LiteWorp: Detection and isolation of the wormhole attack in static multihop wireless networks

Issa Khalil, Saurabh Bagchi, Ness B. Shroff

Research output: Contribution to journalArticle

58 Citations (Scopus)

Abstract

In multihop wireless systems, such as ad hoc and sensor networks, the need for cooperation among nodes to relay each other's packets exposes them to a wide range of security attacks. A particularly devastating attack is known as the wormhole attack, where a malicious node records control and data traffic at one location and tunnels it to a colluding node far away, which replays it locally. This can either disrupt route establishment or make routes pass through the malicious nodes. In this paper, we present a lightweight countermeasure for the wormhole attack, called LiteWorp, which relies on overhearing neighbor communication. LiteWorp is particularly suitable for resource-constrained multihop wireless networks, such as sensor networks. Our solution allows detection of the wormhole, followed by isolation of the malicious nodes. Simulation results show that every wormhole is detected and isolated within a very short period of time over a large range of scenarios. The results also show that the fraction of packets lost due to the wormhole when LiteWorp is applied is negligible compared to the loss in an unprotected network. Simulation results bring out the configuration where no framing is possible, while still having high detection rate. Analysis is done to show the low resource consumption of LiteWorp, the low detection latency, and the likelihood of framing by malicious nodes.

Original languageEnglish
Pages (from-to)3750-3772
Number of pages23
JournalComputer Networks
Volume51
Issue number13
DOIs
Publication statusPublished - 12 Sep 2007
Externally publishedYes

Fingerprint

Sensor networks
Wireless networks
Ad hoc networks
Tunnels
Computer systems
Communication

Keywords

  • Malicious node detection
  • Malicious node isolation
  • Neighbor watch
  • Wireless sensor and ad hoc networks
  • Wormhole attack

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Cite this

LiteWorp : Detection and isolation of the wormhole attack in static multihop wireless networks. / Khalil, Issa; Bagchi, Saurabh; Shroff, Ness B.

In: Computer Networks, Vol. 51, No. 13, 12.09.2007, p. 3750-3772.

Research output: Contribution to journalArticle

Khalil, Issa ; Bagchi, Saurabh ; Shroff, Ness B. / LiteWorp : Detection and isolation of the wormhole attack in static multihop wireless networks. In: Computer Networks. 2007 ; Vol. 51, No. 13. pp. 3750-3772.
@article{45ea754e3ad243b5bccaf5f3a9300f33,
title = "LiteWorp: Detection and isolation of the wormhole attack in static multihop wireless networks",
abstract = "In multihop wireless systems, such as ad hoc and sensor networks, the need for cooperation among nodes to relay each other's packets exposes them to a wide range of security attacks. A particularly devastating attack is known as the wormhole attack, where a malicious node records control and data traffic at one location and tunnels it to a colluding node far away, which replays it locally. This can either disrupt route establishment or make routes pass through the malicious nodes. In this paper, we present a lightweight countermeasure for the wormhole attack, called LiteWorp, which relies on overhearing neighbor communication. LiteWorp is particularly suitable for resource-constrained multihop wireless networks, such as sensor networks. Our solution allows detection of the wormhole, followed by isolation of the malicious nodes. Simulation results show that every wormhole is detected and isolated within a very short period of time over a large range of scenarios. The results also show that the fraction of packets lost due to the wormhole when LiteWorp is applied is negligible compared to the loss in an unprotected network. Simulation results bring out the configuration where no framing is possible, while still having high detection rate. Analysis is done to show the low resource consumption of LiteWorp, the low detection latency, and the likelihood of framing by malicious nodes.",
keywords = "Malicious node detection, Malicious node isolation, Neighbor watch, Wireless sensor and ad hoc networks, Wormhole attack",
author = "Issa Khalil and Saurabh Bagchi and Shroff, {Ness B.}",
year = "2007",
month = "9",
day = "12",
doi = "10.1016/j.comnet.2007.04.001",
language = "English",
volume = "51",
pages = "3750--3772",
journal = "Computer Networks",
issn = "1389-1286",
publisher = "Elsevier",
number = "13",

}

TY - JOUR

T1 - LiteWorp

T2 - Detection and isolation of the wormhole attack in static multihop wireless networks

AU - Khalil, Issa

AU - Bagchi, Saurabh

AU - Shroff, Ness B.

PY - 2007/9/12

Y1 - 2007/9/12

N2 - In multihop wireless systems, such as ad hoc and sensor networks, the need for cooperation among nodes to relay each other's packets exposes them to a wide range of security attacks. A particularly devastating attack is known as the wormhole attack, where a malicious node records control and data traffic at one location and tunnels it to a colluding node far away, which replays it locally. This can either disrupt route establishment or make routes pass through the malicious nodes. In this paper, we present a lightweight countermeasure for the wormhole attack, called LiteWorp, which relies on overhearing neighbor communication. LiteWorp is particularly suitable for resource-constrained multihop wireless networks, such as sensor networks. Our solution allows detection of the wormhole, followed by isolation of the malicious nodes. Simulation results show that every wormhole is detected and isolated within a very short period of time over a large range of scenarios. The results also show that the fraction of packets lost due to the wormhole when LiteWorp is applied is negligible compared to the loss in an unprotected network. Simulation results bring out the configuration where no framing is possible, while still having high detection rate. Analysis is done to show the low resource consumption of LiteWorp, the low detection latency, and the likelihood of framing by malicious nodes.

AB - In multihop wireless systems, such as ad hoc and sensor networks, the need for cooperation among nodes to relay each other's packets exposes them to a wide range of security attacks. A particularly devastating attack is known as the wormhole attack, where a malicious node records control and data traffic at one location and tunnels it to a colluding node far away, which replays it locally. This can either disrupt route establishment or make routes pass through the malicious nodes. In this paper, we present a lightweight countermeasure for the wormhole attack, called LiteWorp, which relies on overhearing neighbor communication. LiteWorp is particularly suitable for resource-constrained multihop wireless networks, such as sensor networks. Our solution allows detection of the wormhole, followed by isolation of the malicious nodes. Simulation results show that every wormhole is detected and isolated within a very short period of time over a large range of scenarios. The results also show that the fraction of packets lost due to the wormhole when LiteWorp is applied is negligible compared to the loss in an unprotected network. Simulation results bring out the configuration where no framing is possible, while still having high detection rate. Analysis is done to show the low resource consumption of LiteWorp, the low detection latency, and the likelihood of framing by malicious nodes.

KW - Malicious node detection

KW - Malicious node isolation

KW - Neighbor watch

KW - Wireless sensor and ad hoc networks

KW - Wormhole attack

UR - http://www.scopus.com/inward/record.url?scp=34447283779&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34447283779&partnerID=8YFLogxK

U2 - 10.1016/j.comnet.2007.04.001

DO - 10.1016/j.comnet.2007.04.001

M3 - Article

AN - SCOPUS:34447283779

VL - 51

SP - 3750

EP - 3772

JO - Computer Networks

JF - Computer Networks

SN - 1389-1286

IS - 13

ER -