A survey on complex wormhole attack in wireless
Download as PPTX, PDF1 like845 views
This document discusses wormhole attacks in wireless networks. It begins by defining a wormhole attack as when a malicious node captures packets from one location and tunnels them to another malicious node in a distant location. It then describes different modes of wormhole attacks including using encapsulation, out-of-band channels, high power transmission, packet relay, and protocol deviations. It classifies wormholes as open, half-open, or closed and compares the different attack modes from an attacker's perspective in terms of advantages, disadvantages, challenges, and possible solutions. Finally, it provides references for further research on wormhole attack detection and prevention techniques.
![References
[1] C. Karlof and D. Wagner, "Secure Routing in Sensor Networks: Attacks and
Countermeasures," in 1st IEEE International Workshop on Sensor Network Protocols and
Applications (WSNA), 2003, pp. 113-127.
[2] Y. C. Hu, A. Perrig, and D. B. Johnson, "Packet Leashes: A Defense Against Wormhole
Attacks in Wireless Networks," in 22nd Annual Joint Conference of the IEEE Computer and
Communications Societies (INFOCOM), 2003, pp. 1976-1986.
[3] L. Hu and D. Evans, "Using Directional Antennas to Prevent Wormhole Attacks," in
Network and Distributed System Security Symposium (NDSS), San Diego.2004 ,
[4] I. Khalil, "LITEWORP: A Lightweight Countermeasure for the Wormhole Attack in
Multihop Wireless Networks," in DSN '05: Proceedings of the 2005 International
Conference on Dependable Systems and Networks (DSN'05), 2005, pp. 612-621.
[5] K. Issa, B. Saurabh, and B. S. Ness, "LiteWorp: Detection and Isolation of the Wormhole
Attack in Static Multihop Wireless Networks," The International Journal of Computer and
Telecommunications Networking vol. 51, pp. 3750 3772, 2007.
[6] W. Wang, B. Bhargava, Y. Lu, and X. Wu, "Defending Against Wormhole Attacks in
Mobile Ad Hoc Networks," Wiley Journal on Wireless Communications and Mobile
Computing, vol. 5, pp. 1- 21, 2005.
[7] K. Lee, H. Jeon, and D. Kim, "Wormhole Detection Method based on Location in
Wireless Ad-Hoc Networks," in New Technologies, Mobility and Security: Springer
Netherlands, 2007, pp. 361-372.
16](https://image.slidesharecdn.com/asurveyoncomplexwormholeattackinwireless-140529031203-phpapp02/85/A-survey-on-complex-wormhole-attack-in-wireless-16-320.jpg)
A survey on complex wormhole attack in wireless
- 1. Presented by : Farrukh Azad M. Jain and H. Kandwal Dept. Of Inf. Technol., Guru Gobind Singh Indraprastha Univ., New Delhi, India International Conference on Advances in Computing, Control, & Telecommunication Technologies, 2009. ACT '09. December 2009, pp. 555-558 IEEE 1
- 2. Wormhole Attack A malicious node captures packets from one location in the network, and tunnels them to another malicious node at a distant point, which replays them locally. The tunnel can be established: through an out-of-band hidden channel (e.g., a wired link) packet encapsulation High powered transmission 2
- 3. Wormhole Attack Modes Wormhole attacks can be launched using several modes, among these modes are Wormhole using encapsulation Wormhole Out-of-Band Channel Wormhole with High Power Transmission Wormhole using Packet Relay Wormhole using Protocol Deviations 3
- 4. Wormhole Using Encapsulation A want to communicate with B, A broadcast RREQ. X (malicious node) receive RREQ . Encapsulation RREQ and send to Y (malicious node) B select path A-X-Y-B (3 hops) , drop path A-C-D-E-B(4 Hops) This prevents nodes from discovering legitimate paths that are more than two hops away. 4
- 5. Wormhole Out-of-Band Channel Out-of-Band Channel: a long range directional wireless link direct wired link difficult to launch than the previous one since it needs specialized hardware capability. 5
- 6. Wormhole with High Power Transmission a single malicious node gets a RREQ(without the participation of a colluding node) Broadcasts the request at a high power level Any node that hears the high-power broadcast rebroadcasts it towards the destination. 6
- 7. Wormhole Using Packet Relay a malicious node relays packets between two distant nodes to convince them that they are neighbors 7
- 8. Wormhole Using Protocol Deviations During the RREQ forwarding, the nodes typically back off for a random amount of time before forwarding reduce MAC layer collisions. A malicious node can create a wormhole by simply not complying with the protocol and broadcasting without backing off. The purpose is to let the request packet it forwards arrive first at the destination. 8
- 9. Classification Of Wormholes Three types: closed, half open, and open. Open Wormhole Attack: the attackers include themselves in the RREQ packet header following the route discovery procedure. Other nodes are aware that the malicious nodes lie on the path but they would think that the malicious nodes are direct neighbors. 9
- 10. Classification Of Wormholes Half open Wormhole Attack One side of wormhole does not modify the packet and only another side modifies the packet, following the route discovery procedure. 10
- 11. Classification Of Wormholes Closed Wormhole Attack The attackers do not modify the content of the packet, even the packet in a route discovery packet. they simply tunnel the packet 11
- 12. Comparison Between The Wormhole Attack Modes From An Attacker’s Perspective 12 Advantages: Encapsulation Out of Band High Power Packet Relay Protocol Deviations smaller probability of a RREQ being discarded smaller probability of a RREQ being discarded smaller probability of a RREQ being discarded Control packet seems to arrive using the minimum number of Hops Min number of hops. Min number of hops. Min number of hops. Control packet Arrives faster Control packets arrive faster Two nodes think they are neighbors Control packet arrives faster. No need for colluding nodes
- 13. Comparison Between The Wormhole Attack Modes From An Attacker’s Perspective 13 Disadvantages Encapsulation Out of Band High Power Packet Relay Protocol Deviations Resources and time consumption in packet encapsulation specialized hardware capability Needs power spend resources for Processing RREQ packets and hiding their IDs collisions occurrence time difference in control packets arrival could be very remarkable. difference be noticed high speed
- 14. Comparison Between The Wormhole Attack Modes From An Attacker’s Perspective 14 Challenges to be faced Encapsulation Out of Band High Power Packet Relay Protocol Deviations having a predetermined Path to colluding node special Hardware Power adjustments are needed proper positions for malicious nodes Collisions Hiding malicious node Names intermediate Node can checks the contents of the sent Packet Optimum number of relaying Communication between relaying nodes
- 15. Comparison Between The Wormhole Attack Modes From An Attacker’s Perspective 15 Possible solutions for challenges Encapsulation Out of Band High Power Packet Relay Protocol Deviations having a predetermined Path to colluding node special Hardware Power adjustments are needed proper positions for malicious nodes Collisions Hiding malicious node Names intermediate Node can checks the contents of the sent Packet Optimum number of relaying Communication between relaying nodes send regular RREQ packets to establish paths. complex attacks will solve this problem different power levels primary network topology. Start by having a large number of relaying nodes and then minimize them to get the optimum performance. A priority or round robin scheme for malicious nodes packets could be used
- 16. References [1] C. Karlof and D. Wagner, "Secure Routing in Sensor Networks: Attacks and Countermeasures," in 1st IEEE International Workshop on Sensor Network Protocols and Applications (WSNA), 2003, pp. 113-127. [2] Y. C. Hu, A. Perrig, and D. B. Johnson, "Packet Leashes: A Defense Against Wormhole Attacks in Wireless Networks," in 22nd Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM), 2003, pp. 1976-1986. [3] L. Hu and D. Evans, "Using Directional Antennas to Prevent Wormhole Attacks," in Network and Distributed System Security Symposium (NDSS), San Diego.2004 , [4] I. Khalil, "LITEWORP: A Lightweight Countermeasure for the Wormhole Attack in Multihop Wireless Networks," in DSN '05: Proceedings of the 2005 International Conference on Dependable Systems and Networks (DSN'05), 2005, pp. 612-621. [5] K. Issa, B. Saurabh, and B. S. Ness, "LiteWorp: Detection and Isolation of the Wormhole Attack in Static Multihop Wireless Networks," The International Journal of Computer and Telecommunications Networking vol. 51, pp. 3750 3772, 2007. [6] W. Wang, B. Bhargava, Y. Lu, and X. Wu, "Defending Against Wormhole Attacks in Mobile Ad Hoc Networks," Wiley Journal on Wireless Communications and Mobile Computing, vol. 5, pp. 1- 21, 2005. [7] K. Lee, H. Jeon, and D. Kim, "Wormhole Detection Method based on Location in Wireless Ad-Hoc Networks," in New Technologies, Mobility and Security: Springer Netherlands, 2007, pp. 361-372. 16
- 17. 17