Peer Reviewed Online International Journal Volume 1, Issue 1, May 2014 179

Efficient Detection and Elimination of Vampire

Attacks in Wireless Ad hoc Sensor Networks


Ashish BK
Dept of Computer Science and Engineering
YD Institute of Technology
Bangalore, India
ashishkale34@gmail.com

Swathi P
Dept of Computer Science and Engineering
YD Institute of Technology
Bangalore, India
swathipalavalli@gmail.com

Rashmi RK
Dept of Computer Science and Engineering
YD Institute of Technology
Bangalore, India
rashmikoradakeri@gmail.com

Sujatha D and Geetha C Mara
Dept of Computer Science and Engineering
YD Institute of Technology, Bangalore, India
sujatadoddamani3@gmail.com and
g_mara@yahoo.com



Abstract

Ad-hoc low-power wireless networks are an exciting re-
search direction in sensing and pervasive computing. Prior
security work in this area has focused primarily on denial of
communication at the routing or medium access control lev-
els. This paper explores resource depletion attacks at the
routing protocol layer, which permanently disable networks
by quickly draining nodes battery power. These Vampire
attacks are not specific to any specific protocol, but rather
rely on the properties of many popular classes of routing
protocols. We find that all examined protocols are suscepti-
ble to Vampire attacks, which are devastating, difficult to
detect, and are easy to carry out using as few as one mali-
cious insider sending only protocol- compliant messages. In
the worst case, a single Vampire can increase network-wide
energy usage by a factor of O(N), where N in the number of
network nodes. We discuss methods to mitigate these types
of attacks, including a new proof-of-concept protocol that
provably bounds the damage caused by Vampires during the
packet forwarding phase.

Keywords

Denial of service, security, routing, ad-hoc net- works,
sensor networks, wireless networks.


Introduction

Ad-hoc wireless sensor networks (WSNs) promise excit-
ing new applications in the near future, such as ubiquitous
on-demand computing power, continuous connectivity, and
instantly-deployable communication for military and first
responders. Such networks already monitor environmental
conditions, factory performance, and troop deployment, to
name a few applications. As WSNs become more and more
crucial to the everyday functioning of people and organiza-
tions, availability faults become less tolerable lack of
availability can make the difference between business as
usual and lost productivity, power outages, environmental
disasters, and even lost lives; thus high availability of these
networks is a critical property, and should hold even under
malicious conditions. While these schemes can prevent at-
tacks on the short-term availability of a network, they do not
address attacks that affect long-term availability the most
permanent denial of service attack is to entirely deplete
nodes batteries. This is an instance of a resource depletion
attack, with battery power as the resource of interest. In this
paper we consider how routing protocols, even those de-
signed to be secure, lack protection from these attacks,
which we call Vampire attacks, since they drain the life from
networks nodes. These attacks are distinct from previously-
studied DoS reduction of quality (RoQ), and routing infra-
structure attacks as they do not disrupt immediate availabil-
ity, but rather work over time to entirely disable a network.
International Journal of Innovatory Research in Engineering and Technology IJIRET www.ijirusa.webs.com


Peer Reviewed Online International Journal Volume 1, Issue 1, May 2014 180
Vampire attacks are not protocol-specific, in that they do not
rely on design properties or implementation faults of particu-
lar routing protocols. Neither do these attacks rely on flood-
ing the network with large amounts of data, but rather try to
transmit as little data as possible to achieve the largest ener-
gy drain, preventing a rate limiting solution.

Related Work

We do not imply that power draining itself is novel, but
rather that these attacks have not been rigorously defined,
evaluated, or mitigated at the routing layer. There is also
significant past literature on attacks and defenses against
quality of service (QoS) degradation, or reduction of quality
(RoQ) attacks, that produce long-term degradation in net-
work performance. The effect of denial or degradation of
service on battery life and other finite node resources has not
generally been a security consideration, making our work
tangential to the research mentioned above. Current work in
minimal-energy routing, which aims to increase the lifetime
of power-constrained networks by using less energy to
transmit and receive packets (e.g. by minimizing wireless
transmission distance), is likewise orthogonal: these proto-
cols focus on cooperative nodes and not malicious scenarios.


Existing System
Existing work on secure routing attempts to ensure that
adversaries cannot cause path discovery to return an invalid
network path, but Vampires do not disrupt or alter discov-
ered paths, instead using existing valid network paths and
protocol compliant messages. Protocols that maximize pow-
er efficiency are also inappropriate, since they rely on coop-
erative node behavior and cannot optimize out malicious
action. Below figure 1 shows the carousel attack of same
node appears in the route many times. Figure 2 represents
stretch attack where malicious path takes the longest route.


Fig.1 Carousel attacks


Fig.2 Stretch attack

Proposed System

In proposed system we show simulation results quantifying
the performance of several representative protocols in the
presence of a single Vampire. Then, we modify an existing
sensor network routing protocol to provably bound the dam-
age from Vampire attacks during packet forwarding. In this
paper,we focus on the route discovery part of on-demand
source routing protocols, but we believe that the general
principles of our approach are applicable to the route discov-
ery part of other types of protocols too. At a very informal
level, security of a routing protocol means that it can per-
form its functions even in the presence of an adversary. Ob-
viously, the objective of the adversary is to prevent the cor-
rect functioning of the routing protocol. Since we are focus-
ing on the route discovery part of on-demand source routing
protocols, in our case, attacks are aiming at achieving that
honest nodes receive incorrect routes as a result of the
route discovery procedure. We will make it more precise
later what we mean by an incorrect route.

System Architecture


Fig.3 System Architecure of vampire attack

The above architecture is explained module by module be-
low:

International Journal of Innovatory Research in Engineering and Technology IJIRET ww.ijirusa.webs.com
Peer Reviewed Online International Journal Volume 1, Issue 1, May 2014 181
a. Node Configuration Setting:
The mobile nodes are designed and configured dynami-
cally, designed to employ across the network, the nodes are
set according to the X, Y, Z dimension, which the nodes
have the direct transmission range to all other nodes.

b. Data Routing:
The source and destination are set at larger distance, the
source transmits the data packets to destination through the
intermediate hop nodes using UDP user data gram protocol,
link state routing like PLGP act as an ad hoc routing proto-
col.

c. Vampire Attack:
The malicious node enters the network, and affects the
one of the intermediate node by sending false packets. So the
malicious node drain the energy of the intermediate node,
the intermediate energy level goes to 0 joules. So the data
transmission is affected, the path tends to be failure between
source and destination. As a result source retransmits the
data in another path to destination. If the vampire attack con-
tinues it will disable the whole network
.
d. Backtracking Technique:
The back tracking technique is used to identify legitimate
nodes in the particular path; the nodes accept the data only
after the execution of back tracking technique. If source
transmits the data to next neighbor node, the next node veri-
fies the source identity using back tracking process. Through
this technique the data is transmitted securely in the presence
of vampire nodes.

e. Intrusion Detection System:
The energy constraint IDS is used to detect the malicious
nodes from the network, for that purpose the energy level for
all nodes are calculated after every data iteration process.
Maximum nodes have an average energy level in certain
range, due to the nature of vampire nodes have a abnormal
energy level like malicious node energy level is three times
more than the average energy level, by this technique the
malicious nodes can be identified easily.

f. Malicious Node Elimination:
After the IDS process the malicious nodes detected. The
TA trusted authority informs to all nodes in the network and
eliminate the malicious node from the network. So by elimi-
nating malicious node we can form a secure network.

g. Graph Examination:
The performance analysis of the existing and proposed
work is examined through graphical analysis.


Experimental Details

In our project we use ns2 software,with the cigwin con-
figuration and configured in windows 7 os and with c++ as
backend language and oTCL(object tool command lang) as
frontend.

In this part we discuss about the performance analysis of
the vampire attacks,as shown in the below snapshots we
discuss about performance of the nodes.


Fig.4 Initialization of nodes



Fig.5 Detecting of vampire nodes


Fig.6 Data transferring from source and destination.

International Journal of Innovatory Research in Engineering and Technology IJIRET www.ijirusa.webs.com


Peer Reviewed Online International Journal Volume 1, Issue 1, May 2014 182

Fig.7 Carousel and stretch attack


Fig.8 Routing performance analysis on avg throughput


Fig.9 Performance analysis of nodes

Conclusion

As our proposed energy level constraint algorithm effi-
ciently detects the malicious nodes from the network, by
eliminating those affected nodes we can form the secure
network with authenticated data transmission. The graphical
results shows the improved network performance with in-
creased throughput rate and improved packet delivery ratio. I
have explained The working procedure, algorithm and prov-
ing its efficiency theoretically by comparing it with the ex-
isting system models. Simulation results show that depend-
ing on the location of the adversary, network energy ex-
penditure during the forwarding phase increases from be-
tween 50 to 1,000 percent. Theoretical worst-case energy
usage can increase by as much as a factor of O(N) per adver-
sary per packet, where N is the network size.

References

1. I. Aad, J.-P. Hubaux, and E.W. Knightly, Denial of
Service Resilience in Ad Hoc Networks, Proc. ACM
MobiCom, 2004.
2. G. Acs, L. Buttyan, and I. Vajda, Provably Secure On-
Demand Source Routing in Mobile Ad Hoc Networks,
2006.
3. T. Aura, Dos-Resistant Authentication with Client
Puzzles, Proc. Intl Workshop Security Protocols,
2001.
4. J.W. Bos, D.A. Osvik, and D. Stefan, Fast Implementa-
tions of AES Various Platforms, Cryptology ePrint
Archive, Report 2009/ 501, http://eprint.iacr.org, 2009.
5. M. Guirguis, A. Bestavros, I. Matta, and Y. Zhang,
Reduction of Quality (RoQ) Attacks on Internet End-
Systems, Proc. IEEE INFOCOM, 2005.