In-Band Wormholes and Countermeasures in OLSR Networks

Peter  Kruus; Dan Sterne; Richard  Gopaul; Michael  Heyman; Brian  Rivera; Brian Luu; Peter  Budulas; Tommy Johnson; Natalie Ivanic; Geoff  Lawler

2nd International ICST Conference on Security and Privacy in Comunication Networks

Research Article

In-Band Wormholes and Countermeasures in OLSR Networks

Cite: BibTeX Plain Text

@INPROCEEDINGS{10.1109/SECCOMW.2006.359551,
    author={Peter  Kruus and Dan Sterne and Richard  Gopaul and Michael  Heyman and Brian  Rivera and Brian Luu and Peter  Budulas and Tommy Johnson and Natalie Ivanic and Geoff  Lawler},
    title={In-Band Wormholes and Countermeasures in OLSR Networks},
    proceedings={2nd International ICST Conference on Security and Privacy in Comunication Networks},
    publisher={IEEE},
    proceedings_a={SECURECOMM},
    year={2007},
    month={5},
    keywords={Computer network security routing mobile communications reachability analysis wormhole.},
    doi={10.1109/SECCOMW.2006.359551}
}

Peter Kruus
Dan Sterne
Richard Gopaul
Michael Heyman
Brian Rivera
Brian Luu
Peter Budulas
Tommy Johnson
Natalie Ivanic
Geoff Lawler
Year: 2007
In-Band Wormholes and Countermeasures in OLSR Networks
SECURECOMM
IEEE
DOI: 10.1109/SECCOMW.2006.359551

Peter Kruus¹, Dan Sterne¹, Richard Gopaul², Michael Heyman¹, Brian Rivera², Brian Luu¹, Peter Budulas², Tommy Johnson¹, Natalie Ivanic², Geoff Lawler¹

1: SPARTA, Inc.
2: U.S. Army Research Laboratory

Abstract

In a wormhole attack, colluding nodes create the illusion that two remote regions of a MANET are directly connected through nodes that appear to be neighbors, but are actually distant from each other. This undermines shortest-path routing calculations, allowing the attacking nodes to attract traffic, which can then be manipulated. Prior research has concentrated on out-of-band wormholes, which covertly connect the purported neighbors via a separate wireline network or RF channel. We present a detailed description of in-band wormholes in OLSR networks. These connect the purported neighbors via covert, multi-hop tunnels. In-band wormholes are an important threat because they do not require specialized hardware and can be launched by any node in the MANET. Moreover, unlike out-of-band wormholes, in-band wormholes consume network capacity, inherently degrading service. We explain the conditions under which an in-band wormhole will collapse and how it can be made collapse resilient. We identify the self-contained and extended forms of in-band wormholes and present wormhole gravitational analysis, a technique for comparing the effect of wormholes on the network. Finally, we identify potential countermeasures for preventing and detecting in-band wormholes based on packet loss rates, packet delays, and topological characteristics, and we describe the results of initial laboratory experiments to assess their effectiveness

Keywords: Computer network security routing mobile communications reachability analysis wormhole.

Published: 2007-05-15
Publisher: IEEE

: http://dx.doi.org/10.1109/SECCOMW.2006.359551