Analysis and countermeasure for wormhole attacks in wireless mesh networks on a real testbed

Jie Zhou; Jiannong Cao; Jun Zhang; Chisheng Zhang; Yao Yu

doi:10.1109/AINA.2012.81

Analysis and countermeasure for wormhole attacks in wireless mesh networks on a real testbed

Jie Zhou, Jiannong Cao, Jun Zhang, Chisheng Zhang, Yao Yu

Research output: Chapter in book / Conference proceeding › Conference article published in proceeding or book › Academic research › peer-review

9 Citations (Scopus)

Abstract

The wormhole attack is a severe attack in Wireless Mesh Networks (WMNs). It involves two or more wormhole endpoints colluding to capture traffic from one place in the network and replay it to another faraway place through a secret tunnel, so as to distort network routing. It may lead to even more serious threats such as packet dropping and denial of service (DoS). Although a lot of works have been done on detecting wormhole attacks, few of them actually evaluated their solutions on a testbed to consider the real network conditions. In this paper, we set up a WMN testbed for studying wormhole attacks to fill this gap. Some existing approaches used RTT to detect wormhole attacks. However, from both theoretical analysis and experimental results, we observed that the standard deviation of round trip time (stdev(RTT)) is a more efficient metric than RTT to identify wormhole attacks. Accordingly, we propose a new algorithm called Neighbor-Probe-Acknowledge (NPA) to detect wormhole attacks. Compared with existing works, NPA does not need time synchronization or extra hardware support. Moreover, it achieves higher detection rate and lower false alarm rate than the methods using RTT under different background traffic load conditions.

Original language	English
Title of host publication	Proceedings - 26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012
Pages	59-66
Number of pages	8
DOIs	https://doi.org/10.1109/AINA.2012.81
Publication status	Published - 14 May 2012
Event	26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012 - Fukuoka, Japan Duration: 26 Mar 2012 → 29 Mar 2012

Conference

Conference	26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012
Country/Territory	Japan
City	Fukuoka
Period	26/03/12 → 29/03/12

Keywords

Distributed Detection
Wireless Mesh Network Testbed
Wormhole Attack Analysis

ASJC Scopus subject areas

General Engineering

More information

10.1109/AINA.2012.81

Cite this

@inproceedings{13026dae10a84833b6623a3ddc4efdfa,

title = "Analysis and countermeasure for wormhole attacks in wireless mesh networks on a real testbed",

abstract = "The wormhole attack is a severe attack in Wireless Mesh Networks (WMNs). It involves two or more wormhole endpoints colluding to capture traffic from one place in the network and replay it to another faraway place through a secret tunnel, so as to distort network routing. It may lead to even more serious threats such as packet dropping and denial of service (DoS). Although a lot of works have been done on detecting wormhole attacks, few of them actually evaluated their solutions on a testbed to consider the real network conditions. In this paper, we set up a WMN testbed for studying wormhole attacks to fill this gap. Some existing approaches used RTT to detect wormhole attacks. However, from both theoretical analysis and experimental results, we observed that the standard deviation of round trip time (stdev(RTT)) is a more efficient metric than RTT to identify wormhole attacks. Accordingly, we propose a new algorithm called Neighbor-Probe-Acknowledge (NPA) to detect wormhole attacks. Compared with existing works, NPA does not need time synchronization or extra hardware support. Moreover, it achieves higher detection rate and lower false alarm rate than the methods using RTT under different background traffic load conditions.",

keywords = "Distributed Detection, Wireless Mesh Network Testbed, Wormhole Attack Analysis",

author = "Jie Zhou and Jiannong Cao and Jun Zhang and Chisheng Zhang and Yao Yu",

year = "2012",

month = may,

day = "14",

doi = "10.1109/AINA.2012.81",

language = "English",

isbn = "9780769546513",

pages = "59--66",

booktitle = "Proceedings - 26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012",

note = "26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012 ; Conference date: 26-03-2012 Through 29-03-2012",

}

Zhou, J, Cao, J, Zhang, J, Zhang, C & Yu, Y 2012, Analysis and countermeasure for wormhole attacks in wireless mesh networks on a real testbed. in Proceedings - 26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012., 6184853, pp. 59-66, 26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012, Fukuoka, Japan, 26/03/12. https://doi.org/10.1109/AINA.2012.81

Analysis and countermeasure for wormhole attacks in wireless mesh networks on a real testbed. / Zhou, Jie; Cao, Jiannong; Zhang, Jun et al.
Proceedings - 26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012. 2012. p. 59-66 6184853.

Research output: Chapter in book / Conference proceeding › Conference article published in proceeding or book › Academic research › peer-review

TY - GEN

T1 - Analysis and countermeasure for wormhole attacks in wireless mesh networks on a real testbed

AU - Zhou, Jie

AU - Cao, Jiannong

AU - Zhang, Jun

AU - Zhang, Chisheng

AU - Yu, Yao

PY - 2012/5/14

Y1 - 2012/5/14

N2 - The wormhole attack is a severe attack in Wireless Mesh Networks (WMNs). It involves two or more wormhole endpoints colluding to capture traffic from one place in the network and replay it to another faraway place through a secret tunnel, so as to distort network routing. It may lead to even more serious threats such as packet dropping and denial of service (DoS). Although a lot of works have been done on detecting wormhole attacks, few of them actually evaluated their solutions on a testbed to consider the real network conditions. In this paper, we set up a WMN testbed for studying wormhole attacks to fill this gap. Some existing approaches used RTT to detect wormhole attacks. However, from both theoretical analysis and experimental results, we observed that the standard deviation of round trip time (stdev(RTT)) is a more efficient metric than RTT to identify wormhole attacks. Accordingly, we propose a new algorithm called Neighbor-Probe-Acknowledge (NPA) to detect wormhole attacks. Compared with existing works, NPA does not need time synchronization or extra hardware support. Moreover, it achieves higher detection rate and lower false alarm rate than the methods using RTT under different background traffic load conditions.

AB - The wormhole attack is a severe attack in Wireless Mesh Networks (WMNs). It involves two or more wormhole endpoints colluding to capture traffic from one place in the network and replay it to another faraway place through a secret tunnel, so as to distort network routing. It may lead to even more serious threats such as packet dropping and denial of service (DoS). Although a lot of works have been done on detecting wormhole attacks, few of them actually evaluated their solutions on a testbed to consider the real network conditions. In this paper, we set up a WMN testbed for studying wormhole attacks to fill this gap. Some existing approaches used RTT to detect wormhole attacks. However, from both theoretical analysis and experimental results, we observed that the standard deviation of round trip time (stdev(RTT)) is a more efficient metric than RTT to identify wormhole attacks. Accordingly, we propose a new algorithm called Neighbor-Probe-Acknowledge (NPA) to detect wormhole attacks. Compared with existing works, NPA does not need time synchronization or extra hardware support. Moreover, it achieves higher detection rate and lower false alarm rate than the methods using RTT under different background traffic load conditions.

KW - Distributed Detection

KW - Wireless Mesh Network Testbed

KW - Wormhole Attack Analysis

UR - http://www.scopus.com/inward/record.url?scp=84860759440&partnerID=8YFLogxK

U2 - 10.1109/AINA.2012.81

DO - 10.1109/AINA.2012.81

M3 - Conference article published in proceeding or book

SN - 9780769546513

SP - 59

EP - 66

BT - Proceedings - 26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012

T2 - 26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012

Y2 - 26 March 2012 through 29 March 2012

ER -

Analysis and countermeasure for wormhole attacks in wireless mesh networks on a real testbed

Abstract

Conference

Keywords

ASJC Scopus subject areas

More information

Other files and links

Fingerprint

Cite this