MOBIWORP: Mitigation of the wormhole attack in mobile multihop wireless networks

Issa Khalil, Saurabh Bagchi, Ness B. Shroff

Research output: Chapter in Book/Report/Conference proceedingConference contribution

31 Citations (Scopus)

Abstract

In multihop wireless systems, the need for cooperation among nodes to relay each other's packets exposes them to a wide range of security attacks. A particularly devastating attack is the wormhole attack, where a malicious node records control traffic at one location and tunnels it to a colluding node, possibly far away, which replays it locally. This can have an adverse effect on route establishment by preventing nodes from discovering legitimate routes that are more than two hops away. Previous works on tolerating wormhole attacks have focused only on detection and used specialized hardware, such as directional antennas or extremely accurate clocks. More recent work has addressed the problem of locally isolating the malicious nodes. However, all of this work has been done in the context of static networks due to the difficulty of secure neighbor verification with mobile nodes. The existing work on secure neighbor verification has limitations in accuracy, resource requirements, and applicability to ad-hoc and sensor networks. In this paper, we present a countermeasure for the wormhole attack, called MOBIWORP, which alleviates these drawbacks and efficiently mitigates the wormhole attack in mobile networks. MOBIWorp uses a secure central authority (CA) for global tracking of node positions. Local monitoring is used to detect and isolate malicious nodes locally. Additionally, when sufficient suspicion builds up at the CA, it enforces a global isolation of the malicious node from the whole network. The effect of MOBIWORP on the data traffic and the fidelity of detection is brought out through extensive simulation using ns-2.

Original languageEnglish
Title of host publication2006 Securecomm and Workshops
DOIs
Publication statusPublished - 1 Dec 2006
Externally publishedYes
Event2006 Securecomm and Workshops - Baltimore, MD, United States
Duration: 28 Aug 20061 Sep 2006

Other

Other2006 Securecomm and Workshops
CountryUnited States
CityBaltimore, MD
Period28/8/061/9/06

Fingerprint

Wireless networks
Traffic control
Ad hoc networks
Sensor networks
Clocks
Tunnels
Computer systems
Antennas
Hardware
Monitoring
traffic control
hardware
social isolation
monitoring
simulation
resources

Keywords

  • Mobile ad-hoc networks
  • Neighbor watch
  • Node isolation
  • Secure neighbor discovery
  • Wormhole attack

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Communication

Cite this

MOBIWORP : Mitigation of the wormhole attack in mobile multihop wireless networks. / Khalil, Issa; Bagchi, Saurabh; Shroff, Ness B.

2006 Securecomm and Workshops. 2006. 4198824.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Khalil, I, Bagchi, S & Shroff, NB 2006, MOBIWORP: Mitigation of the wormhole attack in mobile multihop wireless networks. in 2006 Securecomm and Workshops., 4198824, 2006 Securecomm and Workshops, Baltimore, MD, United States, 28/8/06. https://doi.org/10.1109/SECCOMW.2006.359564
Khalil, Issa ; Bagchi, Saurabh ; Shroff, Ness B. / MOBIWORP : Mitigation of the wormhole attack in mobile multihop wireless networks. 2006 Securecomm and Workshops. 2006.
@inproceedings{33213972851d45a5bcf76e00d321ff9e,
title = "MOBIWORP: Mitigation of the wormhole attack in mobile multihop wireless networks",
abstract = "In multihop wireless systems, the need for cooperation among nodes to relay each other's packets exposes them to a wide range of security attacks. A particularly devastating attack is the wormhole attack, where a malicious node records control traffic at one location and tunnels it to a colluding node, possibly far away, which replays it locally. This can have an adverse effect on route establishment by preventing nodes from discovering legitimate routes that are more than two hops away. Previous works on tolerating wormhole attacks have focused only on detection and used specialized hardware, such as directional antennas or extremely accurate clocks. More recent work has addressed the problem of locally isolating the malicious nodes. However, all of this work has been done in the context of static networks due to the difficulty of secure neighbor verification with mobile nodes. The existing work on secure neighbor verification has limitations in accuracy, resource requirements, and applicability to ad-hoc and sensor networks. In this paper, we present a countermeasure for the wormhole attack, called MOBIWORP, which alleviates these drawbacks and efficiently mitigates the wormhole attack in mobile networks. MOBIWorp uses a secure central authority (CA) for global tracking of node positions. Local monitoring is used to detect and isolate malicious nodes locally. Additionally, when sufficient suspicion builds up at the CA, it enforces a global isolation of the malicious node from the whole network. The effect of MOBIWORP on the data traffic and the fidelity of detection is brought out through extensive simulation using ns-2.",
keywords = "Mobile ad-hoc networks, Neighbor watch, Node isolation, Secure neighbor discovery, Wormhole attack",
author = "Issa Khalil and Saurabh Bagchi and Shroff, {Ness B.}",
year = "2006",
month = "12",
day = "1",
doi = "10.1109/SECCOMW.2006.359564",
language = "English",
isbn = "1424404231",
booktitle = "2006 Securecomm and Workshops",

}

TY - GEN

T1 - MOBIWORP

T2 - Mitigation of the wormhole attack in mobile multihop wireless networks

AU - Khalil, Issa

AU - Bagchi, Saurabh

AU - Shroff, Ness B.

PY - 2006/12/1

Y1 - 2006/12/1

N2 - In multihop wireless systems, the need for cooperation among nodes to relay each other's packets exposes them to a wide range of security attacks. A particularly devastating attack is the wormhole attack, where a malicious node records control traffic at one location and tunnels it to a colluding node, possibly far away, which replays it locally. This can have an adverse effect on route establishment by preventing nodes from discovering legitimate routes that are more than two hops away. Previous works on tolerating wormhole attacks have focused only on detection and used specialized hardware, such as directional antennas or extremely accurate clocks. More recent work has addressed the problem of locally isolating the malicious nodes. However, all of this work has been done in the context of static networks due to the difficulty of secure neighbor verification with mobile nodes. The existing work on secure neighbor verification has limitations in accuracy, resource requirements, and applicability to ad-hoc and sensor networks. In this paper, we present a countermeasure for the wormhole attack, called MOBIWORP, which alleviates these drawbacks and efficiently mitigates the wormhole attack in mobile networks. MOBIWorp uses a secure central authority (CA) for global tracking of node positions. Local monitoring is used to detect and isolate malicious nodes locally. Additionally, when sufficient suspicion builds up at the CA, it enforces a global isolation of the malicious node from the whole network. The effect of MOBIWORP on the data traffic and the fidelity of detection is brought out through extensive simulation using ns-2.

AB - In multihop wireless systems, the need for cooperation among nodes to relay each other's packets exposes them to a wide range of security attacks. A particularly devastating attack is the wormhole attack, where a malicious node records control traffic at one location and tunnels it to a colluding node, possibly far away, which replays it locally. This can have an adverse effect on route establishment by preventing nodes from discovering legitimate routes that are more than two hops away. Previous works on tolerating wormhole attacks have focused only on detection and used specialized hardware, such as directional antennas or extremely accurate clocks. More recent work has addressed the problem of locally isolating the malicious nodes. However, all of this work has been done in the context of static networks due to the difficulty of secure neighbor verification with mobile nodes. The existing work on secure neighbor verification has limitations in accuracy, resource requirements, and applicability to ad-hoc and sensor networks. In this paper, we present a countermeasure for the wormhole attack, called MOBIWORP, which alleviates these drawbacks and efficiently mitigates the wormhole attack in mobile networks. MOBIWorp uses a secure central authority (CA) for global tracking of node positions. Local monitoring is used to detect and isolate malicious nodes locally. Additionally, when sufficient suspicion builds up at the CA, it enforces a global isolation of the malicious node from the whole network. The effect of MOBIWORP on the data traffic and the fidelity of detection is brought out through extensive simulation using ns-2.

KW - Mobile ad-hoc networks

KW - Neighbor watch

KW - Node isolation

KW - Secure neighbor discovery

KW - Wormhole attack

UR - http://www.scopus.com/inward/record.url?scp=50049132985&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=50049132985&partnerID=8YFLogxK

U2 - 10.1109/SECCOMW.2006.359564

DO - 10.1109/SECCOMW.2006.359564

M3 - Conference contribution

AN - SCOPUS:50049132985

SN - 1424404231

SN - 9781424404230

BT - 2006 Securecomm and Workshops

ER -