Attacks Against Virtual Coordinate System Based Routing in
Wireless Sensor Networks
Jing Dong Brett Bavar Cristina Nita-Rotaru
Department of Computer Science, Purdue University
{dongj,bbavar,crisn}@cs.purdue.edu
I. I NTRODUCTION
Wireless sensornet designs have evolved in recent years,
from primarily focusing on data collection to more sophis-
ticated tasks such as data centric storage [7]. Likewise, the
requirements on the network support have also changed, from
the basic many-to-one and one-to-many communications to
more sophisticated point-to-point communications. To address
the unique challenges for point-to-point routing in the sensor-
nets, virtual coordinate system (VCS) based routing protocols
have been developed. Compared to the traditional routing
protocols, VCS-based routing protocols are proactive protocols
that have the attractive properties of operating via only local
interactions and requiring state information that does not grow
with the size of the network.
Although there have been many proposed VCS-based rout-
ing protocols in the literature [1], [2], [3], [6], there has been
little work that investigates the security of such protocols.
However, as our experimental results have shown, the VCS-
based routing protocols are particularly sensitive to attacks. It
is possible for a small number of attacker nodes to jeopardize
the routing operations of a significant portion of the network.
Thus, it is paramount that we provide security mechanisms
in these protocols if the target deployment environment is
potentially malicious. In this project, we address the problem
of securing VCS-routing protocols. As a first step, we focus on
the security threats against such protocols. More specifically,
we will present the following contributions:
• We abstract a common framework for VCS-based routing
based on the characteristics of existing protocols
• We identify attacks against VCS-based routing protocols
based on the common framework
• We evaluate experimentally the impact of the attacks to
demonstrate the necessity of security mechanisms
II. OVERVIEW OF VCS AND VCS- BASED ROUTING
Although each specific VCS-based routing protocol differs
in the details of the VCS establishment and the specific routing
operations, most of these protocols follow a common design.
In this section, we give an overview of the common design
of the VCS-based routing protocols. We will use the protocol
framework described here as our model for the discussion of
the attacks in the rest of the paper.
Typically, in VCS-based routing, a few beacon nodes are
deployed in the network, from which periodic beacon mes-
sages are sent out. The flooding of the beacon messages across
the network builds the shortest path trees rooted at each of the
beacon nodes among all the nodes in the network. The network
coordinates of a node are the vector of the hop counts to
each of the beacons, which can be derived from the hop count
field in the beacon messages. Depending on the specific VCS,
the beacon nodes can be special infrastructure nodes, such as
landmarks [1], or regular sensor nodes [2], [3]. The VCS-
based routing follows the geographic routing paradigm, in
which each node forwards the message to the neighbor that is
closest to the destination under some protocol specific distance
metric. When the message reaches a node that is closer to the
destination than all of its neighbors (i.e. a local minima), a
protocol specific fall-back procedure is invoked. For example,
in [3], the fall-back procedure re-directs the message to the
beacon node closest to the destination. When the message
reaches the beacon node, it is then flooded in the network.
Typically, the fall-back procedure incurs much more overhead
than the greedy forwarding process.
III. ATTACKS AGAINST VCS- BASED ROUTING
In this section, we present security threats against VCS-
based routing protocols. We first describe the adversarial
model and then we describe attacks on the establishment of a
VCS and on the routing protocol itself separately.
A. Adversarial Model
We assume that the radio links are insecure. The attacker can
mount eavesdropping, packet injection, and replay attacks. We
assume “mote-class” attackers [4], that is the attacker nodes
have similar capabilities as legitimate nodes. The legitimate
nodes may be compromised and the attacker nodes can collude
and use wormholes in conducting their attacks. However, we
do not consider physical or MAC layer attacks.
B. Attacks Against VCSs
The main goal of the attacks against VCSs is to disrupt the
normal establishment of the coordinate system in the network,
causing incorrect coordinates, instability in the coordinate
system, or both. In the following, we classify the attacks on
VCS based on their intended effect on the coordinate system.
1) Coordinate Deflation Attack: This attack causes legit-
imate nodes to obtain smaller coordinates than their actual
coordinates. The attacker can mount this attack by having
the attacker nodes announcing incorrectly small coordinates in
its neighborhood via node spoofing, compromising legitimate
nodes, or wormhole tunneling legitimate small coordinate
announcements from a distant network region.
 2) Coordinate Inflation Attack: This attack causes legit-
imate nodes to obtain larger coordinates than their actual
coordinates. The attacker can mount this attack by announcing
incorrectly large coordinates with the similar approaches as in
the coordinate deflation attack.
3) Random Disturbance Attack: This attack causes insta-
bility in the VCS. The attacker can mount this attack by
alternatively announcing small and large coordinates.
Impact of the attacks: Note that all of the above attacks
are “contagious” in the sense that the legitimate nodes once
affected by the attack become “attackers” themselves and
propagate the effect of the attack further in the network by for-
warding their incorrect coordinates to their neighbors. A back-
of-envelope calculation reveals that a single well-positioned
attacker node can cause as many as 80% of the nodes to obtain
incorrect coordinates in the coordinate deflation attack. Hence,
such attacks are particularly dangerous since very few attacker
nodes can render the entire VCS virtually useless to the routing
protocol.
C. Attacks Against the Routing Protocol
The aim of the attacks on the routing protocol is to cause
route failures or to significantly increase the routing overhead.
Besides simple attacks, such as packet dropping, which has
only local effect, we focus on attacks that have network
wide impact, such as the sinkhole attack and the coordinate
pollution attack.
1) Sinkhole Attack: To mount the sinkhole attack, the
attacker first intelligently manipulates the VCS establishment
so that a large portion of the routing traffic is diverted to the
attacker nodes. Next, the attacker nodes can either selectively
or completely drop the traffic passing through to cause routing
failures. For example, the routing protocol in [3] has the
tendency of drawing routing traffic to nodes with smaller
coordinates. Thus, to mount the sinkhole attack, the attacker
can mount the coordinate deflation attack to obtain small
network coordinates, attracting a large portion of the routing
traffic to the attacker nodes.
2) Coordinate Pollution Attack: This attack causes incor-
rect destination coordinates to be used for routing. To mount
this attack, the attacker can either compromise the coordinate
servers which maintain the coordinates of all the nodes in
the network, or spoof the coordinate servers in generating
bogus replies to coordinate queries. The routing messages
with incorrect destination coordinates are typically futilely
forwarded in the network over a long path until the TTL
expires or cause the expensive fall-back mode to be invoked.
Thus the coordinate pollution attack not only causes route
failures, but also increases the routing overhead significantly.
IV. E XPERIMENTAL R ESULTS
In this section, we present our experimental results on the
impact of the identified attacks using the BVR protocol [3]
and the TOSSIM simulator [5]. The network consists of 100
randomly distributed nodes, 8 of which are randomly selected
to be beacon nodes. The average node degree is 12. We
randomly select a number of nodes to be the attacker nodes
in each experiment. Figure 1 and 2 show the results of the
impact of the attacks on the routing performance. As can be
seen from Figure 1, the sinkhole attack has a significant impact
on the routing protocol: a mere 5% nodes being malicious
can bring the routing success ratio from 90% to only 30%.
The coordinate inflation attack, on the other hand, does not
have a significant impact, due to the relative high density of
the network. However, we expect combining the coordinate
inflation attack with lying about path quality to have a larger
impact.
1
average success ratio
0.8 coordinate deflation (sinkhole)
coordinate inflation
random disturbance
0.6
0.4
0.2
0
0 5 10 15 20
percentage of attackers
Fig. 1. Impact of the attacks on VCS on the routing performance
1
coordinate pollution
average success ratio 0.8
0.6
0.4
0.2
0
0 1 2 3 4 5 6 7 8
number of attackers
Fig. 2. Impact of the coordinate pollution attack on the routing performance
V. C ONCLUSION AND F UTURE W ORK
In this paper, we identified potential attacks against VCS-
based routing protocols. We demonstrated the significance of
the attacks through simulations using a well-known VCS-
based routing protocol. Our on-going work includes further
quantifying the effect of the attacks, formulating defense
mechanisms and evaluating their effectiveness.
R EFERENCES
[1] Q. Cao and T. Abdelzaher. A scalable logical coordinates framework for
routing in wireless sensor networks. In RTSS ’04, 2004.
[2] A. Caruso, S. Chessa, S. De, and A. Urpi. Gps-free coordinate assignment
and routing in wireless sensor networks. In INFOCOM ’05, 2005.
[3] R. Fonseca, S. Ratnasamy, J. Zhao, C. T. Ee, D. Culler, S. Shenker,
and I. Stoica. Beacon vector routing: Scalable point-to-point routing in
wireless sensornets. In NSDI ’05, 2005.
[4] C. Karlof and D. Wagner. Secure routing in wireless sensor networks:
Attacks and countermeasures. In First IEEE International Workshop on
Sensor Network Protocols and Applications, 2003.
[5] P. Levis, N. Lee, M. Welsh, and D. Culler. Tossim: accurate and scalable
simulation of entire tinyos applications. In SenSys ’03, 2003.
[6] K. Liu and N. Abu-Ghazaleh. Aligned virtual coordinates for greedy
routing in wsns. In MASS ’06, 2006.
[7] S. Shenker, S. Ratnasamy, B. Karp, R. Govindan, and D. Estrin. Data-
centric storage in sensornets. SIGCOMM Comput. Commun. Rev., 2003.