by Yih-Chun Hu, Adrian Perrig, and David B. Johnson
Abstract:
As mobile ad hoc network applications are deployed, security emerges as a central requirement. In this paper, we introduce the \emphwormhole attack, a severe attack in ad hoc networks that is particularly challenging to defend against. The wormhole attack is possible even if the attacker has not compromised any hosts, and even if all communication provides authenticity and confidentiality. In the wormhole attack, an attacker records packets (or bits) at one location in the network, tunnels them to another location, and retransmits them there into the network. The wormhole attack can form a serious threat in wireless networks, especially against many ad hoc network routing protocols and location-based wireless security systems. For example, most existing ad hoc network routing protocols, without some mechanism to defend against the wormhole attack, would be unable to find routes longer than one or two hops, severely disrupting communication. We present a new, general mechanism, called \emphpacket leashes, for detecting and thus defending against wormhole attacks, and we present a specific protocol, called \tik, that implements leashes.
Reference:
Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks. Yih-Chun Hu, Adrian Perrig, and David B. Johnson. In Proceedings of the IEEE Infocomm 2003.
Bibtex Entry:
@InProceedings{HuPeJo2003b,
author = {Yih-Chun Hu and Adrian Perrig and David B. Johnson},
title = {Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks},
url = {/publications/papers/infocom2003.pdf},
booktitle = {Proceedings of the IEEE Infocomm},
year = 2003,
month = {April},
abstract = {As mobile ad~hoc network applications are deployed,
security emerges as a central requirement.
In this paper, we introduce the \emph{wormhole attack},
a severe attack in ad~hoc networks that is particularly
challenging to defend against.
The wormhole attack is possible even if the attacker
has not compromised any hosts,
and even if all communication provides authenticity and confidentiality.
In the wormhole attack, an attacker records packets (or bits)
at one location in the network,
tunnels them to another location,
and retransmits them there into the network.
The wormhole attack can form a serious threat in wireless networks,
especially against many ad~hoc network routing protocols
and location-based wireless security systems.
For example, most existing ad~hoc network routing protocols,
without some mechanism to defend against the wormhole attack,
would be unable to find routes longer than one or two hops,
severely disrupting communication.
We present a new, general mechanism, called \emph{packet leashes},
for detecting and thus defending against wormhole attacks,
and we present a specific protocol, called \tik,
that implements leashes.}
}