Detecting Route Attraction Attacks in Wireless Networks

Mustafa Y. Arslan!, Konstantinos Pelechrinis†, Ioannis Broustis!,Srikanth V. Krishnamurthy!, Prashant Krishnamurthy†, Prasant Mohapatra‡

!University of California, Riverside: {marslan, broustis, krish}@cs.ucr.edu†University of Pittsburgh: {kpele, prashant}@mail.sis.pitt.edu

‡University of California, Davis: prasant@cs.ucdavis.edu

Abstract—Selecting high performance paths in wirelessnetworks requires the exchange of link quality informationamong nodes. Adversaries can manipulate this functionalityby advertising fake qualities for links; with this, they canattract routes and subsequently launch pernicious attacks.Our measurements suggest that malicious route attraction canfatally impact performance. We design a framework that iseffective against both independent and colluding attackers. Inthe latter case, we consider both local and remote colluders.With local collusion, malicious nodes exchange and advertisefake routing information to increase the probability of beingselected as relays. Remote collusion refers to nodes residing indistant parts of the network that (i) create sybil identities in alocal neighborhood and/or (ii) utilize link quality information toadvertise fake links. Our framework combines packet signingand frequency hopping to accurately detect the adversaries.We implement our framework on our testbed and conduct ex-periments to assess its efficacy. We observe that our frameworkprovides throughput benefits by detecting attackers with 90%accuracy.

I. INTRODUCTION

The selection of high performance routes requires nodes toassess the quality of the individual links, typically in terms ofPacket Delivery Ratio (PDR) [1], [2]. To calculate the PDRfor a link, routing protocols rely on the periodic transmissionof probe packets. Based on the number of received probes, anode reports the PDR on its incident links to its neighbors.One vulnerability of PDR reports is that an attacker can

report fake PDR values for the links to its neighbors. Asan example, it could advertise low (lower than the actual)PDR values, thereby evading relay operations and causingpackets to follow lower-quality paths [3]. Such an attackhowever, may not be as threatening since sources may stillfind alternative paths of good quality. In our work, we focuson the opposite, more challenging malicious strategy: anattacker can advertise high (higher than the actual) PDRvalues for its links, thereby increasing the probability ofbecoming a relay. We call these nodes (that manipulate thePDR to “attract” the routes) magnets and the specific attack,a route magnet attack 1. As long as a magnet can attract aroute, it can easily launch any attack on packets (e.g., theblackhole attack [4]).

1The attack resembles sinkhole attacks and we are not the first torecognize it. However, we just use the term route magnet as a namingconvention.

In this paper we design and implement RoMaD, a RouteMagnet Detection framework that identifies such maliciousPDR manipulation and thus, can help avert paths frommagnets. We study the topological characteristics that (a)render the network vulnerable to the attack, and (b) triggerthe online detection and mitigation of the magnets. Wehighlight our main contributions in what follows:1. An experimental study of strategies for attracting

paths based on PDR broadcasts: We perform an in-depthstudy of both independent and colluding route magnets viameasurements on an indoor / outdoor wireless testbed. Weidentify three methods using which magnets can collude.First, two or more magnets can locally collude againstlegitimate nodes; they can exchange topological informationand report fake link qualities. Second, colluding magnets thatare in distant parts of the network can exchange credentials(i.e. authentication keys), and launch sybil attacks in localneighborhoods. Third, distant magnets with no commonneighbors can use the probing functionality to create theillusion of fake “shortcut” links between a source and itsdestination 2.2. Designing a framework for the detection of the

attack: We design and implement RoMaD, a unified routemagnet detector, which accurately detects all of the afore-mentioned attacks, based on online observations. Our so-lution consists of two components, NRC (Nonce ReportComponent) and MCC (Multiband Challenge Component).NRC ensures the truthfulness of probe reports throughnonces and constructs a list of potential magnets; MCCdetects attackers by challenging suspect nodes on differentchannels and with variable power levels.3. Evaluating the efficacy of RoMaD: We implement

RoMaD and evaluate it on a large-scale wireless testbedat UC Riverside [5]. We observe that RoMaD accuratelydetects the magnets in all the considered cases; we alsodiscuss the false positive and false negative scenarios thatcould arise.While previous work (e.g., [6], [7]) allude to using nonces

and frequency challenges, they lack an implementation onan actual testbed. We are the first to integrate, implementand evaluate the efficacy of these approaches on a realexperimental platform. The distinguishing aspects of ourstudy are:

2These attacks differ from traditional wormhole attacks (see Section III).

• First, existing solutions on routing metric manipulationare reactive: they assume that the metric is correctly calcu-lated before secure countermeasures are applied. In contrast,our scheme is proactive: it a priori secures the metriccalculation, i.e., before route discovery and maintenance.We believe that a proactive approach is essential to

effectively tackle attackers that manipulate the link qualityrouting metrics. To illustrate this with an example, let usassume a network that employs the DSDV routing protocol[8]. DSDV proactively discovers new routes based on pe-riodic routing advertisements from nodes. The probes usedto compute the PDR are also sent periodically even if thereis no active data transmission in the network. Coupled withthe probes, DSDV discovers new routes (based on PDR)and advertises this information to other nodes. If counter-measures are not applied at the probing stage, the PDR (asmanipulated by the attackers) would result in manipulatedroute dissemination in the network. For this reason, thereactive nature of the previous approaches (e.g., [9], [10],[11]) renders them ineffective in addressing malicious PDRmanipulation. RoMaD, instead, takes a proactive approachto detect the manipulation at its early stages (while incurringsome overhead in detecting the attackers).• Second, we are the first to consider colluding magnets

that use diverse attack strategies. Previous work on magnetsassume only individual attackers [6].• Third, unlike most prior work we tackle route magnets

that are insiders (i.e., compromised nodes).The rest of the paper is structured as follows. In Section II,

we provide brief background on link quality based routingand discuss relevant previous work. In Section III, we profilethe attack strategies that magnets can use. We present thedesign of RoMaD in Section IV. In Section V, we evaluateRoMaD. We discuss future work in Section VI and ourconclusions form Section VII.

II. BACKGROUND AND RELATED WORK

PDR-based routing metrics: Modern routing metricsaccount for the quality of individual links. The ExpectedTransmission Count, ETX [1], of a link corresponds tothe expected number of transmissions (including retransmis-sions) needed for the successful reception of a packet on thelink. In particular, ETX = 1/(pf ·pr) , where pf and pr arethe PDR values on the forward and the reverse directions ofthe link, respectively. The ETX cost of a route is the sum ofthe ETX values of the links on the route. The source nodeselects the route with the minimum ETX cost. Similarly,other metrics such as ETT, WCETT [2] and iETT [12] usePDR information to compute the metric.All of the above metrics rely on a real-time probing

functionality in order to measure the PDR. To achievethis, each node periodically broadcasts probe packets every! seconds. Nodes report the number of probes receivedfrom each neighbor during a window of " seconds. Thisinformation is piggybacked in future probes; it is used tocompute the PDR for both directions of a link and thereby,its corresponding metric. While a node can directly measure

the reverse PDR, pr , for neighbor links (i.e., the PDR ofthe link from a neighbor), it relies on the reports from itsneighbors to learn about the forward PDR, pf (i.e., the PDRof the link to a neighbor). If malicious nodes report veryhigh PDR values for their links (affecting the pf for theirneighbors and resulting in a lower ETX), they can coercesource nodes into selecting them as relays. Hence, the goalof a route magnet is to assume the role of a relay on routesthat are selected based on any of the above metrics, byreporting fake, high PDR values. Note that this vulnerabilityis also inherited by any other metric that leverages probingto measure the PDR.Securing the routing operations: There are a few efforts

on overcoming specific versions of route attraction attacks.In [9] SAODV, a secure version of AODV [13] is proposedto prevent the modification of the hop count metric byadversaries. SAODV employs hash function chains to protectthe hop count information. ARIADNE [10] is a secureversion of DSR [14]; it also protects routing messagesfrom being altered by adversaries. SEAD [11] protects themetric and sequence number fields in DSDV [8]. All ofthese studies inherently assume that the routing metric istruthfully calculated and secure measures are used only tosubsequently protect the metric. In our work, however, thePDR-based metric can be manipulated even before the routediscovery process. In such cases, the methods in abovestudies would try to protect a metric information that is nottruthfully calculated in the first place! Hence, it is essentialto secure the route setup operations proactively (as we do inthis work), rather than trying to avert adversaries after routeestablishment.Studies on route magnets: In [3], a solution is proposed

to tackle the problem of selfish nodes reporting a lowerPDR; the goal of this attack is to discourage routes frompassing through these selfish participants. However, a sourcemay find alternative paths that may still provide goodperformance. Zeng et al. [6] propose SLQM to preventadversaries from reporting inflated PDR values through theuse of nonces. However, the solution does not considercolluding attackers and as we will show later, it can easilybe bypassed by colluders. Moreover, the authors do notimplement their scheme in order to sufficiently quantify theimpact of the attack in a real setting. [15] studies PDRmanipulation in multicast protocols. The proposed methoddoes not handle sybil attackers and is subject to framingattacks where attackers can falsely claim that a benignnode is malicious. In [16], the authors propose a method todetect the sinkhole attack in sensor networks, by comparingreported link qualities between nodes. The sinkhole attackis similar to the notion of route magnets, where maliciousnodes try to attract routes via fake link qualities. However,specific solutions to address this attack do not apply to oursetting. In particular, [16] assumes that the link qualitiesare symmetric and hence they do not exhibit large deviationbetween two nodes; however as it is well known, this is notalways the case in wireless networks. In fact, as we willshow later, we observe that route magnets are very effective

when they maintain asymmetric link qualities with theirneighbors. In such cases, it is easy to see that the solutionin [16] will not be effective. In addition, [16] does notconsider colluding attackers employing more sophisticatedstrategies. In contrast to above studies, RoMaD addresses abroad variety of magnets (individual and colluding) and isevaluated with an implementation on a testbed.Other relevant studies: Newsome et al. [7] propose the

use of radio resource testing to challenge sybil suspects bylistening on the assigned channels. However, this challengeprocedure is limited only to detecting the presence of sybildevices. In contrast, our work has a broader scope since wealso ensure trustworthy PDR reporting.There are efforts on detecting wormhole [17], blackhole,

grayhole [4] and jellyfish attacks [18]. Hu et al. [19] proposethe use of temporal and geographical leashes to detect thewormhole links. Using temporal leashes requires preciseclock synchronization among the nodes. Geographic leashesrely on the physical location of a node, which might not betrivial to compute in adversarial settings. Hu and Evans [20]use directional antennas to detect wormholes; however, thestudy relies on such specialized hardware, which may not beavailable in practice. In [21], the authors use graph theoryto detect the wormholes. Eriksson et al. [22] investigate theuse of link layer timing to prevent wormhole connectionsbetween two nodes. Note that unlike in our work, in all ofthe above studies, malicious devices are considered to be“outsiders”, rather than compromised nodes that participatein network operations.

III. PROFILING ROUTE MAGNETS

Threat model: We consider as malicious, the nodesthat try to manipulate the route discovery process througheither fake PDR reports, remote collusion, or combinationsthereof. The name “magnet” is chosen to represent thespecific malicious action of “attracting” routes and not torepresent the particular attack on packets (e.g., blackhole,jellyfish). These other attacks that target flows are onlypossible if the attacker is present on the specific route; weaddress the specific case where the attackers try to causeroutes to go through them with the intention of launchingadditional attacks on information flows. In other words,RoMAD focuses on detecting the magnets rather than theparticular attacks on packets.Through the rest of this paper, we assume that magnets are

compromised regular nodes (i.e., insiders) in the network.Therefore, in terms of most hardware capabilities, they areno different than any other node. The only difference weenvision is the Ethernet (or some other out of band) linkused for collusion (explained in detail later).The attack strategies that we consider adopt the common

tactic of advertising fake high PDR values. However, theydiffer in terms of the specifics of the attack strategy. Inmost cases, we consider two colluders. Our solution isapplicable to cases with more than two colluders; however,we recognize that a more in-depth investigation is requiredand will consider this in future work.

Figure 1. The independent magnet X advertises fake PDR values (benignvalues are crossed out) in order to attract the route from S to C.

Network assumptions: We consider a network that em-ploys public key infrastructure (PKI). Specifically, eachnode is assumed to have a public-private key pair used forencryption and authentication. The certificates are verifiedand managed by a certification authority (CA). The messagecontents encrypted with the public key of a node can onlybe decrypted using the private key of the particular node.We did not observe significant throughput overhead due

to encrypting the probes since these are typically smallpackets (100 - 200 bytes). Our testbed consists of Soekrisnodes having 266 MHz processors and 256 MB RAMon board. We believe that probe encryption can easily bedeployed in today’s wireless networks, which have nodeswith much faster processors and increasing amounts ofavailable memory.As mentioned before, RoMaD addresses attackers that

manipulate PDR-based routing metrics. Since these metricsutilize periodic probe broadcasts, they are not suitable fornetworks with energy constraints (e.g., sensor networks). Webelieve that RoMaD is most applicable to 802.11 networkswhere PDR-based routing metrics have already been imple-mented and demonstrated to offer throughput benefits [1],[2]. However, as we show in this paper, these metrics offera new ground for the attackers to impede the benefits andshould be complemented with a detection framework suchas RoMaD. We now proceed to describe different types ofroute magnets and the attack strategies that they use.A. Independent Route MagnetsMalicious devices in this category advertise high PDR

values for the links from their neighbors. For example,consider the topology in Fig. 1, where node X is the onlymagnet. The source node S wishes to setup a route todestination C. In benign conditions, S chooses the pathS ! A ! B ! C. However, if X reports a very high PDRvalue (e.g., PDR = 1) for the links S ! X and B ! X(both links have a PDR = 0.5 in reality), it is easy to verifythat S will choose the route S ! X ! B ! C (since itis the route with the smallest aggregate ETX value). Withthis, X successfully attracts the route from S to C. Wecall this attack IRM, for Independent Route Magnets. Notethat although X tries to manipulate S by advertising fakequalities for its attached links, S may still select a route thatdoes not include X . This is because X cannot advertise fakePDR values for links other than its own. Hence it may bepossible that the aggregate ETX value for other routes isstill lower.When is IRM effective? We conduct experiments to

assess the ability of independent magnets to attract routes indifferent topological scenarios. We observe that by attractingroutes, even if no other attack is launched in conjunction

(a) Testbed Deployment (b) Route Attraction (c) Route Attraction

Figure 2. Magnets with the most path gain are the ones that maintain asymmetric links with their neighbors.

(like a blackhole attack), there can be up to a 90% through-put reduction compared to benign cases (the experiment isdescribed in Section V). The main reason for this throughputreduction is that the quality of the links comprising the routedegrades (as in Fig. 1). In addition, we observe that:a. IRM is most effective on asymmetric links:We conduct

experiments with 15 nodes (see Fig. 2(a) for deployment).We count the number of paths going through each node,when (a) the node is truthfully reporting the PDR (i.e.,benign) and (b) the node is configured as an independentmagnet. In the latter configuration, the node simply reportsPDR = 1 for all of its neighbors. Fig. 2(b)(top) plots the num-ber of paths for each node. First, we observe that some nodeslocated at the periphery of the network (such as 13, 20, 25)are not selected as relays irrespective of their configuration.IRM strategy does not provide a significant advantage forsuch nodes due to their topological characteristics. Second,we observe that IRM also does not provide a significantadvantage to nodes that are relays for most of the paths inthe benign configuration (such as 11, 22, 23 and 30). Wenotice that such nodes i) are located at more central regionsof the network and hence naturally attract many paths andii) maintain already high PDRs with their neighbors due totheir location.Next we define as path gain, the difference between the

number of routes passing through a node in configurations(a) and (b). Fig. 2(b)(bottom) plots the path gain for 7 nodes(the remaining 8 nodes did not have any path gain). Here,our measurements suggest that IRM is especially effectivewhen applied on links where the PDR on the link <magnet! neighbor> is significantly higher than that in the reverse

direction. This is because on such links: (a) the magnet caneasily lie about the PDR from neighbors by reporting highvalues, and (b) most of the magnet’s reports are actuallyreceived by neighbors, due to their good incident links. Notealso that this property of magnets renders the solution in [16]ineffective. Since the magnets make the link “look like”symmetric via the PDR manipulation, [16] perceives thisas a benign operation.b. The hop distance between a source and its destination

affects the potency of IRM: Independent magnets can onlymanipulate the PDR of their neighbor links and thus theireffect is more localized. To illustrate, node X is tryingto attract the route from S to D and become the relayinstead of node R (see Fig. 2(c)(top)). The magnet cannotfake the PDR for the nodes on the path from R to D andsimilarly from X to D. As one might expect, with shorterpaths the probability of attracting the route is higher. Inour experiments, we observe that when the source and thedestination are separated by many hops, it is harder for themagnet to attract the route. This is because with longerroutes, the path cost is the sum of the ETX values of a highernumber of links (not under control of the magnet). Since oneindependent magnet can manipulate at most two links on apath, it typically does not suffice for node S to pick thepath involving X . With few hops, however, magnet’s ETXmanipulation significantly affects the best path decision.Fig. 2(c)(middle) shows that for the same 15-node ex-

periment above, nearly 40% of the attracted paths consistof two hops (hop count before attraction); this percentagedecreases as the path length increases. Attracting a one-hoppath is also unlikely because these paths typically have an

Figure 3. Colluding magnets ex-change out-of-band informationin order to attract routes.

Figure 4. The sybil magnet X

creates additional fake identities(X1!4), to attract the route.

ETX " 2; even though the magnet advertises ETX = 1 forboth the source and the destination, the legitimate one-hoppath is still considered better than the maliciously advertisedpath.c. IRM can severely impact the end-to-end perfor-

mance: We perform experiments to quantify the impact ofindependent route magnets on the end-to-end performance.We discuss a representative experiment here, where onemagnet (node 21) is simply attracting 3 routes with differ-ent source-destination pairs, without performing additionalpacket manipulations (such as launching blackhole attacks).Fig. 2(c)(bottom) plots the difference in the end-to-endthroughput for the three attracted flows. The attraction of theroutes is detrimental, since the magnet causes the packets tofollow poor quality links. Note that node 21 is avoided as arelay in the benign configuration due to the low PDR linksthat it has with its neighbors.

B. Colluding Route MagnetsSimple solutions can prevent IRMs from being effective.

As an example, benign nodes could mark the probes withrandom nonces and require their neighbors to report theactual nonces (or a linear function of such nonces) from theprobes that they receive. With this, it is difficult for IRMsto lie about the received probes from neighbors. However,colluding magnets can easily bypass this strategy as weexplain in the following.Local Colluders: If two or more magnets (having a com-

mon neighbor) cooperate, they can exchange informationabout the nonces that they have each deciphered from thecommon neighbor(s). In other words, if magnets were tocollude, they could cooperatively report high PDR values.We call these devices “local colluders”, and the attack CRM(for Colluding Route Magnets).As an example, consider the topology in Fig. 3. Nodes X

and Y are two local colluders; S requires neighbors to reportthe sum of all the nonces that they receive. The link S ! Xhas PDR = 0.2, while the link S ! Y has a PDR = 1. For Xto join the route from S to C, it has to report PDR # 1 forthe link S ! X . For this, X has to provide the sum of allthe nonces included in the probes that have been transmittedby S during the last probing interval. Since the colluder Yhas received all the probes (PDR = 1), it can send all thenonces to X ; X can then embed this information in probes,thereby fooling S about the quality of the link S ! X .Recall that colluding magnets utilize a private Ethernet linkto exchange information.

Sybil Magnets: Colluding magnets, being insider ad-versaries, can share their cryptographic keys. With this,magnets can create a large number of identities in a localneighborhood and use them to increase the probabilityof being selected as relays. Such a magnet can be onephysical device with many virtual wireless interfaces, andeach interface could be used to transmit probes with differentMAC addresses. Upon receiving the probes, legitimate nodeswill falsely believe that the fake identities correspond to realneighbors. We call these magnets “sybil magnets” and theattack SRM, for Sybil Route Magnets. The number of fakesybil identities that a magnet can create is at most equal tothe number of compromised nodes in the network. This isbecause, in order to create a sybil identity, the magnet needsto have an additional set of predicates (i.e., keys) that areonly obtainable by compromising an additional node.Fig. 4 depicts a representative example of SRM. Here,

S seeks to find the route to C. A and X both have highquality links to S (ETX = 1). In the benign case, it is equallylikely that S selects A or X as the next hop. However, ifX creates four identities, S observes that it has 5 neighborsall of which have links with ETX = 1. With this, X hasnow increased the probability of being selected on a pathto 0.8 (instead of 0.5 in benign settings). Note that, IRMand CRM are not effective in cases where the magnets havehigh quality links with their neighbors. In such scenarios,the PDR manipulation does not give any advantage to themagnets since the benign PDR for the links are already quitehigh. However, in such cases, the magnets can employ SRMto attract paths.Distant Magnets: Colluding magnets can also mount

wormhole-like attacks on link quality aware routing pro-tocols. In traditional wormhole attacks, outside attackerscreate fake links between two legitimate nodes by replayingthe transmissions of one node in the neighborhood of theother. In our threat model, the attackers are insiders; theyannounce the fake link between themselves and the routesare computed based on the qualities of the links rather thansimply the hop counts. Thus with collusion, an effect similarto the wormhole is created albeit in a different way.There are two strategies that distant colluders can use.

First, colluding insider magnets can exchange their keysand use these when sending probes to their neighbors. Asan example, let us assume nodes A and B are located intwo “distant” parts of the network. If A uses B’s credentialswhile sending probes, A’s neighbors will falsely concludethat they are neighbors with B. With this, such victim nodeswill be deluded into believing that there exist shortcuts toother valid nodes via the magnet (since it advertises theneighbor list of B). This is likely to increase the chances ofmagnets attracting a path. Second, two magnets can advertisea fake link between themselves even without exchangingcredentials. This can still result in fake shortcuts betweenlegitimate nodes. We call these types of magnets together“distant magnets” and the strategy DRM for Distant RouteMagnets. As we show later, these attacks are extremelyharmful; once the magnets create the fake link, they can

attract many routes and can easily hurt performance bydropping packets.Impact of Colluding Magnets on Performance: Thus

far, we have not shown the impact of magnets on perfor-mance (e.g., throughput). For the throughput to be affected,the quality of the path should change from that in benignsettings (e.g. poorer quality links or longer paths) as inFig. 1. With colluding magnets, the quality may be similarto that of in benign settings (as in Fig. 4). However, oncethey attract a path, the magnets can launch other attacks tosignificantly impact the performance. We conduct compre-hensive experiments with magnets in Section V.

IV. DETECTION FRAMEWORKRoMaD consists of two components: namely NRC and

MCC. NRC includes nonces in probe packets; it can be usedto (a) detect IRMs and (b) compile a list of suspect colludingmagnets via simple hypothesis tests. MCC uses multiplechannels and transmission power levels to challenge thesuspect nodes determined by NRC. Since a single wirelessinterface can be tuned to one frequency at a time, it isexpected that SRMs will not be able to simultaneouslyrespond to challenges on more than one channel. Similarly,as discussed later, CRMs will be greatly limited in theirabilities to exchange nonce information. In addition, the useof different power levels help detect DRMs.

A. NRC: Nonce Report ComponentWith NRC, each node includes a pre-specified linear

function (the sum in our implementation) of the nonces thatit receives from its neighbors, when it reports the PDR. Therecipient verifies the included sum; should the verificationfail, the transmitter is flagged as an IRM. To illustrate thesemantics of NRC, consider two neighbors A and B. Abroadcasts probes once every ! seconds, while B reports thecorresponding PDR for the last " seconds. In every probe,A embeds the following: (i) a nonce value that is randomlypicked and (ii) a sequence number that is incremented byone. A also maintains a local copy of the tuple of thesequence number and the nonce associated with each probe.The recipient, B, maintains the following: (a) a moving

sum of the nonces that it receives from A during the lastprobing window and (b) the tuple of the sequence numberand the nonce included in each received probe. WheneverB reports the PDR for the link A ! B, it includes the sumof the nonces (from the probes sent by A), along with abit vector indicating the sequence numbers of the receivedprobes. B sets the ith significant bit to 1, if a probe withsequence number seq $ i % 1 (mod "/!) is received; ifnot, the particular bit is set to 0.

A verifies the sum of nonces reported by B in conjunctionwith B’s bit vector. For example, if B reports a vectorwherein all the bits are set to 1, then B must have receivedall the probes sent by A. Node A, in this case, computes anexpected sum by adding the nonces in all the locally storedtuples. A then verifies this expected sum against the sum ofnonces reported by B. Note that A can learn about the PDR

Algorithm 1 NRC operation at BP is the list of probes received from A

sum ! 0vector ! 0 {initialize a vector of 0s}seq ! last sequence number usedfor p " P do

sum ! sum + p.noncei ! p.seq no mod (w/! )vector.i + 1th bit ! 1 {set i + 1th bit to 1}

end forseq + +nonce ! random int{store [seq, nonce] and send report}

Algorithm 2 NRC operation at Ap is the probe (report) received from B

num rx ! 0, expectedSum ! 0i ! 1for i # p.vector.length; incr i doif vector.ith bit = 1 then

nnc ! assoc.nonce{assoc has seq no $ i % 1 (mod w/! )}expectedSum ! expectedSum + nncnum rx + +

end ifend forif expectedSum &= claimedSum then

B is misbehavingelse

pdr to B ! num rx ' !/wend if

of the link A ! B by accounting for the bits set to ‘1’ inthe reported bit vector. We present the pseudocode for nodesB and A in Algorithm 1 and 2, respectively.Despite the use of nonces, IRMs can still evade detection

by NRC. One strategy is to overhear the probe reports sentby legitimate neighbors to infer the missing nonces. In orderto address this, we leverage PKI. Specifically, each node isrequired to sign the reports with its private key and encryptthe signed report using the destination node’s public key.With this, magnets will not be able to decode the sum ofnonces contained in overheard probes, since they do not havethe private key of the destination. In addition to detectingIRMs, NRC is also leveraged for hypothesis tests with MCCto detect colluding magnets. We discuss this next.

B. MCC: Multiband Challenge ComponentThe primary goal of MCC is the detection of colluding

magnets. MCC exploits multiple channels and transmissionpower levels to challenge suspect nodes. The key insight be-hind MCC is that a wireless interface cannot simultaneouslyoperate on two different channels. We enlist the definitionsthat we use in Table I. In what follows, we present theoperations of MCC.The ‘high forward PDR’ hypothesis test: The chal-

lenger identifies the nodes that it wishes to challenge usinga hypothesis test. If a node were to challenge all of itsneighbors, the overhead due to MCC would be excessive.

L List of potential magnetspf and pr Forward PDR and reverse PDR of a link

padf Forward PDR advertised by a node

pactf Actual forward PDR for a link found using MCC" MCC tolerance parameter

challenger The node initiating MCC challengeresponder The node being challenged by MCC

Table ITERMS AND NOTATIONS

Thus, it is important to first identify a subset of the neighborsL who could be potential magnets. To construct this subset,NRC computes the average forward PDR, pavg

f , over all linksof a node (after IRMs are filtered out). If a neighbor reportsa forward PDR much higher than that of the other nodes,then NRC includes it in L. Specifically, these are neighborsthat report a forward PDR pad

f & pavgf + # ' var, where

# is a threshold parameter and var is the variance of pf

values. The hypothesis test is based on the fact that magnetstypically advertise high PDR to increase the probability ofbeing selected as relays.The above hypothesis alone cannot identify potential

SRMs since they can operate without inflating the PDR (seeSection III). However, since sybil identities belong to thesame physical node, these identities will report the samePDR statistics. Therefore, coupled with the forward PDRhypothesis, NRC also monitors if there is more than onenode reporting the same set of nonces. If there are suchnodes, NRC includes them in L as well.The challenge procedure: The challenger assigns a

different channel to each node in L and broadcasts thisinformation on the default channel. The nodes that receivethis announcement configure their radios to their assignedchannels and wait for challenge packets. The challengerthen randomly selects a channel and transmits one or morechallenge packets. Each such packet has an associated ran-dom nonce (we leverage NRC). If the responder receives thepacket successfully, it is expected to report the nonce backto the challenger. Using this procedure, at random instants,the challenger sendsm packets to each node in L and, keepstrack of the number of successful replies. It then calculatesthe difference between pad

f and pactf (see Table I) for each

responder. If padf % pact

f < $, the particular responder isconsidered to be legitimate; otherwise it is flagged as amagnet. The challenger computes pact

f for each responderas pact

f = k/(m · pr) where k is the number of successfullyreceived responses (out of m). We present the operation ofMCC in Algorithm 3.Discarding sybil identities: As discussed in Section III,

SRMs report a high padf value by using multiple virtual

identities. Hence, NRC includes all the identities of a sybilnode in list L. MCC then assigns a different channel to eachof these identities. The fact that nodes are equipped with asingle radio interface 3 prevents SRMs from listening onmore than one channel at a time. Hence, if a sybil magnet

3The approach can easily be extended to cases where nodes have multiplewireless interfaces. A node will be required to simultaneously respond onmore than one channel.

Algorithm 3 MCC operationwhile all channels are challenged with less than m packets do

channel ! randomchannelnode ! channel.assigned nodereply ! challenge(node, channel)if reply then

node.success count + +end if

end whilefor node " L docompute pact

f for node as pactf = k/(m · pr)

if padf % pact

f ( " thennode is misbehaving

end ifend for

stays on one of its assigned channels, the challenger willdetect and discard the other fake identities since these willnot be able to reply to the challenge packets. Note that withMCC, the challenger cannot actually detect the physicalsybil magnet; however, it can discard the fake identities,thereby decreasing the success of SRM to a great extent. Analternate strategy for the magnet could be to “hop” betweenthe assigned channels and try to be on the same channelas the challenger. However, due to the random channelselection, the probability of tuning to the same channel as thechallenger is 1/c, where c is the number of virtual identitiesused by the magnet. Clearly, the probability decreases withlarger number of sybil identities.Detecting local colluders: CRMs exchange nonce infor-

mation using their Ethernet link. If the colluders report apad

f greater than the threshold in the hypothesis test, theyare included in list L. During the MCC challenge, onestrategy for the colluders could be to reply to challengesaddressed to their colluding partner. This can especially be afeasible strategy when one of the colluders maintain a high-PDR link to the challenger node (e.g., Fig. 3). However,the challenge on different channels makes it difficult for asuspect to respond on behalf of its colluder. Since a nodecan only be on one channel at a time, it cannot respond tothe challenges issued to its colluding partner if it stays on itsown channel. Conversely, if it chooses to be on the channelassigned to the colluding partner, it misses the challenges onits own channel. Thus, the assignment of different channelsdiscourages colluders from hopping between channels.Detecting distant magnets: The challenge phase for

detecting DRMs is slightly different. It uses a differenthypothesis test and employs multiple transmission powers.The ‘topological inconsistency’ hypothesis test: Main-

taining the average forward PDR of the links is not sufficientto hypothesize about attacks launched by DRMs. Thesemagnets can easily inject “shortcut” links without beingclassified as suspects. To cope with these magnets, we re-quire each node to encrypt the nonce information (describedearlier), but send out the node IDs of its neighbors withoutencryption. This connectivity information is also essentialfor the routing functionality with ETX [1].Each node monitors the reports from its neighbors to

determine its two-hop neighborhood. If a subset of nodes

Figure 5. Example topology for power challenge.

in the two-hop neighborhood are reachable through onlyone neighbor, that immediate neighbor is suspected to bea distant magnet and included in L. We point out thateven with this simple test, RoMaD captures the topologicalanomalies imposed by distant magnets and successfullydetects the adversaries, as shown in Section V.The power challenge procedure: To detect DRMs, MCC

assigns channels in the following manner. A channel isassigned to one of the suspects in L and the remainingchannels are assigned to the two-hop neighbors that areonly reachable through that suspect node. MCC then uses anappropriately chosen higher transmission power (assumingthat the default power is less than the maximum) in anattempt to reach the two-hop neighbors and verify theirexistence via challenge packets. We explain this with anexample in Fig. 5. Assume that nodes X and Y advertisea fake link between themselves. Let us also assume thatY obtains X’s PDR statistics and advertises them. WhenA receives probes from Y , it observes that X is a two-hop neighbor that is reachable only through Y . Thus, thetopology inconsistency test tags Y as a suspect and MCCassigns channels to X and Y . The challenges are now issuedwith a higher power to see if X is indeed a legitimate two-hop neighbor. If A does not receive enough replies from X ,it considers Y to be malicious.The power challenge does not target the two-hop neighbor

that is reachable through the suspect node. Instead, it deter-mines whether the one-hop suspect is a magnet. If the higherpower transmissions do not reach the two-hop distance andthe challenge packets fail for the two-hop neighbor, the one-hop suspect is categorized as a distant magnet. This propertydiscourages DRMs; it forces them to advertise fake linksbetween relatively nearby regions of the network. This limitsthe reach of the fake link and thus, reduces the chances thata magnet is chosen as a relay.One could argue that since nodes are flagged as malicious

by other peers (challengers), framing attacks are possible,wherein malicious nodes could flag honest nodes as magnets.However, note that RoMaD is not affected by such attacks.In particular, each node performs its own challenge of asuspect and decides whether the latter is a magnet or not.In other words, only the specific challenger avoids pathsthrough a node considered as a magnet. Thus, there is noopportunity for the attackers to blame legitimate nodes.

V. EVALUATING OUR FRAMEWORK

Our testbed (see [5] for details) consists of 42 Soekrisnet5501 nodes. For each experiment on the testbed, we initi-ate a series of benign flows and deploy the malicious devices.We simultaneously activate 5 different source-destinationpairs. We measure the aggregate end-to-end throughput

under the following settings: (a) when every node is benign,with and without RoMaD, (b) when the magnets are activewithout RoMaD, and (c) RoMaD is performing against themagnets. We repeat experiments with each of these threesettings 20 times with randomly picked flows and magnets.We collect measurements from the 5 flows and calculate thetotal throughput (averaged over 20 runs). All nodes set theirtransmission powers to the default value of 15 dBm. Wemainly use saturated UDP traffic with 1500 byte packets. Weuse DSDV (with ETX) as the routing protocol and set ! = 1sec and " = 10 sec. We use the iperf tool for generatingtraffic. Since we observe that the results with and withoutRoMaD in benign settings are almost identical (given thelow overhead as discussed later), for clarity we only showthe results for the benign case without RoMaD. Next, weevaluate RoMaD against each attack.1. Performance with independent magnets:We activate

5 flows and one independent magnet simultaneously ineach experiment and initiate 300 sec. of saturated UDPtraffic. The magnet drops all packets after attracting theroutes (i.e., blackhole attack). The cumulative distributionfunction (CDF) of the throughput samples is presentedin Fig. 6. Without RoMaD, nearly 10% of the samplescorrespond to a zero throughput (with a median throughputof 390 Kbits/sec). RoMaD successfully detects the magnetand restores the throughput to a large extent. The medianthroughput achieved in benign settings is 672 Kbits/sec;RoMaD achieves a median throughput of 547 Kbits/sec.RoMaD increases the overhead in terms of increased probepacket size and the MCC challenge. However, the throughputimprovements outweigh this overhead.Next, we perform a similar set of experiments with differ-

ent numbers of IRMs. We present the CDF of the throughputin Fig. 7. We observe that without RoMaD, increasing thenumber of magnets results in a higher percentage of droppedpackets due to the increased chance of attracting the routes.RoMaD can effectively combat increased numbers of IRMs.In benign settings, the median aggregate throughput is 770Kbits/sec; RoMaD restores the median throughput to 600Kbits/sec when under attack.2. Performance with colluding magnets: We activate 5

flows and a pair of local colluding magnets. The colludersexchange the nonces that they receive and report a jointfake PDR value for common neighbors. The magnets dropall packets after attracting the routes. The flows initiate 300sec. of saturated UDP traffic. We observe from Fig. 8 thatRoMaD is effective against local colluders and improvesthroughput by avoiding the routes via the magnets. However,the throughput cannot be completely restored due to theoverhead with MCC.We perform another set of experiments with a sybil

magnet using two different virtual identities. Further, themagnet launches a blackhole attack. To evade detectionduring the challenge, the magnet switches between itsassigned channels at random times. Fig. 9 shows thatwithout RoMaD, a sybil magnet drops nearly 20% of thepackets. However, the MCC challenge effectively detects

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

0 300 600 900 1200 1500

Cu

mu

lati

ve

Fra

cti

on

of

Sa

mp

les

Throughput (Kbits/sec)

BenignIRM

RoMaD

Figure 6. RoMaD increases themedian throughput by 40% underIRM.

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

0 500 1000 1500 2000

Cu

mu

lati

ve

Fra

cti

on

of

Sa

mp

les

Throughput (Kbits/sec)

BenignIRM (2 Magnets)IRM (3 Magnets)IRM (4 Magnets)

RoMaD

Figure 7. RoMaD can effec-tively combat increasing numberof magnets.

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

0 500 1000 1500 2000 2500 3000

Cu

mu

lati

ve

Fra

cti

on

of

Sa

mp

les

Throughput (Kbits/sec)

BenignCRM

RoMaD

Figure 8. RoMaD increases themedian throughput by 76% underCRM.

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

0 300 600 900 1200 1500

Cu

mu

lati

ve

Fra

cti

on

of

Sa

mp

les

Throughput (Kbits/sec)

BenignSRM

RoMaD

Figure 9. RoMaD increases themedian throughput by 92% underSRM.

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

0 500 1000 1500 2000 2500 3000 3500

Cu

mu

lati

ve

Fra

cti

on

of

Sa

mp

les

Throughput (Kbits/sec)

BenignDRM

Our framework

Figure 10. RoMaD increases themaximum achievable throughputby 380% for 90% of the samples,under DRM.

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

0 500 1000 1500 2000 2500 3000 3500

Cu

mu

lati

ve

Fra

cti

on

of

Sa

mp

les

Throughput (Kbits/sec)

BenignIRM

RoMaD

Figure 11. In a bottleneck set-ting, RoMaD increases the me-dian throughput by " 680%when under attack.

0

3000

6000

9000

12000

15000

10 20 30 40 50 60

Th

rou

gh

pu

t (K

bit

s/s

ec

)

Seconds

UDPTCP

Figure 12. After a channelswitch, TCP and UDP can reachthe same throughput as before theswitch.

0

10

20

30

40

50

Switch Instant

Co

ng

es

tio

n W

ind

ow

Siz

e

Time

Figure 13. After a channelswitch, TCP enters the slow startphase.

the fake identities, eliminates them from the paths andthereby restores the throughput to a large extent. The medianthroughput achieved in benign settings is 576 Kbits/sec.RoMaD restores the median throughput from 235 to 456Kbits/sec in adverse settings.Next, we activate 5 flows and two pairs of DRMs. The

magnets advertise a fake link of ETX = 1 between eachother and implement the blackhole attack. For this set ofexperiments, we operate at 15 dBm and increase the powerto 19 dBm (max. supported by our cards) during the MCCpower challenge. Fig. 10 presents CDF of the throughput.Without RoMaD, the magnets attract up to 84% of thepackets and cause zero throughput. RoMaD is effective andthe power challenge phase eliminates the shortcut links. Inbenign settings, the median throughput is 1611 Kbits/secwhereas RoMaD achieves a median throughput of 1300Kbits/sec in attack scenarios.3. Performance with a bottleneck scenario: When

the magnets attract routes, they become bottlenecks forthe flows. Thus, magnets hurt performance even by simplyattracting victim flows. To examine this more carefully, wechoose three source-destination pairs all active at the sametime; the flows use disjoint routes in benign settings andcan coexist without imposing much interference on eachother. We introduce an IRM, which attracts the three flowsand becomes a bottleneck. Note that the magnet does notimplement the blackhole attack. We present the throughputfor 300 sec. of TCP traffic in Fig. 11. Without RoMaD, thecongestion at the magnet reduces the TCP throughput by88%. RoMaD successfully detects the magnet and restoresthe throughputs.In the experiments so far, we evaluate the performance

of RoMaD over long flow durations. The throughput withRoMaD includes the macroscopic overhead of the MCCchallenge over a long duration. We observe that RoMaD’s

overhead is lower when it combats IRM (Fig. 6), thanthe cases where it is activated against colluding magnets.This is because IRMs are immediately detected via thenonces in NRC and thus the MCC challenge is not activatedfrequently (i.e., benign nodes do not exhibit deviation in pf ).Next, we want to evaluate the microscopic impact of theMCC challenge. Here, we deliberately use long challengedurations to better show the MCC overhead. However, in theabove experiments, the MCC challenge takes much less timeto complete on average (10 challenge packets per suspect).4. Evaluating MCC overhead: As discussed in Section

IV, the nodes switch channels to respond to challenges andreturn to the default channel when the challenge is over.We evaluate the temporary interruption of traffic at a relaynode due to channel switching. The relay node is configuredto switch to a different channel, stay there for 1 sec. andreturn to the default channel. This cycle is repeated every10 sec. Fig. 12 presents the time series of the throughputboth for a UDP and a TCP flow. We observe that UDP canquickly regain the throughput that was achieved before theswitch. The recovery time is slightly longer with TCP dueto timeouts and congestion control. However, as shown inFig. 13, it can quickly ramp up the congestion window tothe value before the switch.5. Impact of the overhead of RoMaD: RoMaD incurs

overhead when deployed in a network where every nodeis benign. As explained in Section IV, NRC monitors thePDR reports and builds a list of suspect nodes. Duringthe PDR report monitoring, each node has to periodicallysign and verify the reports which has an overhead on CPUusage. We found that these operations however, only had aninsignificant impact on the throughput (< 1% change).When the nodes are challenged, there is an overhead due

to temporal loss of connectivity at relay nodes (evaluatedabove). To keep the frequency of challenges minimal, Ro-

0

0.05

0.1

0.15

1 2

Fa

lse

Po

sit

ive

Ra

te

Threshold Parameter (ϑ)

α = 0.1α = 0.2α = 0.3

Figure 14. False positive ratesof MCC frequency challenge forvarying ! and ".

0

0.05

0.1

0.15

0.2

9 11 13 15 17

Fa

lse

Po

sit

ive

Ra

te

Default Power Level (dBm)

Figure 15. False positive rates ofMCC power challenge for vary-ing default power levels.

MaD only challenges nodes that report much higher thanaverage PDR values (as discussed earlier). We observe in ourexperiments with benign nodes that RoMaD invokes MCCchallenge very rarely. This is because in such settings, eachnode truthfully reports the actual PDR and these did notexhibit a high deviation from the average. Therefore, theperformance with and without RoMaD in benign settingsis very similar. Thus, for purposes of clarity we do notexplicitly plot these results.6. Evaluating false positives and negatives: We observe

rare cases where MCC wrongly tags a neighbor as malicious.This is possible when the links to the neighbor are ofpoor quality. If the quality of the link to the challengerfluctuates, the benign node may fail the challenge. Fig. 14depicts the false positive rate with RoMaD (i.e., the ratio ofsuspects that were erroneously tagged as malicious out ofthe total number of suspects) for a set of # and $ values.We observe that: (a) For a given #, the false positive ratedecreases with increasing $. This is due to the increase inthe allowed difference between the measured and reportedPDR values for the suspect nodes. (b) As # increases, asmaller set of nodes are included in the suspect list andtherefore, the challenge produces fewer false positives. Forappropriately picked $ and #, RoMaD can achieve falsepositive probabilities as low as 3.7%.False positives with the power challenge phase can occur

if some nodes in the two-hop neighborhood are reachablevia only one benign neighbor. In Fig. 15, we show the falsepositive rates for different default power levels (increased to19 dBm during the power challenge). For 9 dBm, the nodesare connected with very short range links; therefore mostof the suspected two-hop neighbors are validated with a 19dBm power level during the challenge phase. As the defaultpower level increases and the topology gets more connected,there is an increase in suspicious cases which in turn leadsto increased false positives. However, once the connectivityincreases beyond a certain degree, two-hop neighbors be-come legitimate one-hop neighbors and the false positivesdecrease. Note that the current implementation is based ona rather “aggressive” approach towards identifying magnets.Thus we observe very low false negatives at the expenseof moderate false positives (10% to 17%); fake links aredetected with > 95% accuracy throughout our experiments.A false positive simply eliminates a benign node from

being chosen on a path; thus the overall impact on through-put is typically not significant. We would like to point outthat we observe very few false negatives (only 2 amongall our experiments) in the MCC challenge phase. In these

cases, both colluding magnets maintain high quality linkswith their neighbors and can therefore handle the challengepackets. However, note that in such settings, IRM and CRMstrategies do not provide an advantage to the magnets sincethe link quality cannot be manipulated to be better. We findthat the MCC challenge phase is extremely effective againstsybil magnets (recall Fig. 9); we do not observe a case wherethey are able to evade detection.Limitations of our work: With RoMaD, there is no

coordination between legitimate devices with regards towhich node will perform a challenge. For example, it ispossible that two or more nodes decide to perform MCCon certain suspects at the same time. Since this requires theassignment of channels to suspects, a distributed decisionshould be made on who will perform the challenge and forwhich set of nodes. We plan to design such a protocol inour future work.We recognize that MCC introduces a new vulnerability;

an attacker can initiate frequent challenges to its neighbors.This causes a neighbor to consistently respond to thesechallenges thereby suffering a disruption in throughput forprolonged periods. This problem can be alleviated by im-posing a maximum rate at which the MCC challenge can beinvoked. We will consider this possibility and examine thetrade-offs between fast detection and opening the door forthe new attack in future work.

VI. DISCUSSIONSCombining different attacks: In our evaluations, we con-

sider each type of attack in isolation. We do so to capture thespecific impact of each type of attack. We recognize that anattacker could launch these attacks in conjunction to be moreeffective. Our approach will still hold in such cases and webelieve can detect attackers. This is because NRC identifiespotential attackers based on the deviation from the averagePDR in the neighborhood (no assumption is made on theattack type). Thus, even if an adversary combines attacksof different types, it is likely to be flagged by NRC andsubsequently challenged by MCC. We will experimentallyvalidate this in further experiments in future work.Efficacy of the Power Challenge: We wish to point out

that the power challenge is only issued on nodes that areflagged by NRC. Thus, even though the false positive rateof the power challenge is about 10 - 17%, the overallfalse positive rate (considering NRC) is much lower. Wedo recognize that the efficacy of the power challenge istopology dependent; while it effectively detects attackers inthe topologies of our testbed, the possibilities considered arenot clearly exhaustive. We will conduct a more extensivestudy of the power challenge in future work. Note alsothat false positives typically do not result in significantthroughput penalties. Even if a benign node is falsely flaggedas a magnet, there maybe other candidate relays with similarlink qualities. On the other hand, false negatives have ahigher impact on throughput since a magnet (not detectedvia the challenge) can perform packet manipulation attacks.RoMaD leverages this in its design; the “aggressive” power

challenge results in very few false negatives while allowinga moderate degree of false positives. Thus, we expect thatRoMaD will not result in significant throughput loss whenit incurs false positives.

VII. CONCLUSIONSWe profile and address an attack on link quality based

routing protocols: by advertising fake PDR values, adver-saries (called magnets) can attract routes and affect end-to-end throughput. We consider independent attacks and attacksinvolving collusion. Magnets may collude locally, createsybil identities or establish distant collusion. We designand implement a framework that can be used as a unifiedsolution against the various flavors of the attack. Our frame-work helps create adversary-free routes proactively through(a) tagging PDR probes with nonces, and (b) challengingsuspect nodes on different channels and power levels. Ourextensive experiments on a 42 node testbed demonstrate thatthe framework can detect the magnets with high efficacy andlow overhead.

REFERENCES[1] D. S. J. De Couto et al. A High Throughput Path Metric for

MultiHop Wireless Routing. In ACM MobiCom, 2003.

[2] R. Draves et al. Routing in Multi-Radio, Multi-Hop WirelessMesh Networks. In ACM MobiCom, 2004.

[3] F. Wu et al. Incentive-Compatible Opportunistic Routing forWireless Networks. In ACM MobiCom, 2008.

[4] P. Agrawal et al. Cooperative Black and Gray Hole Attacks inMobile Ad Hoc Networks. In ICUIMC, 2008.

[5] UCR Wireless Testbed. http://networks.cs.ucr.edu/testbed.

[6] K. Zeng et al. Towards Secure Link Quality Measurement inMultihop Wireless Networks. In IEEE GLOBECOM, 2008.

[7] J. Newsome et al. The Sybil Attack in Sensor Networks:Analysis and Defenses. In IPSN, 2004.

[8] C. E. Perkins et al. Highly Dynamic Destination SequencedDistance Vector Routing (DSDV) for Mobile Computers. InACM SIGCOMM, 1994.

[9] M. G. Zapata et al. Securing Ad hoc Routing Protocols. InACM WiSe, 2002.

[10] Y. C. Hu et al. Ariadne: a Secure On-demand RoutingProtocol for Ad Hoc Networks. In ACM MobiCom, 2002.

[11] Y. C. Hu et al. SEAD: Secure Efficient Distance VectorRouting for Mobile Wireless Ad Hoc Networks. In Ad HocNetworks, 1(1), 175 - 192, 2003.

[12] S. Biaz et al. Improving Expected Transmission Time Metricin Multi-rate Multi-hop Networks. In IEEE CCNC, 2008.

[13] E. M. Royer et al. An implementation study of the AODVrouting protocol. In IEEE WCNC, 2000.

[14] D. B. Johnson et al. DSR: The Dynamic Source RoutingProtocol for Multi-Hop Wireless Ad Hoc Networks. In AdHoc Networking, Ch. 5, pp. 139-172, 2001.

[15] J. Dong et al. On the Pitfalls of Using High-ThroughputMulticast Metrics in Adversarial Wireless Mesh Networks. InIEEE SECON, 2008.

[16] I. Krontiris et al. Launching a sinkhole attack in wirelesssensor networks; the intruder side. In IEEE WIMOB, 2008.

[17] R. Maheshwari et al. Detecting Wormhole Attacks in WirelessNetworks Using Connectivity Information. In INFOCOM,2007.

[18] B. Awerbuch et al. An On-demand Secure Routing ProtocolResilient to Byzantine Failures. In ACM WiSe, 2002.

[19] Y. C. Hu et al. Packet Leashes: a Defense Against WormholeAttacks. In IEEE INFOCOM, 2003.

[20] L. Hu et al. Using Directional Antennas to Prevent WormholeAttacks. In NDSS Symposium, 2004.

[21] R. Poovendran et al. A Graph Theoretic Framework for Pre-venting the Wormhole Attack in Wireless Ad Hoc Networks.In ACM Journal on Wireless Networks, 2007.

[22] J. Eriksson et al. TrueLink: A Practical Countermeasure tothe Wormhole Attack in Wireless Networks. In IEEE ICNP,2006.