Ubiquitous and pervasive applications, where the Wireless Sensor Networks are typically deployed, lead to the susceptibility to many kinds of security attacks. Sensors used for real time response capability also make it difficult to devise the resource intensive security protocols because of their limited battery, power, memory and processing capabilities. One of potent form of Denial of Service attacks is Wormhole attack that affects on the network layer. In this paper, the techniques dealing with wormhole attack are investigated and an approach for wormhole prevention is proposed. Our approach is based on the analysis of the two-hop neighbors forwarding Route Reply packet. To check the validity of the sender, a unique key between the individual sensor node and the base station is required to be generated by suitable scheme.
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...ijsrd.com
The recent advancements in the wireless arena and their wide-spread utilization have introduced new security vulnerabilities. The wireless media being shared is exposed to outside world, so it is susceptible to various attacks at different layers of OSI network stack. For example, jamming and device tampering at the physical layer; disruption of the medium access control (MAC) layer; routing attacks like Blackhole, rushing, wormhole; targeted attacks on the transport protocol like session hijacking, SYN flooding or even attacks intended to disrupt specific applications through viruses, worms and Trojan Horses. Wormhole attack is one of the serious routing attacks amongst all the network layer attacks launched on MANET. Wormhole attack is launched by creation of tunnels and it leads to total disruption of the routing paths on MANET. In this paper, Wormhole detection algorithm (WDA) is proposed based on modifying the forwarding packet process that detects and isolates wormhole nodes in ad hoc on demand distance vector (AODV) routing protocol.
International Journal of Engineering Research and Development (IJERD)IJERD Editor
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...ijsrd.com
The recent advancements in the wireless arena and their wide-spread utilization have introduced new security vulnerabilities. The wireless media being shared is exposed to outside world, so it is susceptible to various attacks at different layers of OSI network stack. For example, jamming and device tampering at the physical layer; disruption of the medium access control (MAC) layer; routing attacks like Blackhole, rushing, wormhole; targeted attacks on the transport protocol like session hijacking, SYN flooding or even attacks intended to disrupt specific applications through viruses, worms and Trojan Horses. Wormhole attack is one of the serious routing attacks amongst all the network layer attacks launched on MANET. Wormhole attack is launched by creation of tunnels and it leads to total disruption of the routing paths on MANET. In this paper, Wormhole detection algorithm (WDA) is proposed based on modifying the forwarding packet process that detects and isolates wormhole nodes in ad hoc on demand distance vector (AODV) routing protocol.
International Journal of Engineering Research and Development (IJERD)IJERD Editor
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
MANETs have unique characteristics like dynamic topology, wireless radio medium, limited resources and lack of centralized administration; as a result, they are vulnerable to different types of attacks in different layers of protocol stack. wormhole attack detection in wireless sensor networks
A NOVEL TWO-STAGE ALGORITHM PROTECTING INTERNAL ATTACK FROM WSNSIJCNC
Wireless sensor networks (WSNs) consists of small nodes with constrain capabilities. It enables numerous
applications with distributed network infrastructure. With its nature and application scenario, security of
WSN had drawn a great attention. In malicious environments for a functional WSN, security mechanisms
are essential. Malicious or internal attacker has gained attention as the most challenging attacks to
WSNs. Many works have been done to secure WSN from internal attacks but most of them relay on either
training data set or predefined thresholds. It is a great challenge to find or gain knowledge about the
Malicious. In this paper, we develop the algorithm in two stages. Initially, Abnormal Behaviour
Identification Mechanism (ABIM) which uses cosine similarity. Finally, Dempster-Shafer theory (DST)is
used. Which combine multiple evidences to identify the malicious or internal attacks in a WSN. In this
method we do not need any predefined threshold or tanning data set of the nodes.
REPLICATION ATTACK MITIGATIONS FOR STATIC AND MOBILE WSNIJNSA Journal
Security is important for many sensor network applications. Wireless Sensor Networks (WSN) are often deployed in hostile environments as static or mobile, where an adversary can physically capture some of the nodes. once a node is captured, adversary collects all the credentials like keys and identity etc. the attacker can re-program it and replicate the node in order to eavesdrop the transmitted messages or compromise the functionality of the network. Identity theft leads to two types attack: clone and sybil. In particularly a harmful attack against sensor networks where one or more node(s) illegitimately claims an identity as replicas is known as the node replication attack. The replication attack can be exceedingly injurious to many important functions of the sensor network such as routing, resource llocation, misbehavior detection, etc. This paper analyzes the threat posed by the replication attack and several novel techniques to detect and defend against the replication attack, and analyzes their effectiveness in both static and mobile WSN.
TRUST VALUE ALGORITHM: A SECURE APPROACH AGAINST PACKET DROP ATTACK IN WIRELE...IJNSA Journal
Wireless ad-hoc networks are widely used because these are very easy to deploy. However, there are
various security issues and problems. Two most important issues are interoperability and interaction
among various security technologies which are very important to consider for configuration and
management point of view. The packet drop ratio in the wireless network is very high as well as packets
may be easily delayed by the attacker. Ii is very difficult to detect intruders, so it results into high false
positive rate. Packets may be dropped or delayed by intruders as well as external nodes in wireless
networks. Hence, there is the need of effective intrusion detection system which can detect maximum
number of intruders and the corresponding packets be forwarded through some alternate paths in the
network. In this paper we propose an alternate solution to detect the intruders/adversary with help of trust
value. It would remove the need of inbuilt IDS in the wireless networks and result into improving the
performance of WLAN.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
RTOS BASED SECURE SHORTEST PATH ROUTING ALGORITHM IN MOBILE AD- HOC NETWORKSIJNSA Journal
Increase of number of the nodes in the wireless computing environment leads to different issues like power, data rate, QoS, simulators and security. Among these the security is the peak issue faced by most of the wireless networks. Especially networks without having a centralized system (MANETS) is facing severe security issues. One of the major security issues is the wormhole attack while finding the shortest path. The aim of this paper is to propose an algorithm to find a secure shortest path against wormhole attack. Existing algorithms are mainly concentrated on detecting the malicious node but they are hardware specific like directional antennas and synchronized clocks. But the proposed algorithm is both software and hardware specific. RTOS is included to make the ad hoc network a real time application.
Malicious attack detection and prevention in ad hoc network based on real tim...eSAT Journals
Abstract This paper deals with Real Time Operating System (RTOS) based secure wormhole detection and prevention in ad hoc networks. The wormhole attack can form a serious threat to wireless networks, especially against many ad hoc network routing protocols and location based wireless security systems. A wormhole is created in the ad hoc network by introducing two malicious nodes. These two nodes form a worm hole link and message is transmitted through this link. The next part of the work is to detect the wormhole link by defining worm hole detection and prevention algorithm. After detecting suspicious links, one node performs a verification procedure for each suspicious link. The detection procedure and verifying procedure of suspicious worm link are used for further prevention of wormhole attack in the ad hoc network.
Malicious attack detection and prevention in ad hoc network based on real tim...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
MANETs have unique characteristics like dynamic topology, wireless radio medium, limited resources and lack of centralized administration; as a result, they are vulnerable to different types of attacks in different layers of protocol stack. wormhole attack detection in wireless sensor networks
A NOVEL TWO-STAGE ALGORITHM PROTECTING INTERNAL ATTACK FROM WSNSIJCNC
Wireless sensor networks (WSNs) consists of small nodes with constrain capabilities. It enables numerous
applications with distributed network infrastructure. With its nature and application scenario, security of
WSN had drawn a great attention. In malicious environments for a functional WSN, security mechanisms
are essential. Malicious or internal attacker has gained attention as the most challenging attacks to
WSNs. Many works have been done to secure WSN from internal attacks but most of them relay on either
training data set or predefined thresholds. It is a great challenge to find or gain knowledge about the
Malicious. In this paper, we develop the algorithm in two stages. Initially, Abnormal Behaviour
Identification Mechanism (ABIM) which uses cosine similarity. Finally, Dempster-Shafer theory (DST)is
used. Which combine multiple evidences to identify the malicious or internal attacks in a WSN. In this
method we do not need any predefined threshold or tanning data set of the nodes.
REPLICATION ATTACK MITIGATIONS FOR STATIC AND MOBILE WSNIJNSA Journal
Security is important for many sensor network applications. Wireless Sensor Networks (WSN) are often deployed in hostile environments as static or mobile, where an adversary can physically capture some of the nodes. once a node is captured, adversary collects all the credentials like keys and identity etc. the attacker can re-program it and replicate the node in order to eavesdrop the transmitted messages or compromise the functionality of the network. Identity theft leads to two types attack: clone and sybil. In particularly a harmful attack against sensor networks where one or more node(s) illegitimately claims an identity as replicas is known as the node replication attack. The replication attack can be exceedingly injurious to many important functions of the sensor network such as routing, resource llocation, misbehavior detection, etc. This paper analyzes the threat posed by the replication attack and several novel techniques to detect and defend against the replication attack, and analyzes their effectiveness in both static and mobile WSN.
TRUST VALUE ALGORITHM: A SECURE APPROACH AGAINST PACKET DROP ATTACK IN WIRELE...IJNSA Journal
Wireless ad-hoc networks are widely used because these are very easy to deploy. However, there are
various security issues and problems. Two most important issues are interoperability and interaction
among various security technologies which are very important to consider for configuration and
management point of view. The packet drop ratio in the wireless network is very high as well as packets
may be easily delayed by the attacker. Ii is very difficult to detect intruders, so it results into high false
positive rate. Packets may be dropped or delayed by intruders as well as external nodes in wireless
networks. Hence, there is the need of effective intrusion detection system which can detect maximum
number of intruders and the corresponding packets be forwarded through some alternate paths in the
network. In this paper we propose an alternate solution to detect the intruders/adversary with help of trust
value. It would remove the need of inbuilt IDS in the wireless networks and result into improving the
performance of WLAN.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
RTOS BASED SECURE SHORTEST PATH ROUTING ALGORITHM IN MOBILE AD- HOC NETWORKSIJNSA Journal
Increase of number of the nodes in the wireless computing environment leads to different issues like power, data rate, QoS, simulators and security. Among these the security is the peak issue faced by most of the wireless networks. Especially networks without having a centralized system (MANETS) is facing severe security issues. One of the major security issues is the wormhole attack while finding the shortest path. The aim of this paper is to propose an algorithm to find a secure shortest path against wormhole attack. Existing algorithms are mainly concentrated on detecting the malicious node but they are hardware specific like directional antennas and synchronized clocks. But the proposed algorithm is both software and hardware specific. RTOS is included to make the ad hoc network a real time application.
Malicious attack detection and prevention in ad hoc network based on real tim...eSAT Journals
Abstract This paper deals with Real Time Operating System (RTOS) based secure wormhole detection and prevention in ad hoc networks. The wormhole attack can form a serious threat to wireless networks, especially against many ad hoc network routing protocols and location based wireless security systems. A wormhole is created in the ad hoc network by introducing two malicious nodes. These two nodes form a worm hole link and message is transmitted through this link. The next part of the work is to detect the wormhole link by defining worm hole detection and prevention algorithm. After detecting suspicious links, one node performs a verification procedure for each suspicious link. The detection procedure and verifying procedure of suspicious worm link are used for further prevention of wormhole attack in the ad hoc network.
Malicious attack detection and prevention in ad hoc network based on real tim...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networksijsrd.com
A Mobile Ad-Hoc Network is a collection of mobile nodes or a temporary network set up by wireless mobile nodes moving arbitrary in the places that have no network infrastructure in such a manner that the interconnections between nodes are capable of changing on continual basis. Thus the nodes find a path to the destination node using routing protocols. However, due to security vulnerabilities of the routing protocols, wireless ad-hoc networks are unprotected to attacks of the malicious nodes. Various attacks and one of those attacks is the Black Hole Attack against network integrity absorbing all data packets in the network. Since the data packets do not reach the destination node on account of this attack, data loss will occur. Therefore, it is a severe attack that can be easily employed against routing in mobile ad hoc networks. There are lots of detection and defense mechanisms to eliminate the intruder that carry out the black hole attack. . Virtual Infrastructure achieves reliable transmission in Mobile Ad Hoc Network. Black Hole Attack is the major problem to affect the Virtual Infrastructure. In this paper, approach on analyzing and improving the security of AODV, which is one of the popular routing protocols for MANET. Our aim is to ensuring the avoidance against Black hole attack.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
AN APPROACH TO PROVIDE SECURITY IN MOBILE AD-HOC NETWORKS USING COUNTER MODE ...IJNSA Journal
Security in any of the networks became an important issue in this paper we have implemented a security mechanism on Medium Access Control layer by Assured Neighbor based Security Protocol to provide authentication and confidentiality of packets along with High speed transmission for Ad hoc networks. Here we have divided the protocol into two different parts. The first part deals with Routing layer information; in this part we have tried to implement a possible strategy for detecting and isolating the malicious nodes. A trust counter for each node is determined which can be actively increased and decreased depending upon the trust value for the purpose of forwarding the packets from source node to destination node with the help of intermediate nodes. A threshold level is also predetermined to detect the malicious nodes. If the value of the node in trust counter is less than the threshold value then the node is denoted ‘malicious’. The second part of our protocol deals with the security in the link layer. For this security reason we have used CTR (Counter) approach for authentication and encryption. We have simulated all our strategies and schemes in NS-2, the result of which gives a conclusion that our proposed protocol i.e. Assured Neighbor based Security Protocol can perform high packet delivery against various intruders and also packet delivery ratio against mobility with low delays and low overheads.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
PERFORMANCE EVALUATION OF WIRELESS SENSOR NETWORK UNDER HELLO FLOOD ATTACKIJCNCJournal
Wireless sensor network (WSN) is highly used in many fields. The network consists of tiny lightweight
sensor nodes and is largely used to scan or detect or monitor environments. Since these sensor nodes are
tiny and lightweight, they put some limitations on resources such as usage of power, processing given task,
radio frequency range. These limitations allow network vulnerable to many different types of attacks such
as hello flood attack, black hole, Sybil attack, sinkhole, and many more. Among these attacks, hello flood is
one of the most important attacks. In this paper,we have analyzed the performance of hello flood attack and
compared the network performance as number of attackers increases. Network performance is evaluated
by modifying the ad-hoc on demand distance vector (AODV) routing protocol by using NS2 simulator. It
has been tested under different scenarios like no attacker, single attacker, and multiple attackers to know
how the network performance changes. The simulation results show that as the number of attackers
increases the performance in terms of throughput and delay changes.
International Journal of Engineering Research and DevelopmentIJERD Editor
Electrical, Electronics and Computer Engineering,
Information Engineering and Technology,
Mechanical, Industrial and Manufacturing Engineering,
Automation and Mechatronics Engineering,
Material and Chemical Engineering,
Civil and Architecture Engineering,
Biotechnology and Bio Engineering,
Environmental Engineering,
Petroleum and Mining Engineering,
Marine and Agriculture engineering,
Aerospace Engineering.
Mobile ad hoc networks (MANETs) are collections of self-organizing mobile nodes with dynamic topologies and no centralized authority. Each node participating in the network acts both as host and a router. So each node can participate to transfer data packet to destination node but suppose one node in network is removed at time it is very difficult to maintain the information about all node. The main advantage and disadvantage of MANETs provides large number of degree of freedom and self-organizing capability of that make it completely different from other network. Due to the nature of MANETs, to design and development of secure routing is challenging task for researcher in an open and distributed communication environments. In MANET, the more security is required in comparison to wired network. If source node chooses this fake route, malicious nodes have the option of delivering the packets or dropping them.
Keywords: MANETs, Security, Cryptography.
Analysis of security threats in wireless sensor networkijwmn
Wireless Sensor Network(WSN) is an emerging technology and explored field of researchers worldwide
in the past few years, so does the need for effective security mechanisms. The sensing technology
combined with processing power and wireless communication makes it lucrative for being exploited in
abundance in future. The inclusion of wireless communication technology also incurs various types of
security threats due to unattended installation of sensor nodes as sensor networks may interact with
sensitive data and /or operate in hostile unattended environments. These security concerns be addressed
from the beginning of the system design. The intent of this paper is to investigate the security related
issues in wireless sensor networks. In this paper we have explored general security threats in wireless
sensor network with extensive study.
TRUST VALUE ALGORITHM: A SECURE APPROACH AGAINST PACKET DROP ATTACK IN WIRELE...IJNSA Journal
Wireless ad-hoc networks are widely used because these are very easy to deploy. However, there are various security issues and problems. Two most important issues are interoperability and interaction among various security technologies which are very important to consider for configuration and management point of view. The packet drop ratio in the wireless network is very high as well as packets may be easily delayed by the attacker. Ii is very difficult to detect intruders, so it results into high false positive rate. Packets may be dropped or delayed by intruders as well as external nodes in wireless networks. Hence, there is the need of effective intrusion detection system which can detect maximum number of intruders and the corresponding packets be forwarded through some alternate paths in the network. In this paper we propose an alternate solution to detect the intruders/adversary with help of trust value. It would remove the need of inbuilt IDS in the wireless networks and result into improving the performance of WLAN
Similar to PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORK (20)
Event Management System Vb Net Project Report.pdfKamal Acharya
In present era, the scopes of information technology growing with a very fast .We do not see any are untouched from this industry. The scope of information technology has become wider includes: Business and industry. Household Business, Communication, Education, Entertainment, Science, Medicine, Engineering, Distance Learning, Weather Forecasting. Carrier Searching and so on.
My project named “Event Management System” is software that store and maintained all events coordinated in college. It also helpful to print related reports. My project will help to record the events coordinated by faculties with their Name, Event subject, date & details in an efficient & effective ways.
In my system we have to make a system by which a user can record all events coordinated by a particular faculty. In our proposed system some more featured are added which differs it from the existing system such as security.
Democratizing Fuzzing at Scale by Abhishek Aryaabh.arya
Presented at NUS: Fuzzing and Software Security Summer School 2024
This keynote talks about the democratization of fuzzing at scale, highlighting the collaboration between open source communities, academia, and industry to advance the field of fuzzing. It delves into the history of fuzzing, the development of scalable fuzzing platforms, and the empowerment of community-driven research. The talk will further discuss recent advancements leveraging AI/ML and offer insights into the future evolution of the fuzzing landscape.
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxR&R Consult
CFD analysis is incredibly effective at solving mysteries and improving the performance of complex systems!
Here's a great example: At a large natural gas-fired power plant, where they use waste heat to generate steam and energy, they were puzzled that their boiler wasn't producing as much steam as expected.
R&R and Tetra Engineering Group Inc. were asked to solve the issue with reduced steam production.
An inspection had shown that a significant amount of hot flue gas was bypassing the boiler tubes, where the heat was supposed to be transferred.
R&R Consult conducted a CFD analysis, which revealed that 6.3% of the flue gas was bypassing the boiler tubes without transferring heat. The analysis also showed that the flue gas was instead being directed along the sides of the boiler and between the modules that were supposed to capture the heat. This was the cause of the reduced performance.
Based on our results, Tetra Engineering installed covering plates to reduce the bypass flow. This improved the boiler's performance and increased electricity production.
It is always satisfying when we can help solve complex challenges like this. Do your systems also need a check-up or optimization? Give us a call!
Work done in cooperation with James Malloy and David Moelling from Tetra Engineering.
More examples of our work https://www.r-r-consult.dk/en/cases-en/
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSEDuvanRamosGarzon1
AIRCRAFT GENERAL
The Single Aisle is the most advanced family aircraft in service today, with fly-by-wire flight controls.
The A318, A319, A320 and A321 are twin-engine subsonic medium range aircraft.
The family offers a choice of engines
Courier management system project report.pdfKamal Acharya
It is now-a-days very important for the people to send or receive articles like imported furniture, electronic items, gifts, business goods and the like. People depend vastly on different transport systems which mostly use the manual way of receiving and delivering the articles. There is no way to track the articles till they are received and there is no way to let the customer know what happened in transit, once he booked some articles. In such a situation, we need a system which completely computerizes the cargo activities including time to time tracking of the articles sent. This need is fulfilled by Courier Management System software which is online software for the cargo management people that enables them to receive the goods from a source and send them to a required destination and track their status from time to time.
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
About
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Technical Specifications
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
Key Features
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface
• Compatible with MAFI CCR system
• Copatiable with IDM8000 CCR
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
Application
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Automobile Management System Project Report.pdfKamal Acharya
The proposed project is developed to manage the automobile in the automobile dealer company. The main module in this project is login, automobile management, customer management, sales, complaints and reports. The first module is the login. The automobile showroom owner should login to the project for usage. The username and password are verified and if it is correct, next form opens. If the username and password are not correct, it shows the error message.
When a customer search for a automobile, if the automobile is available, they will be taken to a page that shows the details of the automobile including automobile name, automobile ID, quantity, price etc. “Automobile Management System” is useful for maintaining automobiles, customers effectively and hence helps for establishing good relation between customer and automobile organization. It contains various customized modules for effectively maintaining automobiles and stock information accurately and safely.
When the automobile is sold to the customer, stock will be reduced automatically. When a new purchase is made, stock will be increased automatically. While selecting automobiles for sale, the proposed software will automatically check for total number of available stock of that particular item, if the total stock of that particular item is less than 5, software will notify the user to purchase the particular item.
Also when the user tries to sale items which are not in stock, the system will prompt the user that the stock is not enough. Customers of this system can search for a automobile; can purchase a automobile easily by selecting fast. On the other hand the stock of automobiles can be maintained perfectly by the automobile shop manager overcoming the drawbacks of existing system.
Halogenation process of chemical process industries
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORK
1. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.5, Sep 2011
DOI : 10.5121/ijnsa.2011.3507 85
PREVENTION OF WORMHOLE ATTACK IN
WIRELESS SENSOR NETWORK
Dhara Buch1
and Devesh Jinwala2
1
Department of Computer Engineering, Government Engineering College,Rajkot,
Gujarat
dh.buch@gmail.com
2
Department of Computer Engineering, S. V. National Institute of Technology, Surat,
Gujarat
dcj@svnit.ac.in
ABSTRACT
Ubiquitous and pervasive applications, where the Wireless Sensor Networks are typically deployed, lead
to the susceptibility to many kinds of security attacks. Sensors used for real time response capability also
make it difficult to devise the resource intensive security protocols because of their limited battery, power,
memory and processing capabilities. One of potent form of Denial of Service attacks is Wormhole attack
that affects on the network layer. In this paper, the techniques dealing with wormhole attack are
investigated and an approach for wormhole prevention is proposed. Our approach is based on the
analysis of the two-hop neighbors forwarding Route Reply packet. To check the validity of the sender, a
unique key between the individual sensor node and the base station is required to be generated by
suitable scheme.
KEYWORDS
Wireless Sensor Network, Sensor Nodes, Base Station, Wormhole
1.INTRODUCTION
Deployment of Wireless Sensor Network is mainly in hostile environments like military battle
field, habitat monitoring, nuclear power plants, target tracking, seismic monitoring, fire and
flood detection etc. where constant monitoring and real time response are of pioneer
requirement. Loss of normal messages can be allowed by such applications, but they cannot
tolerate the loss of numerous packets of critical event messages [1]. This kind of need makes the
sensor nodes an essential part of the network. Inherently, a wireless sensor network is an
interconnection among hundreds, thousands or millions of sensor nodes. A sensor node is an
embedded device that integrates a number of microprocessor components onto a single chip.
Although a sensor node is capable of sensing, data processing and communication tasks, their
limited memory capacity, limited battery power, low bandwidth and low computational power
makesthe sensor network vulnerable to many kinds of attacks. [2]. Even unlike the wired
networks where attackers are prevented by the physical media, the open nature of wireless
medium makes it easy for outsider attackers to interfere and interrupt the legitimate traffic. [3]
This leads to various security issues like key establishment, secrecy, authentication, privacy,
secure routing etc.
Wormhole attack is one of the Denial-of-Service attacks effective on the network layer, that can
affect network routing, data aggregation and location based wireless security. [3] The wormhole
attack may be launched by a single or a pair of collaborating nodes. In commonly found two
ended wormhole, one end overhears the packets and forwards them through the tunnel to the
other end, where the packets are replayed to local area. In case when they only forward all the
packets without altering the content, they are helping the network to accomplish transmission
faster. But in majority of the cases, it either drops or selectively forwards the packets, leading to
2. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.5, Sep 2011
86
the network disruption. Wormhole attack does not require MAC protocol information as well as
it is immune to cryptographic techniques. [4] This makes it very difficult to detect.
Figure 1. Two-Ended Wormhole Link
A number of approaches have been proposed for handling wormhole attack. Some approaches
only detect the presence of wormhole in the network, while some approaches also focus on
avoiding or preventing the wormhole attack. Majority of the techniques presented require
additional hardware support, tight time synchronization, localization information or may be
confined to specific routing algorithm.
An approach for preventing wormhole attack has been presented in this paper. No special
hardware or time synchronization is required for this method. Additionally, only self
geographical location is required for the proposed key generation phase. The mechanism
implements conditional forwarding of Route Reply packet based on the validity of the two-hop
neighbor forwarding it. The route is selected for transmission only if each node in reverse path
till the source node validates the two-hop sender node.
The remaining sections of the paper are organized as follows: Section 2 discusses Denial of
Service attack and gives an overview of various types and models of wormhole. Section 3
presents a brief review of the existing techniques for wormhole attack prevention. The proposed
approach is explained in section 4. Simulation setup is given in section 5 while simulation
results and their analysis are discussed section 6. Finally, conclusion is drawn and possible
future work is proposed in section 7.
2. BACKGROUND
Effective performance in hostile area increases the application of wireless sensor network day by
day, but the open nature of wireless medium and especially hardware limitations of a wireless
sensor network themselves make it vulnerable to many kinds of security attacks. Adversary, with
a large amount of power supply, memory and processing abilities and capacity for high-power
radio transmission, leads to various kinds of attacks to the network [10]. This makes security a
major issue to be concentrated well in a sensor network.
2.1.Threat Models
Participation of attackers, the way they affect network and their capacities classify adversaries
into various models. Depending upon whether the attacker is the part of the network itself or
not, categorizes them into Outsider and Insider attackers. Passive attackers do not alter the
packet data but they only interfere in normal network traffic flow, while data is updated by
Active attackers. Mote class attackers have limited power capacity to affect some sensor nodes
only, while more powerful devices like laptop can also be victims of Laptop class attackers.
Many routing protocols are devised but almost none of them is designed with security as a
goal[1]. Securing with shared symmetric keys also brings a question of distributing key, while it
is too expensive to implement asymmetric cryptography. Even after handling all these issues if
security is imposed, there is an attack namely, Denial of Service attack that can disturb, disrupt or
Legitimate Nodes Wormhole End Points
Out-of-Band Channel
3. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.5, Sep 2011
87
can stop the legitimate routing operations even without the knowledge of the encryption. This
feature makes it very important to identify and to defend against.
2.2. Denial of Service Attack
A Denial of Service (DoS) attack is an attempt to make a computer system (server or client) or
some other resource unavailable to legitimate users. In general, it aims to prevent some services
from functioning efficiently either temporarily or indefinitely.Hardware failures, environmental
conditions, software bugs or resource exhaustion can lead to Denial of Service attacks. Various
types of DoS attacks work at different layer and affect differently to the network, where one
kind of DoS attack is wormhole attack.
2.3. Wormhole Attack Model
Wormhole attack is a network layer attack that can affect the network even without the
knowledge of cryptographic techniques implemented. This is the reason why it is very difficult
to detect. It is caused by one, two or more number of nodes. In most commonly type of two-
ended wormhole, one end tunnels the packets via wormhole link and the other end, on receiving
packets, replays them to the local area. The types and models of wormhole are explained here.
2.3.1. Types of Wormhole Attack
Number of nodes involved in establishing wormhole and the way to establish it classifies
wormhole into the following types.
Wormhole using Out-of-Band Channel
In this two-ended wormhole, a dedicated out-of-band high bandwidth channel is placed between
end points to create a wormhole link. Fig. 2 represents this case.
Figure 2. Wormhole using out-of-band channel and encapsulation
Wormhole using Packet Encapsulation
Each packet is routed via the legitimate path only, when received by the wormhole end, gets
encapsulated to prevent nodes on way from incrementing hop counts.The packet is brought into
original form by the second end point.
Wormhole using High Power Transmission
This kind of wormhole approach has only one malicious node with much high transmission
capability that attracts the packets to follow path passing from it.
Wormhole using Packet Relay
Like the previous approach, only one malicious node is required that replays packets between
two far nodes and this way fake neighbors are created.
Wormhole using Protocol Deviation
Legitimate Nodes Wormhole End Points
Out-of-Band Channel Legitimate Path Used for
Packet Encapsulation
4. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.5, Sep 2011
88
The malicious node creates wormhole by forwarding packets without backing off unlike a
legitimate node and thus, increases the possibility of wormhole path getting selected. [5]
2.3.2. Models of Wormhole Attacks
Packet forwarding behavior of wormhole end points as well as their tendency to hide or show
the identities, leads to the following three kinds of models. Here, S and D are the source and
destination respectively. Nodes M1 and M2 are malicious nodes.
Open Wormhole
Source and destination nodes and wormhole ends M1 and M2 are visible. Identities of nodes A
and B, on the traversed path are kept hidden.
Half-Open Wormhole
Malicious node M1 near the source is visible, while second end M2 is set hidden. This leads to
path S-M1-D for the packets sent by S for D.
Close Wormhole
Identities of all the intermediate nodes on path from S to D are kept hidden. This leads to a
scenario where both source and destination feel themselves only one-hop away from each other.
Thus fake neighbors are created. [6]
Figure 3. Open, Half-Open and Closed Wormhole
3. RELATED WORK
Location and Time based approaches
Hu and Perrig [7] presented an approach using Packet Leashes, where in geographic leash and
temporal leash put upper bound on location of the receiver and maximum time a packet takes to
travel respectively. TIK protocol is proposed for defense against temporal leash, but the
knowledge of geographic location or tight time synchronization is required. Taheri, Naderi and
Barekatain [39] used leashes approach with modified packet transmission methodology to
decrease calculation overhead of TIK protocol.
In transmission time based mechanism (TTM), Tran, Hung and Lee brothers [8] proposed an
approach where each node on path notes time of sending RREQ packet and receiving RREP
packet. Here, also time consideration is the main factor. Singh and Vaisla [28] modified this
approach by removing the sender and receiver from maintaining request and reply packet
timing.
Hu and Evans [9] proposed a location based approach, where directional antenna is used to
check the validity of neighbor. Considering the direction from which the response of HELLO
message comes and using verifiers, the neighbors are authenticated. The approach can detect
insider attack also by establishing authentication with pair wise secret keys, but hardware
S M A B M D
Close Wormhole Half-Open Wormhole Open Wormhole
5. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.5, Sep 2011
89
support is required here. Additionally, only types of wormholes with fake neighbors can be
detected with this methodology.
Khalil, Bagchi and Shroff [5] proposed a lightweight countermeasure (LITEWORP) for
wormhole attack detection using guard nodes. After detecting wormhole, LITEWORP leaves
network in that open mode only, causing possibility of more disruption. To overcome this, they
proposed another protocol MOBIWORP [10], which removes malicious nodes from the network
using central authority either locally or globally.
Chen, Lou, Sun and Wang [16] presented a secure localization approach that can detect simplex
and duplex wormhole attacks. They extended this algorithm [12] to make it effective for
dissimilar transmission range of sensor nodes also, but still multiple wormholes cannot be
detected by this.
Nait-Abdesselam, Bensaou and Taleb [13] proposed detection and avoidance method that
focuses on the load carrying by various routes. When a route is loaded heavily, it may be
because of packet congestion etc., so it may signal alarm even when wormhole is not present.
Khurana and Gupta [14][15] proposed an approach based on the travelled distance and
maximum transmission range of sensor nodes. SEEEP [14] was limited to the nodes with same
transmission range that has been extended as FEEPVR [15] to support dissimilar ranges also.
Jakob Eriksson, Srikanth V. Krishnamurthy, MichalisFaloutsos [16] presented TrueLink concept
that has rendezvoused and authentication phases for wormhole detection. The former phase
requires tight time synchronization, while the later works on shared secret keys for signing
messages.
Connectivity and Neighborhood based approaches
Hayajneh, Krishnamurthy and Tipper [17] presented SECUreNeighborhooD (SECUND)
protocol that can detect multi-ended wormhole. No need of specialized hardware, knowledge
about the node locations and no requirement of clock synchronization are positive points of this
method, but it can work only if the presence of wormhole increases fake neighbors by
considerable amount.
Dimitriou and Giannetsos [18] derived an algorithm for wormhole detection based on
connectivity information. The algorithm runs local path existence test when it detects new
nodes.
Gupta, Kar and Dharmaraja [25] presented an approach where the presence of wormhole is
found by the destination by counting hop difference between the neighbors of one hop away
nodes. Special kind of Haund Packets is used for this purpose that introduces some processing
delay also.
Vani and Rao [26] proposed an approach WARRDP (Wormhole-Avoidance Route Reply
decision packet)for wormhole detection and removal using the combined approach of Hop
count, Anomaly based and Neighbor list methods.
Graphical and Topological Information based approaches
Wang and Bhargava [19] presented a centralized approach MDS-VOW (Multi-Dimensional
Scaling- Visualization Of Wormhole) with central controller. Here no hardware support is
required, but it is less effective for sparse network.
A graph theoretic approach was presented by R. Poorvendram and Lazos [20] that provides
necessary and sufficient conditions to detect and defend against wormhole attack. Specialized
guard nodes, with high radio range, are the requirements of this methodology.
Choi, Kim, Lee and Jung [21] proposed a Wormhole Attack Prevention (WAP) algorithm based
on DSR protocol. The algorithm works well for hidden attacks, but for the exposed attacks, it is
difficult to detect by this approach.
6. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.5, Sep 2011
90
Azer, Kassas and Soudani [22] proposed a detection and prevention approach based on
Diffusion of Innovations that works fine except the end to end delivery time is increased
considerably.
Routing Algorithm Specific approaches
Poornima, Bindu and Munwar [23] proposed a scheme based on geographic routing that, with
Reverse Routing Scheme (RRS) and Authentication of Nodes Scheme (ANS), detects the
presence of wormhole. It mainly works for BSR protocol and the value of witness threshold is
too critical for the success of this approach.
Attir, Abdesselam, Brahim, Bensaou, Ben-Othman [24] proposed an approach using
neighborhood detection and using W-Delay and appending additional information to the HELLO
packet, detects wormhole. This method works, but it is limited to OLSR protocol only.
4. PROPOSED APPROACH
An approach for wormhole prevention is presented here where each node forwarding Route
Reply RREP packet checks the validity of the two-hop neighbor node forwarding that packet.
To accomplish the presented technique, a unique key derived based on all the two-hop
neighbors is provided to each sensor node in the initial phase.
4.1.Key Generation Phase
This phase is carried out when a sensor network is established or an external node wishes to be a
part of the network. The phase starts with execution of TinyPK [28] protocol to include each
sensor node in the existing network.
The distribution of unique ID and Key value can be employed as explain below.
Key Distribution
LEAP [29] protocol proposes a technique to establish an individual key for each node shared
with the base station. In that, a unique ID u is assumed to be assigned to each sensor node. By
applying some pseudo random function f to the unique ID with the master key Km, a unique main
keyKmu is generated as
( , )m u mK f K u=
Here, the master key is common and available only to the controller. The generated key is pre-
loaded into each node prior to its deployment.
To make this protocol applicable for the proposed approach, separate master keys for individual
node is required to be used and the function f is designed to apply to all two-hop neighbor IDs in
place of unique ID u. Additionally, information regarding the master key value Km, generated
key Kmu and applied function f are also provided to each sensor node for further use.
4.2.Wormhole Prevention Phase
In commonly used Dynamic Routing Algorithms, Route Request (RREQ) packet is broadcasted
by the source node. All nodes receiving this packet broadcast it further until it reaches to the
destination. As shown in the Fig. 4, nodes A and O are source and destination nodes
respectively. Node A is broadcasting RREQ packet. On receiving this packet, node O forwards
Route Reply (RREP) packet for the path from which it obtains the first RREQ packet.
7. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.5, Sep 2011
91
Let use consider a case where a wormhole link is present between node C and node L. When
RREQ is received by node C, it will be diverted to node L directly via the established out-of-
band wormhole link. In this case, RREP packet follows the path shown in fig 5.
For wormhole prevention, each node is supposed to store the detail of each and every RREP
packet it forwards. On receiving RREP, its validity is tested through a check phase which is
started with broadcasting of Probe message and its corresponding Probe_Ack_Tag value. For
various possible cases the sequence is explained further.
4.2.1. Case with No Wormhole
Let us for the above scenario, shown in fig. 4, no wormhole is present. The steps taken by the
node on reception of RREP packet are explained here. If a node receives RREP from the
destination,then forwards the packet else starts the following steps. The steps are explained with
reference to node I.
Figure 4. Transmission of
RREQ and RREP Messages
A CB
D FE
G IH
J LK
M ON
RREQ
S
D
RREP
A CB
D FE
G IH
J LK
M ON
R
R
D
Figure 5. Transmission of RREP
Message via Wormhole Link
A CB
D FE
G IH
J LK
M ON
Probe
MessageS
D
A CB
D FE
G IH
J LK
M ON
Probe_Ack
MessageS
D
1
0
0
0
0
0
0
1
Figure 6. Transmission of
Probe Message by Node I
Figure 7. Transmission of
Probe_Ack Message to Node I
8. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.5, Sep 2011
92
1. Node I sends Probe message to all its two-hop neighbors i.e. to nodes C, E, G, K and O,
where source and destination IDs A and O respectivelyare also specified as in Fig. 6
2. Each of the node checks whether it has sent or forwarded RREP for given source-
destination combination and responds with Probe_Ack message accordingly
3. If has forwarded the corresponding RREP packet, then it attaches Probe_Ack_tag 1 with
the Probe_Ack message else attaches 0 and sends back to node I
4. Let us assume that node I receives Probe_Ack messages as :
C with 0, E with 0, G with 0, K with 0 and O with 1
5. Exactly one tag is 1 so the case is considered to be a valid case
6. Derived Local Key LK using node IDs for C,E,G,K and O and if it matches with its own
Kmu, then forwards RREP message, else alarms “Illegal Case”
7. In general, for node N,
If,
2 h nN
1
1i
i
P r o b e _ A c k _ T a g
=
=∑
Where, N2hn = Two-hop Neighbors of Node N
Then, calculate
2( ) ( , 1 )i h nL K N f I D i N= ≤ ≤
If Kmu(N) = LK(N), the RREP packet had arrived from a valid node and will be
forwarded,else
alarms “Illegal Case”
Same Procedure is repeated by nodes F, C, B and A
4.2.2. Case with Wormhole
Let us assume a wormhole link is present between nodes C and L, so RREP is forwarded from
node L to node C directly as shown in Fig. 5. For this, RREP gets forwarded till node B. Then
node B sends Probe message. The various possible cases how the legitimate and fake neighbors
may respond to the Probe message are discussed further.
4.2.2.1. Possibility 1 : Hidden Passive Wormhole Attack
A CB
D FE
G IH
J LK
M ON
Probe
MessageS
D
A CB
D FE
G IH
J LK
M ON
Probe_Ack
MessageS
00
0
00 0
D
Figure 8 Transmission of Probe
Message by Node B
Figure 9. Transmission of
Probe_Ack Message to Node B
9. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.5, Sep 2011
93
As Shown in Fig. 9, assume that node B receives Probe_Ack messages as :D with 0, F with 0
and H with 0. Ideally, the situation is impossible where none of the two-hop neighbor node has
forwarded the RREP packet. Identifying such results, node B alarms the “Illegal Case”.
Let us for node N,
If,
2 h nN
1
0i
i
P r o b e _ A c k _ T a g
=
=∑
then, the case is invalid case and RREP is stopped getting forwarded.
4.2.2.2. Possibility 2 : Exposed Passive Wormhole Attack
Let us consider a case where wormhole end L keeps its identity exposed and node B receives
Probe_Ack messages as :D with 0, F with 0, H with 0 and L with 1. Here, when LK is derived
considering the IDs of nodes D, F, H and L, its value does not match with the Kmu value of node
B as node L is not the legitimate two-hop neighbor and has not considered while deriving Kmu.
In general, for node N,
If,
2 h nN
1
1i
i
P r o b e _ A c k _ T a g
=
=∑
then, calculate
2( ) ( , 1 )i h nL K N f I D i N= ≤ ≤
Here,Kmu(N) <> LK(N), as the RREP packet has arrived from a malicious node pretending as a
two-hop neighbor node. Accordingly, this case is also alarmed as an “Illegal Case”.
4.2.2.3. Possibility 3 : Hidden Active Wormhole Attack
A CB
D FE
G IH
J LK
M ON
Probe
MessageS
D
A CB
D FE
G IH
J LK
M ON
Probe_Ack
MessageS
00
0
00
1
Figure 10. Transmission of
Probe Message by Node B
Figure 11. Transmission of
Probe_Ack Message to Node B
10. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.5, Sep 2011
94
A case with active attack can be considered where node F sends Probe_Ack_Tag with 0 value,
but it is changed to 1 by the malicious node C. In such case the receivedProbe_Ack messages
are: D with 0, F with 1 and H with 0.
This kind of result finds matching between the derived LK value and Kmu value and so
validates the two-hop neighbor sender and forwards the RREP packet. In reality, the case is an
illegal case as maliciously the tag value sent by one of the legitimate node is altered on way.
However, if the sent Probe_Ack message by node F reaches to node B for more than once via
different routes, then node B received dissimilar tag values for the node F. Such situation raises
a question on the validity of received tag values and “Illegal Case” is alarmed.
Let, Probe_Ack_Tagij = Tag Message Received by node N from node j, sent by node i
Then, for the defined case, if we take N=B,
Probe_Ack_TagFC= 1 and Probe_Ack_TagFE= 0, where ideally, both must be equal.
i.e. if for a node N, if
h nN 1
1
1i j
i
P r o b e _ A c k _ T a g ≤
=
∑
then, for N1hn = One-Hop Neighbor of node N, the tag message is likely to be altered on way.
Ifj=1, it meansthat there is only one common one-hop neighbor between node N and its two-hop
neighbor I ,then we may not be able to find that the Probe_Ack_Tagvaluehas been changed on
way.
5. SIMULATION SETUP
Simulations are performed in ns-2 network simulator [30] for 30 nodes, where parameters are
given in Table 1. Zero background traffic and nodes with zero mobility are assumed here.
Table 1: Simulation Parameters
Parameters Values Parameters Values
Examined Protocol AODV Transmission range 250 m
Simulation time 0.3 units Traffic type CBR(UDP)
Simulation area 600 × 600 Number of wormholes 3
Figure 12. Transmission of
Probe Message by Node B
A CB
D FE
G IH
J LK
M ON
Probe
MessageS
D
A CB
D FE
G IH
J LK
M ON
Probe_Ack
MessageS
10
0
00 0
D
0
Figure 13. Transmission of
Probe_Ack Message to Node B
11. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.5, Sep 2011
95
6. RESULTS AND ANALYSIS
The proposed solution allows sensor nodes to forward RREP packet provided some conditions
are met. This gets accomplished by spending additional time and energy. An upper limit can
also be placed on waiting time for Probe_Ack messages that is also decided using simulation.
6.1. RREP Transmission Time and Energy Consumption
Before forwarding the RREP packet, each node broadcasts Probe message and waits for
Probe_Ack message from the two-hop neighbor nodes. Based on the decision taken from the
received tag values, decision for forwarding RREP is taken. These additional steps add total
transmission time in receiving the RREP packet as well as the energy consumed by the nodes.
The graphs shown in fig. 14 and fig. 15compare the transmission time taken and energy
consumed with and without the implementation of the proposed prevention approach
respectively.
Figure 14. Transmission Time Taken in RREP Packet
Figure 15. Node Energy Consumption during RREP Packet Transmission
12. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.5, Sep 2011
96
6.2. Time Taken in Collecting Probe_AckMessages
Figure 16. Time Consumption in Collecting Probe_Ack
The graph in fig. 16plots time taken in receiving the Probe_Ack message. It shows that after a
node broadcasts Probe message, within maximum1 time unit, it receives all of the Probe_Ack
messages, so that can be taken as the maximum time a node can wait for checking the validity
of RREP packet.
7. CONCLUSIONS AND FUTURE SCOPE
The approach proposed here makes RREP packet forwarding conditional. By checking the
validity of the two-hop neighbor node that has forwarded the packet, a node lets it to move
further towards the source. Wormhole end is detected when the identity of the two-hop neighbor
is found illegal. Authenticity checking of such two-hop neighbors is carried out using a
preloaded secret key. By comparing the memory requirement for various numbers of neighbors,
it can be concluded that by spending more on setup cost, higher scalability can be achieved. The
proposed scheme focuses on the type of wormhole with out-of-band channel. It can be extended
to detect other types of wormhole attacks also.
REFERENCES
[1] C.KarlofandD.Wagner,“Secure Routing inWireless Sensor Networks:AttacksandCountermeasures”,in
Elsevier’sAdhocNetworkJournal SpecialIssueon SensorNetworkApplicationandProtocols,
vol.1,issue.2-3,pp.293-315,September2003
[2] I F Akyildiz, W Su and Y Sankarasubramaniam,E Cayirci, “WirelessSensorNetworks:asurvey,”in
ElsevierScienceB.V.,ComputerNetworks,vol.38(4),pp.394-422,March 2002
[3] DeveshJinwala, “Ubiquitous Computing:WirelessSensorNetworkDeployment,Models,Security,
ThreatsandChallenges”,inNationalconference NCIIRP-2006,SRMIST, pp.1-8,April 2006
[4] RoubaElKaissi,AymanKayssi, AliChehab andZaherDawy,“DAWWSEN:ADefense
Mechanismagainst WormholeAttacks In Wireless Sensor Networks”, in The
SecondInternationalConferenceonInnovations InInformationTechnology,pp. 1-10, 2005
[5] I .Khalil, S .Bagchia n d N . B. S h r o f f , ”LITEWORP: ALightweightCountermeasure for the
WormholeAttackinMultihopWirelessNetwork”,inInternationalConference
onDependableSystemsandNetworks(DSN), pp.1-22,2005
[6] S a u r a b h UpadhyayandBrijeshKumarChaurasia, “Impactof WormholeAttacksonMANETs”,in
InternationalJ ournalofComputerScienceandEmergingTechnologies(E-ISSN:2044-
6004),vol.2,issue.1,pp.77-82,February2011
[7] Y . C. Hu, A. PerrigandD.B. Johnson, “Packet Leashes:ADefenseagainstWormholeAttacksin
WirelessNetworks”,in22ndAnnualJoint ConferenceoftheIEEEComputerandCommunications Societies
(INFOCOM),pp.1976-1986,2003
13. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.5, Sep 2011
97
[8] V a n Tran,LeXuanHung,Young-KooLee, SungyoungLeeandHeejoLee, “TTM:AnEfficient
Mechanism to DetectWormhole AttacksinWirelessAd-hocNetworks”,in
4thIEEEconferenceonConsumerCommunicationsandNetworkingConference,pp. 593-598,2007
[9] L.HuandD.Evans,“UsingDirectional Antennasto PreventWormholeAttacks”,in
NetworkandDistributedSystemSecurity Symposium(NDSS),SanDiego,February2004
[10] I s s a Khalil,SaurabhBagchiandNessB.Shroff,“MOBIWORP:MitigationoftheWormholeAttack”
inMobileMultihopWirelessNetworksinAd-HocNetworks,vol. 6, no. 3,pp.344-362,2008
[11] HonglongChen,WeiLou,XiceSunandandZhiWang,“A SecureLocalizationApproachagainst
WormholeAttacksUsingDistanceConsistency”,in HindawiPublishingCorporation
EURASIPJournalonWireless CommunicationsandNetworking,vol.2010,11pages,2010
[12] Honglong Chen,WeiLou,XiceSunandZhiWang, “SLAW: SecureLocalizationAgainst Wormhole
AttacksUsingConflicting Sets”, in Technical Report, The Hong KongPolytechnicUniversity,pp.1-
11,2010
[13] N a i t F a r i d Nait-Abdesselam, BrahimBensaouandTarikTaleb, “Detecting andAvoiding
WormholeAttacksinWirelessAd HocNetworks”,inproceedingof Wireless Communications and
NetworkingConference,pp.3117-3122,2007
[14] N .GuptaandS.Khurana,“SEEEP:Simpleandefficientend-to-end protocoltosecureadhoc networks
againstwormholeattacks”,inTheFourthInternationalConferenceonWirelessandMobileCommunication
s.ICWMC’08,pp.13-18,2008
[15] N .GuptaandS.Khurana,“FEEPVR:FirstEnd-to-Endprotocol toSecureAdhocNetworks with variable
range sagainst Wormhole Attacks”,in Second International Conferenceon Emerging Security
Information,SystemsandTechnologies –SECURWARE ’08,pp.74-79,2008
[16] JakobEriksson, SrikanthV. Krishnamurthy and MichalisFaloutsos,,“ TrueLink: A Practical
Countermeasure tot h e WormholeAttackinWireless Networks”,in 14thIEEEInternational Conference
on NetworkProtocols,pp.75-84,2006
[17] ThaierHayajneh,PrashantKrishnamurthy and David Tipper, “SECUND:AProtocol for
SECUreNeighborhooDCreationin WirelessAdhocNetworks”,in5thInternationalConferenceon
CollaborativeComputing:Networking,ApplicationsandWorksharing,vol.1,issue.2-3,pp.1-10,2009
[18] TassosDimitriouandAthanassiosGiannetsos, “Wormholesnomore?LocalizedWormholeDetection
andPrevention”,inWireless NetworksinDistributedComputinginSensorSystems -DCOSS, pp.334-
347,2010
[19] W . Wang andB.Bhargava,“Visualization of wormholesinsensornetworks”,in Proceedingsofthe3rd
ACMworkshoponWirelesssecurity.Philadelphia,PA,USA:ACM,pp.51-60,2004
[20] P.RadhaandL.Loukas,“AGraphTheoretic FrameworkforPreventingthe Wormhole AttackinWireless
Ad HocNetworks”,inWirelessNetworksJournal,vol.13,issue.2-3,pp.27-59,2007
[21] SunChoi,Doo-youngKim,Do-hyeonLeeandJae-ilJung, “WAP: Wormhole AttackPrevention
Algorithmin MobileAd HocNetworks”,in IEEEInternationalConferenceon SensorNetworks,
Ubiquitous,andTrustworthyComputing,pp.343-348, 2008
[22] M a r i a n n e A. Azer, SherifM. El-Kassasand MagdyS.El- Soudani, “An
innovativea ppr oachforthewormhole attackdetectionandpreventionin wireless adhoc
networks”, in InternationalConferenceonNetworking,SensingandControl(ICNSC),pp.366-371,2010
[23] E.Poornima, C.ShobhaBinduandSK.Munwar, “Detection andPreventionofLayer-3Wormhole
Attacks onBoundaryStateRoutinginAdHocNetworks”,in International Conference on
AdvancesinComputerEngineering,pp.48-53,2010
[24] AzeddineAttir,FaridNait-Abdesselam,BrahimBensaouand JalelBen-Othman, “LogicalWormhole
PreventioninOptimizedLink State Routing Protocol”,inGlobal Telecommunications Conference,
GLOBECOM’07, pp.293-315, November1011-1016, 2007
14. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.5, Sep 2011
98
[25] Saurabh Gupta, SubratKar and S Dharmaraja, “WHOP: Wormhole Attack Detection Protocol using
Hound Packet”, in International Conference of Innovations in Information Technology, pp. 226 to
231, 2011
[26] A.Vani and D.SreenivasaRao, “A Simple Algorithm for Detection and Removal of Wormhole
Attacks for SecureRouting in Ad Hoc Wireless Networks”, in International Journal on Computer
Science and Engineering (IJCSE), Vol. 3 No. 6, pp. 2377-2384, June 2011
[27] D a v i d R.RaymondandScottF.Midkiff, “Denial-of Service
inWirelessSensorNetworks:AttacksandDefenses”,inIEEECSPervasiveComputing, inpp.74-
79,January/March 2008
[28] Ronald Watro, Derrick Kong, Sue-fen Cuti, Charles Gardiner, Charles Lynn1 and Peter Kruus,
“TinyPK: Securing Sensor Networks with Public Key Technology” in proceedings of 2nd
ACM
workshop on Security of Ad Hoc and Sensor Networks SASN ’0, ACM,pp. 59-64, 2004
[29] Zhu, S., Setia, S., and Jajodia, S., “LEAP: Efficient security mechanisms for large-scale distributed
sensor Networks”, in Proceedings of the 10th ACM Conference on Computer and Communications
Security, CCS ’03. ACM, New York, NY, pp. 62–72, 2003
[30] TheNetworkSimulator-ns-2,http://www.isi.edu/nsnam/ns/
Authors
Dhara Buch is serving as an Assistant Professor in Department of Computer Engineeringat
Government Engineering College, Rajkot (India). She is also pursuing her M. Tech (R)
from S. V. National Institute of Technology, Surat. Her area of interest includes
Information Security in Wireless Sensor Networks.
Dr. DeveshJinwalais serving as an Associate Professor in Computer Engineering with
Sardar Vallabhbhai National Institute of Technology, Surat (India). His research work is
on Configurable Link layer Security Protocols for Wireless Sensor Networks. His major
areas of interest are Information Security Issues in Resource Constrained Environment,
Algorithms & Computational Complexity and Software Engineering.