4.1. Wormhole Attack Detection
We assume that each locator periodically broadcasts a beacon message within its neighboring vicinity. The beacon message will contain the ID and location information of the source locator. When the network is threatened by a wormhole attack, some affected locators will detect the abnormality through beacon message exchanges. The following scenarios are considered abnormal for locators:
a locator receives the beacon message sent by itself;
a locator receives more than one copy of the same beacon message from another locator via different paths;
a locator receives a beacon message from another locator, whose location calculated based on the received message is outside the transmission range of receiving locator. When the locator detects the message abnormality, it will consider itself under a wormhole attack. Moreover, if the locator detects the message abnormality under the first scenario, that is, the locator receives the beacon message sent by itself, it will further derive that it is under a duplex wormhole attack. The beacon message has two additional bits to indicate these two statuses for each locator:
(i)
detection bit: this bit will be set to 1 if the locator detects the message abnormality through beacon message exchanges; otherwise, this bit will be 0;
(ii)
type bit: this bit will be 1 if the locator detects itself under a duplex wormhole attack; otherwise, this bit will be 0.
When the sensor performs self-localization, it broadcasts a
Loc_req message to its
-locators. As soon as the locator receives the
Loc_req message from the sensor, it replies with an acknowledgement message
Loc_ack similar to the beacon message, which includes the ID and location information of the locator. The
Loc_ack message also includes above two status bits. When the sensor receives the
Loc_ack message, it can measure the distance from the sending locator to itself using the RSSI. The sensor also calculates the response time of each
-locator based on the
Loc_ack message using the approach in [
17] to countervail the random delay on the MAC layer of the locator: when broadcasting the
Loc_req packet, the sensor records the local time
. Every locator gets the local time
by time-stamping the packet at the MAC layer (i.e., the time when the packet is received at the MAC layer) instead of time-stamping the packet at the application layer. Similarly, when responding to the
Loc_ack packet, the locator puts the local time
at the MAC layer; both
and
are attached in the
Loc_ack packet. When receiving the
Loc_ack packet, the sensor gets its local time
, and calculates the response time of the locator as
. Note that this response time only eliminates the random delay at the MAC layer of the locators, but not the delay affected by attackers.
When conducting the localization, the sensor may also detect the message abnormality when it receives the
Loc_req message sent by itself. Moreover, the sensor can check the detection bit of the
Loc_ack message to decide if its
-locator is under a wormhole attack or not.
We propose to use the following two detection schemes for the sensor to detect the wormhole attack.
Detection Scheme D1
If the sensor
detects that it receives the
Loc_req message sent from itself, it can determine that it is currently under a duplex wormhole attack. For example, when the sensor is under the duplex wormhole attack as shown in Figure
1(a), the
Loc_req message transmitted by the sensor can travel from
via the wormhole link to
and then arrive at
after being relayed by
. Similarly, the
Loc_req message can also travel from
through the wormhole link to
and then be received by
. Thus,
can determine that it is currently under a duplex wormhole attack.
Detection Scheme D2
If the sensor
detects that the detection bit of the received
Loc_ack message from any
-locator is set to 1,
can determine that it is under a simplex wormhole attack. Note that when using detection scheme D2, the sensor may generate a false alarm if the sensor is outside the transmission areas of the attackers but any of its
-locators is inside the transmission areas of the attackers. However, this will only trigger the validate locators identification process but not affect the self-localization result.
The pseudocode of the wormhole attack detection is shown in Algorithm 1. The sensor broadcasts a
Loc_req message for self-localization. When receiving the
Loc_req message, each
-locator replies a
Loc_ack message with the status bits indicating whether it has detected the abnormality. The sensor measures the distances to its
-locators based on the
Loc_ack messages using RSSI method and calculates the response time of each
-locator. If the sensor receives the
Loc_req message sent by itself (detection scheme D1), it determines that it is under a duplex wormhole attack. Otherwise, if the sensor is informed by any
-locator that the abnormality is detected (detection scheme D2), it declares that it is under a simplex wormhole attack. If no wormhole attack is detected, the sensor conducts the MLE localization.
Algorithm 1: Wormhole attack detection scheme.
1: Sensor broadcasts a Loc_req message.
2: Each
-locator sends a
Loc_ack message to the sensor,
including the message abnormality detection result.
3: Sensor waits for the Loc_ack messages to measure the
distance to each
-locator and to calculate the response
time of each
-locator.
4: if sensor detects the attack using scheme D1 then
5: A duplex wormhole attack is detected.
6: else if sensor detects the attack using scheme D2 then
7: A simplex wormhole attack is detected.
8: else
9: No wormhole attack is detected.
10: end if
4.3. Enhanced Valid Locators Identification Approach
In the basic valid locators identification approach, if the sensor identifies less than three
-locators, it will terminate the self-localization because the MLE method used in the self-localization needs at least three distance measurements. However, when using the identification schemes based on distance consistency property of
-locators, many
-locators may not be identified if the threshold of mean square error,
, is set inappropriately a small value.
To overcome the above problem, we propose an enhanced valid locators identification approach which can adaptively adjust the threshold
to make the sensor easier to identify more
-locators: If the sensor detects that it is under a duplex wormhole attack, it conducts identification scheme I1 to detect
-locators. If the sensor identifies no less than two
-locators, it repeats to identify other
-locators using identification scheme I2 and update the
with an increment of
until at least three
-locators are identified or
is larger than
. On the other hand, if the sensor detects that it is under a simplex wormhole attack, it adopts schemes I3 and I4 to identify the
-locators. If at least two
-locators are identified, the sensor repeats to conduct scheme I5 to detect other
-locators and update
with an increment of
until at least three
-locators are identified or
is larger than
. The procedure of the enhanced valid locators identification approach is listed in Algorithm 3.
Algorithm 3: Enhanced Valid Locators Identification Approach.
1:
if
detects a duplex wormhole attack
then
2: Conduct scheme I1 to identify
-locators.
3:
if the identified
-locators
2
then
4: repeat
5: Conduct scheme I2 to identify other
-locators.
6:
7:
until the identified
-locators
3 or
8: end if
9:
else if
detects a simplex wormhole attack
then
10: Conduct schemes I3 and I4 to identify
-locators.
11:
if the identified
-locators
2
then
12: repeat
13: Conduct scheme I5 to identify other
-locators.
14:
15:
until the identified
-locators
3 or
16: end if
17: end if
After the wormhole attack detection and valid locators identification, the sensor can identify
-locators from its
-locators. Furthermore, the sensor can estimate the correct distance measurements to the
-locators. When the sensor obtains at least three correct distance measurements to its
-locators, it conducts the MLE localization based on these distance measurements and the locations of the corresponding
-locators.