Wormhole attack detection mechanism in mobile ad hoc network using neighborhood information and path tracing algorithm

Mobile Ad hoc Networks (MANETs) is a self-configuring network that is formed automatically by a collection of mobile nodes. Security is often the major concern as MANET does not rely on a centralized administration. A mobile node cannot have single hop communication with the destination,due to low transmission range of the nodes. Therefore, MANET depends on intermediate nodes to forward messages to the destination, and willing to forward a message to other nodes without being selfish. MANET is vulnerable to attacks due to the open, cooperative and dynamic nature and needs a new method for secure communication. Wormhole attack is one of the dangerous attacks in MANET in which two or more destructive nodes record the packets at one point, to another point in the network. Wormhole attack detection is very hard, even; the use of cryptographic technique is not enough to prevent it as the wormhole attackers do not create separate packets, but simply replay packets that already exist on the network by passing all cryptographic checks. Path Tracing (PT) Algorithm was proposed to detect and prevent exposed wormhole attacks in MANET. This algorithm is good for MANET as they not have centralized management and autonomous mobile nodes connect with each other through the air. However, lack of distance calculation seems to be a major drawback of the PT algorithm. Impact of lack in distance calculation is nodes cannot decide whether the faraway node is malicious node or normal node. In this study, a new defence mechanism is proposed based on modification of the packet forwarding process, using Neighborhood Information (NI) and PT algorithm, and known as NIPT algorithm. Neighborhood Information is one of the detection methods and it is under the category of neighbor discovery. Moreover, by checking acknowledge (ACK) packet by source node and confirm whether it belongs to the 1-hop neighbor or 2-hop neighbor, it is able to detect the wormhole in early stage. The study investigates in four difierent scenarios and detects both types of wormhole attacks. Experimental evaluation shows that NIPT algorithm achieves better results in the PDR and delay with an average of 5% and 6% respectively, over the PT algorithm. Throughput and packet overhead is improved in the NIPT algorithm with an average of 4% and 6% respctively over the PT algorithm. Wormhole attack caused a packet drops and indirectly impact the PDR, packet overhead, and packet delay. NIPT algorithm has better improvement on delay which presents the elimination of attacker. Using the NIPT, the packet drop is decreased and chosen the best route is free from the wormhole. At the same time, throughput decreases as the amount of malevolent nodes increase, however NIPT can detect wormhole attack earlier compare to PT. NIPT works better than PT, which helps the nodes know the distance and location of each other, where can detect wormhole easier and earlier, and no need to use hardware implementation.

Preview PDF FSKTM 2015 7RR.pdf Download (1MB) | Preview

Actions (login required)

View Item