• Journal of the Korea Society of Computer and Information
• /
• v.17 no.11
• /
• pp.73-81
• /
• 2012

This paper proposes an ETWAD(Encapsulation and Tunneling Wormhole Attack Detection) design based on positional information and hop count on Ad-Hoc Network. The ETWAD technique is designed for generating GAK(Group Authentication Key) to ascertain the node ID and group key within Ad-hoc Network and authenticating a member of Ad-hoc Network by appending it to RREQ and RREP. In addition, A GeoWAD algorithm detecting Encapsulation and Tunneling Wormhole Attack by using a hop count about the number of Hops within RREP message and a critical value about the distance between a source node S and a destination node D is also presented in ETWAD technique. Therefore, as this paper is estimated as the average probability of Wormhole Attack detection 91%and average FPR 4.4%, it improves the reliability and probability of Wormhole Attack Detection.

• KSCI Review
• /
• v.15 no.1
• /
• pp.77-81
• /
• 2007

센서 네트워크 라우팅에 대한 공격은 무선이라는 네트워크 환경 때문에 애드혹과 유사하게 이루어 지고 있다. 하지만 이를 대처하는 보안 매커니즘은 노드가 보다 제한된 자원을 가지므로 그대로 적용할 수 없어 새로운 연구가 필요하게 되었다. 본 논문에서는 웜홀 이라는 라우팅 공격에 대하여 다중 경로를 이용하여 공격을 회피하고 검출하는 방법에 대하여 제안한다. 다중 경로 환경에서 주경로와 대체 경로간 홉당 지연시간을 비교하여 웜홀 경로를 회피, 검출하고 검출 오차를 줄이기 위하여 블랙리스트를 방법을 사용한다. Ns-2 시뮬레이션 환경에서 제안한 방법을 이용한 웜홀 검출 메커니즘을 시뮬레이션하고 웜홀과 정상 노드의 검출율을 비교하여 성능을 측정하였다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.6
• /
• pp.1462-1470
• /
• 2013

This paper proposes an SWAD-KNH(Sybil & Wormhole Attack Detection using Key, Neighbor list and Hop count) technique which consists of an SWAD(Sybil & Wormhole Attack Detection) module detecting an Worm attack and a KGDC(Key Generation and Distribution based on Cluster) module generating and an sense node key and a Group key by the cluster and distributing them. The KGDC module generates a group key and an sense node key by using an ECDH algorithm, a hash function, and a key-chain technique and distributes them safely. An SWAD module strengthens the detection of an Sybil attack by accomplishing 2-step key acknowledgement procedure and detects a Wormhole attack by using the number of the common neighbor nodes and hop counts of an source and destination node. As the result of the SWAD-KNH technique shows an Sybil attack detection rate is 91.2% and its average FPR 3.82%, a Wormhole attack detection rate is 90%, and its average FPR 4.64%, Sybil and wormhole attack detection rate and its reliability are improved.

• Convergence Security Journal
• /
• v.8 no.1
• /
• pp.19-26
• /
• 2008

In wireless sensor networks, an adversary can launch the wormhole attacks, where a malicious node captures packets at one location and tunnels them to a colluding node, which retransmits them locally. The wormhole attacks are very dangerous against routing protocols since she might launch these attacks during neighbor discovery phase. A strategic placement of a wormhole can result in a significant breakdown in communication across the network. This paper presents a compromise-resilient tunneled packet filtering method for sensor networks. The proposed method can detect a tunneled message with hop count alteration by a comparison between the hop count of the message and one of the encrypted hop counts attached in the message. Since the proposed method limits the amount of security information assigned to each node, the impact of wormhole attacks using compromised nodes can be reduced.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.10c
• /
• pp.586-591
• /
• 2006

단말의 휴대화가 진행되고 있는 최근에서는 무선 네트워크에 대한 관심이 보다 높아지고 있다. 이러한 요구에 맞추어 기존 인프라의 도움 없이 네트워크의 구성요소들로만 네트워크를 구성하는 애드혹 네트워크 기술이 생겨났다. 하지만 애드혹 네트워크 기술이 발전함에 따라 그에 대한 공격 방법들도 날로 발발전하고 있으며, 대표적인 공격 방법 중 하나가 웜홀을 이용한 잘못된 경로의 설정이다. 공격노드는 웜홀 공격을 이용하여 다른 정상노드들의 라우팅 경로에 자신을 포함시킬 수 있고 이를 통해 패킷의 분석 및 정보의 탈취가 가능하다. 본 논문에서는 애드혹 네트워크에서의 웜홀 공격의 탐지를 위해 경로 설정시의 이웃노드들의 정보를 이용하는 방안을 제시하고 있다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.10d
• /
• pp.681-685
• /
• 2006

이동 애드 혹(Ad Hoc)네트워크는 노드의 참여와 이탈이 자유롭고 토폴로지의 변화가 잦기 때문에 일반 고정 유선네트워크에 비해 보안적으로 훨씬 더 많은 잠재적인 위험을 지니고 있다. 그 중 주변 노드들의 신뢰도에 대한 보장이 이루어지지 않기 때문에 멀티 홉 방식의 라우팅을 할 경우, 악의적인 중간 노드에 의해 정상적인 통신과 서비스를 방해하는 라우팅 과정에서의 공격이 일어날 수 있다. 특히 협력노드를 이용한 웜홀 공격은 단일노드에 의한 공격보다 탐지가 어렵고 그 피해도 더욱 크다. 이러한 웜홀 공격에 대응하기 위하여 본 논문에서는 네트워크에 참여한 노드들의 위치정보를 이용한 CA(central authority)에서의 경로 분석을 통해 웜홀을 탐지하는 기법을 제안하였다.

• Journal of the Korea Society for Simulation
• /
• v.18 no.4
• /
• pp.149-155
• /
• 2009

Attacks in wireless sensor networks (WSN), are similar to the attacks in ad-hoc networks because there are deployed on a wireless environment. However existing security mechanism cannot apply to WSN, because it has limited resource and hostile environment. One of the typical attack in WSN is setting up wrong route that using wormhole. To overcome this threat, Ji-Hoon Yun et al. proposed WODEM (WOrmhole attack DEfense Mechanism) which can detect and counter with wormhole. In this scheme, it can detect and counter with wormhole attacks by comparing hop count and initial TTL (Time To Live) which is pre-defined. The selection of a initial TTL is important since it can provide a tradeoff between detection ability ratio and energy consumption. In this paper, we proposed a fuzzy rule-based system for TTL determination that can conserve energy, while it provides sufficient detection ratio in wormhole attack.

• Journal of Internet Computing and Services
• /
• v.10 no.3
• /
• pp.51-60
• /
• 2009

This paper proposes a reliable 2-mode authentication framework for probabilistic key pre-distribution in Wireless Sensor Network (WSN) that guarantees the safe defense against different kinds of attacks: Hello flood attacks, Wormhole attacks, Sinkhole attack, location deployment attacks, and Man in the middle attack. The mechanism storing the trust neighbor IDs reduces the dependence on the cluster head and as the result; it saves the power energy for the authentication process as well as provides peer-to-peer communication.

• Journal of Intelligence and Information Systems
• /
• v.16 no.1
• /
• pp.45-56
• /
• 2010

Sensor Networks are composed of many sensor nodes, which are capable of sensing, computing, and communicating with each other, and one or more sink node(s). Sensor networks collect information of various objects' identification and surrounding environment. Due to the limited resources of sensor nodes, use of wireless channel, and the lack of infrastructure, sensor networks are vulnerable to security threats. Most research of sensor networks have focused on how to detect and counter one type of attack. However, in real sensor networks, it is impractical to predict the attack to occur. Additionally, it is possible for multiple attacks to occur in sensor networks. In this paper, we propose the Secure Routing Mechanism to Defend Multiple Attacks in Sensor Networks. The proposed mechanism improves and combines existing security mechanisms, and achieves higher detection rates for single and multiple attacks.