CTAC

Control traffic tunneling attacks' countermeasures in mobile wireless networks

Issa Khalil, Mamoun Awad, Abdallah Khreishah

Research output: Contribution to journalArticle

7 Citations (Scopus)

Abstract

Multihop wireless ad hoc and sensor networks open the door for great networking opportunities especially in scenarios where it is infeasible or expensive to deploy significant networking infrastructure. However, the open communication media and the lack of networking infrastructure make these networks vulnerable to a wide range of security attacks. A particularly devastating attack is the control traffic tunneling attack, where a malicious node records control traffic at one location and tunnels it to a colluding node, possibly far away, which replays it locally. One of the control traffic attacks' incarnations is the wormhole attack that can be used to prevent route establishment by preventing nodes from discovering legitimate routes that are more than two hops away. These attacks have been addressed by many researchers, however, most of the presented work is either limited to static scenarios, require expensive hardware or suffer from high overhead and performance degradation. In this paper, we present a scalable countermeasure for the control traffic tunneling attack, called CTAC, which alleviates these drawbacks and efficiently mitigates the attack in both static and mobile networks. CTAC uses trusted nodes called cluster heads (CH) for global tracking of node locations and profile keeping. Local monitoring is used to detect and isolate malicious nodes locally. Additionally, when sufficient suspicion builds up at a CH, it enforces a global isolation of the malicious node from the whole network. The performance gain, the relatively low overhead, and the positive impact of CTAC on the data traffic fidelity are brought out through analysis and extensive simulation using ns-2. The results show that CTAC achieves higher detection ratio and faster isolation time while considerably decreases the overhead energy and the end-to-end delay compared to the state-of-the art schemes.

Original languageEnglish
Pages (from-to)3300-3317
Number of pages18
JournalComputer Networks
Volume56
Issue number14
DOIs
Publication statusPublished - 28 Sep 2012
Externally publishedYes

Fingerprint

Traffic control
Wireless networks
Wireless ad hoc networks
Sensor networks
Tunnels
Hardware
Degradation
Monitoring
Communication

Keywords

  • Control traffic tunneling
  • Mobile ad hoc networks
  • Neighbor watch
  • Node isolation
  • Secure neighbor discovery
  • Wormhole attack

ASJC Scopus subject areas

  • Computer Networks and Communications

Cite this

CTAC : Control traffic tunneling attacks' countermeasures in mobile wireless networks. / Khalil, Issa; Awad, Mamoun; Khreishah, Abdallah.

In: Computer Networks, Vol. 56, No. 14, 28.09.2012, p. 3300-3317.

Research output: Contribution to journalArticle

Khalil, Issa ; Awad, Mamoun ; Khreishah, Abdallah. / CTAC : Control traffic tunneling attacks' countermeasures in mobile wireless networks. In: Computer Networks. 2012 ; Vol. 56, No. 14. pp. 3300-3317.
@article{55bc340050584aafa8bf5c1660ff4c78,
title = "CTAC: Control traffic tunneling attacks' countermeasures in mobile wireless networks",
abstract = "Multihop wireless ad hoc and sensor networks open the door for great networking opportunities especially in scenarios where it is infeasible or expensive to deploy significant networking infrastructure. However, the open communication media and the lack of networking infrastructure make these networks vulnerable to a wide range of security attacks. A particularly devastating attack is the control traffic tunneling attack, where a malicious node records control traffic at one location and tunnels it to a colluding node, possibly far away, which replays it locally. One of the control traffic attacks' incarnations is the wormhole attack that can be used to prevent route establishment by preventing nodes from discovering legitimate routes that are more than two hops away. These attacks have been addressed by many researchers, however, most of the presented work is either limited to static scenarios, require expensive hardware or suffer from high overhead and performance degradation. In this paper, we present a scalable countermeasure for the control traffic tunneling attack, called CTAC, which alleviates these drawbacks and efficiently mitigates the attack in both static and mobile networks. CTAC uses trusted nodes called cluster heads (CH) for global tracking of node locations and profile keeping. Local monitoring is used to detect and isolate malicious nodes locally. Additionally, when sufficient suspicion builds up at a CH, it enforces a global isolation of the malicious node from the whole network. The performance gain, the relatively low overhead, and the positive impact of CTAC on the data traffic fidelity are brought out through analysis and extensive simulation using ns-2. The results show that CTAC achieves higher detection ratio and faster isolation time while considerably decreases the overhead energy and the end-to-end delay compared to the state-of-the art schemes.",
keywords = "Control traffic tunneling, Mobile ad hoc networks, Neighbor watch, Node isolation, Secure neighbor discovery, Wormhole attack",
author = "Issa Khalil and Mamoun Awad and Abdallah Khreishah",
year = "2012",
month = "9",
day = "28",
doi = "10.1016/j.comnet.2012.06.003",
language = "English",
volume = "56",
pages = "3300--3317",
journal = "Computer Networks",
issn = "1389-1286",
publisher = "Elsevier",
number = "14",

}

TY - JOUR

T1 - CTAC

T2 - Control traffic tunneling attacks' countermeasures in mobile wireless networks

AU - Khalil, Issa

AU - Awad, Mamoun

AU - Khreishah, Abdallah

PY - 2012/9/28

Y1 - 2012/9/28

N2 - Multihop wireless ad hoc and sensor networks open the door for great networking opportunities especially in scenarios where it is infeasible or expensive to deploy significant networking infrastructure. However, the open communication media and the lack of networking infrastructure make these networks vulnerable to a wide range of security attacks. A particularly devastating attack is the control traffic tunneling attack, where a malicious node records control traffic at one location and tunnels it to a colluding node, possibly far away, which replays it locally. One of the control traffic attacks' incarnations is the wormhole attack that can be used to prevent route establishment by preventing nodes from discovering legitimate routes that are more than two hops away. These attacks have been addressed by many researchers, however, most of the presented work is either limited to static scenarios, require expensive hardware or suffer from high overhead and performance degradation. In this paper, we present a scalable countermeasure for the control traffic tunneling attack, called CTAC, which alleviates these drawbacks and efficiently mitigates the attack in both static and mobile networks. CTAC uses trusted nodes called cluster heads (CH) for global tracking of node locations and profile keeping. Local monitoring is used to detect and isolate malicious nodes locally. Additionally, when sufficient suspicion builds up at a CH, it enforces a global isolation of the malicious node from the whole network. The performance gain, the relatively low overhead, and the positive impact of CTAC on the data traffic fidelity are brought out through analysis and extensive simulation using ns-2. The results show that CTAC achieves higher detection ratio and faster isolation time while considerably decreases the overhead energy and the end-to-end delay compared to the state-of-the art schemes.

AB - Multihop wireless ad hoc and sensor networks open the door for great networking opportunities especially in scenarios where it is infeasible or expensive to deploy significant networking infrastructure. However, the open communication media and the lack of networking infrastructure make these networks vulnerable to a wide range of security attacks. A particularly devastating attack is the control traffic tunneling attack, where a malicious node records control traffic at one location and tunnels it to a colluding node, possibly far away, which replays it locally. One of the control traffic attacks' incarnations is the wormhole attack that can be used to prevent route establishment by preventing nodes from discovering legitimate routes that are more than two hops away. These attacks have been addressed by many researchers, however, most of the presented work is either limited to static scenarios, require expensive hardware or suffer from high overhead and performance degradation. In this paper, we present a scalable countermeasure for the control traffic tunneling attack, called CTAC, which alleviates these drawbacks and efficiently mitigates the attack in both static and mobile networks. CTAC uses trusted nodes called cluster heads (CH) for global tracking of node locations and profile keeping. Local monitoring is used to detect and isolate malicious nodes locally. Additionally, when sufficient suspicion builds up at a CH, it enforces a global isolation of the malicious node from the whole network. The performance gain, the relatively low overhead, and the positive impact of CTAC on the data traffic fidelity are brought out through analysis and extensive simulation using ns-2. The results show that CTAC achieves higher detection ratio and faster isolation time while considerably decreases the overhead energy and the end-to-end delay compared to the state-of-the art schemes.

KW - Control traffic tunneling

KW - Mobile ad hoc networks

KW - Neighbor watch

KW - Node isolation

KW - Secure neighbor discovery

KW - Wormhole attack

UR - http://www.scopus.com/inward/record.url?scp=84865798108&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84865798108&partnerID=8YFLogxK

U2 - 10.1016/j.comnet.2012.06.003

DO - 10.1016/j.comnet.2012.06.003

M3 - Article

VL - 56

SP - 3300

EP - 3317

JO - Computer Networks

JF - Computer Networks

SN - 1389-1286

IS - 14

ER -