Presented By:-
Harsh Kishore Mishra
M.Tech. Cyber Security II Semester

OUTLINE
• Introduction
• Mobile Ad-Hoc Network
• Applications of MANET
• Challenges and Issues
• Attacks on MANET
• Wormhole Attack
• Past Work towards Wormhole Attack
• Technique to be used
• Conclusion

INTRODUCTION
• Wireless Networks are ubiquitous and provides great
advantages.
• Two types of wireless networks, Infrastructure and Ad Hoc
• Ad Hoc networks attracts great attention.
• Provides convenience, mobility, scalability, cost and Easy
Setup.
• Vulnerable to various attacks due to functionality and
deployment scenario.

MOBILE ADHOC NETWORK
An infrastructure less collection of mobile nodes that can arbitrarily change their
geographic locations such that these networks have dynamic topologies and random
mobility with constrained resources.

MOBILE ADHOC NETWORK
• A collection of wireless mobile nodes that communicate with each
other without the use of any pre established network infrastructure.
• It is decentralized, all network and routing activities are handled by
nodes.
• Wireless nodes are free to move and causes dynamic topology.
• Nodes operates by co operating with each other for data.
• Suitable for situations and applications where infrastructure is not
possible.

APPLICATIONS OF MANETS
• Military communication and operations
• Automated battlefields
• Emergency services
• Search and rescue operations
• E-commerce: electronic payments
anytime and anywhere
• Business: dynamic database access,
mobile offices
• Personal area networks (PAN)
• Networks at construction sites
• Universities, Virtual classrooms and
campus settings
• Ad hoc communications during
meetings or lectures
• Multi-user games
• Wireless P2P networking and Outdoor
Internet access

CHALLENGES AND ISSUES
• Routing
• Service and Resource Discovery
• Security and Node Cooperation
• Dynamic Topology
• No Centralized Authority
• Bandwidth Constraint
• Limited Energy Source
• No Predefined Boundary

ATTACKS ON MANET
• Eavesdropping
• Denial of Service
• Jamming
• Black hole Attack
• Rushing Attack
• Wormhole Attack
• Sinkhole Attack
• Session hijacking

WORMHOLE ATTACK
• Wormhole nodes fake a route that is shorter than the original one
within the network; this can confuse routing mechanisms which rely
on the knowledge about distance between nodes.
• It has one or more malicious nodes and a tunnel between them.
• The attacking node captures the packets from one location and
transmits them to other distant located node which distributes them
locally.
• A wormhole attack can easily be launched by the attacker without
having knowledge of the network or compromising any legitimate
nodes or cryptographic mechanisms.

WORMHOLE ATTACK
The tunnel is either the wired link or a high frequency links. This
creates the illusion that the two end points of the tunnel are very close
to each other.

ATTACK MEDIUM
In Band Attack Out of Band Attack

ATTACKING MODES
Wormhole Attack
Modes
Hidden Modes
Packet
Encapsulation
Packet Replay
Participation
Modes
High Power
Transmission
Out of Band

• 1) Packet Encapsulation: Each packet is routed via the legitimate path
only, when received by the wormhole end, gets encapsulated to prevent
nodes on way from incrementing hop counts. The packet is brought into
original form by the second end point.
• 2) Out-of-Band: This two-ended wormhole, a dedicated out-of-band high
bandwidth channel is placed between end points to create a wormhole link.
• 3) High-Power-Transmission: This kind of wormhole approach has only
one malicious node with much high transmission capability that attracts
the packets to follow path passing from it.
• 4) Packet Relay: In packet relay two malicious nodes relay packet
between two nodes which are far apart from each other and
convenience these nodes that they are neighbor.

EFFECTS OF THE ATTACK
• Selectively drop data packets
• Routing disruption
• Traffic analysis for information leaking.
• Bypasses and attracts a large amount of network traffic
• Collect and manipulate network traffic like modifying packets,
changing the sequence of packets, and etc.
• By analyzing collected network data, the attacker can perform many
other more aggressive attacks, such as man-in-the-middle attacks,
cipher breaking, protocol reverse engineering etc.

EXISTING SOLUTIONS TOWARDS
WORMHOLE ATTACKS
• Concept of geographical and temporal packet leashes
• Directional Antenna
• Connectivity Based Approach
• Transmission Time Based Mechanism
• LITEWORP and MOBIWORP
• Digital Signature based Approach
• Diffusion of Innovation theory based Approach
• Protocol Specific Solutions
• SAM (Statistical Analysis of Multipath)
• Graphical and Topological Information based Approaches

Method Requirements Comments
Packet Leaches Geographical
and Temporal
Loosely synchronized clocks
Straightforward solution but
has general limitations of GPS
technology
Directional Antennas
Nodes use specific ‘sectors’ of
their antennas to
communicate
with each other
It is not directly applicable to
other networks
Connectivity based
approaches
connectivity information and
need tightly synchronized
clocks
Requirements are not realistic
MOBIWORP and LITEWORP
Loosely synchronized clocks
and Central Authority
Applicable to static network
Digital Signature based
Nodes should know each
other’s Digital Signature
Computation time

Method Requirements Comments
Diffusion of Innovation Based Nodes confirmation
End to end delay is increased
Transmission Time based
Calculation of RTT between
nodes
Accuracy of RTT
Protocol Specific Modification in Protocols Works for specific protocols
SAM
Statistically calculation of
relative frequency of path
Non Multi hop path protocol
not supported
Graphical and topological
based
Miscellaneous Protocol specific, limitations

TECHNIQUE TO BE USED
• Introduced by Dong et al., named as WormPlaner
• Based on the planarity of graph, which is drawn based on the
connectivity information.
• No Special hardware or synchronization needed.
• WormPlanar exploits location free network planarization technique
to perform connectivity based wormhole detection to detect symptoms
of attack.

WORMPLANER
• A connected planarization topology is extracted from normal Network Graph.
• Planarization algorithm will fail in case of wormhole attack, so planarity can be
validated to confirm worm hole attack.
• WormPlaner Protocol has two stages, Local Planarity Test and Refinement process.
• Local planarity test is applied on each node to collect k-hop neighbors information.
• Then Planarization algorithm will be applied on each node’s neighborhood sub
graph.
• Nodes, failing planarity test will be suspected node and further refinement process
will be applied to detect sure wormhole nodes.
• Further, Refinement Process is applied to eliminate false positives.

WORMPLANER
Advantages
• Foolproof Solution
• Detects all malicious nodes
• No False positives
Limitation
• Merely detection is possible, no
avoidance solution

REFERENCES
• Aarti, S. S. T. (2013). Study of MANET: Characteristics, Challenges, Application and Security Attacks.
International Journal of Advanced Research in Computer Science and Software Engineering, 3(5).
• de Graaf, R., Hegazy, I., Horton, J., & Safavi-Naini, R. (2010). Distributed detection of wormhole attacks in
wireless sensor networks Ad Hoc Networks (pp. 208-223): Springer.
• Dong, D., Li, Z., Liu, Y., & Liao, X. (2009). Wormcircle: Connectivity-based wormhole detection in wireless ad hoc
and sensor networks. Paper presented at the Parallel and Distributed Systems (ICPADS), 2009 15th
International Conference on.
• Dong, D., Liao, X., Liu, Y., Li, X.-Y., & Pang, Z. (2013). Fine-grained location-free planarization in wireless sensor
networks. Mobile Computing, IEEE Transactions on, 12(5), 971-983.
• HAOYANG, H., FANYE, SONGWULU, ANDLIXIA ZHANG,. (2004). Security in mobile ad hoc networks:
Challenges and solutions UCLA Previously Published Works.
• Hu, L., & Evans, D. (2004). Using Directional Antennas to Prevent Wormhole Attacks. Paper presented at the
NDSS.
• Hu, Y.-C., Perrig, A., & Johnson, D. B. (2006). Wormhole attacks in wireless networks. Selected Areas in
Communications, IEEE Journal on, 24(2), 370-380.
• Jeroen Hoebeke, I. M., Bart Dhoedt and Piet Demeester. An Overview of Mobile Ad Hoc Networks: Applications
and Challenges.

REFERENCES
• Khalil, I., Bagchi, S., & Shroff, N. B. (2008). MOBIWORP: Mitigation of the wormhole attack in mobile multihop wireless networks. Ad Hoc
Networks, 6(3), 344-362.
• Khan, Z. A., & Islam, M. H. (2012, 8-9 Oct. 2012). Wormhole attack: A new detection technique. Paper presented at the Emerging
Technologies (ICET), 2012 International Conference on.
• Lazos, L., Poovendran, R., Meadows, C., Syverson, P., & Chang, L. (2005). Preventing wormhole attacks on wireless ad hoc networks: a
graph theoretic approach. Paper presented at the Wireless Communications and Networking Conference, 2005 IEEE.
• Özdemir, S., Meghdadi, M., & Güler, Ý. (2008). A time and trust based wormhole detection algorithm for wireless sensor networks. Paper
presented at the manuscript in Turkish), in 3rd Information Security and Cryptology Conference (ISC’08).
• Park, T., & Shin, K. G. (2004). LiSP: A lightweight security protocol for wireless sensor networks. ACM Transactions on Embedded
Computing Systems (TECS), 3(3), 634-660.
• Priyanka Goyal, V. P., Rahul Rishi. (2011). MANET: Vulnerabilities, Challenges, Attacks, Application. IJCEM International Journal of
Computational Engineering & Management, 11.
• Qian, L., Song, N., & Li, X. (2007). Detection of wormhole attacks in multi-path routed wireless ad hoc networks: a statistical analysis
approach. Journal of Network and Computer Applications, 30(1), 308-330.
• Rashid Sheikhl Mahakal Singh Chandee, D. K. M. (2010). Security Issues in MANET: A Review IEEE.
• Saurabh Upadhyaya, B. K. C. (2011). Impact of Wormhole Attacks on MANETs. International Journal of Computer Science & Emerging
Technologies, 2(1).

REFERENCES
• Shams Qazi, R. R., Yi Mu, Willy Susilo. (2013). Securing DSR against wormhole attacks in multirate ad hoc networks.
Journal of Network and Computer Applications.
• Tran Van Phuong, N. T. C., Young-Koo Lee, Sungyoung Lee, Heejo Lee. (2007). Transmission Time-based Mechanism to
Detect Wormhole Attacks Paper presented at the Asia-Pacific Services Computing Conference.
• Vani, A., & Rao, D. S. (2011). A Simple Algorithm for Detection and Removal of Wormhole Attacks for Secure Routing In
Ad Hoc Wireless Networks. International Journal on Computer Science and Engineering (IJCSE), 3(6), 2377-2384.
• Venkataraman, R., Pushpalatha, M., Rao, T. R., & Khemka, R. (2009). A graphtheoretic algorithm for detection of
multiple wormhole attacks in mobile ad hoc networks. International Journal of Recent Trends in Engineering (IJRTE),
1(2), 220-222.
• Wang, W., Bhargava, B., Lu, Y., & Wu, X. (2006). Defending against wormhole attacks in mobile ad hoc networks.
Wireless Communications and Mobile Computing, 6(4), 483-503.
• Xiaopei, L., Dezun, D., & Xiangke, L. (2013, 1-4 Oct. 2013). WormPlanar: Topological Planarization Based Wormhole
Detection in Wireless Networks. Paper presented at the Parallel Processing (ICPP), 2013 42nd International Conference
on.
• Xiaopei Lu, D. D., Xiangke Liao. (2013). WormPlanar: Topological Planarization based Wormhole Detection in
WirelessNetworks. Paper presented at the 42nd International Conference on Parallel Processing.