23-06-2012, 05:25 PM
A Simple Algorithm for Detection and Removal of Wormhole Attacks for Secure Routing In Ad Hoc Wireless Networks
A Simple Algorithm.pdf (Size: 159.68 KB / Downloads: 64)
INTRODUCTION
In all possible methods of attacks in Mobile Ad hoc Networks (MANETs), the wormhole attack is one of the
most threatening and hazardous attacks. A wormhole attack is usually performed by two or more malicious
nodes in conspiracy. Two malicious nodes at different locations send received routing messages to each other
via a secrete channel. In this way, although the two malicious nodes are located far from each other, they appear
to be within one-hop communication range. Therefore, the route passing through the malicious nodes is very
likely to be shorter than any other regular one. Wormhole nodes can easily grab the route from the source node
to the destination node, and then sniff, drop, or selective-drop data packets passed by. The wormhole attack can
be launched regardless of the MAC, routing, or cryptographic protocols used in the network and is thus difficult
to defend against. Defense mechanisms against this attack are either very complex or very expensive. Most of
the wormhole defense mechanisms aim to detect wormholes successfully with minimal false positives.
Unfortunately, the defense schemes ignore the removal of the links created by the wormhole. We note that a
single two-end wormhole could be thought of logically as a single link. In reality, the wormhole creates a large
number of links between many nodes in the network. The nodes will not be aware of this fact and will be using
the wormhole links as legal links. Wormhole nodes can successfully execute such attacks without compromising
any computer, and are unavoidable, even though some MANETs provide authenticity and confidentiality
PROPSED ROUTING ALGORITHM
Hybrid routing algorithm is used to provide the common solution to three different techniques. This protocol is
based on On-demand ad hoc routing protocol (AODV).Brief description of three different techniques.
Anomaly Based Detection (Route Reply Decision Packet)
The principle of WARRDP is to allow neighboring nodes of a wormhole node to notice that the wormhole node
ha extreme capacity of competition in path discovery. In the path discovery of WARRDP, an intermediate node
will attempt to create a route that does not go through a hot neighbor node, which has a route-building rate
higher than the threshold. Thus, not only are wormhole nodes gradually identified and isolated by their normal
neighboring nodes.
Anomaly Detection Method
34. Each Node sends Hello message to its entire neighbor periodically to ensure the neighbors presence. We
create an additional field Anomaly_value which holds the node anomaly value.
35. Anomaly value of a node is defined as its presence in different route from source to destination
36. Anomaly value depends on the no of source and destination pairs present in the network.
37. Each node calculate their anomaly value by using the formula
Anomaly_ value = rrep_dec_count/(rrep_count+1).
38. Each Node receives Hello message it checks the anomaly values of the neighbor.
39. Initially anomaly value is zero at each node. It needs some time gap to update their anomaly values.
40. Anomaly values varies from ½,2/3,3/4,… depends on the number of sending RREP_DEC messages and
number of RREP messages.
CONCLUSION
In this study we analyzed the effects of wormhole attack in ad hoc wireless networks. We implemented an
AODV protocol that simulates the behavior of wormhole attack in NS-2.In this method we have used very
simple and effective way of providing security in AODV routing protocol against wormhole attack that causes
the interception and confidentiality of the ad hoc wireless networks. Security against wormhole attack is
provided by using a simple wormhole algorithm. This algorithm has better performance comparing to three
nodes and isolates it from the active data forwarding. As from the results we can easily infer that the
performance of the normal AODV drops under the presence of worm hole attack.