DETECTION AND MITIGATION OF WORMHOLE ATTACKS IN MANET

Abstract

In a Mobile ad-hoc network (MANET), because of its dynamic nature, all the nodes must cooperate with each other and participate in routing. Most existing routing protocols for Ad-hoc networks rely on this cooperation. Wormhole attacks are among the most severe attacks on MANETs, in which two or more colluding attackers tunnel packets from one place to another. In particular, if attackers selectively tunnel control packets, the nodes near the attackers choose this tunnel and are prevented from using alternative routes. In this thesis, we have proposed a multi-path routing protocol, which is a modified version of single-path Dynamic Source Routing (DSR) protocol. A multi-path routing protocol provides good defense against an attack like traffic analysis, which can be performed after a wormhole has been established. Another important effect of a wormhole attack is packet dropping. To address this problem, we have proposed a security extension to this multipath routing protocol. This extension is based on fixed size RREPLY messages. With such a multipath routing and its security extension, we can detect and mitigate in-band wormhole attacks in MANETs and Sensor networks. The proposed technique has less overhead on source and destination nodes as well as on intermediate nodes. It is also possible to isolate the attackers from the network and prevent throughput of the network from dropping. The proposed technique has been simulated on the java based Jist-Swans simulator using various scenarios. The results are shown using the animator Inspect a network visualization tool for ns2, using open source libraries g++ 4.2.1, gtkglext 1.2.0, and OpenGL 2.0 on a Linux based core2quad desktop