Vampire
Attacks: Draining Life from Wireless Ad Hoc Sensor Networks
ABSTRACT:
Ad hoc low-power wireless networks are
an exciting research direction in sensing and pervasive computing. Prior
security work in this area has focused primarily on denial of communication at
the routing or medium access control levels. This paper explores resource
depletion attacks at the routing protocol layer, which permanently disable
networks by quickly draining nodes’ battery power. These “Vampire” attacks are
not specific to any specific protocol, but rather rely on the properties of
many popular classes of routing protocols. We find that all examined protocols
are susceptible to Vampire attacks, which are devastating, difficult to detect,
and are easy to carry out using as few as one malicious insider sending only
protocol-compliant messages. In the worst case, a single Vampire can increase
network-wide energy usage by a factor of O (N), where N in the number of
network nodes. We discuss methods to mitigate these types of attacks, including
a new proof-of-concept protocol that provably bounds the damage caused by
Vampires during the packet forwarding phase.
EXISTING SYSTEM:
Existing work on secure routing attempts to ensure
that adversaries cannot cause path discovery to return an invalid network path,
but Vampires do not disrupt or alter discovered paths, instead using existing
valid network paths and protocol compliant messages. Protocols that maximize
power efficiency are also inappropriate, since they rely on cooperative node
behavior and cannot optimize out malicious action.
DISADVANTAGES
OF EXISTING SYSTEM:
ü Power
outages
ü Due
to Environmental disasters, loss in the information
ü Lost
productivity
ü Various
DOS attacks
ü Secure
level is low
ü They
do not address attacks that affect long-term availability.
PROPOSED SYSTEM:
This paper makes three primary contributions. First,
we thoroughly evaluate the vulnerabilities of existing protocols to routing
layer battery depletion attacks. We observe that security measures to prevent Vampire
attacks are orthogonal to those used to protect routing infrastructure, and so
existing secure routing protocols such as Ariadne, SAODV and SEAD do not
protect against Vampire attacks. Existing work on secure routing attempts to
ensure that adversaries cannot cause path discovery to return an invalid
network path, but Vampires do not disrupt or alter discovered paths, instead
using existing valid network paths and protocol-compliant messages. Protocols
that maximize power efficiency are also inappropriate, since they rely on
cooperative node behavior and cannot optimize out malicious action. Second, we
show simulation results quantifying the performance of several
representative protocols in the presence of a single Vampire (insider
adversary). Third, we modify an existing sensor network routing protocol to
provably bound the damage from Vampire attacks during packet forwarding.
In proposed system we show simulation results
quantifying the performance of several representative protocols in the presence
of a single Vampire. Then, we modify an existing sensor network routing
protocol to provably bound the damage from Vampire attacks during packet
forwarding.
ADVANTAGES
OF PROPOSED SYSTEM:
ü Protect
from the vampire attacks
ü Secure
level is high
ü Boost
up the Battery power
SYSTEM ARCHITECTURE:
MODULES:
v Network Creation Module
v Carousel
attack Module
v Stretch
attack Module
v Energy
Level Identification Module
v Secured
Transmission Module
MODULE DESCRIPTION:
Network Creation Module
In this Module, we setup our Network model with Sink, Source and with Six nodes namely Node A, B, C, D, E, F. Each node will be assigned unique Identity number. And also where topology discovery is done at transmission time, and static protocols, where topology is discovered during an initial setup phase, with periodic rediscovery to handle rare topology changes. Our adversaries are malicious insiders and have the same resources and level of network accss as honest nodes. Furthermore, adversary location within the network is assumed to be fixed and random, as if an adversary corrupts a number of honest nodes before the network was deployed, and cannot control their final positions.
Carousel
attack Module
In our first attack, an adversary composes packets
with purposely introduced routing loops. We call it the carousel attack, since
it sends packets in circles as shown in the figure. It targets source routing
protocols by exploiting the limited verification of message headers at
forwarding nodes, allowing a single packet to repeatedly traverse the same set
of nodes. In this attack, an adversary
sends a packet with a route composed as a series of loops, such that the same node
appears in the route many times. This strategy can be used to increase the
route length beyond the number of nodes in the network, only limited by the
number of allowed entries in the source route
Stretch
attack Module
In our second attack, also targeting source routing,
an adversary constructs artificially long routes, potentially traversing every
node in the network. We call this the stretch attack, since it increases packet
path lengths, causing packets to be processed by a number of nodes that is
independent of hop count along the shortest path between the adversary and
packet destination. An example is illustrated in Fig. 1b. Results show that in
a randomly generated topology, a single attacker can use a carousel attack to
increase energy consumption by as much as a factor of 4, while stretch attacks
increase energy usage by up to an order of magnitude, depending on the position
of the malicious node. The impact of these attacks can be further increased by
combining them, increasing the number of adversarial nodes in the network, or
simply sending more packets. Although in networks that do not employ
authentication or only use end-to-end authentication, adversaries are free to
replace routes in any overheard packets, we assume that only messages
originated by adversaries may have maliciously composed routes.
Energy
Level Identification Module
In this module, we show the energy level
identification of each nodes to show the vampire attack reactions. A node is
permanently disabled once its battery power is exhausted, let us briefly
consider nodes that recharge their batteries in the field, using either
continuous charging or switching between active and recharge cycles. In the continuous
charging case, power-draining attacks would be effective only if the adversary
is able to consume power at least as fast as nodes can recharge. Assuming that
packet processing drains at least as much energy from the victims as from the
attacker, a continuously recharging adversary can keep at least one node
permanently disabled at the cost of its own functionality. However, recall that
sending any packet automatically constitutes amplification, allowing few
Vampires to attack many honest nodes.
Secured
Transmission Module
In this module, we show the secured transmission
done in the nodes by overcoming the vampire attacks. Where the data travels in
the honest route and mitigating the vampire attacks.
SYSTEM CONFIGURATION:-
HARDWARE CONFIGURATION:-
ü Processor - Pentium –IV
ü Speed - 1.1
Ghz
ü RAM - 256
MB(min)
ü Hard Disk -
20 GB
ü Key Board -
Standard Windows Keyboard
ü Mouse - Two
or Three Button Mouse
ü Monitor - SVGA
SOFTWARE CONFIGURATION:-
ü Operating System : Windows XP
ü Programming Language :
JAVA
ü Java Version :
JDK 1.6 & above.
ü Tool :
Netbeans7.0
REFERENCE:
Eugene Y. Vasserman and Nicholas Hopper
“Vampire Attacks: Draining Life from
Wireless Ad Hoc Sensor Networks”-
IEEE TRANSACTIONS ON
MOBILE COMPUTING, VOL. 12, NO. 2, FEBRUARY 2013.