Wormhole attack
Download as PPTX, PDF•21 likes•26,002 views
The document discusses Mobile Ad-Hoc Networks (MANETs), which are dynamic collections of mobile nodes without fixed infrastructure, highlighting their applications, challenges, and vulnerabilities. It focuses on wormhole attacks, where malicious nodes create the illusion of proximity between them, disrupting routing and data integrity. The proposed solution, Wormplaner, utilizes connectivity information to detect such attacks without requiring special hardware or synchronization.
Wormhole attack
- 1. Presented By:- Harsh Kishore Mishra M.Tech. Cyber Security II Semester
- 2. OUTLINE • Introduction • Mobile Ad-Hoc Network • Applications of MANET • Challenges and Issues • Attacks on MANET • Wormhole Attack • Past Work towards Wormhole Attack • Technique to be used • Conclusion
- 3. INTRODUCTION • Wireless Networks are ubiquitous and provides great advantages. • Two types of wireless networks, Infrastructure and Ad Hoc • Ad Hoc networks attracts great attention. • Provides convenience, mobility, scalability, cost and Easy Setup. • Vulnerable to various attacks due to functionality and deployment scenario.
- 4. MOBILE ADHOC NETWORK An infrastructure less collection of mobile nodes that can arbitrarily change their geographic locations such that these networks have dynamic topologies and random mobility with constrained resources.
- 5. MOBILE ADHOC NETWORK • A collection of wireless mobile nodes that communicate with each other without the use of any pre established network infrastructure. • It is decentralized, all network and routing activities are handled by nodes. • Wireless nodes are free to move and causes dynamic topology. • Nodes operates by co operating with each other for data. • Suitable for situations and applications where infrastructure is not possible.
- 6. APPLICATIONS OF MANETS • Military communication and operations • Automated battlefields • Emergency services • Search and rescue operations • E-commerce: electronic payments anytime and anywhere • Business: dynamic database access, mobile offices • Personal area networks (PAN) • Networks at construction sites • Universities, Virtual classrooms and campus settings • Ad hoc communications during meetings or lectures • Multi-user games • Wireless P2P networking and Outdoor Internet access
- 7. CHALLENGES AND ISSUES • Routing • Service and Resource Discovery • Security and Node Cooperation • Dynamic Topology • No Centralized Authority • Bandwidth Constraint • Limited Energy Source • No Predefined Boundary
- 8. ATTACKS ON MANET • Eavesdropping • Denial of Service • Jamming • Black hole Attack • Rushing Attack • Wormhole Attack • Sinkhole Attack • Session hijacking
- 9. WORMHOLE ATTACK • Wormhole nodes fake a route that is shorter than the original one within the network; this can confuse routing mechanisms which rely on the knowledge about distance between nodes. • It has one or more malicious nodes and a tunnel between them. • The attacking node captures the packets from one location and transmits them to other distant located node which distributes them locally. • A wormhole attack can easily be launched by the attacker without having knowledge of the network or compromising any legitimate nodes or cryptographic mechanisms.
- 10. WORMHOLE ATTACK The tunnel is either the wired link or a high frequency links. This creates the illusion that the two end points of the tunnel are very close to each other.
- 11. ATTACK MEDIUM In Band Attack Out of Band Attack
- 12. ATTACKING MODES Wormhole Attack Modes Hidden Modes Packet Encapsulation Packet Replay Participation Modes High Power Transmission Out of Band
- 13. • 1) Packet Encapsulation: Each packet is routed via the legitimate path only, when received by the wormhole end, gets encapsulated to prevent nodes on way from incrementing hop counts. The packet is brought into original form by the second end point. • 2) Out-of-Band: This two-ended wormhole, a dedicated out-of-band high bandwidth channel is placed between end points to create a wormhole link. • 3) High-Power-Transmission: This kind of wormhole approach has only one malicious node with much high transmission capability that attracts the packets to follow path passing from it. • 4) Packet Relay: In packet relay two malicious nodes relay packet between two nodes which are far apart from each other and convenience these nodes that they are neighbor.
- 14. EFFECTS OF THE ATTACK • Selectively drop data packets • Routing disruption • Traffic analysis for information leaking. • Bypasses and attracts a large amount of network traffic • Collect and manipulate network traffic like modifying packets, changing the sequence of packets, and etc. • By analyzing collected network data, the attacker can perform many other more aggressive attacks, such as man-in-the-middle attacks, cipher breaking, protocol reverse engineering etc.
- 15. EXISTING SOLUTIONS TOWARDS WORMHOLE ATTACKS • Concept of geographical and temporal packet leashes • Directional Antenna • Connectivity Based Approach • Transmission Time Based Mechanism • LITEWORP and MOBIWORP • Digital Signature based Approach • Diffusion of Innovation theory based Approach • Protocol Specific Solutions • SAM (Statistical Analysis of Multipath) • Graphical and Topological Information based Approaches
- 16. Method Requirements Comments Packet Leaches Geographical and Temporal Loosely synchronized clocks Straightforward solution but has general limitations of GPS technology Directional Antennas Nodes use specific ‘sectors’ of their antennas to communicate with each other It is not directly applicable to other networks Connectivity based approaches connectivity information and need tightly synchronized clocks Requirements are not realistic MOBIWORP and LITEWORP Loosely synchronized clocks and Central Authority Applicable to static network Digital Signature based Nodes should know each other’s Digital Signature Computation time
- 17. Method Requirements Comments Diffusion of Innovation Based Nodes confirmation End to end delay is increased Transmission Time based Calculation of RTT between nodes Accuracy of RTT Protocol Specific Modification in Protocols Works for specific protocols SAM Statistically calculation of relative frequency of path Non Multi hop path protocol not supported Graphical and topological based Miscellaneous Protocol specific, limitations
- 18. TECHNIQUE TO BE USED • Introduced by Dong et al., named as WormPlaner • Based on the planarity of graph, which is drawn based on the connectivity information. • No Special hardware or synchronization needed. • WormPlanar exploits location free network planarization technique to perform connectivity based wormhole detection to detect symptoms of attack.
- 19. WORMPLANER • A connected planarization topology is extracted from normal Network Graph. • Planarization algorithm will fail in case of wormhole attack, so planarity can be validated to confirm worm hole attack. • WormPlaner Protocol has two stages, Local Planarity Test and Refinement process. • Local planarity test is applied on each node to collect k-hop neighbors information. • Then Planarization algorithm will be applied on each node’s neighborhood sub graph. • Nodes, failing planarity test will be suspected node and further refinement process will be applied to detect sure wormhole nodes. • Further, Refinement Process is applied to eliminate false positives.
- 20. WORMPLANER Advantages • Foolproof Solution • Detects all malicious nodes • No False positives Limitation • Merely detection is possible, no avoidance solution
- 22. REFERENCES • Aarti, S. S. T. (2013). Study of MANET: Characteristics, Challenges, Application and Security Attacks. International Journal of Advanced Research in Computer Science and Software Engineering, 3(5). • de Graaf, R., Hegazy, I., Horton, J., & Safavi-Naini, R. (2010). Distributed detection of wormhole attacks in wireless sensor networks Ad Hoc Networks (pp. 208-223): Springer. • Dong, D., Li, Z., Liu, Y., & Liao, X. (2009). Wormcircle: Connectivity-based wormhole detection in wireless ad hoc and sensor networks. Paper presented at the Parallel and Distributed Systems (ICPADS), 2009 15th International Conference on. • Dong, D., Liao, X., Liu, Y., Li, X.-Y., & Pang, Z. (2013). Fine-grained location-free planarization in wireless sensor networks. Mobile Computing, IEEE Transactions on, 12(5), 971-983. • HAOYANG, H., FANYE, SONGWULU, ANDLIXIA ZHANG,. (2004). Security in mobile ad hoc networks: Challenges and solutions UCLA Previously Published Works. • Hu, L., & Evans, D. (2004). Using Directional Antennas to Prevent Wormhole Attacks. Paper presented at the NDSS. • Hu, Y.-C., Perrig, A., & Johnson, D. B. (2006). Wormhole attacks in wireless networks. Selected Areas in Communications, IEEE Journal on, 24(2), 370-380. • Jeroen Hoebeke, I. M., Bart Dhoedt and Piet Demeester. An Overview of Mobile Ad Hoc Networks: Applications and Challenges.
- 23. REFERENCES • Khalil, I., Bagchi, S., & Shroff, N. B. (2008). MOBIWORP: Mitigation of the wormhole attack in mobile multihop wireless networks. Ad Hoc Networks, 6(3), 344-362. • Khan, Z. A., & Islam, M. H. (2012, 8-9 Oct. 2012). Wormhole attack: A new detection technique. Paper presented at the Emerging Technologies (ICET), 2012 International Conference on. • Lazos, L., Poovendran, R., Meadows, C., Syverson, P., & Chang, L. (2005). Preventing wormhole attacks on wireless ad hoc networks: a graph theoretic approach. Paper presented at the Wireless Communications and Networking Conference, 2005 IEEE. • Özdemir, S., Meghdadi, M., & Güler, Ý. (2008). A time and trust based wormhole detection algorithm for wireless sensor networks. Paper presented at the manuscript in Turkish), in 3rd Information Security and Cryptology Conference (ISC’08). • Park, T., & Shin, K. G. (2004). LiSP: A lightweight security protocol for wireless sensor networks. ACM Transactions on Embedded Computing Systems (TECS), 3(3), 634-660. • Priyanka Goyal, V. P., Rahul Rishi. (2011). MANET: Vulnerabilities, Challenges, Attacks, Application. IJCEM International Journal of Computational Engineering & Management, 11. • Qian, L., Song, N., & Li, X. (2007). Detection of wormhole attacks in multi-path routed wireless ad hoc networks: a statistical analysis approach. Journal of Network and Computer Applications, 30(1), 308-330. • Rashid Sheikhl Mahakal Singh Chandee, D. K. M. (2010). Security Issues in MANET: A Review IEEE. • Saurabh Upadhyaya, B. K. C. (2011). Impact of Wormhole Attacks on MANETs. International Journal of Computer Science & Emerging Technologies, 2(1).
- 24. REFERENCES • Shams Qazi, R. R., Yi Mu, Willy Susilo. (2013). Securing DSR against wormhole attacks in multirate ad hoc networks. Journal of Network and Computer Applications. • Tran Van Phuong, N. T. C., Young-Koo Lee, Sungyoung Lee, Heejo Lee. (2007). Transmission Time-based Mechanism to Detect Wormhole Attacks Paper presented at the Asia-Pacific Services Computing Conference. • Vani, A., & Rao, D. S. (2011). A Simple Algorithm for Detection and Removal of Wormhole Attacks for Secure Routing In Ad Hoc Wireless Networks. International Journal on Computer Science and Engineering (IJCSE), 3(6), 2377-2384. • Venkataraman, R., Pushpalatha, M., Rao, T. R., & Khemka, R. (2009). A graphtheoretic algorithm for detection of multiple wormhole attacks in mobile ad hoc networks. International Journal of Recent Trends in Engineering (IJRTE), 1(2), 220-222. • Wang, W., Bhargava, B., Lu, Y., & Wu, X. (2006). Defending against wormhole attacks in mobile ad hoc networks. Wireless Communications and Mobile Computing, 6(4), 483-503. • Xiaopei, L., Dezun, D., & Xiangke, L. (2013, 1-4 Oct. 2013). WormPlanar: Topological Planarization Based Wormhole Detection in Wireless Networks. Paper presented at the Parallel Processing (ICPP), 2013 42nd International Conference on. • Xiaopei Lu, D. D., Xiangke Liao. (2013). WormPlanar: Topological Planarization based Wormhole Detection in WirelessNetworks. Paper presented at the 42nd International Conference on Parallel Processing.