An End-to-end Detection of Wormhole Attack in Wireless Ad-hoc Networks

Xia Wang, Johnny Wong Department of Computer Science Iowa State University Ames, Iowa 50011 {jxiawang, wong}@cs.iastate.edu

Abstract
Wormhole attack is a severe attack in wireless ad-hoc networks. Most of the previous work eliminate the effect of wormhole attack by examining the distance or communication time over each link during the route establishment, which requires special hardware or causes overhead on all links even though only one link on each route could be affected by a wormhole attack. In this article, we propose an end-to-end detection of wormhole attack (EDWA) in wireless ad-hoc networks. We rst present the wormhole detection which is based on the smallest hop count estimation between source and destination. If the hop count of a received shortest route is much smaller than the estimated value an alert of wormhole attack is raised at the source node. Then the source node will start a wormhole TRACING procedure to identify the two end points of the wormhole. Finally, a legitimate route is selected for data communication. Both our analysis and simulation results show that the end-to-end wormhole detection method is effective when the source and destination are not too far away.

1 Introduction
Wireless ad-hoc network is promising in solving many challenging real-world problems, for example, communication in emergency response system, military eld operation, and oil drilling and mining operation. The proliferation of wireless devices also stimulates the emergent applications in wireless ad hoc network. However, the realization and wide deployment of such network face many challenges. Security is one of the most challenging problems as the operation environment of such network is usually unpredictable and the existing mechanisms such as routing protocols assume a trusted environment. Hence any malicious behavior could disrupting the normal operation of the networks.

Wormhole attack [13][3][8][24] is a severe attack in wireless ad hoc network in which the adversary builds a tunnel between two end points which are usually multi-hops away. The message recorded at one end point is relayed to the other end and re-broadcasted into the network. The wormhole attack is particularly challenging to detect in that it can be mounted without compromising any nodes. Furthermore, the attackers can mount the attack without revealing their identities. Previous countermeasures to the wormhole attack have relied on specialized hardware which may not be feasible in wireless ad hoc network scenario. Moreover, most of the protocols prevent the wormhole attack by securing each link and no method has been proposed to identify the locations of the two end points of the wormhole. In this paper, we present a set of mechanisms in defending against wormhole attack. First, a location-based endto-end wormhole attack detection is proposed. The source node estimates the minimum hop count to the destination based on the geographic information of the two end hosts in which the receivers location is piggy-backed by the route reply packet during the route discovery. For a received route, the source compares the hop count value received from the reply packet with its estimated value. If the received value is less than the estimation, the corresponding route is marked as if a wormhole is detected. Then, the source launches wormhole TRACING in which the two end points of the wormhole will be identied in a small area provided that there are multi-paths exist between the source and destination. Finally, a normal route is selected for the data communication. Our main contributions lie in the following three aspects: 1. We divide wormhole attacks into two different categories: hidden wormhole attack and exposed wormhole attack; 2. An end-to-end detection of hidden wormhole attack mechanism is proposed which only requires geographic information at each node;

3. Our method can identify the location of the two end points of a hidden wormhole using wormhole TRACING. The remainder of the article is organized as follows. In section 2 we categorize the two different wormhole attacks and review corresponding defending mechanisms. The system model and assumptions are summarized in section 3. The End-to-end Detection of Wormhole Attack is presented in section 4. In section 5 we show our analysis and simulation results. Section 6 concludes this paper.

2 Related work
Two types of wormhole attacks have been discussed in the literature: hidden wormhole attack and exposed wormhole attack. The former is the conventional wormhole attack in which the adversary records and retransmit packets verbatim. This attack can be easily mounted using only hardware introduced by the attacker and without compromising any hosts in the network. Thus, it is more challenging to be detected. Our attention will focus on hidden wormhole attack. Exposed wormhole attack is called byzantine wormhole attack in [7] in which the two end points are two compromised hosts. Then the adversary builds a virtual tunnel between the two compromised nodes. To defend against exposed wormhole attacks, several secure routing protocols have been proposed for wireless ad hoc networks. For example, SRP [17], SEAD [9], and Ariadne [10]. For a survey of secure routing protocols, see [11]. In addition, some methods are dedicated to detecting exposed wormhole attacks. In [24], a multi-dimensional scaling visualization method is applied to visualize the anomaly introduced by the wormhole. A central controller uses the Dijkstra algorithm [6] to reconstruct the topology of the network. The wormhole can be located by detecting the bending features on the rebuilt network topology. In [20], the authors derive a trust-based wormhole detection and evasion in DSR [2] based upon their sincerity in execution of the routing protocol. This method is based on the observation that tunneling through a wormhole requires encapsulation that the end points of a wormhole has to change This method requires the wireless card can work promiscuous mode and sending mode back and forth. Intrusion detection or tamper-proof hardware have also addressed the issue of compromised nodes. Qian et.al. [22] design a statistical analysis on the frequency of each link among multi-path. The detection is based on the observation that the link which spans the wormhole will occur more often in routing paths. However, this can not be used to detect hidden wormhole attack because multiple links can be affected by one wormhole. Each

link could occur in different paths. The affected link can be just like a normal link from its frequency value. Then the statistical analysis fails. To protect the network from hidden wormhole attack, a few methods have been studied which include packet leashes [13], SECTOR [3], and directional antennas method [8]. Hu et.al. [13] proposed to defend against wormhole attacks using packet leash which is to restrict a packets maximum allowed transmission distance. Two packet leashes can be used: geographical leash or temporal leash depending on whether the distance or time is used to bound the transmission. Both methods require authentication of received packets. Geographical leash requires a loosely synchronized clocks and temporal leash demands a tightly synchronized clocks. LiteWorp [15] detects wormhole attack based on local trafc monitoring at some selected nodes. This detection method may introduce other attacks such as blackmail attack through impersonation [7]. SECTOR (SECure Tracking Of node encounteRs) [3] prevents wormhole attack by bounding the maximum distance between two neighbor nodes through a series of fast one-bit exchange. These mechanisms use a special hardware to ensure accurate time measurement and fast processing between the sender and receiver. Hu et al [8] suggests to use directional antennas to prevent wormhole attack. In [21], the broadcast is protected by local broadcast keys (LBKs) which are only known within each neighborhood such that remote hosts can not decrypt the message that traversed a wormhole. A TrueLink [7] scheme prevents wormhole attack using link verication at MAC layer between two neighbors. The protocol adapts MAC frames in 802.11 to verify and authenticate neighbors.

3 System model and assumptions

Before we describe the mechanism, we briey describe our system requirements and assumptions. Our system consists of a set of mobile nodes which communicate using radio transmission and the radio link between neighbors is bidirectional. We do not make any specic assumption about the medium access control protocol used by the nodes to access the radio channel. We assume each node can measure its geographical location either through a Global Navigation Satellite Systems (GNSS) such as the Global Positioning System (GPS), the GLObal NAvigation Satellite System (GLONASS), and the upcoming Galileo system, as well as several terrestrialbased systems such as the Signpost Navigation System and the Cellular Geolocation System [16][23][18]. We assume that all network nodes either share pairwise secret keys, or hold each others authentic public keys.

Pairwise secret key can be established using key distribution scheme [1][5], an on-line key distribution center and TESLA broadcast authentication[12], or a key establishment scheme based on the mobility of the nodes and mutual node encounters[4]. We further assume that the transmission power of a wormhole is similar to a normal node in that more powerful transceiver is easily to be detected. Then a dedicated link is assumed between the two end points.

4 End-to-end detection of wormhole attack(EDWA)

In this section, we describe EDWA detection and prevention mechanism. We rst describe the main design of EDWA detection method. Three steps are involved: source node applies wormhole detection in each route discovery based on the shortest path estimation; Once a wormhole is detected, a wormhole TRACING phase will be launched by the source to identify the two end points of the wormhole. Then the source selects a shortest path from the legitimate routes set for data communication.

4.1

Main design of EDWA

In some routing protocols of wireless ad hoc networks, for example, AODV[19]and DSR[14], the source node rst initiates a routing discovery by broadcasting a ROUTE REQUEST packet. All intermediate nodes continues broadcasting the ROUTE REQUEST upon receiving it until the ROUTE REQUEST reaches the destination or some nodes that have a route to the destination. Then a ROUTE REPLY will be unicasted back to the source along a pre-cached path (e.g. in AODV, all intermediate nodes cache a reverse path to the source during the broadcasting) or according to the path in the packet header (e.g. the packet header of DSR has the entire route). We modied the routing protocol such that it is resilience to wormhole attack. As specied in the above, the sender initiates a route discovery by broadcasting a ROUTE REQUEST packet into the network. The sender sets the ag (e.g. Destination-only ag in AODV) such that only the receiver can respond the ROUTE REQUEST packet. Once the ROUTE REQUEST packet reaches the receiver, the receiver responds with a ROUTE REPLY with its current position. The sender authenticates the received ROUTE REPLY from the receiver. Then it retrieves the receivers position from the packet. Based on its own measured position and the receivers position, the sender estimates the shortest path in terms of hop count. The sender also retrieves the hop count value from the received ROUTE REPLY packet and compares it with the estimated value. We denote the estimated hop

count of the shortest path as he and the value from the ROUTE REPLY packet as hr . If the received hop count value is smaller than the estimation, that is hr < he , the sender predicts a wormhole attack and will mark the corresponding route. Since he is the estimated shortest path between the source and the destination, the source node is expecting that all legitimate routes will be at least as long as times the estimation. is a parameter adjustable to the network. In our simulation we use = 1. If some shortest routes have smaller hop count than the estimated value, it is with high probability that the route has gone through a wormhole as a wormhole tends to bring nodes that are far away to be neighbors. Once a wormhole is detected by the sender, the sender temporarily enables the path with wormhole and sends out a TRACING packet to the receiver. This TRACING packet is forwarded by each intermediate node through the route with wormhole. When a node in the route receives the TRACING packet, it acknowledges the source node with its current position by replying a TRACING-RESPONSE packet. The source will then estimate shortest path to each intermediate node and identify the two end points of the wormhole in a small area. An ERROR message followed will be broadcast to notify the network with the identied wormhole. Otherwise, for all hr he , the sender will select a shortest route from the set of legitimate routes for data communication. A few questions can be raised for the above method. First of all, how the source estimates the hop count of the shortest path to the destination according to the geographical information. The estimation algorithm is provided in section 4.2. Then the wormhole TRACING procedure is described in section 4.3. Finally, the problem of how the sender selects a legal route is addressed in section 4.4.

4.2

Shortest path length estimation

In EDWA, the sender is required to estimate the shortest path length in terms of hop count from the sender to the receiver based on the locations of the two nodes. We adopt the Euclidean distance estimation model in [25] for our smallest hop count estimation. The model describes the correlation of Euclidean distance and the corresponding hop count along the shortest path. Based on the model, given the Euclidean distance between the sender and receiver, the sender can estimate the smallest hop count to the receiver. Well rst show the estimation of the Euclidean distance from the source to the destination based on the location of the two end points, then construct the model of estimation of the hop count from the source to the destination. The algorithm will be described in detail. The sender measures its location ls , reads the destinations location ld , and estimates the minimum Euclidean

distance from the sender to the receiver using the formula: d ||ld ls || 2 vmax t + the maximum Euclidean distance between the source and the destination is d ||ld ls || + 2 vmax t + The propagation time t can be calculated as t= ||ld ls || V + vmax Figure 1. Estimation of the rst hop of the shortest path
d S A EA D

which assumes that the maximum transmission speed of radio signal is the speed of light and the sending and receiving delay are negligible. As the speed of light V is much greater than vmax , we get the estimation of Euclidean distance from the source to the destination as d = ||ld ls || + (1)

in which Xi and Yi are random variables with a uniform distribution fXi,Y i (xi , yi ) =
1 r 2 , Pi

0,

otherwise.

We assume a uniform distribution for the mobile nodes in the wireless ad hoc networks and the density function is known. This assumption is reasonable in that it applies to most application in wireless ad hoc network in which mobile nodes are randomly situated in the network. When the node distribution is not uniform, the estimation model will still be effective when the corresponding To facilitate our discussion we specify the following notations: vmax : maximum moving speed of a mobile node V : speed of light d: Euclidean distance between a source and a destination ls , ld : location of source and receiver, respectively r: transmission range he : estimation of hop count of the shortest path between the source and destination without wormhole attack hr : received hop count value from ROUTE REPLY packet t: propagation time between source and destination : the maximum relative error in location measurement We consider the sender S and the destination D as shown in Fig. 1 in the network. An arbitrary coordinates with S located at (0, 0) and D at (d, 0) is used in our calculations. The Euclidean distance between S and D is d. The average density of the network is N nodes per unit area, then on the average there are N r2 nodes in the set within S s transmission range. For an arbitrary node Pi in with coordinates (Xi , Yi ) the distance between Pi and D is ei = (Xi d)2 + Yi 2

Then the density function of Ei can be derived as fEi (ei ) =

2 2 2 2 1 e i + d r e cos i r2 2 ei d

We assume there is a node A within S s transmission range and has the shortest Euclidean distance to D. A is selected for the next hop along the shortest path to the destination. Since A is the closest node to D, we have EA = min{Ei |Pi } Accordingly, the density function of EA can be derived as fEA (eA ) = N r2 (1 PEi )N r and the mean value is obtained
d r
2

fEi (ei )

E (eA ) = d r +
d +r

(1 PEi (ei ))N r dei

(2)

where PEi (ei ) =

ei

fEi (ei )dei

d r

We get our rst hop after we derive E (eA ) and the value of hop count is increased by 1. Recursively applying the above method we can obtain the hop count of the shortest path from the source to the destination. For each recursion, we establish a new coordinate. For example, in Fig 2, A is located at (0,0) and D locates at (E (eA ), 0). Then we can get the second hop B and E (eB ). This procedure is repeated until the remaining distance to D (e.g. the distance between E and D in Fig. 2) is no longer than r. According to the above model we describe the estimation algorithm as follows:

d B S A C

E D

Figure 2. Hop count of the shortest path estimation model Algorithm 1 Hop count estimation of the shortest path between source and destination input: ls , ld output: he he = 0 calculate d using equation (1) while (d > r) calculate E (eA ) using equation (2) + + he d = E (eA ) end + + he

4.3

Wormhole TRACING

Once the source calculates the estimated hop count of the shortest path to the destination, it compares the received hop count from the ROUTE REPLY packet with the estimated value. If the received value is less than the estimation, the sender predicts that with high probability the received route has passed through a wormhole. To further identify the two end points of the wormhole the source starts wormhole TRACING procedure. At the end of TRACING phase all nodes will be notied such that the wormhole can be avoided in future communication. The source sends out a TRACING packet along the path that has been marked by the sender in wormhole detection. Upon receiving a TRACING packet, an intermediate node replies a TRACING-RESPONSE packet to the source with its current position, and also forward the packet to the next hop as if a data packet is received. When the TRACING packet reaches the destination, the destination node simply drops the TRACING packet and acknowledges the source. For each received location, the source applies the smallest hop count estimation algorithm in section 4.2 to determine the smallest hop count between the source and each intermediate node. The source node examines the hop count increase at each intermediate node along the route from the source to the destination. If a peak increase (the hop count

increases more than 1) is observed, the source node determines that a wormhole presents between the node where the peak increase is observed and its previous hop. Fig. 3 shows an example of a wormhole identication in DSR routing protocol. The graph denotes a shortest path from S to D. The rst row of the table denotes the received path S -A-B -G-D. The second row records the corresponding hop count to each intermediate node and the destination. Then estimated values are shown in the third row. A peak increase (the hop count increases from 2 to 6) can be observed at node G, then the source asserts that the wormhole lies between node G and its previous hop B . The source node can further identify the location of the two end points of the wormhole. Fig. 4 shows the wormhole identication process in the example of Fig. 3. We mark the wormhole as LR, where L is the left end point and R is the right one. Since B and G become neighbors due to the presence of wormhole LR, node A should be out of the transmission range of L. Otherwise A and G become neighbors. That is, L is within the transmission range of node B not that of A: L r(B )/r(A). We assume that S receives another shortest path, S -A-H -J -D, from D. Similarly, S predicts a wormhole attack along that path. S can further determine that the wormhole is between H and J . So we have L r(H )/r(A). Given the assumption that there is only one wormhole between any pair of nodes the source can determine that L r(H ) r(B )/r(A). A third route (S -AI -K -D) further restricts L in a small area where the three ranges intersect. That is L r(I ) r(H ) r(B )/r(A), which is marked as xyz in Fig. 4. We assume that L is uniformly distributed in the area xyz , then a transmission area w centered at xyz can be identied. All those nodes within w could be affected by the wormhole. The source node can use the same method in identifying the right end point R of the wormhole. Once the two end points are located, the source initializes an ERROR message to broadcast the two areas into the network. Upon receiving such an ERROR message, a node will mark itself if it is within the transmission range of the two end points such that it will not deliver any packets into the network avoid the affection of wormhole. Among the wormhole tracing process, the source will authenticate the received TRACING-RESPONSE packet from any intermediate node using the pairwise key shared between them.

4.4

Legitimate route selection

Route selection without any wormhole attack is simple. The source selects a shortest path from all received paths. However, the shortest path is not always the rst reply that the source obtained from the destination. Thus the source could not determine whether there are wormhole

B L

F R

S Received route length (hop count) Estimated route length (hop count)

A 1 1

B 2 2

G 3 6

D 4 7

SABCEFGD: the shortest path from S to D without wormhole SABGD: the shortest path received from route reply packet L, R: the two end points of the wormhole which is connected through other connection

Figure 3. An example of wormhole TRACING in DSR routing protocol

I x S A H y w J B L z C E F R G

K D

Algorithm 2 Route selection with wormhole detection the source keeps a set U for all incoming routes from the same destination within time T : U = (r1 , r2 , ..., rk ), ri is the ith received path if within time T , for any ri U , ri has the property of hr he based on our wormhole detection the source selects a shortest path lk from U for data communication. else the wormhole TRACING procedure will be launched an ERROR message is broadcasted into the network to announce the two areas that the end points of the detected wormhole reside the source disable all routes with wormhole attack and select a shortest legal path from U for data communication

The source node S detects wormhole on three paths: SABGD, SAHJD, and SAIKD The left end point of wormhole LR can be identified in the area xyz

Figure 4. Wormhole identication in DSR routing protocol

attack based on the rst received ROUTE REPLY. In addition, in case a wormhole is detected, the source has to wait to make its decision until a wormhole has been traced and identied. Based on that, we allow the source to wait for a certain time T before selecting a route for its data communication. The steps of route selection are listed as the following

Other optimizations can also be applied. According to our description, the source has to calculate the hop count every time a route is received from the destination. To save computation energy, the source can be optimized to cache the estimated shortest path after it conducts the rst calculation. Future calculation will be performed when geographical information is changed. In the legitimate route selection, a short time T has to be maintained for the source to collect all incoming routes. This time can be selected according to experimental results or based on the network statistics. For example, the source can keep a statistical value of how long it takes to collect ROUTE REPLY packets.

5 Analysis and simulation results

In this section we compare EDWA with other three main wormhole detection methods: packet leash[13], SECTOR[3], and directional antennas method[8]. The results are shown in Table 1, where the requirements for each method is listed in column two to column four and the detection method is compared in column ve. We observe that EDWA only requires geographical devices. For the defending method, packet leash and SECTOR aim to prevent wormhole by restricting the transmission distance of each hop either using life time in the packet header or distance bounding. Directional antenna maintains correct neighborhood using a verier. All above methods can only detect wormhole or avoid the affection of wormhole attack. But EDWA can effectively identify wormhole using wormhole TRACING. The communication overhead in EWDA is caused by the wormhole TRACING which involves one TRACING message from the source and one TRACING-RESPONSE mes-

4.5

Discussion

Two main accomplishments can be achieved through the wormhole TRACING process: one is to discover the wormhole, the other one is to verify the prediction at the source. The wormhole detection only tells that there might be a wormhole attack in the network, while the verication will be conducted during the TRACING process. If no peak increase is observed during the TRACING phase, the source unmarks the corresponding routes. Furthermore, the location of wormhole can be accurately identied if the attack can be detected on more paths. Usually, three paths that are separated well will be sufcient in identifying the end points.

Table 1. Response time variation of the lowest algorithm to the different occupations of the process geographical clock other special defending Method devices synchronization hardware method Packet leashes yes strong no detection SECTOR no loose Module for single bit communication detection Directional no no directional antennas detection EDWA yes no no detection and identication

Number of paths

sage from each intermediate node. The storage overhead is involved in identifying the peak increase of hop count in wormhole TRACING. This can be solved using one variable to record the hop count of the previous hop. The source can then compare the current value with the cached value of the variable. If a peak increase is observed, the source start to locate the end points. We simulated a wireless ad hoc network in a 1500 1500 plain with an average of 40 neighbors for each node. Fig. 5 plots the actual shortest hop count received at the source node versus the estimated value between the source and destination. It shows that the received hop count at the source node is a little larger than the estimation when the distance between the source and destination is not too faraway. For example, for an estimated 4 hops from the source to the destination, the actual shortest path is around 6 hops. This is due to the fact that there is not always a matched node in the network. Fig. 6 plots the distribution of length of shortest paths for the whole network. We observe that around 70% communications happen within 4 hops. That means when the source and destination is not too faraway our method is effective in wormhole detection.
Estimation vs. actual hop count 14

1400

1200

1000

800

600

400

200

3 4 5 6 Estimated shortest hop count

Figure 6. distribution of hop counts

6 Conclusion

12 Received shortest hop count

10

In this article we presented an end-to-end detection of wormhole attack in wireless ad hoc networks. A simple comparison method based on the estimated shortest path and the actual shortest path is used to determine whether there is a wormhole attack for each received route. Once a wormhole attack is detected, the source node launches wormhole TRACING procedure to identify the two end points of the wormhole and the result is broadcast into the network to warn other nodes. Finally, based on the wormhole detection and identication the source could select a shortest route from a set of legitimate routes. Our EDWA wormhole detection method is novel in that it is the rst approach using end-to-end method in wormhole attack detection and wormhole identication. Both analysis and simulation results show that EDWA is effective when the source and destination are not too far away. Our future work will focus on improving detection rate of wormhole attack on long pathes. The parameter can be examined to reduce cumulated estimation error when there is a long distance between source and destination.

4 5 6 Estimated shortest hop count

Figure 5. Actual shortest hop count versus estimated shortest hop count

References
[1] R. Bobba, L. Eschenauer, V. Gligor, and W. Arbaugh. Bootstrapping security associations for routing in mobile ad-hoc networks. Technical Report TR 2002-44, May 2002. [2] J. Broch, D. Johnson, and D. Maltz. The dynamic source routing protocol for mobile ad hoc networks. http://www.ietf.org/internet-drafts/draft-ietf-manetdsr-10.txt, Dec. 1998. [3] S. Capkun, L. Buttyan, and J. Hubaux. SECTOR: Secure tracking of node encounters in multi-hop wireless networks. In Proceedings of the ACM Workshop on Security of Ad Hoc and Sensor Networks, pages 2132, 2003. [4] S. Capkun, J.-P. Hubaux, and L. Buttyan. Mobility helps security in ad hoc networks. In Proceedings of MobiHoc, 2003. [5] H. Chan, A. Perrig, and D. Song. Random key predistribution schemes for sensor networks. In Proceedings of the 2003 IEEE Symposium on Security and Privacy, pages 197 213, 2003. [6] E. W. dijkstra. A note on two problems in connection with graphs. Numerische Mathematik, 1:269271, 1959. [7] J. Eriksson, S. Krishnamurthy, and M. Faloutsos. Truelink: A practical countermeasure to the wormhole attack. In The 14th IEEE International Conference on Network Protocols (ICNP), Nov. 2006. [8] L. Hu and D. Evans. Using directional antennas to prevent wormhole attacks. In Proceedings of the Network and Distributed System Security Symposium (NDSS), pages 131 141, 2004. [9] Y. Hu, D. Johnson, and A. Perrig. Sead: Secure efcient distance vector routing for mobile wireless ad hoc networks. In IEEE Workshop on Mobile Computing Systems and Applications, June 2002. [10] Y. Hu, A. Perrig, and D. Johnson. Ariadne: A secure ondemand routing protocol for ad hoc networks. In ACM MobiCom 2002, Sept. 2002. [11] Y.-C. Hu and A. Perrig. A survey of secure wireless ad hoc routing. In IEEE Security and Privacy, Special issue on Making Wireless Work, May 2004. [12] Y.-C. Hu, A. Perrig, and D. B. Johnson. Ariadne: A secure on-demand routing protocol for ad hoc networks. In Proceedings of MobiCom, 2002. [13] Y.-C. Hu, A. Perrig, and D. B. Johnson. Packet leashes: A defense against wormhole attacks in wireless networks. In Proceedings of the Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies, pages 19761986, 2003. [14] D. B. Johnson, D. A. Maltz, and Y. Hu. The dynamic source routing protocol for mobile ad hoc networks (DSR). IETF MANET Internet Draft, 2003. [15] I. Khalil, S. Bagchi, and N. B. Shroff. Liteworp: A lightweight countermeasure for the wormhole attack in multihop wireless networks. In DSN, pages 612621, 2005. [16] M. S. Khan. Political and economic dimensions of global navigation satellite system (gnss). In Proc. of IEEE Aerospace Conf., page 1271C1276, 2001.

[17] P. Papadimitratos and Z. Haas. Secure routing for mobile ad hoc networks. In SCS Communication Networks and Distributed Systems Modeling and Simulation Conference, Jan. 2002. [18] B. Parkinson and S. Gilbert. NAVSTAR: Global positioning systemten years later. In Proc. IEEE, volume 71, page 1177C1186, 1983. [19] C. E. Perkins, E. M. Royer, and S. R. Das. Ad-hoc ondemand distance vector routing. In the 2nd IEEE Workshop on Mobile Computing Systems and Applications, pages 90 100, Feb. 1999. [20] A. A. Pirzada and C. McDonald. Detecting and evading wormholes in mobile ad-hoc wireless networks. International Journal of Network Security, 3(2):191C202, Sept. 2006. [21] R. Poovendran and L. Lazos. A graph theoretic framework for preventing the wormhole attack in wireless ad hoc networks. ACM journal on Wireless Networks (WINET), 2005. [22] L. Qian, N. Song, and X. Li. Detecting and locating wormhole attacks in wireless ad hoc networks through statistical analysis of multi-path. Wireless Communications and Networking Conference, 4:2106 2111, Mar. 2005. [23] T. Rappaport, J. Reed, and B.Woerner. Position location using wireless communications on highways of the future. IEEE Commun. Mag., 34(10):33C41, Oct. 1996. [24] W. Wang and B. Bhargava. Visulization of wormholes in sensor networks. Proceeding of the ACM Workshop on Wireless Security (WiSe), pages 5160, 2004. [25] H. Wu, C. Wang, and N.-F. Tzeng. Novel self-congurable positioning technique for multi-hop wireless networks. IEEE/ACM Transactions on Networking, 13(3):609621, June 2005.