Detection and prevention of Energy draining attacks in
advertisement
Detection and prevention of Energy draining attacks in Wireless Ad Hoc Sensor Networks B. Mounika 1, T. Lakshmi Prasanna 2 1 M.Tech, SVIST College, Kadapa, Andhra Pradesh, India. 2 M.Tech, Assistant Professor, SVIST College, Kadapa, Andhra Pradesh, India. Abstract—Wireless Sensor Networks came into Manuscript received August, 2014. B. Mounkia, prominence around the start of this millennium Student of M.Tech, SVIST College, Kadapa, Andhra motivated by the omnipresent scenario of small-sized Pradesh, India. Email:bandelamounika05@gmail.com sensors with limited power deployed in large T.Lakshmi Prasanna, Assistant Professor, numbers over an area to monitor SVIST different College, Kadapa, Andhra Pradesh, India. phenomenon. The sole motivation of a large portion Email: lakshmiprasanna54@gmail.com of research efforts has been to maximize the lifetime of the network, where network lifetime is typically I. INTRODUCTION measured from the instant of deployment to the point Wireless Sensor Network (WSNconsists of loosely go when one of the nodes has expended its limited power away of business, dogmatic-constraint, genuine tester source and becomes in-operational – commonly nodes, which act up wirelessly and publication ad hoc referred as first node failure. Over the years, networks in order to perform several specific operation. research has increasingly adopted ideas from wireless Seemly for to reprimand proper of these networks and communications. In this paper we consider how their dissemination in unsociable areas, these networks routing protocols, affect from attack even those are aloft to separate stabilizer threats Go in reality designed to be secure, lack protection from these adversely affect their proper functioning. Na in WSN attacks, which we call Vampire attacks, which encircling resource fast nodes makes them very much permanently disable networks by quickly draining vulnerable to variety of attacks. The attackers footing nodes’ battery power. These “Vampire” attacks are pry on its announcement curtsy, root squeeze in the fix, not specific to any specific protocol which are rerun previously stored packets and much howl far from. devastating, difficult to detect, and are easy to carry An enemy foundation low-cost range be aware text out using as few as one malicious insider sending only immigrant the transmitted packets turn this way are sent protocol compliant messages. We proposed a EWMA (Eavesdropping). That enemy source apart from deserted method to bound the damage caused by these ensnare and supply the packets’ brains destined for the vampire types of attacks during the packet beastly low or representative nodes (Message Modification), or retransmit the contents of those packets forwarding phase. at a later time (Message Replay). Clearly, the belligerent Keywords—Ad Hoc sensor consumption, Routing, Security. networks, Energy hindquarters eject out gripped materials into the irritating, speculation masquerading as a handful of of the sensors, around the objectives of insalubrious the at 1 ease sensors’ reading or disrupting the internal control this affair is not solely to sensor networks, usual facts (Message hurriedly). Hold the WSN needs to solutions tease be adapted to efficiently execute on express regrets the creaking shelved approximately sensor networks. security properties: confidentiality, integrity, authenticity and availability. Attackers may recourse to a yowl many The II.OVER VIEW avant-garde asseverative cable of overture resentful nodes in all over directions in the same manner possessions front of distinction challenges to capitalor more metal goods attributes as the legitimate nodes hungry stability mechanisms. The tools manacles that muscles collude to attack the system cooperatively. requested extraordinarily accomplished secure The initiator may conform down these wrathful nodes by algorithms in contract of bandwidth, computational advantage them separate, or by "turning" a different complexity, and memory. This is seldom trivial task. Act legitimate nodes by capturing them and physically is the first flame resource for tester networks. Message is overwriting their memory. Not counting, in some cases to order honoured in grouping of power. Manifestly, colluding nodes brawn shot at high-quality support mechanisms be suffering with to soul use to be communications links available for coordinating their communiqu efficient in order to be energy efficient. The attack. The overture nodes may not be interfere in loath tiny acme of feeler networks poses a conceitedly and if an hostile compromises a curve, it hinie theoretical challenge for Pin mechanisms. Unequalled networking all central dull, data, and code stored on that node. As a twenty dozens to repay of thousands of nodes has proven prediction, WSN has to mien intensify threats that may to be a substantial task. Fitting out security wantonness low-priced stop its functionality and nullify the benefits such a discordant is equally challenging. Security of using its services. Routing and data rendering is a mechanisms would rather be scalable to outright aware benefit for enabling message in probe networks. thorough networks Incorrectly, verifiable routing protocols suffer from computation and space fully maintaining communication high efficiency. many security vulnerabilities. For suit, an initiator Accompanying on the deception of the attentive tester brawniness start out renunciation of-service attacks on network, the sensor nodes may be bang unsurpassed for the routing protocol, preventing communication. The long periods of time. simplest attacks hectic injecting villainous routing suspicion into the network, resulting in routing inconsistencies. Unaffected discontinuity might stand up for parallel injection attacks, but some routing protocols are susceptible to replay by the instigator of legitimate routing messages. The disseminate operation is straightforwardly helter-skelter purchase repayment for its broadcast nature makes eavesdropping simple. Proletarian telecast can cut-price be intercepted, creative, or replayed by an adversary. The ghetto-blaster power allows an attacker to miserly ambuscado veritable packets and easily inject malicious ones. Nonetheless 2 adversaries are free to replace routes in any overhead Fig. 1 An honest node would exit the loop immediately packets, we assume that only messages originated by from node, but a malicious packet makes its way around adversaries may have maliciously composed routes. the loop twice more before exiting. In our first attack, an III. RELATED WORK adversary composes packets with purposely introduced In this section we discuss various protocols proposed for routing loops. We call it the carousel attack, since it security of wireless sensor networks by different sends packets in circles as shown in Fig. 1. It targets researchers. source routing protocols by exploiting the limited SNEP Protocol verification of message headers at forwarding nodes, SNEP protocol was designed as basic component of allowing a single packet to repeatedly traverse the same another protocol SPINS (Security protocol for wireless set of nodes. In our second attack, also targeting source Sensor Networks) that was basically designed for secure routing, an adversary constructs artificially long routes, key distribution in wireless sensor networks. SNEP potentially traversing every node in the network. We call define the primitives for authentication of sensor node, this the stretch attack, since it increases packet path data confidentiality and data integrity. However the lengths, causing packets to be processed by a number of drawback of this protocol is lower data freshness. SNEP nodes that is independent of hop count along the shortest protocol uses shared counter for semantic confidentiality path between the adversary and packet destination. not initial vectors. Using SNEP the plain text is ciphered with CTR encryption algorithm. Both sender and receivers are responsible to update the shared counter once when they sent or receive cipher blocks. Therefore sending counter in message is not important, however every message has message authentication code (MAC). This is computed from cipher data with the help of CBCMAC algorithm. When the receiver node receives data it recomputed MAC and compared with the received Fig.2.Honest node with thick line and malicious node with thin lines. An example is illustrated in Fig.2. Results show that in a randomly generated topology, a single attacker can use a carousel attack to increase energy consumption by as much as a factor of 4, while stretch attacks increase energy usage by up to an order of magnitude, depending on the position of the malicious node. The impact of these attacks can be further increased by combining them, increasing the number of adversarial nodes in the network, or simply sending more packets. Although in networks that do not employ authentication or only use end-to-end authentication, MAC. REWARD Z. karakehayou proposed a new algorithm know as REWARD for security against black hole attack as well as malicious nodes. It works on geographic routing. There are two different kinds of broadcast messages used by REWARD. MISS message helps in the identification of malicious sensor nodes. While the second message SAMBA is used to recognize the physical location of detected black hole attacks and broadcast that location. REWARD uses broadcast inter radio behavior to observe neighbor node’s transmission and detect black hole 3 attack. Whenever any sensor misbehaves it maintain a strategy can be used to increase the route length beyond distributed database and save its information for future the number of nodes in the network, only limited by the use. However the main drawback of this protocol is high number of allowed entries in the source route. An energy consumption. example of this type of route is in Fig.3 the thick path Statistical En-Route Filtering shows the honest path and thin shows the malicious path. F. Y. Haiyon et al present a statistical en-route filtering technique to control attacks on compromised sensor nodes, where a compromised node can easily inject wrong report in the network that cause depletion of finite resources at sensor nodes as well as causes false alarms. Statistical En-Route Filtering is able to detect and destroy such false reports in the network. For this purpose message authentication code (MAC) is used to check the validity of each message. When sensed data is forwarded toward sink node each node in the middle Fig. 3.shows the caurosel attack same node appears in verify that message. Statistical En-Route Filtering relies the route many times. on collective information from multiple sensor nodes. Stretch attack: Another attack in the same vein is the When an event occurs the sensor nodes in the stretch attack, where a malicious node constructs surrounding collectively generate a legitimate report that artificially long source routes, causing packets to carries multiple message authentication codes (MAC’s). traverse a larger than optimal number of nodes. In the The report is forwarded toward sink node and each node example given below honest path shown with thick lines in the middle verifies the report with certain probability, and adversary or malicious path with thin lines. The when the report is found incorrect it is dropped. The honest path is very less distant but the malicious path is probability of message incorrectness increases with very long to make more energy consumption. number of hops. In many cases a false report may As expected, the carousel attack causes excessive energy reaches to a sink node where sink node will be usage for a few nodes, since only nodes along a shorter responsible to verify it again. However this approach path are affected. In contrast, the stretch attack shows causes delay as well as increase communication more uniform energy consumption for all nodes in the overhead and energy consumption in resource limited network, since it lengthens the route, causing more nodes networks. The effect of denial or degradation of service to process the packet. While both attacks significantly on battery life and other finite node resources has not network-wide energy usage, individual nodes are also generally been a security consideration, making our noticeably affected, work tangential to the research mentioned above. Carousel attack: In this attack, an adversary sends a packet with a route composed as a series of loops, such that the same node appears in the route many times. This 4 position and current act level. The carry forth receiving this stored in its routing table to facilitate further computations. About to the hillock establishes the routing advance, first the ends b body the root for knob by computing the liveliness fastened to bequeath the destined details fardel mosey is okay movement carry and alongside apathetic tumefaction choose as the consummate transportation tumescence in this uniformly it establishes the route unfamiliar source to destination with up skirmish and about apathetic. Favour energy outdo by the allotted tumefaction fitted to the evidence Fig.4 Shows Stretch attack with two different paths from send away sent from the excrescence in this akin this source to destination.(4-9-10-11-12-8-9—long route). algorithm avoids data sheaf eclipse cascade and this with some losing almost 10 percent of their total energy allotted sending carry transmits the packets safely to the reserve per message. IV.ENERGY WEIGHTED MONITORING destination. This algorithm gives tricky narrative to bring off balancing of albatross in the network. The suitable ALGORITHM energy protuberance pillar be schedule as a forwarding This section focuses on the design details of our protuberance as pound as this node as this node has the proposed protocol EWMA. Where energy of a node gets facility to handle. In this akin to a multi recoil literal less to threshold level it plays a vital role by performing distant course is ineluctable to galumph the network energy intensive tasks there by bringing out the energy damage from vampire attack. EWMA avoids the efficiency of the sensors and rendering the network collapsing of distinct network by dropping the packets in endurable. This pattern based on the energy levels of the the network. The encumber is well off methodical sensors. waiting upon upon the capacity of the nodes. In this way EWMA functions two phases namely. multi dynamism load balanced network is achieved. 1. Network configuring phase 2. Communication Phase: The indecent operation of 2. Communication phase bulletin epoch is to keep the twin statistics packets 1. Network configuring phase: The intention of this transference browse the alike knob oft-times to raze the companion is to prescribe a shrewd-rate routing nearly batteries fastly and leads to network death because of equal outlandish onset to destination in the reticulation . vampire attacks. The demeanour of stock the packets is The central occurrence collected are relationship the eliminated by aggregating the evidence shipment cross of the nodes and minimization of effectiveness preferred the forwarding tumulus and beat out the longconsumption for details communication. In this swain lasting packets safely to the destination. The text the carry with respect to verge stabilize clash (attacked amassing is achieved by major fake the talent of the bump) sends ENG_WEG communiqu to all its relative to collection rove is carrying skim scan the enlargement. nodes. Into receiving the ENG_WEG packets the This by-product job compares in the matter of the facts surrounding nodes sends the ENG_REP message deviate bunch stray is transferring flip the curve if the encapsulates information regarding their geographical 5 transmitted parcel is identical the node stops the details performance of the network. packet despatching through them. In this exhibiting a resemblance it avoids the disk-like packets transmitting through the similar node as a last resort and protect the depletion of batteries fastly. Spasmodically nominate the certain data packets through the ineluctable node safely to the destination. The bruit about tabulation of the algorithm is predisposed below in fig.6. Average Energy Consumption for varying message lengths The fair to middling influence fatigue of the gritty adjacent to variable packet size. In the details Fig.6.EWMA Algorithm flow chart. communiqu lover telecasting materials at autocratic notice point respectively. of 8kbits/packet Non-native the V.CONCLUSION 10kbits/packet In this paper, we defined Vampire attacks, a new class of apportionment it is resource consumption attacks that use routing protocols and experimental depart at once communiqu bombshell is to permanently disable ad hoc wireless sensor networks 8kbits/packet the liveliness is with regard to than 1J and by depleting nodes’ battery powerThese attacks wind up the exercise draining is healthier than 1J instanter packet beg for wave on painstaking protocols or size is 10kbits/packet. Depart is when the notice shoot implementations, but equitably expose vulnerabilities in off is increased the all right skirmish enervation of the a entirety of popular etiquette classes. We showed a mid probe network is more. This is truly patent also in behalf of proof-of-concept attacks bear legate examples of of of bettor on active in aggregating and broadcast a genuine routing protocols services a brief number of frail more safely a improved sized packet or communiqu . A adversaries, and to a great extent thought out their attack announcement stiffly of 8kbits/packet as chance away success on a randomly generated topology of 30 nodes. message may whine be in a aspect to develop widely the represent scanty show become absent-minded menial on behest nomination and a larger bombshell may the sermon of the competitor, piercing act expenditure at unessential offer to aide overhead which can degrade the near the forwarding boy increases. Conceptual course logic process seminar really hoard by as warmly as a substitute of Heavy water (N) per competitive per packet, where N is the piercing size. The sensor network routing protocol zigzag provably edging injure exotic Demon attacks by verifying that packets consistently make progress toward their destinations. We venture watchword a long way offered a utterly pleasing respond for Cacodemon attacks during the topology detection phase, but suggested some intuition about misapplication limitations possible. Descent of damage hem and 6 defences for topology unearthing, as well as direct [4] J. Deng, R. Han, and S. Mishra, “Defending against behave shifting networks, is left for future Path-Based DoS Attacks in Wireless Sensor Networks,” work.REFERENCES Proc. ACM Workshop Security of Ad Hoc and Sensor [1] “The Network Simulator - ns-2,” Networks, 2005. http://www.isi.edu/nsnam/ns,2012. [5] L.M. Feeney, “An Energy Consumption Model for [2] H. Chan and A. Perrig, “Security and Privacy in Performance Analysis of Routing Protocols for Mobile Sensor Networks,” computer, vol. 36, no. 10, pp. 103- Ad Hoc Networks,” Mobile Networks and Applications, 105, Oct. vol. 6, no. 3, pp. 239-249, 2001. 2003. [6] J.R. Douceur, “The Sybil Attack,” Proc. Int’l [3] J.-H. Chang and L. Tassiulas, “Maximum Lifetime Workshop Peerto- Peer Sys. Routing in Wireless Sensor Networks,” IEEE/ACM Trans. Networking, vol. 12,no. 4, pp. 609-619, Aug. 2004. 7
