CTAC: Control traffic tunneling attacks' countermeasures in mobile wireless networks

Issa Khalil, Mamoun Awad, Abdallah Khreishah

Research output: Contribution to journalArticlepeer-review

9 Scopus citations


Multihop wireless ad hoc and sensor networks open the door for great networking opportunities especially in scenarios where it is infeasible or expensive to deploy significant networking infrastructure. However, the open communication media and the lack of networking infrastructure make these networks vulnerable to a wide range of security attacks. A particularly devastating attack is the control traffic tunneling attack, where a malicious node records control traffic at one location and tunnels it to a colluding node, possibly far away, which replays it locally. One of the control traffic attacks' incarnations is the wormhole attack that can be used to prevent route establishment by preventing nodes from discovering legitimate routes that are more than two hops away. These attacks have been addressed by many researchers, however, most of the presented work is either limited to static scenarios, require expensive hardware or suffer from high overhead and performance degradation. In this paper, we present a scalable countermeasure for the control traffic tunneling attack, called CTAC, which alleviates these drawbacks and efficiently mitigates the attack in both static and mobile networks. CTAC uses trusted nodes called cluster heads (CH) for global tracking of node locations and profile keeping. Local monitoring is used to detect and isolate malicious nodes locally. Additionally, when sufficient suspicion builds up at a CH, it enforces a global isolation of the malicious node from the whole network. The performance gain, the relatively low overhead, and the positive impact of CTAC on the data traffic fidelity are brought out through analysis and extensive simulation using ns-2. The results show that CTAC achieves higher detection ratio and faster isolation time while considerably decreases the overhead energy and the end-to-end delay compared to the state-of-the art schemes.

Original languageEnglish (US)
Pages (from-to)3300-3317
Number of pages18
JournalComputer Networks
Issue number14
StatePublished - Sep 28 2012
Externally publishedYes

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications


  • Control traffic tunneling
  • Mobile ad hoc networks
  • Neighbor watch
  • Node isolation
  • Secure neighbor discovery
  • Wormhole attack


Dive into the research topics of 'CTAC: Control traffic tunneling attacks' countermeasures in mobile wireless networks'. Together they form a unique fingerprint.

Cite this