The document discusses vampire attacks on wireless sensor networks and proposes a solution called PLGPa. It defines vampire attacks as creating messages by malicious nodes that drain the battery life of honest nodes by forcing them to process unnecessary packets. It describes two types of attacks on stateless and stateful routing protocols, such as carousel and stretch attacks. The existing Clean Slate Sensor Network Routing protocol called PLGP is explained, but it is vulnerable to vampire attacks since nodes cannot verify packet paths. The proposed solution, PLGPa, adds verifiable path histories to packets using signature chains so that nodes can enforce the no-backtracking property and prevent packet diversion by vampires, making the network resistant to these attacks.
A Critique of the Proposed National Education Policy Reform
Vampire attacks
1.
2. Introduction
Ad hoc Wireless Sensor Network :
decentralized type of wireless network
Ad hoc : It does not rely on pre existing infrastructure such as routers in
wired networks and access points in managed wireless networks.
Each node participates in routing by forwarding packets.
all devices have equal status in the network
Applications:
Ubiquitous on demand computing power
Continuous connectivity
Instantly deployable communication for military and first responders
Monitor environmental conditions , factory performance and troop
deployment.
3. Vampire attack:
Definition: : Vampire attack means creating and sending messages by
malicious node which causes more energy consumption by the
network leading to slow depletion of node’s battery life.
Features:
Vampire attacks are not protocol specific
They don’t disrupt immediate availability
Vampires use protocol compliant messages
Transmit little data with largest energy drain
Vampires do not disrupt or alter discovered paths
4. Areas of Seminar & Technology
Area related to seminar: PROTECTION FROM VAMPIRE ATTACK ON
ROUTING PROTOCOL
Areas of seminar includes:
Evaluates vulnerabilities of existing protocols to battery depletion
attacks
Show Simulation results quantifying the performance of several
protocols in the presence of a single Vampire
Modification of an existing sensor network routing protocol to bound
the damage from Vampire attacks
5. Literature Survey
ATTACK
FEATURES
DISADVANTAGES
OF DEFENSES
REFERENCES
Sleep
Deprivation
Torture
Prevents nodes
It considers attacks
from entering sleep only at the Medium
cycle and depletes
Access Control(MAC)
batteries faster
David R
Raymond and
Randy C
Marchany ,2009
Resource
Exhaustion
Mentions resource
exhaustion at MAC
and transport
layers
Only offers rate
limiting and
elimination of insider
adversaries
Anthony D
Wood and John
A.Stankovic,2002
Flood Attack
Multiple request
connections to
server ,run out of
resources
Punishes nodes that
produce bursty traffic
but may not send
much data
Daniel J.
Bernstein,1996
6. ATTACKS
FEATURES
DISADVANTAGES
REFERENCES
Reduction of
Quality
Attacks
Produce long term
degradation in
networks
Focus is only on
transport layer and not
on routing protocols.
Sharon Goldberg
and David
Xiao,2008
DoS Attacks
Malefactor
overwhelms honest
nodes with large
amounts of data
Applicable only to
traditional DoS,
Doesn’t work with
intelligent adversaries
i.e. protocol compliant
Jing Deng and
Richard
Han,2005
Wormhole
attack &
Directional
Antenna
attack
Allows connection
b/w two non
neighbouring
malicious nodes :
disrupt route
discovery
Packet Leashes:
Solution comes at high
cost and is not always
applicable
INFOCOM,2003
7. TECHNOLOGY
Minimal Energy
Routing
FEATURES
Increase the
lifetime of power
constrained
networks using less
energy to transmit
and receive packets
DISADVANTAGES
REFERENCES
Vampire attacks
Jae-Hwan Chang
increase energy usage and Leandros
even in minimal
Tassiulas,2004
energy routing
8. Vampire attack
Definition: Vampire attack [1] means creating and sending messages by
malicious node which causes more energy consumption by the
network leading to slow depletion of node’s battery life.
Two types:
Attack on Stateless Protocols
Attack on Stateful Protocols
Stateless Protocols:
Same as source routing protocol
Source node specifies entire route to destination within packet header.
Intermediaries don’t make independent forwarding decisions.
Stateful Protocols:
Nodes are aware of their topology, state, forwarding decisions.
Nodes make local forwarding decisions on that stored state.
Two important classes are : link state and distance –vector
9. Attacks on Stateless Protocols
Types of attacks :
Carousel attack
Stretch attack
Carousel Attack:
Adversary sends packets with
routes composed of a series of
loops.
Exploits limited verification of
message headers at forwarding
nodes
Used to increase the route
length beyond no of nodes in
network
Theoretical limit: energy usage
increase by a factor of O(λ),
where λ is the maximum route
length.
10. •Stretch Attack
adversary constructs artificially
long routes traversing every node
in the network.
Causes packets to traverse larger
than optimal no of nodes
Causes nodes that doesn’t lie on
optimal path to process packets
Theoretical limit: energy usage
increase of factor
O(min(N, λ)), where N is the
number of nodes
in the network and λ is the
maximum path length allowed.
Potentially less damaging per
packet than the carousel attack, as
the no of hops per packet is
bounded by the number of
11. Attack on Stateful Protocols
Types of attacks:
Directional antenna attack
Malicious Discovery attack
Directional Antenna attack:
Energy can be wasted by restarting packet in various parts of network
Using a directional antenna adversaries can deposit packets in arbitrary parts of
the network.
Consumes energy of nodes that would not have had to process the original
packet.
Half Wormhole attack – as a directional antenna constitutes a private
communication channel.
Packet leashes cannot prevent this attack as they are not to protect against
malicious message sources only intermediaries.
12. Malicious Discovery Attack:
Also known as Spurious route discovery.
Falsely claims that a link is down or claim a new link to non existent
node
More serious when nodes claim a long distance route has changed.
Trivial in open networks
In closed networks : repeatedly announce and withdraw routes
Theoretical energy usage increase of a factor of O(N) per packet.
Packet leashes cannot prevent: originators are malicious
13. Existing System & Disadvantages
Clean Slate Sensor Network Routing
Developed By Parno,Luk, Gaustad and Perrig (PLGP).
Original version is vulnerable to vampire attacks
Can be Modified to resist vampire attacks
Two phases:
Topology Discovery Phase
Packet Forwarding phase
Discovery organizes nodes to trees
Initially : each node knows only itself
At end of discovery each node should compute the same
address tree as other nodes.
All leaf nodes are physical nodes in network and virtual
addresses corresponds to their position in the network.
14. Clean Slate Sensor Network Routing (Contd..)
Topology Discovery Phase:
Every node broadcast certificate
of identity including public key.
Each node starts as its own
group size one ,with virtual
address zero
Groups merge with smallest
neighbouring group
Each group chooses 0 or 1 when
merge with another group.
Each member prepends group
address to their own address
Gateway nodes
By end each node knows every
nodes virtual address ,public key
and certificate.
Network converges to a single
group
15. Packet forwarding phase:
All decisions are made
independently by each node
A node when receives a packet
determines next hop by finding the
most significant bit of its address
that differs from the message
originators address.
Every forwarding event shortens
the logical distance to destination
16. PLGP in presence of vampires:
forwarding nodes don’t know the path of a packet and allowing adversaries to
divert packet to any part of the network.
Honest node may be farther away from the destination than malicious nodes.
But honest node knows only its address and destination address.
Vampire moves packet away from the destination
Theoretical energy increase of O(d) where d is the network diameter and N the
number of network nodes.
Worse if packet returns to vampire as it can reroute
17. Provable Security against vampire
attacks
•No-backtracking property:
Satisfied for a given packet if and only if it consistently makes progress
toward its destination in the logical network address space.
More formally:
No-backtracking is satisfied if every packet p traverses the same number of
hops whether or not an adversary is present in the network.
Case 1: L is honest
L
…(hops) …
D
Case 2: L is Malicious
L
…(hops) …
D
•Same no of Hops
•Same network wide energy utilization
•is independent of the actions of malicious nodes
Nodes keep track of route cost
No-backtracking implies Vampire resistance
18. Provable Security against vampire
attacks (contd..)
PLGP does not satisfy No-backtracking property:
In PLGP packets are forwarded along the shortest route through the tree
that is allowed by the physical topology.
Since the tree implicitly mirrors the topology and since every node holds
an identical copy of the address tree, every node can verify the optimal next
logical hop.
However, this is not sufficient for no-backtracking to hold, since nodes cannot be
certain of the path previously traversed by a packet.
Adversaries can always lie about their local metric cost
PLGP is still vulnerable
19. Proposed System:
Propose PLGP with attestations (PLGPa):
Add a verifiable path history to every PLGP packet
PLGPa uses this packet history together with PLGP’s tree routing
structure so every node can securely verify progress, preventing any
significant adversarial influence on the path taken by any packet which
traverses at least one honest node.
These signatures form a chain attached to every packet, allowing any node
receiving it to validate its path. Every forwarding node verifies the
attestation chain to ensure that the packet has never traveled away from its
destination in the logical address space.
packet forwarding for PLGPa
20. PLGPa satisfies no-backtracking
•All messages are signed by their originator .
•adversary can only alter packet fields that are changed en route, so only the route
attestation field can be altered, shortened, or removed entirely.
•To prevent truncation, use one-way signature chain construction
•The hop count of a packet is defined as follows:
Definition. The hop count of packet p, received or forwarded by an honest node, is no
greater than the number of entries in p’s route attestation field, plus 1.
•When any node receives a message, it checks that every node in the path attestation 1) has
a corresponding entry in the signature chain, and 2) is logically closer to the destination
than the previous hop in the chain. This way, forwarding nodes can enforce the forward
progress of a message, preserving no-backtracking.
Theorem 1. A PLGPa packet p satisfies no-backtracking in the presence of an adversary
controlling m < N - 3 nodes if p passes through at least one honest node.
21. Proof:
…Since each possible adversarial action
which results in backtracking violates
an assumption , The proof is complete
22. Comparison of Existing Vs Proposed System
PLGP
PLGPa
PLGP does not have attestation
It is PLGP with attestation
Forwarding nodes doesn’t know the
path of the packet
Each packet has a verifiable path history
Does not hold Backtracking
Holds Backtracking
Vulnerable to Vampire attacks
Resistant to vampire attacks
23. Advantages of Proposed System
PLGPa never floods
Packet forwarding overhead is favourable
Demonstrates more equitable routing load
distribution and path diversity
Even without dedicated hardware, the cryptographic
computation required for PLGPa is tractable even on
8-bit processors.
24. Future Scope
Ad hoc wireless sensor networks promise exciting new
applications in the near future.
As WSN’s become more and more crucial to everyday
life availability faults become less tolerable
Thus high availability of these nodes is critical and
must hold even under malicious conditions.
25. References
[1] Frank Stajano and Ross Anderson, The resurrecting duckling: security
issues for ad-hoc wireless networks, International workshop on security
protocols, 1999.
[2] Haowen Chan and Adrian Perrig, Security and privacy in sensor
networks,
Computer 36 (2003)
[3] Denial of service attacks(Timothy J. McNevin, Jung-Min Park), 2004
[4] Path-quality monitoring in the presence of adversaries(] Sharon
Goldberg, David Xiao),2008.
[5] Packet leashes: A defence against wormhole attacks in wireless
ad hoc networks, INFOCOM, 2003.
[6] Securing ad hoc routing protocols,(Manel Guerrero Zapata and N.
Asokan), 2002