TY - JOUR
T1 - CTAC
T2 - Control traffic tunneling attacks' countermeasures in mobile wireless networks
AU - Khalil, Issa
AU - Awad, Mamoun
AU - Khreishah, Abdallah
N1 - Funding Information:
Issa Khalil received the B.Sc. and the M.S. degrees from Jordan University of Science and Technology in 1994 and 1996 and the PhD degree from Purdue University, USA in 2006, all in Computer Engineering. Immediately thereafter he worked as a post-doctoral researcher at the Dependable Computing Systems Lab of Purdue University until he joined the Faculty of Information Technology (FIT) of the United Arab Emirates University (UAEU) in August 2007 where he now an associate professor. Khalil’s research interests span the areas of wireless and wireline communication networks. He is especially interested in security, routing, and performance of wireless Sensor, Ad Hoc and Mesh networks. His current research is funded by grants from National Research Foundation, Emirates Foundation, and United Arab Emirates University. Dr. Khalil served as the technical program co-chair of the 6th International Conference on Innovations in Information Technology and was appointed as a Technical Program Committee member and reviewer for many international conferences and journals. In June 2011 Khalil has been granted the FIT outstanding professor award for outstanding performance in research, teaching and service.
PY - 2012/9/28
Y1 - 2012/9/28
N2 - Multihop wireless ad hoc and sensor networks open the door for great networking opportunities especially in scenarios where it is infeasible or expensive to deploy significant networking infrastructure. However, the open communication media and the lack of networking infrastructure make these networks vulnerable to a wide range of security attacks. A particularly devastating attack is the control traffic tunneling attack, where a malicious node records control traffic at one location and tunnels it to a colluding node, possibly far away, which replays it locally. One of the control traffic attacks' incarnations is the wormhole attack that can be used to prevent route establishment by preventing nodes from discovering legitimate routes that are more than two hops away. These attacks have been addressed by many researchers, however, most of the presented work is either limited to static scenarios, require expensive hardware or suffer from high overhead and performance degradation. In this paper, we present a scalable countermeasure for the control traffic tunneling attack, called CTAC, which alleviates these drawbacks and efficiently mitigates the attack in both static and mobile networks. CTAC uses trusted nodes called cluster heads (CH) for global tracking of node locations and profile keeping. Local monitoring is used to detect and isolate malicious nodes locally. Additionally, when sufficient suspicion builds up at a CH, it enforces a global isolation of the malicious node from the whole network. The performance gain, the relatively low overhead, and the positive impact of CTAC on the data traffic fidelity are brought out through analysis and extensive simulation using ns-2. The results show that CTAC achieves higher detection ratio and faster isolation time while considerably decreases the overhead energy and the end-to-end delay compared to the state-of-the art schemes.
AB - Multihop wireless ad hoc and sensor networks open the door for great networking opportunities especially in scenarios where it is infeasible or expensive to deploy significant networking infrastructure. However, the open communication media and the lack of networking infrastructure make these networks vulnerable to a wide range of security attacks. A particularly devastating attack is the control traffic tunneling attack, where a malicious node records control traffic at one location and tunnels it to a colluding node, possibly far away, which replays it locally. One of the control traffic attacks' incarnations is the wormhole attack that can be used to prevent route establishment by preventing nodes from discovering legitimate routes that are more than two hops away. These attacks have been addressed by many researchers, however, most of the presented work is either limited to static scenarios, require expensive hardware or suffer from high overhead and performance degradation. In this paper, we present a scalable countermeasure for the control traffic tunneling attack, called CTAC, which alleviates these drawbacks and efficiently mitigates the attack in both static and mobile networks. CTAC uses trusted nodes called cluster heads (CH) for global tracking of node locations and profile keeping. Local monitoring is used to detect and isolate malicious nodes locally. Additionally, when sufficient suspicion builds up at a CH, it enforces a global isolation of the malicious node from the whole network. The performance gain, the relatively low overhead, and the positive impact of CTAC on the data traffic fidelity are brought out through analysis and extensive simulation using ns-2. The results show that CTAC achieves higher detection ratio and faster isolation time while considerably decreases the overhead energy and the end-to-end delay compared to the state-of-the art schemes.
KW - Control traffic tunneling
KW - Mobile ad hoc networks
KW - Neighbor watch
KW - Node isolation
KW - Secure neighbor discovery
KW - Wormhole attack
UR - http://www.scopus.com/inward/record.url?scp=84865798108&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84865798108&partnerID=8YFLogxK
U2 - 10.1016/j.comnet.2012.06.003
DO - 10.1016/j.comnet.2012.06.003
M3 - Article
AN - SCOPUS:84865798108
SN - 1389-1286
VL - 56
SP - 3300
EP - 3317
JO - Computer Networks
JF - Computer Networks
IS - 14
ER -