28-06-2014, 03:40 PM
ANALYSIS OF DETECTING WORMHOLE ATTACK IN WIRELESS NETWORK
ANALYSIS OF DETECTING WORMHOLE ATTACK IN WIRELESS NETWORK.docx (Size: 63.86 KB / Downloads: 10)
Abstract
In multi hop wireless systems, such as ad hoc and sensor networks, mobile ad hoc network applications are deployed, security emerges as a central requirement. A particularly devastating attack is known as the wormhole attack, where two or more malicious colluding nodes create a higher level virtual tunnel in the network, which is employed to transport packets between the tunnel end points. These tunnels emulate shorter links in the network. In which adversary records transmitted packets at one location in the network, tunnels them to another location, and retransmits them into the network. The wormhole attack is possible even if the attacker has not compromised any hosts and even if all communication provides authenticity and confidentiality. In this paper, we analyze wormhole attack nature in ad hoc and sensor networks and existing methods of the defending mechanism to detect wormhole attacks without require any specialized hardware. This analysis able to provide in establishing a method to reduce the rate of refresh time and the response time to become more faster.
INTRODUCTION
Wireless Sensor Networks (WSNs) are rapidly emerging as a new field of research. WSNs are built with a large number of tiny and inexpensive sensor nodes that are equipped with low-bandwidth radios. In a Mobile Ad Hoc Network (MANET), each node serves as a router for other nodes which allows data to travel by utilizing multi hop network paths without relying on wired infrastructure. Unlike wired networks where the physical wires prevent an attacker from compromising the security challenges especially for military applications, emergency rescue operations, and short-lived conference or classroom activities. Security of such network is a major concern[3]. The open nature of the wireless medium makes it easy for outsiders to listen to network traffic or interfere with it. These factors make sensor networks potentially vulnerable to several different types of malicious attacks. These malicious nodes can carry out both Passive and Active attacks against the network. In passive attacks a malicious node only eavesdrop upon packet contents, while in active attacks it may imitate, drop or modify legitimate packets[1]. A typical example of particularly devastating security active attack is known as a wormhole attack. In which, a malicious node captures packets from one location in the network, and tunnels them to another malicious node at a distant point, which replays them locally
SIGNIFICANCE OF WORMHOLE ATTACK AND BACKGROUND
This section describes wormhole attacks nature and problem statement. A wormhole attack is a particularly severe attack on MANET routing where two attackers connected by a high- speed off-channel link called the wormhole link. The wormhole link can be established by using a network cable and any form of “wired” link technology or a long-range wireless transmission in a different band. The end-point of this link (wormhole nodes) is equipped with radio transceivers compatible with the ad hoc or sensor network to be attacked. Once the wormhole link is established, the adversary record the wireless data they overhear, forward it to each other, and replays the packets through the wormhole link at the other end of the network. Replaying valid network messages at improper places, wormhole attackers can make far apart nodes believe they are immediate neighbors, and force all communications between affected nodes to go though them. In general, ad hoc routing protocols fall into two categories: proactive routing protocols that rely on periodic transmission of routing updates, and on-demand routing protocols that search for routes only when necessary[4]. A wormhole attack is equally dangerous for both proactive and on-demand protocols
TERMS TO DETECT WORMHOLE ATTACK
There are different types of techniques to detect wormhole attack on network. Mahajn et al. [5] consider several terms for measuring the capacity of nodes involved in wormhole attack. These are defined below:- 1) Strength: - It is amount of traffic attracted by the false link advertised by the colluding nodes. 2) Length: - Larger the difference between the actual path and the advertise path , more anomalies can be observed in the network. 3) Attraction: - This term refers to the decrease in the path length offered by the wormhole. If the attraction is small then the small improvement in normal path may reduce its strength. 4) Robustness:-The robustness of a wormhole refers to the ability of the wormhole to persist without significant decrease in the strength even in the presence of minor topology changes in the network. Besides these, the packet delivery ratio which is the number of packet of delivered divided by the total number of packets dispatched forms a basic metric to quantify the impact
CONCLUSION
In this paper, we address the various solutions available for wormhole attack in wireless Ad hoc and sensor networks. More specifically, we address algorithms used in the DaW security model that incorporates a detection and defense mechanism against the wormhole attack. The performance of DaW in terms of precision of alarms, amount of false positive has been found to be good. The alarms were found to be more precise than LF analysis