Detection of the Evil ring attack in wireless sensor networks using cross verification

In ad hoc networks and wireless sensor networks, several routing algorithms rely on the knowledge by the network nodes of their own geographic location and those of others. For cases where a node doesn't have its own positioning device (e.g., GPS), Alfaro et al. propose several algorithms that a node can run to determine its geographic position using position reports from neighbors. In this paper, we first present the evil ring attack, an attack on the geographic location algorithms of Alfaro et al. that misleads nodes about the true position of their neighbors. An attacker sends false reports with a position that sits on a circle centered at the victim's location and of a radius equal to the distance between the victim and attacker. The attack succeeds because the calculation of the distance between the victim and attacker is not affected despite this fake position. We then present and analyze an evil ring attack detection algorithm in which a position-unaware sensor node crosschecks the consistency of the information it collects from its neighbors with the information collected by other trusted neighbors. This algorithm detects the existence of neighbors running the evil ring attack. We propose a general distributed algorithm for a) localizing sensors in a wireless sensor network in the presence of some malfunctioning ones, and b) detecting such malfunctioning sensors.