Abstract
A prudent attacker tries to maximize profits during an attack, taking into account the investment cost for carrying out the attack; a cost which always exists. This includes the effort of information gathering, the energy and work needed to develop the attack, the risk of being exposed etc. The wormhole attack, in which a non-existent path is augmented to the network coaxing naive nodes to route traffic through the attackers, is accepted as one of the most destructive attacks in ad-hoc networks (e.g. MANETs, IoT, WSN, UAVs etc.). This research proposes a method to maximize the profit of the attack and challenges the axiomatic assumption of the wormhole attack protocol. We show that up to a specific point, there is a simpler alternative to the attack that does not require the creation of an additional fictitious link; yet, achieves optimal attack coverage. Simulating multiple network node/edge combinations in NS3, demonstrates how the benefit of every additional dedicated wormhole link is actually small and diminishes as link density increases. Our alternative, based on centrality measures, decreases the chance of being detected by IDS/IPS as no active topology manipulation is taking place.
Original language | English |
---|---|
Article number | 103286 |
Journal | Ad Hoc Networks |
Volume | 151 |
DOIs | |
State | Published - 1 Dec 2023 |
Externally published | Yes |
Keywords
- Ad-hoc networks
- Betweenness centrality
- Wormhole attack
ASJC Scopus subject areas
- Software
- Hardware and Architecture
- Computer Networks and Communications