detecting traditional wormhole attacks can be classified into three categories: one‐hop delay‐based approach, topological analysis‐based or special hardware/middleware‐based approaches. Unfortunately, they all have their own limitations. Most of the researches detecting Byzantine wormhole attack are not addressing the Byzantine wormhole attack directly. Instead, they focus on observing the consequence after a Byzantine wormhole attack, like packet dropping or modification. In this paper, we propose to detect both traditional and Byzantine wormhole attacks by detecting some topological anomalies introduced by wormhole tunnels. Simulation results show that our scheme can achieve both high wormhole attack detection rate and accuracy. Our scheme is also simple to implement. Copyright © 2012 John Wiley & Sons, Ltd.     

Energy Attentive and Pre-fault Recognize Mechanism for Distributed Wireless Sensor Network Using Fuzzy Logic Approach

Wireless sensor networks (WSNs) have been transforming over recent years with development in the design of smart real-time applications. However, it presents numerous challenges in terms of fault-tolerant communication, low latency, scalability, and transmission efficiency. It is extremely difficult for WSNs to detect runtime faults since they're unaware of the internal processes at work within the sensor node. As a result, valuable sensed information cannot reach its destination and performance starts degrading. Towards this objective, the proposed mechanism applies a novel pre-fault detection mechanism based on a fuzzy rule-based method for multilevel transmission in distributed sensor networks. The proposed mechanism uses a fuzzy rule set to make routing decisions. A fuzzy decision rule set is proposed to perform routing based on the fuzzy fault count status of a node. The proposed mechanism assists in identifying the fault in advance and determining the optimal routing path to save energy and improve network performance. In accordance with the node fault status, the data transmission rate is finalized to prevent further energy consumption. The results demonstrated that the proposed mechanism performed well on judgment evaluation metrics like the energy dissipation ratio, throughput, packet loss rate and communication delay.

     

An Efficient Security Framework for Trusted and Secure Routing in MANET: A Comprehensive Solution

Wireless Personal Communications - Secure routing of data in MANET (Mobile Ad-hoc Network) is an important concern to save the network from various attacks such as blackhole attack, wormhole...     

认知无线Mesh网络中满足QoS的高吞吐量安全路由协议

提出了一种综合考虑链路安全、链路冲突、链路可靠度与链路可用带宽的路由判据SIEB。SIEB包括链路安全和链路性能2个方面,在SIEB的链路安全权值计算中,为了抵御各种洞攻击,提出了基于两跳邻居反馈的链路信任值计算方法。在此基础上,提出了链路安全权值计算算法LSWC和链路性能权值计算算法LSPC,提出了分布式满足QoS约束的路由协议SIEBP,SIEBP的目标是：构造安全的路由路径,并且最大化网络吞吐量。仿真结果表明,SIEBP能达到预定目标,构造的路径能抵御黑洞、灰洞、虫洞等攻击,并且获得了较高的网络吞吐量。