INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
Identifying And Preventing Resource Depletion Attack In Mobile Sensor Network V.Sucharitha Associate Professor jesuchi78@yahoo.com Audisankara college of engineering and technology
M.Swapna M.Tech swapna.12b2@gmail.com
ABSTRACT: Ad-hoc low-power wireless networks are inspiring research direction in sense and enveloping computing. In previous security work in this area has focused primarily on inconsistency of communication at the routing or medium access control levels. This paper explores resource depletion attacks at the navigation protocol layer, which permanent disable networks by quickly draining nodes battery power. The “Vampire” attacks are not specific protocol, but rather rely on the properties of many popular classes of routing protocols. We find that all examined protocols are vulnerable to Vampire attacks, which are demolish and difficult to detect, and easy to carry out using as few as one malicious insider send only protocol compliant messages.
near future, such as omnipresent ondemand computing power, continuous connectivity, and instantly-deployable communication for military and first responders. Such networks already monitor environmental conditions, factory performance, and troop deployment, to name a few applications. As WSNs become more and more crucial to the everyday functioning of people and organizations, availability faults become less tolerable — lack of availability can make the difference between business as usual and lost productivity, power outages, environmental disasters, and even lost lives; thus high availability of these
1.INTRODUCTION: the last couple of years wireless communication has become of such fundamental importance that a world without is no longer imaginable for many of using. Beyond the establish technologies such as mobile phones and WLAN, new approaches to wireless communication are emerging; one of them are so called ad hoc and sensor networks. Ad hoc and sensor networks are formed by autonomous nodes communicating via radio without any additional backbone infrastructure. Adhoc wireless sensor networks (WSNs) promise exciting new applications in the
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
155
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
networks is a critical property, and should hold even under malicious conditions. Due to their ad-hoc organization, wireless ad-hoc networks are particularly vulnerable to denial of service (DoS) attacks, and a great deal of research has been done to enhance survivability. While these schemes can prevent attacks on the short-term availability of a network, they do not address attacks that affect long-term available — the most permanent denial of service attack is to entirely deplete nodes’ batteries. This is an instance of a resource depletion attack, with battery power as the resource of interest. this paper we consider how routing protocols, even those designed to be secure, lack protection from these attacks, which we call Vampire attacks, since they drain the life from networks nodes. These attacks are distinct from previouslystudied DoS, reduction of quality (RoQ), and routing infrastructure attacks as they do not disrupt immediate availability, but rather work over time to entirely disable a network. While some of the individual attacks are simple, and powerdraining and resource exhaustion attacks have been discussed before, prior work has been mostly confined to other levels of the protocol stack, e.g. medium access control (MAC) or application layers, and to our knowledge there is little discussion, and no thorough analysis or mitigation, of routing-layer resource exhaustion attacks. Vampire attacks are not protocolspecific, in that they do not rely on design properties or implementation faults of particular routing protocols, but rather exploit general properties of protocol classes such as link-state, distance-vector, source routing and geographic and beacon routing. Neither
ISBN: 378 - 26 - 138420 - 5
do these attacks rely on flooding the network with large amounts of data, but rather try to transmit as little data as possible to achieve the largest energy drain, preventing a rate limiting solution. Since Vampires use protocol-compliant messages, these attacks are very difficult to detect and prevent. This paper makes three primary contributions. First, we thoroughly evaluate the vulnerabilities of existing protocols to routing layer battery depletion attacks. We observe that security measures to prevent Vampire attacks are orthogonal to those used to protect routing infrastructure, and so existing secure routing protocols such as Ariadne, SAODV, and SEAD do not protect against Vampire attacks. Existing work on secure routing attempts to ensure that adversaries cannot cause path discovery to return an invalid network path, but Vampires do not disrupt or alter discovered paths, instead using existing valid network paths and protocol compliant messages. Protocols that maximize power efficiency are also inappropriate, since they rely on cooperative node behavior and cannot optimize out malicious action. Second, we show simulation results quantifying the performance of several representative protocols in the presence of a single Vampire (insider adversary). Third, we modify an existing sensor network routing protocol to provably bound the damage from Vampire attacks during packet forwarding. 1.1.Wireless Adhoc Network: An ad hoc wireless network is a collection of wireless mobile nodes that self-configure to form a network without the aid of any established infrastructure, as shown in without an inherent infrastructure, the mobiles handle the
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
156
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
necessary control and networking tasks by themselves, generally through the use of distributed control algorithms. Multihop connections, whereby intermediate nodes send the packets toward their final destination, are supported to allow for efficient wireless communication between parties that are relatively far apart. Ad hoc wireless networks are highly appealing for many reasons. They can be rapidly deployed and reconfigured. They can be tailored to specific applications, as implied by Oxford’s definition. They are also highly robust due to their distributed nature, node redundancy, and the lack of single points of failure.
ISBN: 378 - 26 - 138420 - 5
necessary to determine the time factor, economy n company strength. Once these things r satisfied, ten next steps are to determine which operating system and language can be used for developing the tool.
Once
the
programmers
start
building the tool the programmers need lot of external support. This support can be obtained from senior programmers, from book or from websites. Before building
the
system
the
above
consideration r taken into account for developing the proposed system. A wireless sensor network (WSN) consists
of
spatially
distributed
autonomous sensors to monitor physical Fig:Adhoc Network Structure
or environmental conditions, such as
Existing work on secure routing attempts to ensure that adversaries cannot cause path discovery to return an invalid network path, but Vampires do not disrupt or alter discovered paths, instead using existing valid network paths and protocol compliant messages. Protocols that maximize power efficiency are also inappropriate, since they rely on cooperative node behavior and cannot optimize out malicious action.
temperature, sound, pressure, etc. and to
2.LITERATURE REVIEW:
industrial and consumer applications,
Literature survey is the most important
such as industrial process monitoring
step in software development process.
and control, machine health monitoring,
Before
and so on.
developing
the
tool
it
cooperatively pass their data through the network to a main location. The more modern networks are bi-directional, also enabling control of sensor activity. The development of wireless sensor networks was motivated by military applications such as battlefield surveillance; today such networks are used in
is
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
157
many
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
The WSN is built of "nodes" –
ISBN: 378 - 26 - 138420 - 5
3.IMPLIMENTATION:
from a few to several hundreds or even thousands, where each node is connected
As
to one (or sometimes several) sensors.
cooperatively build a Chord overlay
Each such sensor network node has
network over the sensor network. Cloned
typically
node
several
parts:
a
radio
a
prerequisite,
may
not
all
participate
nodes
in
this
transceiver with an internal antenna or
procedure, but it does not give them any
connection to an external antenna, a
advantage of avoiding detection. The
microcontroller, an electronic circuit for
construction of the overlay network is
interfacing with the sensors and an
independent of node clone detection. As
energy source, usually a battery or an
a result, nodes possess the information
embedded form of energy harvesting. A
of their direct predecessor and successor
sensor node might vary in size from that
in the Chord ring. In addition, each node
of a shoebox down to the size of a grain
caches information of its g consecutive
of dust, although functioning "motes" of
successors in its successors table. Many
genuine microscopic dimensions have
Chord systems utilize this kind of cache
yet to be created. The cost of sensor
mechanism to reduce the communication
nodes is similarly variable, ranging from
cost and enhance systems robustness.
a few to hundreds of dollars, depending
More importantly in our protocol, the
on the complexity of the individual
facility
sensor nodes. Size and cost constraints
contributes to the economical selection
on sensor nodes result in corresponding
of inspectors. One detection round
constraints on resources such as energy,
consists of three stages.
memory,
and
Stage 1: Initialization
The
To activate all nodes starting a new
topology of the WSNs can vary from a
round of node clone detection, the
simple star network to an advanced
initiator uses a broadcast authentication
multi-hop wireless mesh network. The
scheme to release an action message
propagation technique between the hops
including a monotonously increasing
of the network can be routing or
nonce, a random round seed, and an
flooding.
action time. The nonce is intended to
computational
communications
speed
bandwidth.
of
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
158
the
successors
table
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
prevent adversaries from launching a
period, during which nodes randomly
DoS attack by repeating broadcasting
pick up a transmission time for every
action messages. The action message is
claiming message.
defined by
Stage 3: Processing claiming messages A claiming message will be forwarded to its destination node via several Chord intermediate nodes. Only those nodes in
Stage 2: Claiming neighbors information
the overlay network layer (i.e., the
Upon receiving an action message, a
source node, Chord intermediate nodes,
node verifies if the message nonce is
and the destination node) need to process
greater than last nonce and if the
a message,
message signature is valid. If both pass,
whereas other nodes along the path
the node updates the nonce and stores
simply route the message to temporary
the seed. At the designated action time,
targets. Algorithm 1 for handling a
the node operates as an observer that
message is the kernel of our DHT-based
generates a claiming message for each
detection protocol. If the algorithm
neighbor (examinee) and transmits the
returns NIL, then the message has
message through the overlay network with
respect
to
the
arrived at its destination. Otherwise, the
claiming
message will be subsequently forwarded
probability .The claiming message by observer for examinee is
to the next node with the ID that is
constructed
returned by Algorithm 1.
by
Criteria
of
determining
inspectors:
During handling a message in Algorithm 1, the node acts as an inspector if one of Where
, are locations of
,respectively.
Nodes
can
and
the following conditions is satisfied.
start
transmitting claiming messages at the same time, but then huge traffic may cause serious interference and degrade the network capacity. To relieve this problem, we may specify a sending
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
159
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
performance. By Algorithm 1, roughly
4.ALGORITHMS:
of all claiming messages related to a same examinee’s ID will pass through one
of
the
predecessors
of
the
destination. Thus, those nodes are much more likely to be able to detect a clone than randomly selected inspectors. As a result, this criterion to decide inspectors can increase the average number of witnesses at a little extra memory cost. We will theoretically quantify those performance measurements later. In Algorithm 1, to examine a message for node clone detection, an inspector will invoke Algorithm 2, which compares the message
with
previous
inspected
messages that are buffered in the cache table. Naturally, all records in the cache table should have different examinee IDs, as implied in Algorithm 2. If detecting a clone, which means that there exist two messages satisfying
and
and
, the
1) This node is the destination node of
witness
the claiming message.
evidence to notify the whole network.
2) The destination node is one of the g
All integrity nodes verify the evidence
node
successors of the node. In other words,
then
broadcasts
message
the destination node will be reached in
the
and
stop communicating with the cloned
the next Chord hop. While the ďŹ rst
nodes. To prevent cloned nodes from
criterion is intuitive, the second one is
joining the network in the future, a
subtle and critical for the protocol
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
160
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
revocation list of compromised nodes
expense
IDs may be maintained by nodes
probability. The RDE protocol shares the
individually. It is worth noting that
major merit with broadcasting detection:
messages
are
Every node only needs to know and
and,
buffer a neighbor-list containing all
respectively. Therefore, the witness does
neighbors IDs and locations. For both
not need to sign the evidence message. If
detection
a malicious node tries to launch a DoS
constructs a claiming message with
attack by broadcasting a bogus evidence
signed version of its neighbor-list, and
message,
node
then tries to deliver the message to
receiving it can immediately detect the
others which will compare with its own
wicked
the
neighbor-list to detect clone. For a dense
before
network, broadcasting will drive all
and
authenticated
by
the
next
behavior
signatures
observers
integrity
by
of
verifying
and
with
ISBN: 378 - 26 - 138420 - 5
adequate
procedures,
detection
every
node
neighbors of cloned nodes to find the
forwarding to other nodes.
attack, but in fact one witness that The DHT-based detection protocol
successfully catches the clone and then
can be applied to general sensor
notifies the entire network would suffice
networks, and its security level is
for the detection purpose. To achieve
remarkable, as cloned nodes will be
that in a communicatively efficient way,
caught by one deterministic witness plus several
probabilistic
we bring several
witnesses.
Chord
overlap
network
protocol. First, a claiming message
incurs
needs to provide maximal h op limit, and
considerable communication cost, which
initially it is sent to a random neighbor.
may not be desired for some sensor
Then,
networks that are extremely sensitive to
(RDE),
and
presents
optimal
subsequent
helps a message go through the network
which
as fast as possible from a locally optimal
tremendously reduces communication cost
message
line. The line transmission property
challenge, we propose the randomly exploration
the
transmission will roughly maintain a
energy consumption. To fulfill this
directed
and
effectively construct a multicast routing
However, the message transmission over a
mechanisms
perspective. In addition, we introduce
storage
border
determination
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
161
mechanism to
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
signiďŹ cantly reduce communication cost. We can do all of those because every node is aware of its neighbors locations, which is a basic assumption for all
where is time to live (a.k.a. message
witness-based detection protocols but
maximum hop). Since tt1 will be altered
rarely utilized by other protocols.
by
intermediate
transmission,
nodes
it
should
during not
be
authenticated. The observer willdeliver the claiming message r times. In each time, the node transmits it to a random neighbor as indicated. Note that can be a real
number,
and
accordingly
an
observer transmits its claiming message at least[r] ,up to ,[r] and on average r times. When an intermediate node receives a claiming message
4.1 Protocol Description:
it
launches , which is described by pseudo code in Algorithm 3, to
One round of clone detection is still
process
the
message.
During
the
activated by the initiator. Subsequently, processing, node
at the designated action time, each node
compares its own neighbor-list to the
creates its own neighbor-list including
neighbor-list in the message, checking if
the neighbors IDs and locations, which
there is a clone. Similarly, if detecting a
constitutes the sole storage consumption
clone,
of the protocol. Then, it, as an observer
the
claiming message containing its own ID, and
its
claiming
message
neighb-list. by
node
the
witness
node
will
broadcast an evidence messageto notify
for all its neighbors, starts to generate a
location,
, as an inspector,
whole
that
The
network
such
the
cloned
nodes are expelled from the sensor
is
network. To deal with routing, node
constructed by
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
162
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
decreases the message’s by 1 and
can be directly discarded. In our
discards the message if reaches zero;
proposal for border local determination, another parameter
4.4target range : This is used along with ideal direction to determine a target zone. When no neighbor is found in this zone, the current node will conclude that the message has reached a border, and thus throw it away.
Essentially, Algorithm 4 contains the following three mechanisms.
4.2Deterministicdirected transmission: When node receives a claiming message from previous node, the ideal direction can be calculated. In order to achieve the best effect of line transmission, the next destination node should be node , which is closest to the ideal direction. Fig:Loose source routing performance
4.3Networkborder
compared to optimal, in a network with
determination: This
takes
diameter slightly above 10. The dashed into
trend line represents expected path
the
length when nodes store logN local state,
communication cost. In many sensor
and the solid trend line shows actual
network applications, there exist outside
observed performance.
consideration
network to
shape reduce
borders of network due to physical
5.CONCLUSION:
constrains. When reaching some border
We defined Vampire attacks, a new class
in the network, the claiming message
of resource consumption attacks that use
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
163
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
routing protocols to permanently disable
[5] J. Bellardo and S. Savage, “802.11
ad-hoc wireless sensor networks by
Denial-of-Service
depleting nodes’ battery power. These
Vulnerabilities and Practical Solutions,”
attacks do not depend on particular
Proc. 12th Conf. USENIX Security,
protocols or implementations, but rather
2003.
expose vulnerabilities in a number of
[6] D. Bernstein and P. Schwabe, “New
popular protocol classes. We showed a
AES Software Speed Records,” Proc.
number
of proof-of-concept
Ninth Int’l Conf. Cryptology in India:
against
representative
attacks
examples
of
Attacks:
Real
Progress in Cryptology (INDOCRYPT),
existing routing protocols using a small
2008.
number
[7] D.J. Bernstein, “Syn Cookies,”
of
weak
adversaries,
and
measured their attack success on a
http://cr.yp.to/syncookies.html, 1996.
randomly-generated topology of 30
[8] I.F. Blaked, G. Seroussi, and N.P.
nodes.
Smart, Elliptic Curves in cryptography, vol. 265. Cambridge Univ. , 1999.
REFERENCES:
[9] J.W. Bos, D.A. Osvik, and D. Stefan, “Fast
[1] “The Network Simulator - ns-2,”
Various Platforms,” Cryptology ePrint
http://www.isi.edu/nsnam/ns,2012.
Archive,
[2] I. Aad, J.-P. Hubaux, and E.W.
501,
and Privacy in Sensor Networks,”
MobiCom, 2004.
Computer, vol. 36, no. 10, pp. 103-105,
[3] G. Acs, L. Buttyan, and I. Vajda,
Oct. 2003.
“Provably Secure On-Demand Source
[11] J.-H. Chang and L. Tassiulas,
Routing in Mobile Ad Hoc Networks,”
“Maximum
IEEE Trans. Mobile Computing, vol. 5,
Lifetime
Routing
in
Wireless Sensor Networks,” IEEE/ACM
no. 11, pp. 1533-1546, Nov. 2006. Aura,
2009/
[10] H. Chan and A. Perrig, “Security
in Ad Hoc Networks,” Proc. ACM
T.
Report
http://eprint.iacr.org, 2009.
Knightly, “Denial of Service Resilience
[4]
Implementations of AES on
Trans. Networking, vol. 12, no. 4, pp.
“Dos-Resistant
609-619, Aug. 2004.
Authentication with Client Puzzles,” Proc. Int’l Workshop Security Protocols, 2001.
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
164
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
[12] T.H. Clausen and P. Jacquet, Optimized
Link
State
Routing
Protocol(OLSR), IETF RFC 3626, 2003. [13] J. Deng, R. Han, and S. Mishra, “Defending against Path-Based DoS Attacks in Wireless Sensor Networks,” Proc. ACM Workshop Security of Ad Hoc and Sensor Networks, 2005. [14] J. Deng, R. Han, and S. Mishra, “INSENS: Intrusion-Tolerant Routing for
Wireless
Sensor
Networks,”
Computer Comm., vol. 29, 1. 2, pp. 216230, 2006. [15] S. Doshi, S. Bhandare, and T.X. Brown, “An On-Demand Minimum Energy Routing Protocol for a Wireless Ad Hoc Network,” ACM SIGMOBILE Mobile Computing and Comm. Rev., vol. 6, no. 3, pp. 50-66, 2002. [16] J.R. Douceur, “The Sybil Attack,” Proc.
Int’l
Workshop
Peer-to-Peer
Systems, 2002. [17] H. Eberle, A. Wander, N. Gura, C.S.
Sheueling,
and
V.
Gupta,
“Architectural Extensions for Elliptic Curve Cryptography over GF(2m) on 8bit Microprocessors,” Proc. IEEE Int’l Conf’ Application- Specific Systems, Architecture Processors (ASAP), 2005.
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
165
www.iaetsd.in