Detection and isolation of wormhole nodes in wireless ad hoc networks based on post-wormhole actions

Abstract

AbstractThe wormhole attack is one of the most treacherous attacks projected at the routing layer that can bypass cryptographic measures and derail the entire communication network. It is too difficult to prevent a priori; all the possible countermeasures are either too expensive or ineffective. Indeed, literature solutions either require expensive hardware (typically UWB or secure GPS transceivers) or pose specific constraints to the adversarial behavior (doing or not doing a suspicious action). The proposed solution belongs to the second category because the adversary is assumed to have done one or more known suspicious actions. In this solution, we adopt a heuristic approach to detect wormholes in ad hoc networks based on the detection of their illicit behaviors. Wormhole and post wormhole attacks are often confused in literature; that’s why we clearly state that our methodology does not provide a defence against wormholes, but rather against the actions that an adversary does after the wormhole, such as packet dropping, tampering with TTL, replaying and looping, etc. In terms of contributions, the proposed solution addresses the knock-out capability of attackers that is less targeted by the researcher’s community. In addition, it neither requires any additional hardware nor a change in it; instead, it is compatible with the existing network stack. The idea is simulated in ns2.30, and the average detection rate of the proposed solution is found to be 98-99%. The theoretical time to detect a wormhole node lies between 0.07-0.71 seconds. But, from the simulation, the average detection and isolation time is 0.67 seconds. In term of packet loss, the proposed solution has a relatively overhead of $$\approx$$ ≈ 22%. It works well in static and mobile scenarios, but the frame losses are higher in mobile scenarios as compared to static ones. The computational complexity of the solution is O(n). Simulation results advocate that the solution is effective in terms of memory, processing, bandwidth, and energy cost. The solution is validated using statistical parameters such as Accuracy, Precision, F1-Score and Matthews correlation coefficient ($$M_{cc}$$ M cc ).