Identification of contamination zones for sinkhole detection in MANETs

Abstract

This paper presents a novel approach intended to detect the well-known sinkhole attack in MANETs, one of the most representative route poisoning attacks aimed at exploiting multi-hop source-destination routes to seize communications. Malicious sinkhole nodes try to attract most of the surrounding network traffic by providing fake routes, invalidating alternative legitimate routes and disrupting the normal network operation. Our detection proposal leverages on the existence of ``contamination borders'', formed by legitimate nodes under the influence of the sinkhole attack and, at the same time, neighbors of other non-contaminated legitimate nodes. We show that analyzing the routing information of their vicinity, these border nodes are more likely to properly detect sinkholes. We evaluate our approach in a simulation framework and the results show the promising nature of the proposal in terms of detection capabilities and performance in comparison with other solutions in the literature. (C) 2015 Elsevier Ltd. All rights reserved.