Visualization of Wormholes in Sensor Networks

Several protocols have been proposed to defend against wormholes in ad hoc networks by adopting positioning devices, synchronized clocks, or directional antennas. In this paper, we propose a mechanism, MDS-VOW, to detect wormholes in a sensor network. MDS-VOW first reconstructs the layout of the sensors using multi-dimensional scaling. To compensate the distortions caused by distance measurement errors, a surface smoothing scheme is adopted. MDS-VOW then detects the wormhole by visualizing the anomalies introduced by the attack. The anomalies, which are caused by the fake connections through the wormhole, bend the reconstructed surface to pull the sensors that are faraway to each other. Through detecting the bending feature, the wormhole is located and the fake connections are identified. The contributions of MDS-VOW are: (1) it does not require the sensors to be equipped with special hardware, (2) it adopts and combines the techniques from social science, computer graphics, and scientific visualization to attack the problem in network security. We examine the accuracy of the proposed mechanism when the sensors are deployed in a circle area and one wormhole exists in the network. The results show that MDS-VOW has a low false alarm ratio when the distance measurement errors are not large

Wireless Sensor Network Security: Approaches to Detecting and Avoiding Wormhole Attacks

This paper explores Wireless Sensor Networks (WSNs) and the related security issues and complications arising from a specific type of security breach, the wormhole attack. Wormhole attacks against WSNs are classified as passive, external laptop-class threats. Because malicious wormhole attacks are increasing, these attacks pose a serious security threat and increase the costs to maintain a Wireless Sensor Network. Research into preventing wormhole attacks yields two distinct model approach types: Administrator-Viewpoint models and User-Viewpoint models. While the modalities vary, the four Administrator-Viewpoint models reviewed were designed in the early 2000s and suggest defending against wormhole attacks through the use of expensive hardware, packet leashes, or topology visualization systems. On the other hand, the four proposed User-Viewpoint models have become the current theoretical models of choice.  While existing as simulation approaches to defend against wormhole attacks, the User-Viewpoint models use internally calculated routing algorithms to suggest routes to avoid or evade, not defend against, established wormhole routes. This paper confirms the efficacies of the User-Viewpoint models in the lab simulations are viewed as the most promising cost-effective, future security solutions to wormhole attacks

Detection of Hidden Wormhole Attack in Wireless Sensor Networks using Neighborhood and Connectivity Information

Wireless sensor networks (WSNs) have inspired many applications such as military applications, environmental monitoring and other fields. WSN has emergence in various fields, so security is very important issue for sensor networks. Security comes from attacks. Due to the wireless and distributed nature anyone can connect with the network. Among all possible attacks, wormholes are very hard to detect because they can cause damage to the network without knowing the protocols used in the network. It is a powerful attack that can be conducted without requiring any cryptographic breaks. Wormholes are hard to detect because they use a private, out-of-band channel invisible to the underlying sensor network. In this paper we have proposed a wormhole detection protocol based on neighborhood and connectivity information. Performance analysis shows that our proposed approach can effectively detect wormhole attack with less storage cost. Keywords: Wireless sensor network, wormhole, out-of-band, security, neighborhood

A Hop-Count Analysis Scheme for Avoiding Wormhole Attacks in MANET

MANET, due to the nature of wireless transmission, has more security issues compared to wired environments. A specific type of attack, the Wormhole attack does not require exploiting any nodes in the network and can interfere with the route establishment process. Instead of detecting wormholes from the role of administrators as in previous methods, we implement a new protocol, MHA, using a hop-count analysis from the viewpoint of users without any special environment assumptions. We also discuss previous works which require the role of administrator and their reliance on impractical assumptions, thus showing the advantages of MHA

A Unified Wormhole Attack Detection Framework for Mobile Ad hoc Networks

The Internet is experiencing an evolution towards a ubiquitous network paradigm, via the so-called internet-of-things (IoT), where small wireless computing devices like sensors and actuators are integrated into daily activities. Simultaneously, infrastructure-less systems such as mobile ad hoc networks (MANET) are gaining popularity since they provide the possibility for devices in wireless sensor networks or vehicular ad hoc networks to share measured and monitored information without having to be connected to a base station. While MANETs offer many advantages, including self-configurability and application in rural areas which lack network infrastructure, they also present major challenges especially in regard to routing security. In a highly dynamic MANET, where nodes arbitrarily join and leave the network, it is difficult to ensure that nodes are trustworthy for multi-hop routing. Wormhole attacks belong to most severe routing threats because they are able to disrupt a major part of the network traffic, while concomitantly being extremely difficult to detect. This thesis presents a new unified wormhole attack detection framework which is effective for all known wormhole types, alongside incurring low false positive rates, network loads and computational time, for a variety of diverse MANET scenarios. The framework makes three original technical contributions: i) a new accurate wormhole detection algorithm based on packet traversal time and hop count analysis (TTHCA) which identifies infected routes, ii) an enhanced, dynamic traversal time per hop analysis (TTpHA) detection model which is adaptable to node radio range fluctuations, and iii) a method for automatically detecting time measurement tampering in both TTHCA and TTpHA. The thesis findings indicate that this new wormhole detection framework provides significant performance improvements compared to other existing solutions by accurately, efficiently and robustly detecting all wormhole variants under a wide range of network conditions

Secure neighborhood creation in wireless ad hoc networks using hop count discrepancies

A fundamental requirement for nodes in ad hoc and sensor networks is the ability to correctly determine their neighborhood. Many applications, protocols, and network wide functions rely on correct neighborhood discovery. Malicious nodes that taint neighborhood information using wormholes can significantly disrupt the operation of ad hoc networks. Protocols that depend only on cryptographic techniques (e.g, authentication and encryption) may not be able to detect or prevent such attacks. In this paper we propose SECUND, a protocol for creating a SECUre NeighborhooD, that makes use of discrepancies in routing hop count information to detect "true" neighbors and remove those links to nodes that appear to be neighbors, but are not really neighbors. SECUND is simple, localized and needs no special hardware, localization, or synchronization. We evaluate SECUND using simulations and demonstrate its effectiveness in the presence of multiple and multi-ended wormholes. Lastly, we present approaches to improve the efficiency of the SECUND process. © Springer Science+Business Media, LLC 2010

Anchor-Free Localization in Mixed Wireless Sensor Network Systems

Recent technological advances have fostered the emergence of Wireless Sensor Networks (WSNs), which consist of tiny, wireless, battery-powered nodes that are expected to revolutionize the ways in which we understand and construct complex physical systems. A fundamental property needed to use and maintain these WSNs is ``localization\u27\u27, which allows the establishment of spatial relationships among nodes over time. This dissertation presents a series of Geographic Distributed Localization (GDL) algorithms for mixed WSNs, in which both static and mobile nodes can coexist. The GDL algorithms provide a series of useful methods for localization in mixed WSNs. First, GDL provides an approximation called ``hop-coordinates\u27\u27, which improves the accuracy of both hop-counting and connectivity-based measurement techniques. Second, GDL utilizes a distributed algorithm to compute the locations of all nodes in static networks with the help of the hop-coordinates approximation. Third, GDL integrates a sensor component into this localization paradigm for possible mobility and as a result allows for a more complex deployment of WSNs as well as lower costs. In addition, the development of GDL incorporated the possibility of manipulated communications, such as wormhole attacks. Simulations show that such a localization system can provide fundamental support for security by detecting and localizing wormhole attacks. Although several localization techniques have been proposed in the past few years, none currently satisfies our requirements to provide an accurate, efficient and reliable localization for mixed WSNs. The contributions of this dissertation are: (1) our measurement technique achieves better accuracy both in measurement and localization than other methods; (2) our method significantly improves the efficiency of localization in updating location in mixed WSNs by incorporating sensors into the method; (3) our method can detect and locate the communication that has been manipulated by a wormhole in a network without relying on a central server

Secure neighbor discovery in wireless sensor networks using range-free localization techniques

Si una red inalámbrica de sensores se implementa en un entorno hostil, las limitaciones intrínsecas a los nodos conllevan muchos problemas de seguridad. En este artículo se aborda un ataque particular a los protocolos de localización y descubrimiento de vecinos, llevada a cabo por dos nodos que actúan en connivencia y establecen un "agujero de gusano" para tratar de engañar a un nodo aislado, haciéndole creer que se encuentra en la vecindad de un conjunto de nodos locales. Para contrarrestar este tipo de amenazas, se presenta un marco de actuación genéricamente denominado "detection of wormhole attacks using range-free methods" (DWARF) dentro del cual derivamos dos estrategias para de detección de agujeros de gusano: el primer enfoque (DWARFLoc) realiza conjuntamente la localización y la detección de ataques, mientras que el otro (DWARFTest) valida la posición estimada por el nodo una vez finalizado el protocolo de localización. Las simulaciones muestran que ambas estrategias son eficaces en la detección de ataques tipo "agujero de gusano", y sus prestaciones se comparan con las de un test convencional basado en la razón de verosimilitudes