This paper proposes a new kind of attack, the wormhole attack, on the Internet. To launch a wormhole attack, an adversary connects two distinct malicious routers in the network using a communication link called a wormhole or a tunnel. The wormhole attack is a severe challenge especially for anomaly detection. Many existing solutions for anomaly detection try to identify the fake messages caused by malicious attack. Since the wormhole is a real path to forward packets, it is difficult to be detected via the existing routing protocols or security mechanisms. Once the wormhole is formed, the adversary can launch active or passive attacks. In this paper, we first survey related literatures about security mechanisms on the Internet, and then show their deficiencies in defending against wormhole attacks. Finally, we recommend some countermeasures that can be used to deal with the wormhole attacks in the Internet.

• 出版日期2012-3
• 单位东华大学