Vampire attacks: Draining life from wireless
ad-hoc sensor networks
Ad-hoc low-power
wireless networks are an exciting research direction in sensing and pervasive
computing. Prior security work in this area has focused primarily on denial of
communication at the routing or medium access control levels. This paper
explores resource depletion attacks at the routing protocol layer, which
permanently disable networks by quickly draining nodes’ battery power.
These “Vampire” attacks are not
specific to any specific protocol, but rather rely on the properties of many
popular classes of routing protocols. We find that all examined protocols are
susceptible to Vampire attacks, which are devastating, difficult to detect, and
are easy to carry out using as few as one malicious insider sending only
protocol compliant messages.
EXISTING SYSTEM
Existing work
on secure routing attempts to ensure that adversaries cannot cause path discovery
to return an invalid network path, but Vampires do not disrupt or alter
discovered paths, instead using existing valid network paths and protocol
compliant messages. Protocols that maximize power efficiency are also
inappropriate, since they rely on cooperative node behavior and cannot optimize
out malicious action.
PROPOSED
SYSTEM
In
proposed system we show
simulation results quantifying the performance of several representative
protocols in the presence of a single Vampire. Then, we modify an existing
sensor network routing protocol to provably bind the damage from Vampire
attacks during packet forwarding.
Implementation
Implementation is the stage of the project
when the theoretical design is turned out into a working system. Thus it can be
considered to be the most critical stage in achieving a successful new system
and in giving the user, confidence that the new system will work and be
effective.
The implementation stage involves careful
planning, investigation of the existing system and it’s constraints on
implementation, designing of methods to achieve changeover and evaluation of
changeover methods.
Problem Statement:
Vampire attacks are
not protocol-specific, in that they do not rely on design properties or
implementation faults of particular routing protocols, but rather exploit
general properties of protocol classes such as link-state, distance-vector, source routing and
geographic and beacon routing.
Neither do these
attacks rely on flooding the network with large amounts of data, but rather try
to transmit as little data as possible to achieve the largest energy drain,
preventing a rate limiting solution. Since Vampires use protocol-compliant
messages, these attacks
are very difficult to detect and prevent.
Scope:
This
paper makes three primary contributions. First, we thoroughly evaluate the
vulnerabilities of existing protocols to routing layer battery depletion
attacks. Existing work on secure routing attempts to ensure that adversaries
cannot cause path discovery to return an invalid network path, but Vampires do
not disrupt or alter discovered paths, instead using existing valid network
paths and protocol compliant messages.
Second, we show
simulation results quantifying the performance of several representative
protocols in the presence of a single Vampire (insider adversary). Third, we
modify an existing sensor network routing protocol to provably bind the damage from
Vampire attacks during packet forwarding.
MODULE DESCRIPTION:
Data-Verification
In data verification module, receiver
verifies the path. Suppose data come with malicious node means placed in
malicious packet. Otherwise data placed in honest packet. This way user
verifies the data’s.
Denial of service
In
computing, a denial-of-service attack or distributed denial-of-service attack is an attempt to make a
machine or network resource unavailable to its intended users. Although
the means to carry out, motives for, and targets of a DoS attack may vary, it
generally consists of efforts to temporarily or indefinitely interrupt or
suspend services of a host connected to the Internet.
User Module
In user module, verify
user and any time create a new path. In security purpose user give the wrong
details means display wrong node path otherwise display correct node path.
Stretch Attack
Stretch
attack, where a malicious node constructs artificially long source routes,
causing packets to traverse a larger than optimal number of nodes. An honest
source would select the route Source → F → E → Sink,
affecting four nodes including itself, but the malicious node selects a longer
route, affecting all nodes in the network. These routes cause nodes that do not
lie along the honest route to consume energy by forwarding packets they would
not receive in honest scenarios.
System
Configuration:-
H/W System Configuration:-
Processor -
Pentium –III
Speed - 1.1 Hz
RAM - 256 MB (min)
Hard Disk - 20 GB
Floppy Drive
- 1.44 MB
Key Board
- Standard Windows Keyboard
Mouse - Two or Three Button Mouse
Monitor -
SVGA
S/W System Configuration:-
Operating System : Windows XP
Front End : JAVA, RMI, SWING
CONCLUSION
We defined Vampire
attacks, a new class of resource consumption attacks that use routing protocols
to permanently disable ad-hoc wireless sensor networks by depleting nodes’
battery power. These attacks do not depend on particular protocols or
implementations, but rather expose vulnerabilities in a number of popular
protocol classes. We showed a number of proof-of-concept attacks against
representative examples of existing routing protocols using a small number of
weak adversaries, and measured their attack success on a randomly-generated
topology of 30 nodes.
No comments:
Post a Comment