In ad hoc networks, malicious nodes can deploy wormhole attacks to fabricate a false scenario on the proximity relationship among mobile nodes. A classification of the attacks according to the format of the wormholes is proposed. This forms a basis to identify the detection capability of various approaches. An analysis shows that earlier approaches focus on the prevention of wormholes among neighbors that trust each other. As a more generic approach, we present an end-to-end scheme that can detect wormholes on a multi-hop route. Only the trust between the source and the destination is assumed. The mechanism uses geographic information to detect anomalies in neighbor relations and node movements. To reduce the computation and storage overhead, we present a scheme called cell-based open tunnel avoidance (COTA) to manage the information. COTA requires a constant space for every node on the path and the computation overhead increases linearly to the number of detection packets. We prove that the savings do not deteriorate the detection capability. Various schemes to control communication overhead are studied. The simulation and experiments on real devices show that the proposed mechanism can be combined with existent routing protocols to defend against wormhole attacks. Copyright © 2006 John Wiley & Sons, Ltd.