Feature Engineering for Detection of Wormhole Attacking in Mobile Ad Hoc Networks with Machine Learning Methods

Due to the self-configuring nature of a Mobile Ad Hoc Network (MANET), each node must participate in the routing process, in addition to its other activities. Therefore, routing in a MANET is especially vulnerable to malicious node activity leading to potentially severe disruption in network communications. The wormhole attack is a particularly severe MANET routing threat since it is easy to launch, can be launched in several modes, difficult to detect, and can cause significant communication disruption. In this paper we establish a practice for feature engineering of network data for wormhole attack prevention and detection with intrusion detection methods based on machine learning

A secure method to detect wormhole attack in mobile adhoc network

According to recent advances in wireless telecommunications, the performance and use of wireless technologies has increased extremely. In this study concerned on the Mobile Ad-hoc Network (MANET) is a collection of self-configuring mobile node without any infrastructure. There are different security flaws and attacks on the routing protocols in the MANET. One of the critical threats is the wormhole attacks, which have attracted a great deal of attention over the years. The wormhole attack can affect the performance of different routing protocols. During this attack, a malicious node captures packets from one location in the network, and “tunnels” them to another malicious node at a distant point, which replays them locally. This study presents a review of the most important solutions for counteracting wormhole attacks, as well as presents proposed method on DSR routing protocol for detecting them. The performance of the proposed method was examined through ns-2 simulations. Hence, the results show that proposed method can detect this serious attack in a Mobile Adhoc Network

A Unified Wormhole Attack Detection Framework for Mobile Ad hoc Networks

The Internet is experiencing an evolution towards a ubiquitous network paradigm, via the so-called internet-of-things (IoT), where small wireless computing devices like sensors and actuators are integrated into daily activities. Simultaneously, infrastructure-less systems such as mobile ad hoc networks (MANET) are gaining popularity since they provide the possibility for devices in wireless sensor networks or vehicular ad hoc networks to share measured and monitored information without having to be connected to a base station. While MANETs offer many advantages, including self-configurability and application in rural areas which lack network infrastructure, they also present major challenges especially in regard to routing security. In a highly dynamic MANET, where nodes arbitrarily join and leave the network, it is difficult to ensure that nodes are trustworthy for multi-hop routing. Wormhole attacks belong to most severe routing threats because they are able to disrupt a major part of the network traffic, while concomitantly being extremely difficult to detect. This thesis presents a new unified wormhole attack detection framework which is effective for all known wormhole types, alongside incurring low false positive rates, network loads and computational time, for a variety of diverse MANET scenarios. The framework makes three original technical contributions: i) a new accurate wormhole detection algorithm based on packet traversal time and hop count analysis (TTHCA) which identifies infected routes, ii) an enhanced, dynamic traversal time per hop analysis (TTpHA) detection model which is adaptable to node radio range fluctuations, and iii) a method for automatically detecting time measurement tampering in both TTHCA and TTpHA. The thesis findings indicate that this new wormhole detection framework provides significant performance improvements compared to other existing solutions by accurately, efficiently and robustly detecting all wormhole variants under a wide range of network conditions

A Survey on Intrusion Detection System in MANET

A mobile ad hoc network is an infrastructure less network which is prone to various malicious attacks when incorporated in applications. It is a dreadful task for attaining security to the greatest degree in MANET. This is awaited to the diverse characteristics of mobile ad hoc networks which unlike from well-established infrastructure network. In order to overcome this security challenges the Intrusion detection systems have been deployed in the ad hoc network. In this paper we focus on surveying heterogeneous intrusion detection systems used in MANET for defending various attacks

Topological Comparison-based Wormhole Detection for Manet

Wormhole attack is considered one of the mostthreatening security attacks for mobile ad hocnetworks (MANET). In a wormhole attack, a tunnelis setup in advance between two colluders. Thecolluders record packets at one location and forwardthem through the tunnel to another location in thenetwork. Depending on whether or not the colludersare participating in the network functions, thewormhole attack can be further divided into twocategories: traditional wormhole attack andByzantine wormhole attack. Existing researchesfocusing on detecting traditional wormhole attackscan be classified into three categories: one-hop delaybased approach; topological analysis based orspecial hardware/middleware based approaches.Unfortunately, they all have their own limitations.Most of the researches detecting Byzantinewormhole attack are not addressing the Byzantinewormhole attack directly. Instead, they focus onobserving the consequence after a Byzantinewormhole attack, like packet dropping ormodification. In this paper, we propose to detectboth traditional and Byzantine wormhole attacks bydetecting some topological anomalies introduced bywormhole tunnels. Simulation results show that ourscheme can achieve both high wormhole attackdetection rate and accuracy. Our scheme is alsosimple to implement

Routing Security in Mobile Ad-hoc Networks

The role of infrastructure-less mobile ad hoc networks (MANETs) in ubiquitous networks is outlined. In a MANET there are no dedicated routers and all network nodes must contribute to routing. Classification of routing protocols for MANET is based on how routing information is acquired and maintained by mobile nodes and/or on roles of network nodes in a routing. According to the first classification base, MANET routing protocols are proactive, reactive, or hybrid combinations of proactive and reactive protocols. According to the role-based classification, MANET routing protocols are either uniform when all network nodes have the same role or non-uniform when the roles are different and dedicated. A contemporary review of MANET routing protocols is briefly presented. Security attacks against MANET routing can be passive and or active. The purpose of the former is information retrieval, for example network traffic monitoring, while the latter is performed by malicious nodes with the express intention of disturbing, modifying or interrupting MANET routing. An overview of active attacks based on modification, impersonation/ spoofing, fabrication, wormhole, and selfish behavior is presented. The importance of cryptography and trust in secure MANET routing is also outlined, with relevant security extensions of existing routing protocols for MANETs described and assessed. A comparison of existing secure routing protocols form the main contribution in this paper, while some future research challenges in secure MANET routing are discussed

Designing an Adversarial Model Against Reactive and Proactive Routing Protocols in MANETS: A Comparative Performance Study

Mobile ad-hoc networks are self-organized infrastructure less networks that consists of mobile nodes, which are capable of maintaining and forming the network by themselves. Recently, researchers are designed several routing protocols on these networks. However, these routing protocols are more vulnerable to attacks from the intruders, which can easily paralyze the operation of the network due to its inherited characteristics of MANETS. One such type of attack is wormhole attack. Because of its severity, the wormhole attack has attracted a great deal of attention in the research community. This paper compares reactive and proactive routing protocols in adversarial environment. Specifically, wormhole attack is applied to these routing protocols to evaluate its performance through simulation. Comprehensively the results shows the comparative performance of these protocols against wormhole attack is hard to detect and easy to implement