October 11, 2017

Introduction of Vampire Attack in Wireless Ad-hoc Sensor Networks

A new class of resource depletion attack has been discovered which permanently disable network by draining energy of network nodes called “Vampire Attack”. Vampire attacks are not affecting any specific protocol. Vampire attack causes composition and flooding of messages more similar to that generated by an honest node and drains the battery life from network nodes. Basically vampire attack is a variant of DDOS attacks, which performs resource consumption on neighbor nodes. Therefore, during the vampire attack targeted packets are modified for preparing long routes or misguiding the packets. In addition of that the malicious nodes are making frequent connectivity of the entire neighbor nodes in the network using false control message exchange. Due to these neighbor nodes replies the false request for connectivity and draining energy rapidly. Therefore, in order to detect and prevent the malicious nodes in the network a new kind of scheme is required which monitor the network node’s activity and provide the decision for malicious behaving nodes.

Vampire attacks are not protocol-specific, in that they do not rely on design properties or implementation faults of particular routing protocols, but rather exploit general properties of protocol classes such as link-state, distance vector, source routing, and geographic and beacon routing. Neither do these attacks rely on flooding the network with large amounts of data, but rather try to transmit as little data as possible to achieve the largest energy drain, preventing a rate limiting solution. Since Vampires use protocol-compliant messages, these attacks are very difficult to detect and prevent.

Effect on Stateless Protocol:

Vampire attack affects stateless routing protocols such as source routing by either of the two types as follows.

Carousel Attack: In this type of attack, malicious node injects packet with path consisting of series of loops which contains same set of nodes many times so that those nodes drain their energy soon. In this attack strategy, there may exists more than available network nodes in the constructed path which are only limited by allowed number of nodes in source path. For Example as shown in figure 1 honest route is indicated by solid line and false line is indicated by dashed line.

Figure 1 Example of Carousel Attack

Stretch Attack: Another Type of vampire attack is called stretched attack, in which advisory node falsely generates larger source path that causes packets to travel more nodes than optimal number of nodes. As shown in figure 2, an honest sender of packet selects path source to A, A to sink, while malicious node selects longer root source A B C D to sink, so that it can drain energy of as many nodes as possible.

figure 2 Example of Stretch Attack

Effect on State Full Protocol

Vampire attack affects state full protocols e.g. AODV in following manner In case of state full routing, routes are discovered on–demand basis not pre-discovered like in source routing which makes vampire lesser effective, still vampire can waste energy of network nodes by restarting packets in some part of network. Attacker node tends to divert paths using directional antenna attack which causes energy consumption of network nodes. Another type of attack that affects both type of routing is fake route discovery request. For discovery of route there is also transfer of route request and response packet, so malicious nodes may falsely generate route discovery process any time and create packet flooding. AODV and DSR are also vulnerable to this type of attack.

References

[1] Eugene Y. Vasserman and Nicholas Hopper, “Vampire Attacks: Draining Life from Wireless Ad Hoc Sensor Networks”, IEEE Transactions on Mobile Computing, Volume 12, No. 2, February 2013.

[2] V. Sharmila, “Energy Depletion Attacks: Detecting and Blocking in Wireless Sensor Network”, International Journal of Computer Science and Mobile Computing, Volume 3, Issue 8, August 2014

[3] Trupti Pawar and Jyoti Patil, “Vampire Attacks: Draining Life from Wireless Ad-hoc Sensor Networks”, International Journal of Science and Research (IJSR), Volume 4 Issue 9, September 2015

$${}$$