Prevention of Wormhole Attack in Wireless Sensor Network

Ubiquitous and pervasive applications, where the Wireless Sensor Networks are typically deployed, lead to the susceptibility to many kinds of security attacks. Sensors used for real time response capability also make it difficult to devise the resource intensive security protocols because of their limited battery, power, memory and processing capabilities. One of potent form of Denial of Service attacks is Wormhole attack that affects on the network layer. In this paper, the techniques dealing with wormhole attack are investigated and an approach for wormhole prevention is proposed. Our approach is based on the analysis of the two-hop neighbors forwarding Route Reply packet. To check the validity of the sender, a unique key between the individual sensor node and the base station is required to be generated by suitable scheme.

💡 Research Summary

The paper addresses the problem of wormhole attacks in wireless sensor networks (WSNs), a severe denial‑of‑service threat that can disrupt routing, data aggregation, and location‑based services without requiring any knowledge of cryptographic keys. Because sensor nodes have limited battery, memory, and processing power, many existing countermeasures that rely on additional hardware, precise time synchronization, or global positioning are unsuitable for typical WSN deployments.

The authors first review related work, classifying existing defenses into four broad categories: (1) location‑ and time‑based schemes (geographic leashes, temporal leashes) that need GPS or tight clock synchronization; (2) connectivity‑ and neighborhood‑based methods that detect fake neighbors but often fail when the wormhole does not create many apparent neighbors; (3) graph‑theoretic or centralized visualization approaches that require a controller and are less effective in sparse networks; and (4) routing‑protocol‑specific solutions that only work with a particular routing algorithm. They argue that most of these techniques either need extra hardware, incur high computational overhead, or are limited to specific network conditions.

To overcome these limitations, the paper proposes a lightweight wormhole‑prevention mechanism that relies on two‑hop neighbor verification combined with a unique per‑node key. The solution consists of two phases:

1. Key Generation Phase – When a sensor node joins the network, a TinyPK‑based bootstrapping process is executed. Each node receives a unique identifier (ID) and a master key (Km) known only to the base station. A pseudo‑random function f is applied to the IDs of all two‑hop neighbors together with Km, producing a node‑specific key Kmu. This key is pre‑loaded into the node before deployment. The approach is an adaptation of the LEAP protocol, but instead of using a single node’s ID, the function incorporates the IDs of its two‑hop neighborhood, thereby binding the key to the local topology.

2. Wormhole Prevention Phase – During normal routing, a source node broadcasts a Route Request (RREQ). The destination, upon receiving the first RREQ, sends a Route Reply (RREP) back along the reverse path. Each intermediate node that forwards the RREP performs a verification step: it broadcasts a Probe message to its immediate neighbors and expects a Probe_Ack_Tag response. The responding neighbor includes its two‑hop neighbor list, which the forwarding node checks against the stored Kmu. If the computed key from the received neighbor IDs matches the stored Kmu, the sender is considered legitimate; otherwise, the RREP is discarded, effectively breaking the wormhole path.

The authors illustrate three scenarios: (a) no wormhole present – verification succeeds and the RREP reaches the source; (b) a wormhole link exists between two nodes that are not two‑hop neighbors of the verifier – the verification fails and the RREP is dropped; (c) a wormhole link connects nodes that are two‑hop neighbors – the key mismatch still causes the packet to be rejected. In all cases, the mechanism prevents malicious tunneling without requiring extra radios, GPS, or synchronized clocks.

Although the paper mentions a simulation study, detailed parameters, performance metrics (e.g., packet delivery ratio, latency, energy consumption), and comparative results are not provided in the excerpt. The authors claim that the approach adds minimal routing overhead, imposes only a modest memory requirement for storing two‑hop neighbor IDs, and can be applied to any dynamic routing protocol that uses RREQ/RREP exchanges.

In the conclusion, the authors summarize the contributions: a hardware‑free, topology‑aware wormhole prevention scheme that leverages a base‑station‑generated per‑node key tied to two‑hop neighborhoods. They acknowledge that the current design centralizes key management at the base station, which could become a single point of failure, and suggest future work on distributed key management, handling multiple simultaneous wormholes, and experimental validation on real sensor hardware.

Overall, the paper offers a novel combination of key‑based authentication and local topology verification to mitigate wormhole attacks in resource‑constrained WSNs, while highlighting the need for further empirical evaluation and robustness enhancements.