Joby Thattil

Overview

Abstract Introduction Problem definition Literature survey Comparison Proposed System Applications Limitations Future Work Conclusion References

Abstract
A mobile ad-hoc network (MANET) is a self-configuring infrastructureless network of mobile devices connected by wireless links. A severe attack in ad hoc networks that is particularly challenging to defend against is the wormhole attack. In this

attack, the attacker records the packets (bits) at one location and tunnels them in
another location in same network or in different networks. Verification of Digital Signature by both the sending node and receiving node would help to prevent the wormhole attack in ad hoc networks, which is going to present in this paper.

Introduction
Ad Hoc Network Wormhole Attack Types of Wormhole attack

Ad Hoc Network

De-centralized
wireless network

type

of

Infrastructureless network

Wormhole Attack

Two malicious nodes,

tunnel.

A node is misled to believe

it is within transmission range.

Types of Wormhole attack

Packet Encapsulation

Out of Band
High Power Transmission

 Example

S B C E Y

Good node

Malicious node

Problem Definition
Ad hoc Networks are vulnerable to attacks because of their

structure less property.

Due to this dynamic topology they are prone to wormhole

attacks.
Detection and prevention against these attack is a primary

need in mobile Ad Hoc networks.

Literature Survey
Packet Leashes
Wormhole Attack in Wireless Networks by Y. C Hu, A. Perrig and D. Johnson

LiteWorp
LiteWorp: Detection and isolation of the wormhole in static mulihop wireless network by I. Khalil, S. Bagchi, N.B. shroft

Directional Antennas
Using Directional Antennas to Prevent Wormhole Attacks
by L. Hu and D. Evans

Comparison
Method
Packet leashes, geographical

Requirements
GPS coordinates of every node; Loosely synchronized clocks Tightly synchronized clocks

Advantages
Robust, straightforward solution; nodes can detect tunneling across obstacles otherwise impenetrable by radio Do not require broadcast authentication.

Limitations
Inherits general limitations of GPS technology

Packet leashes, temporal

Required time synchronization level not currently achievable in to sensor networks. Modifying of the expiration time of a packet can restrict its use. Applicable only to static stationary networks; Good solutions for networks relying on directional antennas, but not directly applicable to other Networks . Requires specialized hardware

LiteWorp

None

No Specialized hardware

Directional antennas

Directional antennas on all Nodes or several nodes with both GPS and directional antennas

Increases the capacity and connectivity of ad hoc networks

Proposed System
Digital Signature

At Source
If (send any packet P)
Add node information of visiting node in route column of

packet header
If (any malicious node in route)

Add malicious node information.

Broadcast packet P (data with embedded digital signature of

source) by using AODV and DSR routing protocol

 Call AODV (), DSR ().

If (Received acknowledgment)
If destination send positive acknowledgement, then create path

between source to destination.

If (Any intermediate or destination node inform about

malicious node)
Then add the malicious node information in malicious node

column which is in the header and again rebroadcast

Route request (RREQ)

At Intermediate Node
If (Received a packet P)
If (I is not a destination) Verify the digital signature of previous node If (legal signature and has matching digests between the digital

signature and the hashed data)

 Then add its signature in signature column of packet header

and broadcast it to next node using AODV and DSR routing protocol.
Call function AODV 0, DSR 0; If (signature of previous node is identical or absence of

signature of any previous node)

Drop request packet and inform to all nodes about the

malicious node

At Destination
If (received a packet P)
Verify the digital signature of previous node. If (signature is legal in signature column of packet header and

digests match)
Then, reply to source through same path through which it

received a route request.

 Establish a path for data transfer. Else, Drop the packet and discard the route request.

Application
Military communication devices or police communication

devices.
Bank communications across secure networks.

Limitations
Overheads in networking protocols. Open security issues during transmission. Time lag during digital signature processing.

Future work
Reducing

routing overhead (Selective Flooding)

Route Query flood packet

by

Efficient

Flooding

Only a subset of nodes (dominating nodes) forwards a

Time-slotting the time lag between nodes. Adding a

security tag based on the time slot to increase security during transmission.
Electronic digital signature are used at nodes to reduce

time delay.

Conclusion
In order to protect Ad Hoc networks from wormhole attack we

used the scheme called digital signature.

The new methods proposed will help in reducing overheads

and time delay considerably when compared to the existing systems.

References
[1] Y. C Hu, A. Perrig and D. Johnson, "Wormhole Attack in Wireless Networks," IEEE JSAC, vol. 24, no. 2, Feb. 2006.
[2] I. Khalil, S. Bagchi, N.B. shroft, "LiteWorp: Detection and isolation of the wormhole in static mulihop wireless network. Journal," Acm: The international Journal of Computer and Telecommunications Networking Archive, Vol. 51, Issue 13,September 2007. [3] L. Hu and D. Evans, "Using Directional Antennas to Prevent Wormhole Attacks," in Proc. Network and Distributed System Symposium (NDSS), San Diego, USA, Feb 2004. [4] M. Jain, H. Kandwa1, "A Survey on Complex Wormhole Attack in Wireless AdHoc Network," in Advances in Computing, Control & Telecommunication Technologies, pp. 555-558, 2009.