1000/1000
Hot
Most Recent
The popularity of wireless sensor networks for establishing different communication systems is increasing daily. A wireless network consists of sensors prone to various security threats. These sensor nodes make a wireless network vulnerable to denial-of-service attacks. One of them is a wormhole attack that uses a low latency link between two malicious sensor nodes and affects the routing paths of the entire network. This attack is brutal as it is resistant to many cryptographic schemes and hard to observe within the network.
Year |
Main Focus of Survey |
Major Contributions |
Enhancements in this research |
---|---|---|---|
2020 |
Survey wormhole attack detection and prevention techniques in WSN |
Mohit et al. [12] reviewed schemes such as WGDD, RTT, Packet leaches, AOMDV, ANN, and high-power transmission. The advantages and disadvantages of these schemes are listed along with the author’s remarks about the schemes. However, a performance analysis based on quality assessment was not included. |
This research presents a detailed performance analysis, including critical analysis and results comparison, and identified the gaps in all existing schemes. |
2018 |
Detection and prevention analysis of wormhole attacks in wireless sensor networks |
Kumar et al. [13] presented a comparative analysis of several techniques, including reputation-based routing, Packet leashes, Beacon nodes, LITEWORP, and algorithms using active nodes. However, the study did not include the strengths and limitations of the existing schemes. |
This research presents a detailed critical analysis and comparative analysis of the schemes and identified gaps. |
2018 |
Review intrusion detection of wormhole attacks in IoT |
Goyal et al. [14] compared several existing techniques, including the use of the hound packet, distributed detection algorithm, modified AODV, node connectivity, Merkle tree, and AODV protocol for recognising and preventing wormhole attacks, including the constraints of all the schemes. However, strengths were not specified. |
This research presents a comprehensive comparative analysis of all existing schemes and detailed critical analysis. |
2019 |
Review techniques used against wormhole attacks on wireless sensor networks |
Farjamnia et al. [15] presented a review of the existing models (including AOVD with different sizes, ADT, T-AOVD, AOMDV, and DV-Hop with different sizes). The advantages and disadvantages of the models were specified. |
This research presents a detailed literature review along with a solution to identify gaps in the existing schemes. |
2020 |
Schemes to detect wormholes in WSNs |
Umashankar et al. [16] presented a detailed review of the literature on wormhole attack detection. However, the latest schemes were not included. The advantages and disadvantages of the existing schemes were not specified. |
This research presents all the latest schemes, including AI- and ML-based schemes, and a detailed critical analysis of all existing schemes. |
2019 |
Survey the detection and prevention of wormhole attacks in mobile ad hoc networks |
Anju et.al. [17] presented several existing schemes of wormhole recognition, including AODV, RTT, Neighbour Discovery, and Hop count. However, the strengths of the schemes were not specified, and the presented survey was not systematic. |
This research presents all existing schemes in detail and identifies a better technique. Moreover, challenges are specified for future research. |
2018 |
Survey approaches and measures in detecting wormhole attacks in WSNs |
Diksha et al. [18] presented a literature review on different location time, cluster-base, public key encapsulation, moving average indicator, hop count, and RTT-based approaches. However, it is not a systematic survey and not all the pros and cons of the schemes were elaborated in detail. |
This research presents a detailed literature review of existing techniques along with a comprehensive critical analysis. It also includes AI- and ML-based schemes. |
2018 |
Techniques and challenges in detecting wormhole attacks in WSNs |
Padmarpriya et al. [19] presented challenges in WSN concerning the limited bandwidth, time, power management, design constraints, and security. The schemes of wormhole recognition were presented on a category basis. However, there was neither a critical analysis of schemes nor a quality assessment of research articles. |
This research presents a comprehensive critical analysis of all existing schemes. Moreover, research gaps and challenges are identified. |
Ref. |
Scheme |
Methodology |
|
---|---|---|---|
Neighbours discovery based |
[31] |
CREDND (creating a credible neighbour discovery) protocol |
This scheme uses a neighbour ration threshold to evaluate which nodes should be checked. After this, an external wormhole is recognized by hop count as external malicious nodes acting in hidden mode and using the out-of-band channel. In the last step, an internal wormhole is recognized by authentication packets as internal malicious nodes act as normal nodes and use packet encapsulation. |
[32] |
Trust-based scheme |
This lightweight trust-based scheme computes direct trust (DT) by considering the node properties and indirect trust (IT) and by considering the opinions of neighbour nodes. Every node keeps track of its neighbours and checks that they work according to the RPL network rules. The sum of DT and IT is calculated, and the decision is made based on TT (total trust). |
|
[33] |
Decentralized statistical scheme |
This scheme uses two parameters, i.e., the number of new neighbours and the number of old neighbours. The SWAN algorithm is used for detecting the number of neighbours. The decision rule is used with a sliding window to make the decision. |
|
[34] |
MLAMAN scheme |
This scheme works by changing tunnel lengths and the speed networks of the nodes. The malicious node is recognized by using hop-difference and AODV protocol. It detects intruders at the packet, neighbour, and membership levels. |
|
[35] |
MaxIS scheme |
The proposed method uses a greedy algorithm to search for intruders in maximum independent sets with forbidden sub-structures. |
|
[36] |
NIAPC scheme |
This scheme uses the AODV protocol and neighbourhood information to detect malicious nodes. It finds an alternate path for secure communication all over the network. |
|
[37] |
ESPMAW scheme |
This scheme uses the AODV routing protocol, neighbour, and connectivity information to find intruders in the system. |
|
[38] |
SDN-based scheme (SWANS) |
This scheme uses the information of neighbour similarity for the detection of wormholes in software-defined networks. |
|
AODV protocol-based schemes |
[39] |
Wormhole recognition using AODV |
The sender sends an RREQ (route request packet) to the receiver node in the AODV network. The sender calculates the average sequence numbers of all the receiver nodes. The receiver sends an RREP (route reply packet) to the sender, who compares the sequence number of the receiver with the already calculated average and decides whether the path is attacked. |
[40] |
Confirmation system using honeypot |
This method uses a honeypot for creating trees. The AODV and resilient ethernet protocol searches these trees for wormhole node detection. |
|
[41] |
AODV based scheme |
AODV, OSLR, and ZRP are used to detect malicious nodes in the wireless sensor network. |
|
[42] |
Lightweight scheme (AODV) |
In this scheme, the sender nodes collect all reply packets along with their sequence numbers and compare them with the calculated average sequence number to detect intruders. |
|
RTT based |
[43] |
RTT-centred wormhole recognition |
The AODV protocol is used in the route discovery phase. The sender sends an RREQ and saves the TREQ. The receiver sends the RREP back to the sender. The RTT is calculated as the difference between the TREP and TREQ. The path is considered a wormhole attack if the RTT exceeds the threshold limit. |
[44] |
RTT centred scheme |
This scheme uses RTT in conjunction with propagation time. The sender sends an RREQ packet and receives an RREP packet. The sender then calculates the RTT and propagation time to decide whether the route is attacked or attacked-free. |
|
[45] |
EIRGP and RTT-based scheme |
This scheme uses the EIGRP protocol and round-trip time for the detection of intruders. |
|
[46] |
Trust-based scheme |
This scheme uses RTT and AODV protocols for detecting malicious nodes. |
|
High-power transmission based |
[47] |
Energy model by using AODV and hop count |
Hop count is used to computing the distance between sender and receiver. Every node consists of a routing table and the next-hop of all nodes. The AODV routing protocol and high-power transmission are used to build a wormhole path. The malicious nodes send data packets with high energy levels, resulting in nodes draining. The system shows the normal nodes in green and the negative nodes in red. |
[48] |
RPL-based scheme |
The RPL routing protocol is used with the RSSI value to detect malicious nodes in the network. |
|
Path selection |
[49] |
3PATw scheme |
This scheme applied 3PAT to recognize the blackhole in each communication in the network. Once it recognized the black hole, the modified transmission radius based (TRB) is applied to recognize the wormhole. |
[50] |
Spanning trees scheme |
This scheme selects a rode node for the spanning tree. The Breadth-First Search (BFS) algorithm is applied to detect wormhole nodes in the tree. |
|
[51] |
AD-PSO scheme |
First of all, K paths are selected. The sender sends a detection packet (DP) containing RTT and hops count information. The receiver generates a feedback packet (FP). The DP and FP are compared to find wormhole nodes. Once it detects the malicious node, PSO is used to find the optimal attacker-free path. |
|
Statistical method based |
[52] |
Encapsulation and fragmentation of message (EFM) scheme |
This scheme presents a data packet security process that encapsulates the message and adds extra four-bit information. The message is decapsulated at the receiver’s end. The technique divides the message into small pieces and sends all pieces through different parts to the destination. |
[53] |
Intrusion prevention system |
This scheme presents an intrusion prevention system (IPS) which detects malicious nodes and broadcasts their credentials all over the network so that no more nodes connect with those malicious nodes. |
|
[54] |
HCBS protocol-based scheme |
This scheme detects malicious nodes in clusters by using the heterogeneous cluster-based secure directing convention (HCBS) protocol. |
|
Hop count and Weight-based |
[55] |
LITS scheme |
This scheme uses a verification process of two replayable control messages and time synchronization to detect malicious nodes. |
[56] |
WDV-hop scheme |
This scheme first detects suspicious nodes by using hop count, calculates localization error for them, and drops the malicious nodes. |
|
[57] |
Delay per hour indication (DELPHI)-based scheme |
This scheme uses DELPHI (delay per hop indication) approach with some broadcasting modification by computing threshold values to detect intruders. |
|
[58] |
RHE2WADI scheme using RSSI value |
This scheme uses received signal strength indicator (RSSI) values and hop count to detect malicious nodes in the IoT network. |
|
Authentication Key-based |
[59] |
EDAK scheme |
This scheme uses a dynamic matrix key process to store all the local information of the nodes so that legal nodes can be identified. It performs encryption and decryption along with two hash functions. |
[60] |
HKP-HD scheme |
This scheme uses key generation and its pre-distribution to reduce the chance of attacker nodes. |
|
[61] |
Elliptic curve cryptography scheme |
This scheme uses elliptic curve cryptography with the AODV protocol for wormhole attack-free networks. |
|
Mobile agent and Cloud-based |
[62] |
Visiting centre local-based scheme |
This scheme introduces a mobile agent in the network which is responsible for distinguishing malicious nodes from normal nodes. |
[63] |
Cross-layer verification scheme |
This scheme presents a cross-layer verification framework (CLVF) to find intruders in the system. |