Life Science Journal 2014;11(10s) http://www.lifesciencesite.com 636 Packet Travel Time based Mechanism for Detection and Mitigation against Wormhole Attack in AODV for MANETs Ali Hassan, Syed Ahsan, Saleh Alshomrani, Adel Alshamrani Faculty of Computing and Information Technology, King Abdulaziz University, North Jeddah Branch, KSA Abstract: Wormhole Attack can significantly impede performance of any Mobile Ad hoc Network (MANET) by disrupting its normal routing operations. Such attack can be launched even if the network communication provides confidentiality and authenticity. Wormhole Attack usually involves two or more malicious nodes located at different physical locations which collude by disseminating incorrect routing information in order to attract data traffic to traverse through them. As result, malicious nodes have the option to drop the packets or deliver them. In this paper, an efficient algorithm has been presented for defending against wormhole attacks. The proposed mechanism is called Packet Travel Time (PTT), which enables nodes in the network to monitor how their neighbors behave and thus can detect and avoid forwarding their application traffic to go through suspected wormhole link. Simulation results have been presented to illustrate the effectiveness of the proposed algorithm. For evaluation purposes, AODV protocol has been considered as a routing protocol for MANETs. [Ali Hassan, Syed Ahsan, Saleh Alshomrani, Adel Alshamrani. Packet Travel Time based Mechanism for Detection and Mitigation against Wormhole Attack in AODV for MANETs. Life Sci J 2014;11(10s):636-641]. (ISSN:1097-8135). http://www.lifesciencesite.com . 124 Keywords: Packet travel time, Wormhole attack, MANET, Ad hoc Networks 1. Introduction Mobile Ad-hoc network (MANET) is formed by a collection of wireless nodes that communicate with each other without the existence of a central station to manage their communications. In MANET, there is no need for centralized base stations, access points, and servers; any participating device can route traffic in such network. MANETs have various types of applications such as military systems, natural disasters mitigation, health environmental control, emergency deployment, and video conferencing etc. [1][2][3]. For these types of application scenarios which are inherently decentralized, the ease of setting up a network, time efficient configuration and self- organization makes MANETs a suitable candidate for communication. However, decentralized nature of MANETs makes it more vulnerable to various security threats and breaches. Since both legitimate users and attackers can access wireless medium without any supervisory control, this further exacerbates security and privacy concerns. Wormhole attack is classified as a critical security threat for MANETs. In wormhole attack, malicious nodes in the network establish a link between each other either by connecting through a high bandwidth wired link or using high powered omnidirectional antennas. Once, the wormhole link has been established, the adversary eavesdrop messages at one end, and then tunnel them to another different location in the network through the wormhole link. Packets can be tunneled by encapsulating them, using an out-of-bound high power link. During route discovery phase, they give an impression to the source that they are only one hop away from the destination and thus the path traversing through them (wormhole link) presents the most favorable route for data transmission. This result in more data traffic diverted towards this wormhole link, giving malicious nodes an option to simply drop packets [4][5]. 2. Aodv Routing Protocol Ad hoc On-Demand Distance Vector (AODV) is a reactive routing protocol for MANETs which establishes a route from source to destination node only when required. In AODV, source initiates route discovery process by disseminating Route Request (RREQ) messages to its neighboring nodes for requesting a path to destination. Each node receiving RREQ packet first sets up a reverse route towards the source. In case it has a valid route towards destination, it replies back to the source otherwise it re-broadcasts this RREQ packet till it reaches destination [6][7]. Intermediate or destination node responds to RREQ messages by sending Route Reply (RREP) packet back to the source [8]. Therefore, on completion of route discovery phase, a single shortest path from source to destination can be found. Hello Messages are used for link maintenance and to determine neighbor connectivity. AODV routing protocol uses a destination sequence number to determine an up to date path to the destination. Each node updates its path to destination only if the destination sequence number of the received packet is greater than the last destination sequence number stored at the node [9]. In wormhole attack, malicious nodes use a high speed link, which results in RREQ packets traversing