Abstract
In multihop wireless systems, the need for cooperation
among nodes to relay each other's packets exposes them to a
wide range of security attacks. A particularly devastating
attack is the wormhole attack, where a malicious node
records control traffic at one location and tunnels it to a
colluding node, possibly far away, which replays it locally.
This can have an adverse effect on route establishment by
preventing nodes from discovering legitimate routes that are
more than two hops away. Previous works on tolerating
wormhole attacks have focused only on detection and used
specialized hardware, such as directional antennas or
extremely accurate clocks. More recent work has addressed
the problem of locally isolating the malicious nodes.
However, all of this work has been done in the context of
static networks due to the difficulty of secure neighbor
discovery with mobile nodes. The existing work on secure
neighbor discovery has limitations in accuracy, resource
requirements, and applicability to ad hoc and sensor
networks. In this paper, we present a countermeasure for the
wormhole attack, called MOBIWORP, which alleviates these
drawbacks and efficiently mitigates the wormhole attack in
mobile networks. MOBIWORP uses a secure central authority
(CA) for global tracking of node positions. Local monitoring
is used to detect and isolate malicious nodes locally.
Additionally, when sufficient suspicion builds up at the CA,
it enforces a global isolation of the malicious node from the
whole network. The effect of MOBIWORP on the data traffic
and the fidelity of detection is brought out through extensive
simulation using ns-2.