IETE TECHNICAL REVIEW, cilt.28, sa.2, ss.89-102, 2011 (SCI-Expanded)
In wormhole attacks, attackers create a low-latency link between two points in the network. This can be achieved by either compromising two or more sensor nodes of the network or adding a new set of malicious nodes to the network. Once the link is established, the attacker collects data packets on one end of the link, sends the data packets using the low-latency link and replays them at the other end. Wormhole attacks result in alterations in network data flow thereby deceiving the base station. Although implementing a wormhole attack is relatively simple, detecting it is not a trivial task as the replayed information is usually valid. This paper focuses on wormhole attacks and presents the state-of-the-art in wormhole attack detection in wireless sensor networks. The existing wormhole detection protocols are presented in detail and, based on the existing research, the open research areas and future research directions in wormhole attack detection are provided.