International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882

Volume 3 Issue 2, May 2014

A Study on Wormhole Attack in MANET

Anshika Garg1, Shweta Sharma2
1
2

School of Computing Science and Engineering, Galgotias University, Greater Noida

School of Computing Science and Engineering, Galgotias University, Greater Noida

ABSTRACT
Mobile Ad hoc Network (MANET) is used most
commonly all around the world, because it has the
ability to communicate with each other without any
fixed network. A proper security solution is needed for
networks to protect both route and data packet delivery
operations in the network layer. Security is an essential
requirement in MANET. The malicious node in the
network act as a normal node, so there is a need of
security solution to prevent from various attacks. In this
paper, we have reviewed about byzantine malicious
attacks and basically on wormhole attack in MANET.
Keywords MANET, Malicious Nodes, Security,
Wormhole

1. INTRODUCTION
A Mobile Ad-Hoc Network (MANET) is a collection of
wireless mobile nodes can form without using any
centralized access point, infrastructure, or centralized
administration. Wireless ad hoc or on-the-fly networks
are characterized by the lack of infrastructure. Nodes in a
mobile ad-hoc network are free to move and organize
themselves in an arbitrary fashion. Security is major and
important issue in MANET.
There are various threats to MANET. One of them is
wormhole attack about which we have focused in this
paper. Wormhole attack is a serious threat as malicious
nodes can use it for Denial of Service attack by dropping
some data or control packets. It is more powerful as
launched by more than one attacker.
The rest of the paper is organized as follows: section II
and III describes security goals and attacks respectively.
In the section IV, we have described wormhole attack.

2. SECURITY SERVICES AND

CHALLENGES IN MANET
In order to assure a reliable data transfer over the
communication networks and to protect the system
resources, a number of security services are required.
Based on their objectives, the security services are
classified in five categories [4]: availability,

confidentiality,
repudiation.

authentication,

integrity

and

non-

2.1 Availability
Availability implies that the requested services (e.g.
bandwidth and connectivity) are available in a timely
manner even though there is a potential problem in the
system. Availability of a network can be tempered for
example by dropping off packets and by resource
depletion attacks.
2.2 Confidentiality
Confidentiality ensures that classified information in the
network is never disclosed to unauthorized entities.
Confidentiality can be achieved by using different
encryption techniques so that only the legitimate
communicating nodes can analyze and understand the
transmission. The content disclosure attack and location
disclosure attack reveals the contents of the message
being transmitted and physical information about a
particular node respectively.
2.3 Authenticity
Authenticity is a network service to determine a users
identity. Without authentication, an attacker can
impersonate any node, and in this way, one by one node,
it can gain control over the entire network.
2.4 Integrity
Integrity guarantees that information passed on between
nodes has not been tempered in the transmission. Data
can be altered both intentionally and accidentally (for
example through hardware glitches, or in case of ad hoc
wireless connections through interference).
2.5 Non Repudiation
Non-repudiation ensures that the information originator
cannot deny having sent the information. This service is
useful for detection and isolation of compromised nodes
in the network. Many authentication and secure routing
algorithms implemented in ad hoc networks rely on
trust-based concepts. The fact that a message can be

www.ijsret.org

211

International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882
Volume 3 Issue 2, May 2014

attributed to a specific node helps making these

algorithms more secure.

3.

NETWORK SECURITY ATTACKS

To provide a secure communication in the network many

security challenges [12] are faced. Two major categories
that are to be considered in the security attacks are:
3.1 Passive Attacks
A passive attack does not interrupt in the normal
operation of MANET, when the data is exchanged on the
network [11]. The basic nature of passive attack is to
identify the data that is exchanged in the network [14].
In this attack, the requirement of confidentiality gets
violated. Generally, in passive attacks, the task of the
network is to monitor that which type of communication
is actually going on [13]. The two different kinds of
attacks in the Passive attacks that occur frequently are
Eaves Dropping and Traffic analysis Monitoring.
3.2 Active attacks
An Active attack interrupts the data that has been
exchanged on the network. It tries to modify the normal
operations of MANET such as doing data interruption,
modification, deletion and fabrication. Active attacks
can be of two types, i.e., internal or external.
3.3 External attacks
In this, the attacker aims for creating the congestion in
the network that can be achieved by propagating fake
routing information or by disturbing the nodes from
providing services [4]. The attacker always disrupts the
nodes to avail services.
3.4 Internal attacks
In this, the attacker gains the access to participate in the
network activities. Here the attacker comes with some
malicious personality to get access from network as a
new node.

4. BYZANTINE WORMHOLE ATTACKS

In a MANET, the participating nodes are considered
legitimate after a formal authentication procedure. Once
authenticated, these nodes are given full control of the
network and allowed to participate in network operation.
These authenticated nodes start misbehaving and
disrupting the network operations. The aim of the
Byzantine nodes is to disrupt the communication of
other nodes, but still participate in the routing protocol
correctly. It is possible to deploy the following types of
attacks by the Byzantine nodes in MANET: black hole

attack, flood rushing attack, Byzantine wormhole attack

and Byzantine overlay network wormhole attack.
Following are the major differences between traditional
wormhole and Byzantine wormhole attack:
1.In traditional wormhole attack, the colluders can fool
two honest nodes into believing that there exists a
direct link between them. But in Byzantine wormhole
attacks, the wormhole link exists between the
compromised nodes and not between the honest
nodes.
2.In traditional wormhole attack, the colluders are
invisible to the honest nodes. It is because of the fact
that the colluders do not participate in any network
operations. The nodes at the endpoints of the
wormhole tunnel overhear the ongoing transmissions
in their vicinity and also tunnel the routing packets
originated by the nodes within their transmission
range. In Byzantine wormhole attacks, the colluders
are active participants in the network. In this form of
wormhole attack, the attackers are authenticated
nodes having full access to the network resources.
3.Traditional wormhole attacks fall in the category of
external attacks in MANETs. This is because of the
fact that the attackers can be external entities
pursuing an attack after the network is formed. The
attackers do not require authentication or
cryptographic keys to form a tunnel in between two
honest nodes placed in different network regions. On
the other hand, Byzantine wormhole attackers are
authenticated nodes, which have to be compromised
to form a tunnel in between. So, Byzantine wormhole
attack is an internal security attack in MANET.

5. RELATED WORK
Author in paper [1] proposes, all the results show that
malicious nodes give a bad impact on the performance of
AODV on some parameters as packet delivery ratio,
throughput, end to end delay ratio, data packet sent /
receive and control packets drop. In future an effort will
be used to detect and deactivate the working of
malicious node from the AODV.
The study of wormhole attack launched in AODV
routing protocol in MANET [2] is conducted and the
simulation study depicts the performance degradation in
terms of parameters like network throughput, average
end to end delay, packet delivery ratio, drop rate.
According to [3], a security mechanism is proposed to
defend against a cooperative gray hole attack on well
known AODV routing protocol in MANETs. The
proposed mechanism consists of four modules as:
Neighborhood Data Collection, Local Anomaly

www.ijsret.org

212

International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882
Volume 3 Issue 2, May 2014

Detection, Cooperative Anomaly Detection and Global

Alarm Raiser.
A solution for analyzing and improving the security of
Ad hoc On demand Distance Vector routing protocol
against black hole attack in MANET is proposed [5].
The proposed solution uses Prior_ReceiveReply method
and detect black hole node during route discovery time.
A solution in [7] is proposed that is capable of detecting
and removing black hole nodes in MANET at the
beginning i.e. during route discovery time. The proposed
solution uses additional route to the intermediate node to
check whether route from intermediate to the destination
node exist or not.
A mechanism named Cooperative Bait Detection
Scheme (CBDS) is presented that is based on DSR
routing protocol to detect malicious nodes launching
black/gray hole attack and cooperative black hole attacks
[8].
A DSR based secure routing protocol named BDSR
(Baited-Black-hole DSR) is proposed in [6]. BDSR
detects and avoids the black hole attack based on
merging proactive and reactive defense architecture in
MANET using virtual and non-existent destination
address to bait malicious to reply RREP.
A New Secured Approach for MANETs against
Network Layer Attacks [4] presents a semantic security
mechanism capable of detecting and isolating nodes that
launch different types of network layer attacks. The
detection is based on the estimated percentage of packets
dropped, which is compared against pre-established
misbehavior threshold. Any node dropping packets in
excess of this threshold is misbehaving node.
Author enhances a recently proposed AODV based
Highly Secured Approach against attacks on MANETs
(HSAM) [9] to secure routes in route selection phase.
Study in [10] describes different method for detecting
indiscipline or malicious nodes in mobile ad hoc
network.

6.

CONCLUSION AND FUTURE WORK

The Misbehavior of nodes causes severe damage.

Security is the most important feature in MANET. In
this paper we have seen the various security goals of
MANET and number of attacks in network and
especially for byzantine attacks that too wormhole
attacks. Our future work will involve the use of our own
approach for detection and prevention of wormhole
attacks in AODV as well as comparison of various
scenarios with and without wormhole attack in network
simulator.

ACKNOWLEDGEMENT
I am deeply thankful to my supervisor Prof. Arun Kumar
and my all friends whose help, stimulating suggestions
and encouragement helped me in all the time for my
review.

REFERENCES
[1] Vijay Kumar, Rakesh Sharma, Ashwani Kush,
Effect of Malicious Nodes on AODV in Mobile Ad
Hoc Networks, International Journal of Computer
Science and Management Research,Vol.1 issue 3
ISSN 2278-733X, October 2012.
[2] Vandana C.P, Dr. A. Francis Saviour Devaraj,
Evaluation of Impact of Wormhole Attack on
AODV, Int. J. Advanced Networking and
Applications, Vol. issue. Pp. 2013.
[3] Jaydip Sen, M. Girish Chandra, Harihara S.G.,
Harish Reddy and P. Balamuralidhar, A Mechanism
for Detection of Gray Hole Attack in Mobile Ad Hoc
Networks, Proceedings of 6th IEEE Conference on
Global Information Infrastructure Synposium (GIIS),
December 2007.
[4] G.S. Mamatha and Dr. S. C. Sharma, A New
Secured Approach for MANETs against Network
Layer Attacks, First IEEE International Conference
on Integrated Intelligent Computing, 2010.
[5] K. Lakshmi, S. Manju Priya, A. Jeevarathinam, K.
Rama and K. Thilangam, Modified AODV Protocol
against Black Hole Attacks in MANET,
International
Journal
of
Engineering
and
Technology, Vol. 2, 2010.
[6] Po-Chun TSOU, Jian-Ming CHANG, Yi-Hsuan
LIN, Han-Chieh CHAO and Jiann-Liang CHEN,
Developing a BDSR Scheme to Avoid Black Hole
Attack Based on Proactive and Reactive
Architecture in MANETs, ICACT, Feb. 2011.
[7] Rajib Das, Dr. Bipul Syam Purkayastha and Dr.
Prodipto Das, Security Measures for Black Hole
Attack in MANET: An Approach, International
Journal of Engineering Science and Technology,
Vol. 3, No. 4, pp- 2832-2838, ISSN: 0975-5462,
April 2011.
[8] Jian-Ming Chang, Po-Chun Tsou, Han-Chieh Chao
and Jiann-Liang Chen, CBDS: A Cooperative Bait
Detection Scheme to Prevent Malicious Node for
MANET Based on Hybrid Defense Architecture,
IEEE, 2011.
[9] Mohammad S. Obaidat, Issac Wougang, Sanjay
Kumar Dhurandher and Vincent Koo,Preventing
Packet Dropping and Message Tampering Attacks

www.ijsret.org

213

International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882
Volume 3 Issue 2, May 2014

on AODV-based Mobile Ad-Hoc Networks, IEEE,

2012.
[10] Shobha Arya and Chandrakala Arya, Malicious
Node Detection in Mobile Ad- Hoc Networks,
Journal of Information Operations Management,
Vol. 3, pp- 210-212, ISSN: 0976-7754, January
2012.
[11] A.Saini, R. Sharma, A Study of various Security
Attacks & their countermeasures in MANET
IJARCSSE, vol.1,

Issue.1, Dec 2011.

[12] Dhamande C.S and Deshmukh H.R,A Competent
to diminish the brunt of gay hole attack in MANET
Vol.2, Issue 2 Mar 2012.
[13] M. Wazid, Rajesh Kumar Singh, R.H.Goudar, A
Survey of Attacks Happened at Different Layers of
Mobile Ad-Hoc Network & Some available
Detection Techniques IJCA , Vol.3, No,2 Feb 2011.
[14] Stephen Carter and Alec Yasinac Secure Position
Adhoc
Routing.

www.ijsret.org

214