Analysis and countermeasure for wormhole attacks in wireless mesh networks on a real testbed

Jie Zhou, Jiannong Cao, Jun Zhang, Chisheng Zhang, Yao Yu

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

8 Citations (Scopus)

Abstract

The wormhole attack is a severe attack in Wireless Mesh Networks (WMNs). It involves two or more wormhole endpoints colluding to capture traffic from one place in the network and replay it to another faraway place through a secret tunnel, so as to distort network routing. It may lead to even more serious threats such as packet dropping and denial of service (DoS). Although a lot of works have been done on detecting wormhole attacks, few of them actually evaluated their solutions on a testbed to consider the real network conditions. In this paper, we set up a WMN testbed for studying wormhole attacks to fill this gap. Some existing approaches used RTT to detect wormhole attacks. However, from both theoretical analysis and experimental results, we observed that the standard deviation of round trip time (stdev(RTT)) is a more efficient metric than RTT to identify wormhole attacks. Accordingly, we propose a new algorithm called Neighbor-Probe-Acknowledge (NPA) to detect wormhole attacks. Compared with existing works, NPA does not need time synchronization or extra hardware support. Moreover, it achieves higher detection rate and lower false alarm rate than the methods using RTT under different background traffic load conditions.
Original languageEnglish
Title of host publicationProceedings - 26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012
Pages59-66
Number of pages8
DOIs
Publication statusPublished - 14 May 2012
Event26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012 - Fukuoka, Japan
Duration: 26 Mar 201229 Mar 2012

Conference

Conference26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012
CountryJapan
CityFukuoka
Period26/03/1229/03/12

Keywords

  • Distributed Detection
  • Wireless Mesh Network Testbed
  • Wormhole Attack Analysis

ASJC Scopus subject areas

  • Engineering(all)

Cite this