Neighbor Discovery: Security Challenges in Wireless Ad Hoc and Sensor Networks

Wireless ad hoc and sensor networks are infrastructureless systems with self-configuration capabilities. Neighbor discovery protocols are fundamental requirements in the construction of self-organizing networks. Each computer (node) must discover who its neighbors are in order to be able to coordinate with them for any later communication. This goal is usually accomplished through broadcasting methods in the initial phases of network deployment. Along with the development of neighbor discovery protocols, security threats also introduced and some researchers discovered new forms of attacks for neighbor discovery scenarios. Authors in this field have given different definitions on what a neighbor is and to what extent an adversary is equipped. We will first clarify these differences by making some categorizations and definitions before proceeding to the introduction of attacks and solutions. After the introduction of initial concepts, we classify the attacks into two general groups and explain the solutions for each of the groups numerating the pros and cons of them. We will review the current external attacks solutions for the neighbor verification problem first and start with the early simple methods which tried to defeat the relaying attacks (like the wormhole one) using distance estimation methods. This family of protocols relied on time stamps which needed tight clock synchronization among the nodes and was quite impractical in distributed networks specially the sensor ones. After that, we introduce the descendants of that family of protocols which resolved the clock synchronization problem by using challenge-response-like methods. Then, the recent efforts on formal description of the time-based and timeand locationbased neighbor discovery protocols are explained. These researches led to the conclusion that time-based protocols can only secure the neighbor discovery under some strict conditions. Timeand location-based protocols are generally more secure than the timebased ones alone. Next, we will argue why all of these protocols are vulnerable to the internal attacks and introduce other methods for defeating internal adversaries. Describing the mostly cryptographic solutions in this domain, we outline their pros and cons. As we will see, almost all of these protocols are either unable to resist the invasion of an internal adversary equipped with both powerful transmitter and sensitive receiver, or need an initial setup 31