Detection of wormhole attacks on IPv6 mobility-based wireless sensor network

EURASIP Journal on Wireless Communications and Networking, Dec 2016

New communication networks are composed of multiple heterogeneous types of networks including Internet, mobile networks, and sensor networks. Wireless sensor networks have been applied to various businesses and industries since the last decade. Most sensors have the ability of communication and the requirement of low power consumption. 6LoWPAN (IPv6 over Low Power Wireless Personal Area Networks) plays an important role in this convergence of heterogeneous technologies, which allows sensors to transmit information using IPv6 stack. Sensors perform critical tasks and become targets of attacks. Wormhole attack is one of the most common attacks to sensor networks, threatening the network availability by dropping data or disturbing routing paths. RPL (IPv6 Routing Protocol for Low-Power and Lossy Networks) is a standard routing protocol commonly used in sensor networks. This study proposes a RPL-based wormhole detection mechanism. The rank of a node-defined RPL is adopted to measure the distance. The proposed detection method discovers malicious wormhole nodes if unreasonable rank values are identified. The experimental results show that the proposed detection method can identify wormholes effectively under various wireless sensor networks.

A PDF file should load here. If you do not see its contents the file may be temporarily unavailable at the journal website or you do not have a PDF plug-in installed and enabled in your browser.

Alternatively, you can download the file locally and open with any standalone PDF reader:

https://link.springer.com/content/pdf/10.1186%2Fs13638-016-0776-0.pdf

Detection of wormhole attacks on IPv6 mobility-based wireless sensor network

Lai EURASIP Journal on Wireless Communications and Networking Detection of wormhole attacks on IPv6 mobility-based wireless sensor network Gu-Hsin Lai 0 0 Department of Information Management, Chinese Culture University , Taipei , Taiwan New communication networks are composed of multiple heterogeneous types of networks including Internet, mobile networks, and sensor networks. Wireless sensor networks have been applied to various businesses and industries since the last decade. Most sensors have the ability of communication and the requirement of low power consumption. 6LoWPAN (IPv6 over Low Power Wireless Personal Area Networks) plays an important role in this convergence of heterogeneous technologies, which allows sensors to transmit information using IPv6 stack. Sensors perform critical tasks and become targets of attacks. Wormhole attack is one of the most common attacks to sensor networks, threatening the network availability by dropping data or disturbing routing paths. RPL (IPv6 Routing Protocol for Low-Power and Lossy Networks) is a standard routing protocol commonly used in sensor networks. This study proposes a RPL-based wormhole detection mechanism. The rank of a node-defined RPL is adopted to measure the distance. The proposed detection method discovers malicious wormhole nodes if unreasonable rank values are identified. The experimental results show that the proposed detection method can identify wormholes effectively under various wireless sensor networks. Wormhole attack; Sensor networks; IPv6; RPL; Mobility 1 Introduction Wireless sensor networks with IoT (Internet of Things) have been applied to many applications such as ecosystem monitoring, disaster watch, building automation, health monitoring, object tracking, and plant control. The sensor data carry out important information such as vital signals or disaster alerts; transmission failure or error data might cause system malfunction or serious incidents. The existing Internet protocol IPv4 could only provide about 4 billion public IP addresses; the limited IP spaces constrain the growth of wireless sensor network applications. IPv6 is the latest version of Internet Protocol, a communication protocol that provides an identification and location system for the network devices in the new type of communication networks. Many sensors and tiny devices facilitate IPv6 to provide connectivity. In wireless sensor networks, the network topology could change due to a weak mobility (new nodes join the network or hardware failure of existing devices) or strong mobility (physical movement of nodes) [ 1 ]. However, wormhole attack could also make topology change in wireless sensor network. Therefore, building a security mobility management mechanism is very important for wireless sensor networks. A typical architecture of wireless sensor networks is illustrated in Fig. 1, where all the sensors transmit data to the root. Wormhole attack is one of the most common attacks in sensor networks. Figure 2 illustrates an example of wormhole where the two malicious nodes, M1 and M2, form a wormhole tunnel T1 through which redirects the transmissions. Some routing paths going through the wormhole tunnel might be shorter than the normal multi-hop routes [ 2–4 ]. Therefore, wormhole attacks may change the original routing paths, and the wormhole nodes may eavesdrop or discards the data going through the wormhole tunnel. Furthermore, the two wormhole end nodes consume more power energy than others. Once their resources are exhausted, the sensor network might not operate properly. Wormhole attacks compromise the network availability and data privacy and may cause serious security problem in sensor networks. According to the wireless sensor network architecture, each node usually is only aware of its neighbor nodes and possesses limited resources. Centralized and sophisticated detection methods might not be feasible because sensor nodes only have limited computing power. On the other hand, equipping with additional hardware for all sensor nodes is costly. Hence, detection systems requiring additional hardware might not be practical. Based on the above constraints, this study proposes a distributed detection method by applying the standard routing protocol IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL), available in all the sensor nodes to identify wormhole attacks without additional hardware. RPL [ 5, 6 ] is a standard routing protocol for wireless sensor networks [7]. However, RPL is vulnerable to wormhole attacks [ 8 ]. The proposed detection method applies the rank information from RPL to estimate the relative distance to the root node; the rank value will be compared with that of the neighbors; if the discrepancy exceeds a threshold value, it signals an anomaly where a wormhole might exist. The main contributions of this paper are as follows: 1. The proposed approach builds a security mobility management mechanism in wireless senso (...truncated)


This is a preview of a remote PDF: https://link.springer.com/content/pdf/10.1186%2Fs13638-016-0776-0.pdf

Gu-Hsin Lai. Detection of wormhole attacks on IPv6 mobility-based wireless sensor network, EURASIP Journal on Wireless Communications and Networking, 2016, pp. 274, Volume 2016, Issue 1, DOI: 10.1186/s13638-016-0776-0