Stealthy attacks in wireless ad hoc networks: Detection and countermeasure

Issa Khalil, Saurabh Bagchi

Research output: Contribution to journalArticle

45 Citations (Scopus)

Abstract

Stealthy packet dropping is a suite of four attacks-misrouting, power control, identity delegation, and colluding collision-that can be easily launched against multihop wireless ad hoc networks. Stealthy packet dropping disrupts the packet from reaching the destination through malicious behavior at an intermediate node. However, the malicious node gives the impression to its neighbors that it performs the legitimate forwarding action. Moreover, a legitimate node comes under suspicion. A popular method for detecting attacks in wireless networks is behavior-based detection performed by normal network nodes through overhearing the communication in their neighborhood. This leverages the open broadcast nature of wireless communication. An instantiation of this technology is local monitoring. We show that local monitoring, and the wider class of overhearing-based detection, cannot detect stealthy packet dropping attacks. Additionally, it mistakenly detects and isolates a legitimate node. We present a protocol called SADEC that can detect and isolate stealthy packet dropping attack efficiently. SADEC presents two techniques that can be overlaid on baseline local monitoring: having the neighbors maintain additional information about the routing path, and adding some checking responsibility to each neighbor. Additionally, SADEC provides an innovative mechanism to better utilize local monitoring by considerably increasing the number of nodes in a neighborhood that can do monitoring. We show through analysis and simulation experiments that baseline local monitoring fails to efficiently mitigate most of the presented attacks while SADEC successfully mitigates them.

Original languageEnglish
Article number5677538
Pages (from-to)1096-1112
Number of pages17
JournalIEEE Transactions on Mobile Computing
Volume10
Issue number8
DOIs
Publication statusPublished - 1 Aug 2011

    Fingerprint

Keywords

  • Local monitoring
  • misrouting
  • multihop wireless networks
  • packet dropping
  • transmission power control

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Cite this