MobiWorp: Mitigation of the wormhole attack in mobile multihop wireless networks

Issa Khalil, Saurabh Bagchi, Ness B. Shroff

    Research output: Contribution to journalArticlepeer-review

    75 Citations (Scopus)


    In multihop wireless systems, the need for cooperation among nodes to relay each other's packets exposes them to a wide range of security attacks. A particularly devastating attack is the wormhole attack, where a malicious node records control traffic at one location and tunnels it to a colluding node, possibly far away, which replays it locally. This can have an adverse effect on route establishment by preventing nodes from discovering legitimate routes that are more than two hops away. Previous works on tolerating wormhole attacks have focused only on detection and used specialized hardware, such as directional antennas or extremely accurate clocks. More recent work has addressed the problem of locally isolating the malicious nodes. However, all of this work has been done in the context of static networks due to the difficulty of secure neighbor discovery with mobile nodes. The existing work on secure neighbor discovery has limitations in accuracy, resource requirements, and applicability to ad hoc and sensor networks. In this paper, we present a countermeasure for the wormhole attack, called MobiWorp, which alleviates these drawbacks and efficiently mitigates the wormhole attack in mobile networks. MobiWorp uses a secure central authority (CA) for global tracking of node positions. Local monitoring is used to detect and isolate malicious nodes locally. Additionally, when sufficient suspicion builds up at the CA, it enforces a global isolation of the malicious node from the whole network. The effect of MobiWorp on the data traffic and the fidelity of detection is brought out through extensive simulation using ns-2. The results show that as time progresses, the data packet drop ratio goes to zero with MobiWorp due the capability of MobiWorp to detect, diagnose and isolate malicious nodes. With an appropriate choice of design parameters, MobiWorp is shown to completely eliminate framing of a legitimate node by malicious nodes, at the cost of a slight increase in the drop ratio. The results also show that increasing mobility of the nodes degrades the performance of MobiWorp.

    Original languageEnglish
    Pages (from-to)344-362
    Number of pages19
    JournalAd Hoc Networks
    Issue number3
    Publication statusPublished - May 2008


    • Mobile ad hoc networks
    • Neighbor watch
    • Node isolation
    • Secure neighbor discovery
    • Wormhole attack

    ASJC Scopus subject areas

    • Software
    • Hardware and Architecture
    • Computer Networks and Communications


    Dive into the research topics of 'MobiWorp: Mitigation of the wormhole attack in mobile multihop wireless networks'. Together they form a unique fingerprint.

    Cite this