Vampire Attacks: Draining Life from Wireless Ad Hoc Sensor Networks
Ad hoc low-power wireless networks are an exciting research direction in sensing and pervasive computing. Prior security work in this area has focused primarily on denial of communication at the routing or medium access control levels. This paper explores resource depletion attacks at the routing protocol layer, which permanently disable networks by quickly draining nodes’ battery power. These “Vampire” attacks are not specific to any specific protocol, but rather rely on the properties of many popular classes of routing protocols. We find that all examined protocols are susceptible to Vampire attacks, which are devastating, difficult to detect, and are easy to carry out using as few as one malicious insider sending only protocol-compliant messages. In the worst case, a single Vampire can increase network-wide energy usage by a factor of O (N), where N in the number of network nodes. We discuss methods to mitigate these types of attacks, including a new proof-of-concept protocol that provably bounds the damage caused by Vampires during the packet forwarding phase.
PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):
Existing work on secure routing attempts to ensure that adversaries cannot cause path discovery to return an invalid network path, but Vampires do not disrupt or alter discovered paths, instead using existing valid network paths and protocol compliant messages. Protocols that maximize power efficiency are also inappropriate, since they rely on cooperative node behavior and cannot optimize out malicious action.
DISADVANTAGES OF EXISTING SYSTEM:
- Power outages
- Due to Environmental disasters, loss in the information
- Lost productivity
- Various DOS attacks
- Secure level is low
- They do not address attacks that affect long-term availability.
This paper makes three primary contributions. First, we thoroughly evaluate the vulnerabilities of existing protocols to routing layer battery depletion attacks. We observe that security measures to prevent Vampire attacks are orthogonal to those used to protect routing infrastructure, and so existing secure routing protocols such as Ariadne, SAODV and SEAD do not protect against Vampire attacks. Existing work on secure routing attempts to ensure that adversaries cannot cause path discovery to return an invalid network path, but Vampires do not disrupt or alter discovered paths, instead using existing valid network paths and protocol-compliant messages. Protocols that maximize power efficiency are also inappropriate, since they rely on cooperative node behavior and cannot optimize out malicious action. Second, we show simulation results quantifying the performance of several representative protocols in the presence of a single Vampire (insider adversary). Third, we modify an existing sensor network routing protocol to provably bound the damage from Vampire attacks during packet forwarding.
In proposed system we show simulation results quantifying the performance of several representative protocols in the presence of a single Vampire. Then, we modify an existing sensor network routing protocol to provably bound the damage from Vampire attacks during packet forwarding.
ADVANTAGES OF PROPOSED SYSTEM:
- Protect from the vampire attacks
- Secure level is high
- Boost up the Battery power
PROBLEMS IDENTIFIED AND CONFIRMED
If vampire attack exist in the network, it will affect one node and drain its full energy and the particular node will goes to dead state and then the vampire attack concentrates on next node and so on it affects all nodes in the network, as a result all nodes goes to dead state.
The vampire attack permanently disables or destroys the network.
OBJECTIVE AND SCOPE OF THE PROJECT
Our proposed project concentrates on securing the network from the malicious attack. Our implementation results in the efficient detection and elimination of vampire attack from the network. In order to detect and eliminating the vampire attack we going to implement certain intrusion detection system based on the energy level constraints.
Our simulation result shows the improved network authentication rate and efficient detection of malicious node from the network, so that our proposed system forms a secure network with high throughput rate.
ASSUMPTIONS, CONSTRAINTS AND LIMITATIONS
in order to show the performance metrics we locate 30 to 50 sensor nodes in the network, let number of sensor nodes be N.
Then the routing is performed between sensor nodes, let the data packets be 512 bytes and the initial energy level of nodes be 10 joules.
Let us use the wireless channel type for data routing among the N number of nodes.
The routing is dine through link layer if link state routing protocol like aodv dsr dsdv
The graphical constraints like throughput, packet delivery ratio, delay are used to evaluate the performance of network
Mac 802.11 and Omni antenna is used for data communication and covering the transmission range.
The proposed system concentrates on a secure data transmission from the adversary nodes in the sensor network. In order to build a secure network, the network should be an extinct to adversary nodes. So we propose a technique called nodes position verification and node verification intrusion detection techniques [IDS]. The nodes which has the exceed threshold value other than normal nodes, then a node supposed to be a malicious nodes which will undergoes a vampire attack. By the proposed IDS system we can calculate the threshold value and energy level of malicious nodes, and also by NPA techniques the malicious nodes can be detected efficiently and detected nodes are eliminated from the network which increases the network performance ant throughput rate.
- Network Configuration Setting
- Data Routing
- Vampire Attack
- Backtracking Technique
- Intrusion Detection System
- Malicious Node Elimination
- Graph Evaluation
NODE CONFIGURATION SETTING
The mobile nodes are designed and configured dynamically, designed to employ across the network, the nodes are set according to the X, Y, Z dimension, which the nodes have the direct transmission range to all other nodes.
The source and destination are set at larger distance, the source transmits the data packets to destination through the intermediate hop nodes using UDP user data gram protocol, link state routing like PLGP act as an ad hoc routing protocol.
The malicious node enters the network, and affects the one of the intermediate node by sending false packets. So the malicious node drain the energy of the intermediate node, the intermediate energy level goes to 0 joules. So the data transmission is affected, the path tends to be failure between source and destination. As a result source retransmits the data in another path to destination. If the vampire attack continues it will disable the whole network.
The back tracking technique is used to identify legitimate nodes in the particular path; the nodes accept the data only after the execution of back tracking technique. If source transmits the data to next neighbor node, the next node verifies the source identity using back tracking process. Through this technique the data is transmitted securely in the presence of vampire nodes.
INTRUSION DETECTION SYSTEM
The energy constraint IDS is used to detect the malicious nodes from the network, for that purpose the energy level for all nodes are calculated after every data iteration process. Maximum nodes have an average energy level in certain range, due to the nature of vampire nodes have a abnormal energy level like malicious node energy level is three times more than the average energy level, by this technique the malicious nodes can be identified easily.
MALICIOUS NODE ELIMINATION
After the IDS process the malicious nodes detected. The TA trusted authority informs to all nodes in the network and eliminate the malicious node from the network. So by eliminating malicious node we can form a secure network
The performance analysis of the existing and proposed work is examined through graphical analysis.
ü Processor – Pentium –IV
- Speed – 1 Ghz
- RAM – 256 MB(min)
- Hard Disk – 20 GB
- Key Board – Standard Windows Keyboard
- Mouse – Two or Three Button Mouse
- Monitor – SVGA
- Operating System : Windows XP/LINUX
- Simulator : NS2
- Tool : Cygwin
Eugene Y. Vasserman and Nicholas Hopper “Vampire Attacks: Draining Life from Wireless Ad Hoc Sensor Networks”- IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 12, NO. 2, FEBRUARY 2013.