International Journal of Computer Applications (0975 – 8887) Volume 19– No.5, April 2011 24 Rendering Wormhole Attacks Trivial using the Scalability Features of a Geocasting Protocol Appavoo Paramasiven University of Mauritius Réduit Mauritius ABSTRACT A number of attacks exist at the network layer, i.e. against routing protocols. One of the most severe attacks is the wormhole attack, which consists of at least two colluding attackers, located at multi-hops distance, that are connected via some unusual means. The attackers replay messages heard at one side to the other side of the network. When this type of attack remains undetected, nodes have the only ability of communicating with at most two-hops neighbor nodes. The detection mechanisms included cryptographic methods and at times the role of specialized nodes which imply either resource-hungry computations or the battery depletion of certain nodes respectively. In this paper, the study of a scalable geocasting routing protocol reveals the required properties, without any costly attack detection mechanism, that render wormhole attacks trivial in a large ad hoc network. General Terms Security, ad hoc network, routing protocol Keywords Wormhole, attack, ad hoc, network, scalability, geocasting, security, routing 1. INTRODUCTION 1.1 Routing protocols in MANETs A number of routing protocols were developed depending on certain contexts. They can be broadly classified as unicast or multicast, static or adaptive, proactive or reactive or hybrid, flat or clustered or hierarchical, source routing and geographical. Route discoveries may based on a number of parameters, for example, signal strength, direction of movement, location of destination… In line with the development of routing protocols, a number of attacks emerged. It is implied that if attacks on wireless ad hoc routing protocols critically impact on the communication of nodes, then as the network tends to become larger, the scalability of such protocols is drastically affected. One of the most severe attacks is known as the wormhole attack. 1.2 Scalability of ad hoc routing protocols Scalability of a routing protocol is whether an acceptable level of delay is maintained as the ad hoc network grows. This is directly related to the number of messages being exchanged as control messages for (1) establishing new routes, and (2) maintaining existing routes. [1, 2] stated that the size of the update message and the frequency of sending the update must be reduced as far as possible. The maintenance of routes needs to be performed in a localized manner. The scalability of different routing methods is given in [3]. It was noted that hierarchical routing and reactive schemes are preferred to flat routing and proactive schemes respectively. However, hierarchical routing tends to have specialized nodes whose resources deplete quicker than other nodes of the network. 1.3 Anatomy of the wormhole attack The wormhole attack is illustrated in figure 1, where the attackers are A 1 and A 2 . A 1 tunnels whatever message is heard to A 2 , on the other side of the network. The latter then replayed the message to its neighbors. The communication channel between the two colluding attackers may be directed antennas or wire. In cases where route discovery procedures were successful and included the wormhole link A 1 A 2 , all packets sent can be dropped and thus causing denial of service or major network disruptions. A 2 A 1 Node Attackers Node Wormhole Figure 1. Wormhole attack in ad hoc network