43 research outputs found
Recommended from our members
A Unified Wormhole Attack Detection Framework for Mobile Ad hoc Networks
The Internet is experiencing an evolution towards a ubiquitous network paradigm, via the so-called internet-of-things (IoT), where small wireless computing devices like sensors and actuators are integrated into daily activities. Simultaneously, infrastructure-less systems such as mobile ad hoc networks (MANET) are gaining popularity since they provide the possibility for devices in wireless sensor networks or vehicular ad hoc networks to share measured and monitored information without having to be connected to a base station. While MANETs offer many advantages, including self-configurability and application in rural areas which lack network infrastructure, they also present major challenges especially in regard to routing security. In a highly dynamic MANET, where nodes arbitrarily join and leave the network, it is difficult to ensure that nodes are trustworthy for multi-hop routing. Wormhole attacks belong to most severe routing threats because they are able to disrupt a major part of the network traffic, while concomitantly being extremely difficult to detect.
This thesis presents a new unified wormhole attack detection framework which is effective for all known wormhole types, alongside incurring low false positive rates, network loads and computational time, for a variety of diverse MANET scenarios. The framework makes three original technical contributions: i) a new accurate wormhole detection algorithm based on packet traversal time and hop count analysis (TTHCA) which identifies infected routes, ii) an enhanced, dynamic traversal time per hop analysis (TTpHA) detection model which is adaptable to node radio range fluctuations, and iii) a method for automatically detecting time measurement tampering in both TTHCA and TTpHA.
The thesis findings indicate that this new wormhole detection framework provides significant performance improvements compared to other existing solutions by accurately, efficiently and robustly detecting all wormhole variants under a wide range of network conditions
A New MANET Wormhole Detection Algorithm Based on Traversal Time and Hop Count Analysis
As demand increases for ubiquitous network facilities, infrastructure-less and self-configuring systems like Mobile Ad hoc Networks (MANET) are gaining popularity. MANET routing security however, is one of the most significant challenges to wide scale adoption, with wormhole attacks being an especially severe MANET routing threat. This is because wormholes are able to disrupt a major component of network traffic, while concomitantly being extremely difficult to detect. This paper introduces a new wormhole detection paradigm based upon Traversal Time and Hop Count Analysis (TTHCA), which in comparison to existing algorithms, consistently affords superior detection performance, allied with low false positive rates for all wormhole variants. Simulation results confirm that the TTHCA model exhibits robust wormhole route detection in various network scenarios, while incurring only a small network overhead. This feature makes TTHCA an attractive choice for MANET environments which generally comprise devices, such as wireless sensors, which possess a limited processing capability
Recommended from our members
Feature Engineering for Detection of Wormhole Attacking in Mobile Ad Hoc Networks with Machine Learning Methods
Due to the self-configuring nature of a Mobile Ad Hoc Network (MANET), each node must participate in the routing process, in addition to its other activities. Therefore, routing in a MANET is especially vulnerable to malicious node activity leading to potentially severe disruption in network communications. The wormhole attack is a particularly severe MANET routing threat since it is easy to launch, can be launched in several modes, difficult to detect, and can cause significant communication disruption. In this paper we establish a practice for feature engineering of network data for wormhole attack prevention and detection with intrusion detection methods based on machine learning
A Packet Traversal Time per Hop based Adaptive Wormhole Detection Algorithm for MANETs
Routing security challenges significantly impact the wide-scale adoption of mobile ad hoc networks (MANET), with wormholes constituting an especially severe threat. Wormhole detection algorithms like traversal time and hop count analysis (TTHCA) and modified transmission time-based mechanism (M-TTM) combine effective detection with low traffic overheads. TTHCA measures packet traversal time (PTT) per route hop count (HC), while M-TTM compares an expected round trip time (RTT) with a measured RTT. However, using only fixed thresholds for the permissible PTT/HC and measured RTT deviations respectively, both algorithms are compromised so participation mode (PM), out-of-band (O-B) wormholes are inadequately detected in MANETs with large radio range fluctuations. This paper presents an extended variant of the TTHCA algorithm called traversal time per hop analysis (TTpHA) that dynamically adapts the PTT per hop threshold to prevailing MANET conditions and nodes’ radio coverage. Experimental results confirm TTpHA provides superior PM O-B detection performance compared to TTHCA and M-TTM, with commensurately low false positive rates and traffic overheads
Identifying time measurement tampering in the traversal time and hop count analysis (TTHCA) wormhole detection algorithm
Traversal time and hop count analysis (TTHCA) is a recent wormhole detection algorithm for mobile ad hoc networks (MANET) which provides enhanced detection performance against all wormhole attack variants and network types. TTHCA involves each node measuring the processing time of routing packets during the route discovery process and then delivering the measurements to the source node. In a participation mode (PM) wormhole where malicious nodes appear in the routing tables as legitimate nodes, the time measurements can potentially be altered so preventing TTHCA from successfully detecting the wormhole. This paper analyses the prevailing conditions for time tampering attacks to succeed for PM wormholes, before introducing an extension to the TTHCA detection algorithm called ∆T Vector which is designed to identify time tampering, while preserving low false positive rates. Simulation results confirm that the ∆T Vector extension is able to effectively detect time tampered MANET attacks, thereby providing an important security enhancement to the TTHCA algorithm
Recommended from our members
Research Findings on Wormhole Attack Detection in Mobile Ad Hoc Networks
The Internet is moving from the traditional desktop network paradigm to a ubiquitous paradigm where a multitude of small computing devices such as computer chips and smart sensors are involved in daily activities and routines. This means that a rapidly growing amount of devices are connected to the Internet. At the same time, infrastructure-less and self-configuring systems like Mobile Ad hoc Networks (MANET) are gaining popularity since they provide a possibility for mobile devices to share information with each other without being dependent on a core infrastructure. Routing security in MANETs is, however, a significant challenge to wide scale adoption. One of the most severe security threats to MANET routing is the wormhole attack due to its ability to disrupt a significant proportion of network traffic, while simultaneously being difficult to detect. This paper provides an overview of recent research findings on wormhole attack detection in MANETs collected from a joint research project with Arcada University of Applied Sciences in Finland and The Open University, UK
MLAMAN: a novel multi-level authentication model and protocol for preventing wormhole attack in mobile ad hoc network
© 2018, Springer Science+Business Media, LLC, part of Springer Nature. Wormhole attack is a serious security issue in Mobile Ad hoc Network where malicious nodes may distort the network topology and obtain valuable information. Many solutions, based on round trip time, packet traversal time, or hop-count, have been proposed to detect wormholes. However, these solutions were only partially successful in dealing with node high-speed mobility, variable tunnel lengths, and fake information by malicious nodes. To address those issues, this paper proposes a novel multi-level authentication model and protocol (MLAMAN) for detecting and preventing wormhole attacks reliably. MLAMAN allows all intermediate nodes to authenticate control packets on a hop-by-hop basis and at three levels: (1) the packet level where the integrity of the packets can be verified, (2) the node membership level where a public key holder-member can be certified, and (3) the neighborhood level where the neighborhood relationship between nodes can be determined. The novelty of the model is that it prevents malicious nodes from joining the network under false information and pretense. It detects wormhole nodes effectively under various scenarios including variable tunnel lengths and speeds of moving nodes. The effectiveness of our approach is confirmed by simulation results through various scenarios
A SOLUTION TO DETECT AND PREVENT WORMHOLE ATTACKS IN MOBILE AD HOC NETWORK
Wormhole attack is one of varied types of Denial-of-Service attacks in Mobile Ad hoc Network. For purpose of attack, the attackers use the two malicious nodes connected with each other by a tunnel that is aimed at eavesdropping or damaging the data packet. Previous researches aiming at securing against the wormhole attacks was published, typical as detection algorithms based on Round Trip Time or Packet Traversal Time, or hop-count based analysis. They have the detection effectiveness is mitigated on the network topology with high mobility nodes, and depends on tunnel length. This article proposes a Valid Route Testing Mechanism (VRTM) and integration of VRTM into AODV protocol to make DWAODV which is able to detect and prevent the wormhole attacks. Using Network Simulator (NS2), we evaluate the security effectiveness of DWAODV protocol on random movement network topology at high speed. The simulation results shows that our solution is capable of detecting successfully over 99% of invalid routes, and small depend on tunnel length. In addition, in the normal network topology, the routing performance of DWAODV is approximately as AODV based on the metrics including the average length of each discovered routing path, packet delivery ratio, network throughput and routing load
A NOVEL ALGORITHM BASED ON TRUST AUTHENTICATION MECHANISMS TO DETECT AND PREVENT MALICIOUS NODES IN MOBILE AD HOC NETWORK
Ad hoc On-demand Distance Vector (AODV) routing protocol is one of the most popular reactive protocol used for Mobile Ad hoc Network, is target of many attack types. Some research works published related to improve of AODV based on digital signature, typical as SAODV and ARAN. However, they have some weakness, malicious can pass over security wall of SAODV by using fake keys, both of SAODV and ARAN can't detect wormhole nodes in hide mode. In additions, detection solutions based on characteristics of attack types have proposed, they only bring about efficiency for each independent type of attack and malicious nodes can join to the discovered route by deliberately giving fake information concerning. This article proposes a trust authentication mechanisms (TAM) using public-key cryptograms RSA and digital certificates (DC) based on X509 standard. TAM allows a mobile node authenticates preceding nodes by checking control route packets through 3 steps: (1) Digital certificates; (2) actual neighbors; and (3) packet integrity authentications. Analysis results confirm that TAM can detect and prevent almost current routing protocol attack types, such as Blackhole/ Sinkhole, Grayhole, Flooding, Whirlwind and participation mode Wormhole attacks. Specially, the simulation results in NS2 show that TAM can detect and prevent successful to 100\% malicious nodes using fake keys for all scenarios based on the number of UDP connections, 100% hide mode wormhole nodes for immobility scenarios and above 99% (the mistaken rate below 1.0%) for all mobility scenarios with 30m/s of maximum speeds and 1hop minimum tunnel length