43 research outputs found

    A New MANET Wormhole Detection Algorithm Based on Traversal Time and Hop Count Analysis

    Get PDF
    As demand increases for ubiquitous network facilities, infrastructure-less and self-configuring systems like Mobile Ad hoc Networks (MANET) are gaining popularity. MANET routing security however, is one of the most significant challenges to wide scale adoption, with wormhole attacks being an especially severe MANET routing threat. This is because wormholes are able to disrupt a major component of network traffic, while concomitantly being extremely difficult to detect. This paper introduces a new wormhole detection paradigm based upon Traversal Time and Hop Count Analysis (TTHCA), which in comparison to existing algorithms, consistently affords superior detection performance, allied with low false positive rates for all wormhole variants. Simulation results confirm that the TTHCA model exhibits robust wormhole route detection in various network scenarios, while incurring only a small network overhead. This feature makes TTHCA an attractive choice for MANET environments which generally comprise devices, such as wireless sensors, which possess a limited processing capability

    A Packet Traversal Time per Hop based Adaptive Wormhole Detection Algorithm for MANETs

    Get PDF
    Routing security challenges significantly impact the wide-scale adoption of mobile ad hoc networks (MANET), with wormholes constituting an especially severe threat. Wormhole detection algorithms like traversal time and hop count analysis (TTHCA) and modified transmission time-based mechanism (M-TTM) combine effective detection with low traffic overheads. TTHCA measures packet traversal time (PTT) per route hop count (HC), while M-TTM compares an expected round trip time (RTT) with a measured RTT. However, using only fixed thresholds for the permissible PTT/HC and measured RTT deviations respectively, both algorithms are compromised so participation mode (PM), out-of-band (O-B) wormholes are inadequately detected in MANETs with large radio range fluctuations. This paper presents an extended variant of the TTHCA algorithm called traversal time per hop analysis (TTpHA) that dynamically adapts the PTT per hop threshold to prevailing MANET conditions and nodes’ radio coverage. Experimental results confirm TTpHA provides superior PM O-B detection performance compared to TTHCA and M-TTM, with commensurately low false positive rates and traffic overheads

    Identifying time measurement tampering in the traversal time and hop count analysis (TTHCA) wormhole detection algorithm

    Get PDF
    Traversal time and hop count analysis (TTHCA) is a recent wormhole detection algorithm for mobile ad hoc networks (MANET) which provides enhanced detection performance against all wormhole attack variants and network types. TTHCA involves each node measuring the processing time of routing packets during the route discovery process and then delivering the measurements to the source node. In a participation mode (PM) wormhole where malicious nodes appear in the routing tables as legitimate nodes, the time measurements can potentially be altered so preventing TTHCA from successfully detecting the wormhole. This paper analyses the prevailing conditions for time tampering attacks to succeed for PM wormholes, before introducing an extension to the TTHCA detection algorithm called ∆T Vector which is designed to identify time tampering, while preserving low false positive rates. Simulation results confirm that the ∆T Vector extension is able to effectively detect time tampered MANET attacks, thereby providing an important security enhancement to the TTHCA algorithm

    MLAMAN: a novel multi-level authentication model and protocol for preventing wormhole attack in mobile ad hoc network

    Full text link
    © 2018, Springer Science+Business Media, LLC, part of Springer Nature. Wormhole attack is a serious security issue in Mobile Ad hoc Network where malicious nodes may distort the network topology and obtain valuable information. Many solutions, based on round trip time, packet traversal time, or hop-count, have been proposed to detect wormholes. However, these solutions were only partially successful in dealing with node high-speed mobility, variable tunnel lengths, and fake information by malicious nodes. To address those issues, this paper proposes a novel multi-level authentication model and protocol (MLAMAN) for detecting and preventing wormhole attacks reliably. MLAMAN allows all intermediate nodes to authenticate control packets on a hop-by-hop basis and at three levels: (1) the packet level where the integrity of the packets can be verified, (2) the node membership level where a public key holder-member can be certified, and (3) the neighborhood level where the neighborhood relationship between nodes can be determined. The novelty of the model is that it prevents malicious nodes from joining the network under false information and pretense. It detects wormhole nodes effectively under various scenarios including variable tunnel lengths and speeds of moving nodes. The effectiveness of our approach is confirmed by simulation results through various scenarios

    A SOLUTION TO DETECT AND PREVENT WORMHOLE ATTACKS IN MOBILE AD HOC NETWORK

    Get PDF
    Wormhole attack is one of varied types of Denial-of-Service attacks in Mobile Ad hoc Network. For purpose of attack, the attackers use the two malicious nodes connected with each other by a tunnel that is aimed at eavesdropping or damaging the data packet. Previous researches aiming at securing against the wormhole attacks was published, typical as detection algorithms based on Round Trip Time or Packet Traversal Time, or hop-count based analysis. They have the detection effectiveness is mitigated on the network topology with high mobility nodes, and depends on tunnel length. This article proposes a Valid Route Testing Mechanism (VRTM) and integration of VRTM into AODV protocol to make DWAODV which is able to detect and prevent the wormhole attacks. Using Network Simulator (NS2), we evaluate the security effectiveness of DWAODV protocol on random movement network topology at high speed. The simulation results shows that our solution is capable of detecting successfully over 99% of invalid routes, and small depend on tunnel length. In addition, in the normal network topology, the routing performance of DWAODV is approximately as AODV based on the metrics including the average length of each discovered routing path, packet delivery ratio, network throughput and routing load

    A NOVEL ALGORITHM BASED ON TRUST AUTHENTICATION MECHANISMS TO DETECT AND PREVENT MALICIOUS NODES IN MOBILE AD HOC NETWORK

    Get PDF
    Ad hoc On-demand Distance Vector (AODV) routing protocol is one of the most popular reactive protocol used for Mobile Ad hoc Network, is target of many attack types. Some research works published related to improve of AODV based on digital signature, typical as SAODV and ARAN. However, they have some weakness, malicious can pass over security wall of SAODV by using fake keys, both of SAODV and ARAN can't detect wormhole nodes in hide mode. In additions, detection solutions based on characteristics of attack types have proposed, they only bring about efficiency for each independent type of attack and malicious nodes can join to the discovered route by deliberately giving fake information concerning. This article proposes a trust authentication mechanisms (TAM) using public-key cryptograms RSA and digital certificates (DC) based on X509 standard. TAM allows a mobile node authenticates preceding nodes by checking control route packets through 3 steps: (1) Digital certificates; (2) actual neighbors; and (3) packet integrity authentications. Analysis results confirm that TAM can detect and prevent almost current routing protocol attack types, such as Blackhole/ Sinkhole, Grayhole, Flooding, Whirlwind and participation mode Wormhole attacks. Specially, the simulation results in NS2 show that TAM can detect and prevent successful to 100\% malicious nodes using fake keys for all scenarios based on the number of UDP connections, 100% hide mode wormhole nodes for immobility scenarios and above 99% (the mistaken rate below 1.0%) for all mobility scenarios with 30m/s of maximum speeds and 1hop minimum tunnel length
    corecore