EECE Department Building

Electronics Lab

Laser Lab

Hammam Lab

Home | Research | M.Sc. And Ph.D Thesis | Immuning Wireless Ad Hoc Networks against the Wormhole Attack

Immuning Wireless Ad Hoc Networks against the Wormhole Attack

Thesis Title: 
Immuning Wireless Ad Hoc Networks against the Wormhole Attack
Marian Amer Azer
Date of Birth: 
Tue, 06/09/1977
Previous Degrees: 
B.Sc. (ELC) 2000 - Cairo M.Sc. (ELC) 2003 - Cairo
Registration Date: 
Sat, 11/09/2004
Awarding Date: 
Tue, 15/12/2009
External Supervisors: 

Dr. El-Soudani, M. M. S.
Dr. El-Kassas, S. M.


Dr. Abdel-Mageed, M. Z.
Dr. El-Hadidi, M. T.
Dr. Hassan, A. F.
Dr. El-Soudani, M. M. S.
Dr. El-Kassas, S. M

Key Words: 

Ad hoc networks, Intrusion detection, Security, Wormhole attack


A wireless ad-hoc network is' a collection of autonomous peer nodes that self-cortfigure to form a network and have no pre-determined infrastructure.
The set of applications for ad hoc networks is diverse, ranging from small, static networks, to large-scale, mobile, higWy dynamic networks. However,
a vital problem concerning their security must be solved in order to realize these applications. There are recent research efforts in securing ad poc
networks. Amongst security approaches, there are security controls such as threshold cryptography, certification, reputation and authentication. Such
security controls do not address all the security concerns of ad hoc networks; they can reduce attacks but not eliminate them. This underscores the
need for intrusion detection and prevention as an important security research area under the umbrella of ad hoc network security. In this thesis we
present the different challenges and open research topics associated with security controls. We also introduce the intrusion detection methods used in
ad hoc networks and focus on the anomaly detection approach by surveying and classifying the different types of anomaly detection that have been
proposed in the literature. Our objective is to manage, detect and prevent attacks on ad hoc networks. That is why; we have chosen to focus on a
particularly severe security attack, called the wormhole attack as a case study for our proposed schemes. A full analysis of this attack is presented in
order to have a better understanding of the most suitable ways to combat it. To manage and detect this attack, we make use of attack graphs to
construct an attack graph for the wormhole attack and propose a risk management scheme and three centralized anomaly detection techniques based
on attack graphs. The first is based on the attack graph adjacency matrix and helps in the prediction of a single or multiple step attack and in the
categorization of intrusion alarms' relevance. The second method used the attack graph distances for correlating intrusion events and building attack
scenarios and the third is a stratified attack graph teclmique with triggering events. Two other anomaly detection schemes are then proposed, one is
based on the theory of diffusion of imlovations and the other on list aggregation. Finally, a combined scheme for intrusion detection and response is