Abstract
A fundamental requirement for nodes in ad hoc and sensor networks is the ability to correctly determine their neighborhood. Many applications, protocols, and network wide functions rely on correct neighborhood discovery. Malicious nodes that taint neighborhood information using wormholes can significantly disrupt the operation of ad hoc networks. Protocols that depend only on cryptographic techniques (e.g, authentication and encryption) may not be able to detect or prevent such attacks. In this paper we propose SECUND, a protocol for creating a SECUre NeighborhooD, that makes use of discrepancies in routing hop count information to detect “true” neighbors and remove those links to nodes that appear to be neighbors, but are not really neighbors. SECUND is simple, localized and needs no special hardware, localization, or synchronization. We evaluate SECUND using simulations and demonstrate its effectiveness in the presence of multiple and multi-ended wormholes. Lastly, we present approaches to improve the efficiency of the SECUND process.
Similar content being viewed by others
Notes
In botany, the word “secund” refers to having elements on one side only—for example, leaves on one side of a branch—and not on both sides. The SECUND protocol ensures that the final list of neighbors of a node are those on the same side as the node, not the other side of a wormhole if it exists.
References
Papadimitratos P, Poturalski M, Schaller P, Lafourcade P, Basin D, Capkun S, Hubaux J-P (2008) Secure neighborhood discovery: a fundamental element for mobile ad hoc networking. In: Proc. of IEEE communications magazine
Yih-Chun H, Perrig A, Johnson DB (2006) Wormhole attacks in wireless networks. IEEE J Sel Areas Commun 24(2):370–380
Hayajneh T, Krishnamurthy P, Tipper D (2009) Deworm: a simple protocol to detect wormhole attacks in wireless ad hoc networks. In: In proceedings of the IEEE symposium on network and system security
Wang X, Wong J (2007) An end-to-end detection of wormhole attack in wireless ad-hoc networks. In: In proc. of international conference on computer software and applications
Hu YC, Perrig A, Johnson DB (2003) Packet leashes: a defense against wormhole attacks in wireless networks. In: In Proce. of IEEE INFOCOM
Eriksson J, Krishnamurthy SV, Faloutsos M (2006) Truelink: a practical countermeasure to the wormhole attack in wireless networks. In: Krishnamurthy SV (ed) Proceedings of the 2006 14th IEEE international conference on network protocols, 2006. ICNP ’06, pp 75–84
Tran PV, Hung LX, Lee Y-K, Lee S, Lee H (2007) Ttm: an efficient mechanism to detect wormhole attacks in wireless ad-hoc networks. In: In Proc. of IEEE CCNC
Poturalski M, Papadimitratos P, Hubaux J-P (2008) Secure neighbor discovery in wireless networks: formal investigation of possibility. In: In proceedings of the ACM symposium on Information, computer and communications security
Chiang JT, Haas JJ, Hu Y-C, Kumar PR, Choi J (2009) Fundamental limits on secure clock. Synchronization and man-in-the-middle detection in fixed wireless networks. In: Proc. of IEEE INFOCOM
Shokri R, Poturalski M, Ravot G, Papadimitratos P, Hubaux J-P (2009) A practical secure neighbor verification protocol for wireless sensor networks. In: Proc. of ACM WiSec
Hu L, Evans D (2004) Using directional antennas to prevent wormhole attacks. In: Network and distributed system security symposium (NDSS), San Diego
Capkun S, Buttya’n L, Hubaux J-P (2003) Sector: secure tracking of node encounters in multi-hop wireless networks. In: Proceedings of the 1st ACM workshop on security of ad hoc and sensor networks. ACM, Fairfax, Virginia, pp 21–32
Sastry N, Shankar U, Wagner D (2003) Secure verification of location claims. In: Proceedings of the 2nd ACM workshop on wireless security. ACM, San Diego, CA, USA, pp 1–10
Wang W, Bhargava B (2004) Visualization of wormholes in sensor networks. In: Proceedings of the 3rd ACM workshop on wireless security. ACM, Philadelphia, PA, USA, pp 51–60
Poovendran R, Lazos L (2007) A graph theoretic framework for preventing the wormhole attack in wireless ad hoc networks. Wirel Netw 13(1):27–59
Qian L, Song N, Li X (2007) Detection of wormhole attacks in multi-path routed wireless ad hoc networks: a statistical analysis approach. J Netw Comput Appl 30(1):308–330
Maheshwari R, Gao J, Das SR (2007) Detecting wormhole attacks in wireless networks using connectivity information. In: Gao J (ed) INFOCOM 2007. 26th IEEE international conference on computer communications. IEEE, pp 107–115
Hou Y-T, Chen C-M, Jeng B (2007) Distributed detection of wormholes and critical links in wireless sensor networks. In: Proc. of IIHMSP
Lee C, Suzuki J (2010) Swat: a decentralized self-healing mechanism for wormhole attacks in wireless sensor networks. In: Xiao Y, Chen H, Li F (eds) Handbook on sensor networks, chap 24. World Scientific Publishing. ISBN: 978-981-283-730-1
Znaidi W, Minier M, Babau J-P (2008) Detecting wormhole attacks in wireless networks using local neighborhood information. In: Proc. of IEEE PIMRC
Khalil I, Bagchi S, Shroff NB (2007) Liteworp: detection and isolation of the wormhole attack in static multihop wireless networks. Comput Netw 51(13):3750–3772
Kuhn F, Zollinger A (2003) Ad-hoc networks beyond unit disk graphs. In: Proceedings of the 2003 joint workshop on foundations of mobile computing. ACM, San Diego, CA, USA, pp 69–78
Kim T-H, Tipper D, Krishnamurthy P, Swindlehurst L (2009) Improving the topological resilience of mobile ad hoc networks. In: Proc. of IEEE design of reliable communication networks (DRCN 2009), Washington, DC, 25–29 Oct 2009
Kim T-H, Tipper D, Krishnamurthy P (2009) Connectivity and critical point behavior in mobile ad hoc and sensor networks. In: Proc. of IEEE symposium on computers and communications (ISCC ’09), 5–8 July 2009
Acknowledgements
This work was funded in part by the Army Research Office MURI grant W911NF-07-1-0318. The authors are grateful to the anonymous reviewers for their comments and suggestions to improve the paper.
Author information
Authors and Affiliations
Corresponding author
Additional information
This work was funded in part by the Army Research Office MURI grant W911NF-07-1-0318.
Appendix: Detection example in a grid network
Appendix: Detection example in a grid network
We illustrate how the detection process works with a grid network as on example. It is far easier to detect wormholes in grid networks if the topology is known a priori simply because of the increase in the number of neighbors. We use the grid network only for the purpose of illustrating the algorithm. The process works for random topologies and perturbed grids as well, as shown in Section 4. Consider Fig. 26 that shows a grid network where the grid spacing is d. If we ignore d, we can use integer coordinates for nodes in two dimensions. In Fig. 26, the bottom-leftmost node has coordinates (0,0). We assume that the ranges of nodes are such that each node has exactly four neighbors (those that are at a distance d from a node) as shown in the figure. Let a wormhole exist with its endpoints having the the same range as regular nodes. Let end-point M 1 be located at coordinates (m 1,x , m 1,y ) such that m < m 1,x < m + 1 and n > m 1,y > n − 1. Let the other end-point M 2 be located at coordinates (m 2,x , m 2,y ) such that p > m 2,x > p + 1 and q < m 2,y < q − 1. Since m, n, p, q can be anything, this does not lose any generality although we assume p > m and q < n by at least a few hops in what follows. We can observe the following properties for this scenario.
-
1.
Given a node with coordinates (m, n), it can only reach nodes at (m, n − 1), (m, n + 1), (m − 1, n) and (m + 1, n) when there is no wormhole.
-
2.
The true shortest path between a node at (m, n) and a node at (p, q) has |p − m| + |q − n| hops. In Fig. 26, (m, n) = (2, 8) and (p, q) = (8, 3). The shortest path between these nodes is 6 + 5 = 11 hops.
-
3.
The set \(N_{M_1}\) consists of nodes with coordinates (m, n), (m + 1, n), (m, n − 1), (m + 1, n − 1). The set \(N_{M_2}\) consists of nodes with coordinates (p, q), (p − 1, q), (p, q + 1), (p − 1, q + 1).
-
4.
The wormhole physically spans a physical distance of \(d=\sqrt{(m_{x,1} - m_{x,2})^2 + (m_{y,1} - m_{y,2})^2}\), but the minimum number of true hops between any node \(\in N_{M_1}\) and any node \(\in N_{M_2}\) is |m − p| + 2 + |n − q| + 2 hops. This is the shortest path from the node at (m + 1, n − 1) to the node at (p − 1, q + 1). In the example in Fig. 26, this is 7 hops.
Let us suppose that a node A at (m, n) is checking its link with a node B at (p, q) to see if a wormhole is in its vicinity. When the node A at (m, n) initially asks for its neighbors, it gets responses from nodes at: (m, n − 1), (m, n + 1), (m − 1, n), (m + 1, n), (p, q), (p − 1, q), (p, q + 1), (p − 1, q + 1). If we identify nodes by their coordinates:
-
N A = {(m, n − 1), (m, n + 1), (m − 1, n), (m + 1, n), (p, q), (p − 1, q), (p, q + 1), (p − 1, q + 1)}
-
\(\hat{N_A} = (m,n-1), (m,n+1), (m-1,n), (m+1,n)\}\)
-
\(N_A^* =\{(p,q), (p-1,q), (p,q+1), (p-1,q+1)\}\).
Similarly, N B = {(p, q + 1), (p, q − 1), (p − 1, q), (p + 1, q), (m, n), (m + 1, n), (m, n − 1), (m + 1, n − 1)}. From this, we can see that N B − N A = {(p + 1, q), (p, q − 1), (m + 1, n − 1)}. The target node T that is picked by A belongs to this set, i.e., T ∈ {(p + 1, q), (p, q − 1), (m + 1, n − 1)}. Node A will ask the nodes in N A to find routes to T avoiding nodes in N A and N B and having at least one intermediate node. We see there are three cases:
-
Case 1: If T = (p + 1, q), the lengths of routes will be as shown in Table 4 (assuming p > m and q < n—otherwise absolute values of the differences will have to be used). Unless p − m + n − q + 2 < η + 3, the wormhole will most certainly be detected.
-
Case 2: If T = (p, q − 1), a similar tabulation of routes indicates that the longest route is still p − m + n − q + 2 hops long and a similar conclusion is reached. We do not tabulate the length of routes in this case.
-
Case 3: If T = (m + 1, n − 1), the lengths of routes will be as shown in Table 5. In this case, the wormhole is detected as long as p − m + n − q − 3 > η + 3.
Rights and permissions
About this article
Cite this article
Hayajneh, T., Krishnamurthy, P., Tipper, D. et al. Secure Neighborhood Creation in Wireless Ad Hoc Networks using Hop Count Discrepancies . Mobile Netw Appl 17, 415–430 (2012). https://doi.org/10.1007/s11036-011-0334-2
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-011-0334-2