International Journal of Computer Engineering & Technology (IJCET)

Volume 7, Issue 3, May-June 2016, pp. 108117, Article ID: IJCET_07_03_010

Available online at
http://www.iaeme.com/IJCET/issues.asp?JType=IJCET&VType=7&IType=3
Journal Impact Factor (2016): 9.3590 (Calculated by GISI) www.jifactor.com
ISSN Print: 0976-6367 and ISSN Online: 09766375
IAEME Publication

CRYPTOGRAPHIC HASH KEY

ALGORITHM TO MITIGATE WORMHOLE
ATTACKS AND LURE CATCH
ALGORITHM TO BLOCK THE
ATTACKERS
Manpreet
Ph. D. Scholar, Department of Computer Science and Engineering
SunRise University, Alwar (Rajasthan), India
Dr. Anil Kumar Sharma
Professor and Principal
Institute of Engineering and Technology, Alwar-301030 (Rajasthan), India
ABSTRACT
Ad hoc networks are vulnerable to attacks due to mobility of nodes in a
dynamic network where nodes can its position at any point of time. In MANeT,
a lot of attacks can be initiated but most of them are comparatively easy to
detect because of their property of dramatically changing the network data. It
is very vital when considering security issues of MANET to consider wormhole
attack, which is complex to detect & can spoil important data by directing to
illegal nodes. It consists of two malicious nodes and a tunnel among them
through which an attacker tunnel the data. In the route discovery process, a
wormhole can relay route request and response messages between far-away
nodes, creating the manifestation of shorter path to destination. Since the
wormhole can be at anyplace along a path, a source will have to identify it
when a node sets up the route. Many protocols have been proposed, their
confrontation towards various types of security attacks and efficiency are key
point of concern in implementing these protocols. In this paper, we use
cryptographic hash code to verify the credentials of each node and lure the
faulty node with pre-known route to remove the malicious node from the
network.
Key words: Cryptography, Hash Code, MANeT, RREQ, Wormhole attack.

http://www.iaeme.com/IJCET/index.asp

108

editor@iaeme.com

Cryptographic Hash Key Algorithm to Mitigate Wormhole Attacks and Lure Catch Algorithm
to Block the Attackers

Cite this Article: Manpreet and Dr. Anil Kumar Sharma, Cryptographic Hash
Key Algorithm to Mitigate Wormhole Attacks and Lure Catch Algorithm to
Block the Attackers, International Journal of Computer Engineering and
Technology, 7(3), 2016, pp. 108117.
http://www.iaeme.com/IJCET/issues.asp?JType=IJCET&VType=7&IType=3

INTRODUCTION
MANeT is a growing technology which is offering solution to variety of application
areas such as health care, military and industry because of its dynamicity and adaption
to changes quickly as and when required. Generally these nodes are wireless and it
also includes the sensors like GPS to broadcast their location for shortest route
discovery or highly synchronized clocks by detecting the packet sending time as well
as packet receiving time which calculates the distance with the help of network speed.
These different techniques are working perfectly in the standard situation but lacks up
to a certain limit in the presence of latency or entire area is fully covered with highly
accurate GPS devices. Along with the positivity of sensors, a negativity too involves
with sensor devices which exposed the network to variety of attacks. Conventional
security mechanisms are not suitable for MANeTs as they are usually heavy and
nodes are limited.
The importance of wormhole attacks is vital as it can occur to all types of wireless
networks. Therefore, identifying the possibility of wormhole attacks and methods to
protect against these attacks are important to the security of wireless networks as a
whole. As a wormhole attack challenges higher-level protocols, most effective
procedures to detect such attacks are based on looking for inconsistencies in
measurements performed at the physical layer. The medium for information to travel
on wireless networks is air and in a sense, without physical boundary makes wireless
networks more vulnerable than wired networks to security attacks like eavesdropping,
man-in-the-middle, etc. that might have been better protected against in wired
networks. It is also more difficult to come up with security measures of protecting
data that flows through the air.

WORMHOLE ATTACK
Wormhole attack is a relay-based attack that can disrupt the routing protocol and
therefore disrupt or breakdown a network and this is the reason the attacks are serious.
There are 4 steps to explain about a general wormhole attack.

An attacker has two trusted nodes (or two colluded attackers each has one node) in
two different locations of a network with a direct link between the two nodes.

The attacker records packets at one location of a network.

The attacker then tunnels the recorded packets to a different location.
The attacker re-transmits those packets back into the network location from step 1.

http://www.iaeme.com/IJCET/index.asp

109

editor@iaeme.com

Manpreet and Dr. Anil Kumar Sharma

Figure.1: Illustration of Wireless Sensor Network

Figure 1 shows an example of a wormhole attack. Let us assume that network A

and B are not neighbors. However, X and Y are the wormhole nodes that are
connected through a wormhole link that is created by the attacker. Due to this attack,
node A and B consider them as neighbors by sending routing messages. The attacker
can choose to disrupt communications between A and B. Overall; the routes in the
network can be re-arranged when the attack occurs during protocol discovery phase.
For example, using figure 1, we can see that packets from protocol discovery phase
will get from node A to node B fastest if going through the wormhole link since it has
the smallest number of hops. This causes the disruption of the routing protocol and
brings severe damage to the network.
It can be launched without having the cryptographic keys. Some harmful effects
of wormhole are as follow: selectively drop data packets, routing disruption in which
attackers prevent discovery of legitimate route and traffic analysis for information
leaking. Now, let us discuss that how wormhole attack can be launched in wireless
network: It can be launched by four ways

Packet Encapsulation: In which one malicious node encapsulates the route request
and sends it to colliding node which decapsulate it and forwards the route request
(RREQ) packet.
Out-of-Band: In Out-of-Band, two malicious nodes sends route request (RREQ)
between them by using the long range directional wireless link or direct wired link.
High-Power-Transmission: In high power transmission a malicious node get a route
request (RREQ) and broadcast that request with high power level. Any other node
that hears the high power broadcast must be a malicious node so it receives that route
request and again rebroadcast towards the destination.
Packet Relay: I n packet relay two malicious nodes relay packet between two nodes
which are far apart from each other and convenience these nodes that they are
neighbor.

In an infrastructure based wireless network, the two nodes that form the wormhole
link can be two rogue access points. A rogue access point is an access point that is not
authorized to be in a wireless network and is usually setup by an attacker to sniff the
traffic or to do with attacks that the attacker launches. The attacker has two rogue
http://www.iaeme.com/IJCET/index.asp

110

editor@iaeme.com

Cryptographic Hash Key Algorithm to Mitigate Wormhole Attacks and Lure Catch Algorithm
to Block the Attackers

access points in the infrastructure based wireless network. The essential point remains
the same and that is packets from one rogue access point will be getting to the other
rogue access point faster than other routes as to create a false idea that two end-point
devices are close to each other when they are not. The attacker has the control over
the rogue access points so he/she can launch wormhole attacks without the need to
worry about cryptographic keys or the need to compromise any legitimate node in the
network.

RELATED WORK
Maria A. Gorlatova, Peter C. Mason, Maoyu Wang, Louise Lamont, Ramiro Liscano
in Detecting Wormhole Attacks in Mobile Ad Hoc Networks through Protocol
Breaking and Packet Timing Analysis, has introduced the Wormhole attacks
detection by timing analysis. A lot of search has been done to detect and protect
against wormhole attacks and more research and protection methods are continued to
be developed. So far most of them focus on ad-hoc or sensor wireless networks.
However, there is some research done in infrastructure based wireless networks in
recent years.
X. Wang and J. Wong, In An end-to-end detection of wormhole attack in
wireless ad-hoc networks, the authors calculate the minimum number of hops to
reach the destination by measuring its geographical location using GPS.
M. Rafiqul Alam and K. S. Chan, In RTT-TC: A topological comparison based
method to detect wormhole attacks in MANeT, use the average RTT(Round Trip
Time) to identify the attack and then compare the neighbor list of the fake neighbors
in process to detect it.
E. Alata, V. Nicomette, M. Kaaniche, M. Dacier, and M. Herrb, In Lessons
learned from the deployment of a high interaction honeypot, provides a in-depth
understanding of way the attackers behave by observing their interactions with a high
interaction honeypot.
I. Mokube and M. Adams, In Honeypots: concepts, approaches, and challenges,
the authors have elucidated the different kinds of honeypot and approach to
implement them and also the legal issues and challenges to be taken into
consideration when a honeypot is implemented.
A. Prathapani, L. Santhanam, and D. Agrawal, In Intelligent honeypot agent for
blackhole attack detection in wireless mesh networks, the author has identified a
honeypot based method to find the blackhole attack in infrastructure based Wireless
Mesh Network using virtual honeypots.
Other approach which was proposed in (Rasheed & Mahapatra, 2009) uses mobile
sink ,it will be suitable for only some kinds of applications which required MS and
also applies additional hardware in order to provide its mobility. Also, it applies
multiple channel radio transmission which may not be available for all kinds of nodes.
Jakob Erikson, Shrikanth V. Krishnamurty and Michalis Faloutos proposed a
countermeasure for wormhole attack in a wireless network. They proposed TrueLink
Protocol for defending wormhole attack. It checks bidirectionality of links. It enables
a node to verify adjacency of apparent neighbor. It uses a combination of timing and
authentication. It uses together with secure routing protocol. Therefore underling this
assumption made the proposed method not suitable for many application of WSNs
which do not have reliable media to transfer neighbor list to the base. There are
methods proposed preventing wormholes like attacks in ad-hoc networks by verifying
physical presence of neighbors.
http://www.iaeme.com/IJCET/index.asp

111

editor@iaeme.com

Manpreet and Dr. Anil Kumar Sharma

PROPOSED SYSTEM
In order to mitigate effect of wormhole attack in MANeT network, a neighbor
discovery process has been proposed. There are some criteria to determine whether
wormhole attack is performing in the network or not. Some methods use statistical
approach. They find dramatic changes in the certain statistical patterns and then
decide on existence of wormhole in the network. Longer propagation can be another
symptom of wormhole existence. Additionally we can determine the existence of
wormhole in the network by checking the parameters such as bigger transmission
range than that of normal condition, and previous node is not a neighbor as well. The
proposed method is based on the fact that mentioned wormhole data comes from
unauthorized and illegal neighbors.
To avoid the wormhole attack in mobile ad hoc network, it is assumed that each
legitimate node shares the digital signature of every node in the network and
malicious node does not have its own digital signature. When the sender broadcast the
route request (RREQ) it also add its digital signature in signature column of packet
header, all the nodes which received that request compare the signature of sending
nodes from its database which contains the signature of all nodes in the network, If
the signature is matched that means the sender is legitimate node so receiving node
also add its signature in signature column of header and again broadcast that request.
The process is repeated again and again until that route request (RREQ) reached at
its destination. If the route request reached at destination is legal then destination node
unicast route reply following the same route through which it received route request.
If there is presence of any malicious node in the path, it receives route request and
sends it to next node. The node that receives packet from malicious node found that
signature column of packet header which either contains duplicate digital signature of
previous node or no digital signature because the malicious node does not have its
own digital signature. The node that receives the request from malicious node verifies
the request, it found any duplicity and absence of digital signature so it discard the
request and inform to all node in the network about the malicious node and all other
nodes in the network feeds that information in their database. Along with it, further
the proposed method works in two phases. They are the neighbor discovery phase and
the encryption phase. The discovery phase starts with every node in network, say A.
It sends a HELLO message to the all one hope neighbors in the network. This
broadcasted message contains source address and its own public key, which is
broadcasted to all nodes. In response to this message, every authentic neighbor sent
their own public key to A. Receiver public key of one hop neighbor sent in the
encrypted message format. This message contains source ID, public key of B
encrypted with the public key of A and destination address. When the node A want
to send data to B then A encrypt data with public key of B and this data again
encrypted with the private key of sender i.e. A. When receiver B receives data
from the sender A then first B decrypt data with public key of sender A and
remaining data is decrypted with its own private key. In this way secure
communication is done. For encryption and decryption purposes we use the RSA
technique. Every node should share its public key with its neighbors during neighbor
discovery phase. Thus the first phase helps in recognizing the neighbors. Then the
proposed system undergoes the encryption phase which comprises of another two
phases: Encryption and authentication, Decryption and Verification. Confidentiality is
the ability of hiding message to an unauthorized attacker. It means that if an illegal
and unauthorized adversary access to the message, it cannot understand it.

http://www.iaeme.com/IJCET/index.asp

112

editor@iaeme.com

Cryptographic Hash Key Algorithm to Mitigate Wormhole Attacks and Lure Catch Algorithm
to Block the Attackers

Authentication is ability to identify the reliability of message origin. In encryption, the

data to be sent is encrypted with the public key of the receiver and the hash of data is
added with the encrypted data which is then encrypted with the private key of the
sender. The hash of data taken contributes to authentication.
Data Transmitted by node is in encrypted form as
Encrypt ( KSPR Encrypt ( KRPE, D)) + Encrypt (KSPR, H(D))
Where E is public key encryption function, KSPR is private key of sender node,
KRPE is public key of Receiving Node, H (M) is hash function to calculate message
digest.
Public KeyR

Private KeyS

Data

Data to send
E

Figure 2: Encryption and Authentication

Integrity provides a mechanism in order to know whether the message had been
tampered or not. The received data gets decrypted by the receiver using the private
key of the receiver. The hash values are compared with the public key of the sender. If
the hash values are equal then the message gets verified.
D

D(H)

Received Data
Accept if Equal
=?

Figure 3: Decryption and Verification

Thus the combined action of the two phases eliminated pretending identity of
neighbor node completely even if attacker in present at time of neighbor discovery. If
node receives data with false digest value then it declares packet received through
wormhole node and discards packet. It also discards routing entry for wormhole node.
Further, the techniques available so far are dependable on some external sources like
GPS or highly synchronized clock system and that too in the absence of jitter and
standard conditions and they too capable of detecting the wormhole attack not
removing them from the network. So, I proposed lure and catch algorithm to remove
the malicious node from the network to avoid the attack from the same node in future,
A sample and fake data is to be sent among a predefined route with a non existing
http://www.iaeme.com/IJCET/index.asp

113

editor@iaeme.com

Manpreet and Dr. Anil Kumar Sharma

destination node which is set outside the network and decided among all nodes who
participated in the MANeT dynamic network so that even not in the presence of
shortest route, it follows the preferred route and no node is disturbing it to follow this
route. But is a node is malicious, it starts disturbing it to change the route of said
packet through it. But as our node is following the predefined route, malicious node
start changing its position to get closer to it and finally throws out of the network as
the destination node is not exist at all.
Source

Destination

Network

WH Node

Figure.4 MANeT Dynamic Network

SIMULATION AND RESULTS

To evaluate the effectiveness of proposed scheme, we simulate the scheme using
network simulator version 2 (NS2). In simulation, we used the number of nodes as 20
and carried out simulation 5 times on every scenario at different time intervals and get
the results. We implement the random way point movement model for simulation in
which nodes start at 0 position with simulation time 25 seconds, PDR values varies
from 0 to 1, delay values 15 to 37, with all the three cases i.e. case including
wormhole attack network and after implementing cryptographic hash code and after
using lure catch algorithm.

Figure.5: Graph of Simulation Time vs Delay Values (With All Three Cases)

http://www.iaeme.com/IJCET/index.asp

114

editor@iaeme.com

Cryptographic Hash Key Algorithm to Mitigate Wormhole Attacks and Lure Catch Algorithm
to Block the Attackers

Figure.6: Graph of Simulation Time vs Packet Delivery Ratio (With All Three Cases)

Figure.7: Graph of Simulation Time vs Throughput (With All Three Cases)

Figure. 8: Comparison between percentages of genuine RREQs dropped with and without
Honeypots.

http://www.iaeme.com/IJCET/index.asp

115

editor@iaeme.com

Manpreet and Dr. Anil Kumar Sharma

Figure 9: Graph showing the increase in genuine RREQs delivery ratio by using Honeypots.

CONCLUSION
Wormhole attacks have been identified as attacks that can be powerful and can cause
severe damage to the network. It is not something that can be taken lightly.
Methodologies for detecting and protecting against these attacks have been proposed
mainly for ad-hoc and sensor networks. It is new for infrastructure based networks.
However, it is not less significant. Therefore it was mentioned a possible strategy in
detecting and protecting against wormhole attacks by combining the cryptography
hash code algorithm and lure catch technique to mitigate wormhole attacks, and
maybe other attacks in infrastructure based wireless networks by focusing on
identifying rogue access pints in infrastructure based wireless networks.

REFERENCES
[1]

Ali
modirkhazeni,
Saeedeh
Aghamahamoodi,
and
Naghmeh
Niknejad,Distributed Approach To Mitigate Wormhole Attack in Wireless
Sensor Network ,2011IEEE , page no. 122-128

[2]

Dhara Buch, Devesh Jinwala Detection of wormhole attack in Wireless Sensor,

Proc of international conference on Advances in Recent Technologies In
communication computing 2011, Page no. 7-14.

[3]

Prabhudatta Mohanty, Sangram Panigrahi, Nityananda Sharma and Siddhartha

Sankar Satapathy,Security Issues In Wireless Sensor Network Data Gathering
Protocols : A Survey Journal of Theoretical & Applied Information Technology
2005-2010 JATIT, Page no. 14-27

[4]

X. Wang and J. Wong, An end-to-end detection of wormhole attack in wireless

ad-hoc networks, in Computer Software and Applications Conference,
COMPSAC 2007. 31st Annual International, vol. 1, july 2007, pp. 39 48.

[5]

M. Rafiqul Alam and K. S. Chan, RTT-TC: A topological comparison based

method to detect wormhole attacks in manet, in Communication Technology
(ICCT), 12th IEEE International Conference, nov. 2010, pp. 991 994.

http://www.iaeme.com/IJCET/index.asp

116

editor@iaeme.com

Cryptographic Hash Key Algorithm to Mitigate Wormhole Attacks and Lure Catch Algorithm
to Block the Attackers
[6]

E. Alata, V. Nicomette, M. Kaaniche, M. Dacier, and M. Herrb, Lessons learned

from the deployment of a highinteraction honeypot, in Dependable Computing
Conference, EDCC 06. Sixth European, 2006.

[7]

I. Mokube and M. Adams, Honeypots: concepts, approaches, and challenges, in

Proceedings of the 45th annual southeast regional conference. New York, USA:
ACM, 2007.

[8]

A. Prathapani, L. Santhanam, and D. Agrawal, Intelligent honeypot agent for

blackhole attack detection in wireless mesh networks, in Mobile Adhoc and
Sensor Systems, 2009. MASS 09. IEEE 6th International Conference, oct. 2009,
pp. 753 758.

[9]

Verifying Physical Presence of Neighbors against Replay-based Attacks in

Wireless Networks, Turgay Korkmaz, 2005

[10]

Methodology for Securing Wireless LANs Against Wormhole Attack, V. S.

Shankar Sriram, Ashish Praptap Singh and G. Sahoo, 2009

[11]

LITE WORP: A lightweight Countermeasure for the Wormhole Attack in

Multihop Wireless Networks, Issa Khalil, Saurabh Bagchi and Ness B. Shroff,
2007

[12]

Analysis of Detecting Wormhole Attacks in Wireless Networks, Khin Sandar

Win, 2009

[13]

DAWWSEN: A Defense Mechanism Against Wormhole Attacks in Wireless

Sensor Networks, Rouba El Kaissi, Ayman Kayssi, Ali Chehab and Zaher Dawy,
2005.

[14]

A Secure Routing Protocol for Ad-hoc Networks, B. Dahill, B. N. Levine, E.

Royer and C. Shields, 2001

[15]

Secure Routing for Mobile Ad Hoc Networks, P. Papadimitratos and Z. Haas,

2002 [8]Detecting and Avoiding Wormhole Attacks in Wireless Ad Hoc
Networks, Farid Nat-Abdesselam, Brahim Bensaou and Tarik Taleb, 2007

[16]

Defending against Wormhole attacks in Mobile Ad Hoc Networks, Weichao

Wang, Bharat Bhargava, Yi Lu and Xiaoxin Wu, 2006

[17]

Detecting Wormhole Attacks in Wireless networks Using Connectivity

Information, Ritesh Maheshwari, Jie Gao and Samir R Das, 2007

[18]

Statistical Wormhole Detection in Sensor Networks, Levente Buttyn, Lszl

Dra and Istvn Vajda, 2007.

[19]

Akshatha M M, Lokesh B and Nuthan A C, A Novel Technique of Visual

Cryptography for Maintaining the Security of Visual Information Transaction,
International Journal of Computer Engineering and Technology, 5(8), 2014, pp.
194199.

[20]

Swati R. Salunke and Prof. S. Pratap Singh, Hybrid Cryptography Algorithms for
Secure Eaack in MANeT, International Journal of Computer Engineering and
Technology, 5(7), 2014, pp. 4347.

http://www.iaeme.com/IJCET/index.asp

117

editor@iaeme.com