| Hi-index | 0.00 |
Colluding malicious insider nodes with no special hardware capability can use packet encapsulation and tunneling to create bogus shortcuts (in-band wormholes) in routing paths and influence data traffic to flow through them. This is a particularly hard attack using which even a handful of malicious nodes can conduct data traffic analysis of packets or disrupt connections by dropping packets when needed. Simulation analysis shows that a disproportionately large amount of traffic goes through routes with wormholes even when a secure routing protocol (SRP) such as Ariadne is used. To mitigate such attacks and augment existing on demand SRPs, distributed packet filtering techniques based on statistical profiling of control packet propagation speeds are proposed. These techniques do not require network-wide synchronized clocks or new packet transmissions and need only simple computations by the sources or the destinations of the connections. The proposed packet filters together with Ariadne are implemented in the Glomosim simulator and their effectiveness is evaluated. The simulation results indicate that the proposed packet filters can reduce the in-band wormhole creation and their usage by a factor of 2--10. Also, the false alarm rates of the proposed techniques are very low and have little impact on normal network throughput, making them practical for mobile ad hoc networks. Copyright © 2008 John Wiley & Sons, Ltd.