navya doc

A Project report on

VAMPIRE ATTACKS: DRAINING LIFE FROM WIRELESS ADHOC SENSOR NETWORKS

A Dissertation submitted in partial fulfillment of the

Requirements for the award of the degree of

MASTER OF TECHNOLOGY

in

COMPUTER SCIENCE AND ENGINEERING

By

ATUKURI NAVYA

(Roll No. 12021D0528)

Under the esteemed guidance of

Dr. J.V.R MURTHY

Professor, CSE Department

Department of Computer Science and Engineering

UNIVERSITY COLLEGE OF ENGINEERING

JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY

KAKINADA, KAKINADA – 533003, A.P

2012 - 2014

UNIVERSITY COLLEGE OF ENGINEERING

JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY

KAKINADA, KAKINADA – 533003

ANDHRA PRADESH, INDIA

CERTIFICATE

This is to certify that the dissertation titled “Vampire Attacks: Draining Life from wireless

adhoc sensor networks” is submitted by ATUKURI NAVYA (Regd No. 12021D0528),

student of M.Tech. (CS), in partial fulfillment of the requirements for the award of the degree

of MASTER OF TECHNOLOGY is a record of bona fide work carried out by him under my

supervision.

Internal Guide Head of the Department

Dr. J.V.R Murthy Smt. L. Sumalatha

Professor Associate Professor

Department of CSE Department of CSE

University College of Engineering, University College of Engineering,

JNT University, Kakinada. JNT University, Kakinada.

`

DECLARATION

This is to certify that the thesis titled “Vampire Attacks: Draining Life from Wireless

Adhoc Sensor Networks” is a bona fide work done by me, in partial fulfillment of the

requirements for the award of the degree M.Tech. (Computer Science) and submitted to

the Department of Computer Science & Engineering, University College of

Engineering, Jawaharlal Nehru Technological University, Kakinada.

I also declare that this project is a result of my own effort and that has not been copied

from anyone and I have taken only citations from the sources which are mentioned in the

references.

This work was not submitted earlier at any other University or Institute for the award of

any degree.

Place: UCE, Kakinada. Atukuri Navya

Date: RegdNo:12021D0528

`

ACKNOWLEDGEMENTS

I express my deep gratitude and regards to Dr. J.V.R Murthy, Internal Guide and

Professor, Department of Computer Science & Engineering for his encouragement and

valuable guidance in bringing shape to this dissertation.

I am grateful to Smt. L. Sumalatha, Head of the Department, Department of Computer

Science & Engineering, University College of Engineering, JNTU Kakinada for her

encouragement and motivation.

I am thankful to all the Professors and Faculty Members in the department for their

teachings and academic support and thanks to Technical Staff and Non-teaching staff

in the department for their support.

Atukuri Navya

Regd.No:12021D0528

Abstract

Ad hoc low-power wireless networks are one of the current topics in the field of security

and pervasive computing. Most of the research work done before for improving the

security of the networks in this area is mainly limited to the denial of communication at

the routing level or Medium Access Control levels. This project work investigates the

attacks done with an aim of resource depletion at the routing protocol layer. These attacks

can lead to the quick draining of the nodes battery power there by permanently disable

the networks. These resource depletion attacks are called as “Vampire” attacks, which are

not specific to any particular protocol, instead they rely on the general properties routing

protocols classes. Many protocols are vulnerable to Vampire attacks, which are highly

destructive, and difficult to detect, and are easy to infect a network with simple and

limited resources such as one malicious insider sending only protocol compatible

messages. In some of the worst cases, a single vampire can increases network-wide

bandwidth usage in the order of O (N), where N is total the number of nodes in the

network. In the present work methods to mitigate these types of attacks were discussed,

including one new protocol has been demonstrated which has successfully reduced the

damage caused by vampires while forwarding the packet as per the simulation results in

the testing environment modeled in this work. A public key algorithm named Elliptic

Curve Cryptography (ECC) algorithm is also used for more security provision.

TABLE OF CONTENTS

ABSTRACT.........................................................................................................................iLIST OF FIGURES............................................................................................................ivACRONYMS AND ABBREVIATIONS...........................................................................ivCHAPTER 1........................................................................................................................1INTRODUCTION...............................................................................................................1

1.1 Background ...............................................................................................................11.2 Problem Motivation...................................................................................................31.2 Objective....................................................................................................................31.3 Proposed Approach and method to be employed.......................................................4

CHAPTER 2........................................................................................................................5REVIEW OF THEORY AND PREVIOUS WORK...........................................................5

2.1 Issues in the Existing system.....................................................................................7CHAPTER3.........................................................................................................................9SYSTEM ANALYSIS AND DESIGN...............................................................................9

3.1 Process Models..........................................................................................................93.2 Software Requirements Specification........................................................................9

3.2.1 Interface Requirements......................................................................................103.3 Hardware andSoftware Requirements.....................................................................103.4 System Overview.....................................................................................................10

3.4.1 Java Technology................................................................................................103.5 SYSTEM DESIGN..................................................................................................12

3.5.1 DFD Diagram....................................................................................................123.5.2 UML Diagram...................................................................................................133.5.2.1 Use case Diagram...........................................................................................143.5.2.2 Class Diagram................................................................................................153.5.2.3 Sequence Diagram..........................................................................................163.5.2.4 Activity Diagram............................................................................................17

CHAPTER 4......................................................................................................................18IMPLEMENTATION........................................................................................................18

4.1 Network Creation Module.......................................................................................184.2 Carosel Attack Module...........................................................................................184.3 Stretch Attack Module.............................................................................................194.4.Energy level identifiaction Module..........................................................................204.5 Secure Transmission Module...................................................................................204.6 ECC Algorithm........................................................................................................214.7 Sample Code............................................................................................................25

CHAPTER 5......................................................................................................................40TESTING...........................................................................................................................40

5.1 Testing Strategies.....................................................................................................40

5.1.1 Unit Testing.......................................................................................................405.1.2 Integrating Testing............................................................................................405.1.3 System Testing..................................................................................................40

5.2 Validation.................................................................................................................405.4 Test cases.................................................................................................................415.5 Limitations...............................................................................................................415.6 Test Results..............................................................................................................41

CHAPTER 6......................................................................................................................42SCREENSHOTS...............................................................................................................42CHAPTER 7......................................................................................................................48CONCLUSION AND FUTURE WORK..........................................................................48

7.1 Conclusion...........................................................................................................487.2 Future Work.........................................................................................................48

REFERENCES..................................................................................................................49

LIST OF FIGURES

Figure 1: Address tree in the network..................................................................................6

Figure 2: Sample Java Program.........................................................................................11

Figure 3: Java Virtual Machine.........................................................................................12

Figure 4 : Data Flow Diagram...........................................................................................13

Figure 5: Use Case Diagram..............................................................................................14

Figure 6: Class Diagram....................................................................................................15

Figure 7: Sequence Diagram.............................................................................................16

Figure 8: Activity Diagram................................................................................................17

Figure 9:Point Addition ....................................................................................................20

Figure 10: Point Doubling.................................................................................................21

Figure 11: Carousel Attack................................................................................................22

Figure 12: Stretch Attack...................................................................................................24

Figure 13: Sink Schematic Representation........................................................................42

Figure 14:Source Schematic Representation ....................................................................42

Figure 15:Node Schematic Representation.......................................................................43

Figure 16: Source Display Available Nodes.....................................................................43

Figure 17: Method Selection Screen..................................................................................44

Figure 18: Node receive and transfer screen ....................................................................44

Figure 19: Sink receive mesage screen .............................................................................45

Figure 20: Checking status of the message screen ...........................................................45

Figure 21: Secure Transmission........................................................................................46

Figure 22: Energy usage by each attack ...........................................................................46

Acronyms and Abbreviations

DoS - Denial of Service

QoS - Quality of Service

JDK - Java Development Kit

JVM - Java Virtual Machines

TCP - Transmission Control Protocol

UDP - User Datagram Protocol

IP - Internet Protocol

WSN - Wireless Sensor Network

MAC - Medium Access Control

RoQ - Reduction of Quality

SRS - Software Requirement Specification

JDBC - Java Database Connectivity

API - Application Programming Interface

RMI - Remote Method Invocation

UML - Unified Modeling Language

v

CHAPTER 1

INTRODUCTION

Ad hoc wireless sensor networks (WSNs) is one of the areas where the research work has been

pacing up dynamically from the past few years. WSN’s have so many applications already and

are assuring many more new applications in coming future with the ongoing research works. The

applications include supplying omnipresent computing power requirements in a on-demand

scale, uninterrupted network connectivity, and provision of communication facilities for military

and first responders in very instantaneous and rapid manner even under the conditions where

there is no proper infrastructure is present at the times needed. Such networks observe factory

performance, ecological surroundings, etc., to name some applications.

1.1 BACKGROUND

With the growing applications and increased use of WSNs, they are becoming more and more

vital in accomplishing everyday needs and tasks of people, organizations and society. Hence, the

system i.e., WSNs for facilitating such type of requirements and needs should function in a very

accurate manner without any faults or errors. Because, they can cause severe problems in proper

functioning of the system, as they became part of the routine in performing tasks in our routine.

Lack of proper security and unavailability of WSNs will cause a major difference in general

business operations as usual, other than that productivity loss, ecological disasters. Thus more

availability of this type of networks is an important thing, and it should hold under malevolent

conditions. Hence, any errors or faults in a WSN are not acceptable.

As we know, Ad hoc organization is very common and a general thing in a WSN. Because of

this type of ad hoc organization, WSNs are more susceptible to DoS attacks. However, an

amount of good research performed to protect WSNs against these DoS attacks, So that they can

with stand and survive against them. Majority of solutions brought out by the researchers are

able to prevent attacks when there is a low availability of the network, But due to lack power in

addressing the attacks that involve long availability of the network.

One case how DOS attack occurs is, by fully depleting the nodes’ power. Is is an simple example

of a resource depletion attack, where target for attack is bandwidth as resource. This type of

attacks where the attacks are done with an aim of depleting the entire resource for causing

permanent denial of network service are called vampire attacks.

1

In this project, it has been considered to study about, how these routing protocols, which are

actually designed and developed to be safe and secure are still vulnerable to security attacks and

are lacking protection from these attack such as vampire attacks.

Vampire vulnerabilities are not belongs to a particular protocol. They do not depend on the

design mechanism or implementation errors. However these attacks try to take advantage of the

faults present in the trivial properties of the protocol classes. The classes include link-state,

distance vector, geographic routing, beacon routing and source routing. These vampire attacks

are not dependant on overflowing the network with huge amount of data, instead they propagate

very less data to the possible extent however, and they target the entire exhaustion or draining of

the energy in the network. As vampire attacks makes use of the protocol compatible

communication (messages) they are highly difficult to identify and restrict.

Different types of vampire attacks can happen in both protocols, i.e., stateless and stateful. In

case of stateful protocols, the nodes present in the network know the topology and state of the

network. Hence, based on the stored rate they make local forwarding decisions.

In case of OLSR protocols, whenever a new link is enabled or a link goes down, the nodes will

store status reports of the links present in the network i.e., whether the link is up or the link is

down. Also the nodes keep track of the overflow routing changes whenever the link goes down

or established.

Routing in link state and distance vector networks are constructed vigorously from many

individual forwarding decisions in a dynamic manner. Hence the adversaries have very little to

influence on the forwarding phase of the packet. This makes these protocols, i.e., link state

protocols to be resistant against the carousel, stretch attacks. The possibility of occurrence of

vampire attacks gets reduced to a great extent when the adversaries are not able to specify the

full path. But still, the affected nodes i.e., malicious nodes are able to falsify the path mis-

forwarding the packets to follow a different path other which, it would choose a normal along

path.

2

When nodes in the network are made to take the forwarding decisions, the vampire will lose

most of control it is having over the progress of packet during that forwarding stage. However,

this is not a complete solution and they (vampires) are still able to waste a lot of energy

by sending again the packet in different positions over the network.

Spurious route discovery is another type of vampire attack on routing protocols mentioned

above. There are no of ways for the malicious nodes to generate a noticeable topology change.

For example, it can do false claims about the link conditions, i.e., claiming that link is down, or a

new link is added to node which is not even exist.

1.2 Problem Motivation

The life period of ad hoc wireless network, especially, that of the sensor network is based upon

the node’s battery power. In so many of the applications where these networks are involved,

recharging or replacing the battery is impossible. Power drainage will lead to the failure of the

node and often it will also lead to the damage of entire network. Data losses will also occur. We

need an efficient energy utilization scheme to transmit the data packets with the minimum

amounts of energy.

But, due to vampire attacks malicious nodes consume more energy than that of the honest node.

Hence it is important to mitigate these types of attacks in order to reduce the amount of energy

used by each node, and to increase the node’s battery life.

1.3 Objective

Main objective of this project is to create a secure mechanism which can be used to detect the

vampire packets and protects from the forwarding of vampire packets and the formation of such

packet inside the node.

1.4 Proposed Approach and Method to be Employed

The proposed methodology to approach and mitigate the problem of vampire attacks involves a

sequence of 3 important steps which are given below.

3

First, thorough evaluation of the weaknesses of existing protocols and routing layers against the

resource depletion attacks such as node’s battery draining has been done. From that it has been

observed that, security schemes to protect Vampire attacks require a different strategy to work

compared to utilize for protecting routing infrastructure, and so existing secure routing protocols

such as SEAD do not resistant against Vampire attacks.

Second, simulation results are obtained, measuring the functioning of a number of protocols

during the presence of a single vampire.

Third is the modification of the present sensor network protocol is done to reduce the damage

done by the vampire attacks during the forwarding phase of packets.

In the present work, PLGPa protocol has been used to safe guard against the vampire attacks.

This PLGPa protocol attaches the verifiable path history to each and every packet in the network,

while maintaining the no backtracking property. This attached path history for every packet is

used by PLGPa along with the PLGP’s tree routing structure. This way each forwarding node

verifies the node signature to make sure that, the packet has followed the correct path and has not

traversed away from its target within the logical address space. In this project, we are extending

secure transmission by using an efficient key management scheme for sensor networks. The

proposed key management methodology is based on the truth that, a sensor communicates only

with a small fraction of its neighbors. This decreases the communication and computation

expenses of a key setup to great extent. To further improve this methodology of key

management, a public key algorithm named Elliptic Curve Cryptography is used in the current

work.

4

CHAPTER 2

REVIEW OF THEORY AND PREVIOUS WORK

As already discussed in Chapter 1, research on these vampire attacks is not adequate and the

problems are not yet defined, evaluated, or mitigated in a comprehensive manner at the routing

layer. As we know that these vampire attacks are meant for resource depletion i.e., power

exhaustion of the nodes batteries. These types of attacks obstruct nodes from incoming into a less

power cycle, which is a result of which the batteries will not sleep and will drain really quick

compared to normal situations. And the recent research works on the “denial-of-sleep attacks”

only judges the attacks that generally happen at the MAC layer. Part from increasing the

efficiency of underlying the routing protocols and MAC or switching away from source routing,

effective mitigation measures were not proposed in most of the works.

Even in case of systems where power is not constrained, depletion attacks occur by exhaustion of

other possessions like CPU time which may affect the network. One simple example for such

type of attacks is “SYN flood attack”. In this type attack, adversaries establishes multiple

connection requests to server, as a result of which the server will do the allocation of resources

for each adversary connection request without knowing that is a malicious attack. These types of

attacks can be overcome by keeping the larger weight on the connecting entity. This type of

solutions places the small load on the legitimate clients who takes the initiation for stabling small

number of connections but it does not the prevent from the malicious entities who will

establishes the large number of connections.

Though there is minimal research and information available on vampire attacks and their

mitigation measures, there is a good amount of literature available on attacks and

diominatingagainst QoS, or RoQ attacks. These types of attacks are responsible for the long-term

deterioration in the quality of network performance. The research work on these type of attacks

are mainly done on the transport layers instead of the routing layers. Hence, The results and

methodologies proposed for these attacks are not suitable for the vampire attacks.

5

Related work includes study and mitigation measures on DOS attacks in ad hoc wireless

network. Most of the work has dealt with attacks which can prevent route setup, interrupt

communication, and establishing routes on their own to drop, modify or monitor attack packets.

However, this type of attacks where denial or degradation of service attacks happens to

deteriorate the battery life and other limited resources is not a primary consideration, making this

research different compared to research on vampire attacks.

The original version of the protocol, i.e., PLGP is designed in such a way to be secure and strong

against the attacks. However, the protocol is still prone to vampire attacks because certain

drawbacks. PLGP method consists of a series of phases beginning with topology discovery and

then packet forwarding. This phase is made to repeat on a pre defined plan in order to ensure that

most recent i.e., current topology information is present.

1. Topology finding Phase:

Topology finding starts with incomplete period. And during this period, all nodes in the network

should declare their existence by distribution an identity certificate. The other things which

include during the discovery and broadcasting are its public key, accepted by the trusted party.

All nodes will start with their group of size one having a address 0. In cases, where, two

individual nodes form the size 2, one of node will accept the address 0, when the other beecomes

1 and it is shown in the below figure.

6

Fig 1: address of tree in the network.

2. Packet forwarding phase: Through the forwarding phase, each decision is made by every

node independently makes all the decisions that are needed. When receiving packet, node finds

the next node by inventing the MSB bit of its address which is different from the source’s

address. In that manner, each forwarding event decreases the logical distance to the final end

point or target, as node’s address must be exactly closer to the target.

2.1 Drawbacks in the Existing PLGP System

There are so many drawbacks in the existing PLGP system which are as follows.

Outage of power events

Environmental disasters and loss of information.

Security level is poor

7

Prone to several DoS attacks.

Productivity losses due to lack of access to network

Attacks that affect the availability for long-term are not addressed.

8

CHAPTER 3

SYSTEM ANALYSIS AND DESIGN

3.1 Process Models

Software process models can be used to represent the series of activities, objects, transformations

and events that represent strategies for accomplishing software progress.

During the development of our project, we used waterfall and iterative model.

Water fall model is a sequential model and it is used when we are adding the new module.

We collect the requirements of this phase and it is given to the iterative model to check and

integrate the functionalities into the module.

3.2 Software Requirements Specification

SRS is the base point to develop any project. Here, we took the requirements from the clients and

they can be translated into formal document.

Mainly, we have two activities in this phase.

1) Analysis of the problem: First, we need to understand what is the problem and the aim of the

project and constraints.

2) Specific Requirements: After completion of the problem analysis, need to focus on the

representation, languages and tools which are analyzed in the problem.

Requirement phase completes after the validating the production of SRS document.

3.2.1 Interface Requirements

This application process is used as an interface with JDBC driver which is used to store the

clients’ information and it provides path to the server when we are doing the transmission.

9

3.3 Hardware and Software Specifications

HARDWARE SPECIFICATIONS

Processor : Pentium –IV

Speed : 1.1 Ghz

RAM : 256 MB(min)

Hard Disk : 5 GB

SOFTWARE SPECIFICATIONS

Operating System : Windows XP

Programming Language : JAVA

Java Version : JDK 1.6 & above.

3.4 System Overview

The development of application includes various components to progress it into complete

product.

3.4.1 Java Technology

Java is a platform independent and a programming language used to develop our applications

3.4.1.1 The Java Platform

Java is developed by James Gosling and Bill Joy and it is a machine-independent programming

language. The java programming language is a high-level language that can be characterized by

the following features:

Simple object- oriented

Architectural neutral Portable

Distributed High performance

Interpreted Multithreaded

10

Robust Dynamic

Secure

The Java contains the program for both compilation and interpretation. Compiler

translates into the intermediate language called Java byte codes which are the

platform-independent codes and they are interpreted by the interpreter. It parses and

executes each instruction on the computer. Compilation can be done only one time and

interpretation done each time whenever the program executed. The below figure

illustrates how this works.

Java bytecode is used for "write once, run anywhere" . Java platform is different from

other platforms and that runs on top of other hardware platforms.

Java platform has two components. They are

Java Virtual Machine (Java VM)

Java Application Programming Interface (Java API)

Java has been introduced into the Java VM. It is the foundation for the Java platform and is

adapted onto the various hardware platforms.

Java API is large collection of so many software components that provides many useful

capabilities like graphical user interface (GUI) widgets. Java API is combined into libraries

of related interface and classes which are called as packages.

11

Figure 2 Simple Java Program

Below figure depicts the components which are incorporated in the Java 2.

Figure 3: Java Virtual Machine3.5 SYSTEM DESIGN

3.5.1 Data Flow Diagrams

DFD is a bubble chart. It is a normal graphical representation which is used to characterize a

system in terms of input data in to the system, different processing carried out on this data, and

the output is generated by the system.

12

Figure 4: Data Flow Diagram

3.5.2 UML Diagrams

Introduction to UML: UML diagram is a graphical representation of elements, and it is

rendered as a connected graph of things and relationships. In theory, a diagram may contain

combination of vertices and arcs. We have 9 UML diagrams. We can represent the behavior and

structure of the system by using these diagrams.

13

3.5.2.1 Use case Diagram

Use case used to represent the behavior of the system. Use case diagrams can be represented by

using actors, use cases and relationships. Each use case is represented with circle.

In this application, we have source and sink actors and the source selects the file and checks the

availability of the nodes and it chooses the path like shortest, longest and carousel path. Sink

receives the data via shortest distance, longest distance , and carousel path which is based on the

method we used to transmit data.

Figure 5: Use case Diagram

3.5.2.2 Class Diagram

Class diagram is a static diagram that represents the structure of the system by using classes and

attributes, methods and relationships between the classes.

Class diagram is not only used for documenting and visualizing structure models but also used

for developing executable system with reverse, forward and round-trip engineering.

14

Figure 6: Class Diagram

3.5.2.3 Sequence Diagram

A sequence diagram shows the series of activities and it shows how objects communicate with

one another and the order of the process.

In sequence diagram, objects contain the time lines and they can represent the process based on

the time lines only.

15

Figure 7: Sequence Diagram

3.5.2.4 Activity Diagram

An activity diagram represents the flow in a system. Here we take the source and availability of

the nodes as an activity. Based upon the method, it forwards the packet.

16

Figure 8: Activity Diagram

17

CHAPTER 4

IMPLEMENTATION

We have implemented the project with the following modules.

MODULES

Network Creation Module

Carousel attack Module

Stretch attack Module

Energy Level Identification Module

Secured Transmission Module

MODULE DESCRIPTION

4.1 Network Creation Module

We have created the network with source, sink and six nodes named A, B, C, D, E, F. Each node

is having a unique identification number and topology discovery is done at transmission time.

Transmission of data is possible based upon the malicious nodes and honest nodes. If any

malicious node is present in our net work nodes then it will chooses the longest path or loops.

We need to the fix the malicious node in the network otherwise it will corrupts the entire

network nodes to be deployed and cannot control their positions.

4.2 Carousel attack Module

In this attack, malicious node composes the packets with purposely by introducing the routed

loops. This is called as a carousel attack and it forwards the packets in the path form in the below

figure. In these attacks, same node occurs so many times while routing the packet in the network.

Mainly this attack is used to raise the length of the route.

18

Fig 8: carousel attack

4.3 Stretch Attack Module

In case of stretch attack, the adversary itself creates long paths by mainly traversing each and

every node in the network. It increases the packet path lengths and it is shown in the figure. In a

randomly generated topology, Carousel attack increases the energy consumption by a factor of 4,

stretch attacks increments the usage of energy and it depends upon the malevolent node.

19

Fig 9: Stretch Attack

4.4 Energy Level Identification Module

In this module, we show the energy levels for each and every node to demonstrate the vampire

attack affect. Here, node is permanently stops working once the bandwidth of the node are

exhausted. Nodes can be recharged by active cycles. During frequent charging cases, power

exhausting attacks are more dangerous if the adversary consumes more power rather than the

nodes can recharge. Vampire attacks many honest nodes if the sending packet constitutes

amplification

4.5 Secured Transmission Module

In this module, we protect the nodes bandwidth and network from vampire attacks by sending

the secured transmission. In this secured transmission data travels in the honest node and

mitigates the vampire attack during the packet forwarding phase.

20

4.6 ECC Algorithm

Electric curve cryptography is a public key cryptography. ECC protection depends upon the

ability to determine the point multiplication and inability to determine the multiplicand with the

novel and production points. Difficulty of the problem is based upon the elliptic curve size.

Primary advantage of using the ECC is to reduce the storage, smaller key size and transmission

requirements.

For the existing cryptographic schemes, an elliptic curve is plane curve over the finite field. It

contains the points which are used to satisfy the below equation.

EC Basic operations.

We have three EC basic operations. They are

1. Point Multiplication

2. Point Addition

3. Point Doubling

Point Multiplication

Q = KP

Example: consider K= 28

Q = 28 P = 2(2 (2 ((P + P) +P) +P)) + P

21

Point Addition

Point addition is used to add the point say P and Q for getting differnt point say R on the same

curve.

Figure 10: Point addition

Point Doubling

Point doubling is the summation of the point P to itself to get different point on the same curve.

So R = P+P =2P

Figure 11: Point doubling

22

ECDH Protocol

ECDH is a key exchange protocol which can be used to allow the exchanging of the secret key

between the two communicating parties. It can be used for private key algorithms. Two

communicating parties need to agree with EC domain parameters before sharing the secret key

between them.

ECDH steps:

Eq (C,D): C,D, are elliptic curve and p is the prime number

G is the generator point whose order is the large value of n.

Consider two communicating parties say F and E have a private key H and a public key

X = H * G.

The process of Key Exchange between F and E

1. M have a pair (HF, XF), where XF =PF * G

2. N have a pair (HN, HE), where HE =HE * G

3. M calculating its own secret key using K = HF * XE

4. N calculates its own the secret key using K = PE * XF

NOTE: Generation of secret key for both parties

K = XF * XE = HE * XF

=HF * HE * G = HE *HF* G

Encryption and Decryption of Text Message

This is the final phase of the algorithm. In this phase we will send data by using encryption and

decryption with the secret key.

Encryption Process

In this process, sender encrypts the data with secret key and sends to the receiver. To do the

encryption, sender select an integer e which is in between (1, n-1).

23

Sender computes Q =e* G. Sender generates its own private key Pr1 =e and public key Pu1= Q.

By using this private key and public key it sends data to the receiver. Before that, data is

converted into the bit string and divides the data into chunks and performs the encryption and

sends to the server.

Decryption process

Receiver decrypts the data by using the following formula.

messages[i].EncodedPoint-Pr2*messages[i].ChosenPoint.

We converted the results we got into alphabet or a number.

ECC Key Pairs

Generation of the key pair is as follows

• Selects an integer d in [1,n-1].

• 2. Compute Q = d*G.

• 3. Result (d,Q).

24

4.7 SAMPLE CODE

package myDesign;

import actionUtils.Action;

import actionUtils.AdminReceive;

import java.io.BufferedReader;

import java.io.File;

import java.io.FileReader;

import java.io.IOException;

import java.io.InputStream;

import java.io.ObjectInputStream;

import java.io.ObjectOutputStream;

import java.io.OutputStream;

import java.net.InetSocketAddress;

import java.net.ServerSocket;

import java.net.Socket;

import java.net.SocketAddress;

import java.net.UnknownHostException;

import java.util.ArrayList;

import java.util.logging.Level;

import java.util.logging.Logger;

import javax.swing.JFileChooser;

import javax.swing.JOptionPane;

import multiSockets.MulticastRx;

import test.DesignSimcar;

25

import test.DesignSimn;

import test.DesignSimstret;

public class Source extends javax.swing.JFrame

{

String title = " SOURCE Vampire Attacks: Draining Life from Wireless Ad Hoc Sensor Networks";

Action action;

String fname;

// Thread t = new Thread(new connect());

String s1;

StringBuffer buffer;

// Thread t1 = new Thread(new connect1());

//Thread jpt = new Thread(new jpro());

public Source() {

initComponents();

init();

setTitle(title);

jProgressBar1.setValue(100);

buttonGroup1.add(jRadioButton1);



// t.start();

// t1.start();

}

26

private void init()

{

action = new Action();

new AdminReceive(this);

new MulticastRx(this);

}

public String get()

{

String gets = null;

if (jRadioButton1.isSelected())

{

gets = jRadioButton1.getText();

}

else if (jRadioButton2.isSelected())

{


}

else if (jRadioButton3.isSelected())

{


}

else

{

27

JOptionPane.showMessageDialog(null, "Select a Mehtod..");

}

return gets;

}

public class jpro implements Runnable

{

public void run()

{

for (int i = 100; i >= 80; i--)

{

try

{

Thread.sleep(100);

jProgressBar1.setValue(i);

}

catch (InterruptedException ex)

{

Logger.getLogger(Source.class.getName()).log(Level.SEVERE, null, ex);

}

}

}

}

private void initComponents()

{

28

buttonGroup1 = new javax.swing.ButtonGroup();

jLabel1 = new javax.swing.JLabel();

jButton1 = new javax.swing.JButton();

jTextField1 = new javax.swing.JTextField();


jProgressBar1 = new javax.swing.JProgressBar();



jRadioButton1 = new javax.swing.JRadioButton();



jScrollPane1 = new javax.swing.JScrollPane();

jTextArea1 = new javax.swing.JTextArea();



jButton2 = new javax.swing.JButton();




setDefaultCloseOperation(javax.swing.WindowConstants.EXIT_ON_CLOSE);

setTitle("Source");

setMinimumSize(new java.awt.Dimension(850, 450));

getContentPane().setLayout(null);

jLabel1.setFont(new java.awt.Font("Times New Roman", 1, 14)); // NOI18N

29

jLabel1.setText("Energy Level :");

getContentPane().add(jLabel1);

jLabel1.setBounds(510, 30, 90, 20);

jButton1.setFont(new java.awt.Font("Times New Roman", 1, 14)); // NOI18N

jButton1.setText("Send");

jButton1.addActionListener(new java.awt.event.ActionListener() {

public void actionPerformed(java.awt.event.ActionEvent evt) {

jButton1ActionPerformed(evt);

}

});

getContentPane().add(jButton1);

jButton1.setBounds(240, 310, 80, 30);

jTextField1.setFont(new java.awt.Font("Times New Roman", 1, 14)); // NOI18N

getContentPane().add(jTextField1);

jTextField1.setBounds(90, 30, 240, 30);


jLabel2.setText("Path :");



jProgressBar1.setFont(new java.awt.Font("Times New Roman", 1, 14)); // NOI18N

getContentPane().add(jProgressBar1);

jProgressBar1.setBounds(610, 30, 210, 30);


30

jLabel3.setText("File Name :");




jLabel4.setText("Neighbor Nodes :");



jRadioButton1.setFont(new java.awt.Font("Times New Roman", 1, 14)); // NOI18N

jRadioButton1.setText("Stretch_Attack");

getContentPane().add(jRadioButton1);

jRadioButton1.setBounds(100, 330, 130, 25);


jRadioButton2.setText("Secure_Transmission");




jRadioButton3.setText("Carousel_Attack");



jTextArea1.setColumns(20);

jTextArea1.setFont(new java.awt.Font("Times New Roman", 1, 14)); // NOI18N

jTextArea1.setRows(5);

jScrollPane1.setViewportView(jTextArea1);

getContentPane().add(jScrollPane1);

31

jScrollPane1.setBounds(50, 80, 370, 150);







jButton2.setFont(new java.awt.Font("Times New Roman", 1, 14)); // NOI18N

jButton2.setText("Browse");

jButton2.addActionListener(new java.awt.event.ActionListener() {

public void actionPerformed(java.awt.event.ActionEvent evt) {

jButton2ActionPerformed(evt);

}

});

getContentPane().add(jButton2);

jButton2.setBounds(340, 30, 80, 30);









pack();

32

}

private void jButton2ActionPerformed(java.awt.event.ActionEvent evt)

{

JFileChooser fc = new JFileChooser();

int retVal = fc.showOpenDialog(this);

if (retVal == JFileChooser.APPROVE_OPTION)

{

File selectedFile = fc.getSelectedFile();

File f = null;

try

{

f = new File(selectedFile.getCanonicalPath());

}

catch (IOException e2)

{

e2.printStackTrace();

}

jTextField1.setText(f.getName());

fname = f.getName();

try

{

BufferedReader bufferReader = new BufferedReader(new FileReader(f));

String append = "";

String line = bufferReader.readLine();

while (line != null)

33

{

append += line + "\n";

line = bufferReader.readLine();

}

jTextArea1.setText(append)

}

catch (Exception e1)

{

e1.printStackTrace();

}

}

}

private void jButton1ActionPerformed(java.awt.event.ActionEvent evt)

{

try

{

if (get().equals(null) || (get() == null))

{

JOptionPane.showMessageDialog(null, "Select a method to send Data....");

}

else

{

if (get().equalsIgnoreCase("Secure_Transmission"))

{

System.out.println("Secure_Transmission send");

34

jTextArea2.append("Node-A-->Node-B-->Node-C-->Node-D-->Node-E-->Node-F-->Sink");

new DesignSimn().setVisible(true);


Thread t3 = new Thread(new jpro());

t3.start();

try

{

ObjectOutputStream oos, oos1, oos2, oos3, oos4, oos5, oos6;

OutputStream os, os1, os2, os3, os4, os5, os6;

Socket s = null, s1 = null, s2 = null, s3 = null, s4 = null, s5 = null, s6 = null;

ArrayList<String> array = new ArrayList<String>();

array.add(0, jTextField1.getText());

array.add(1, jTextArea1.getText());

array.add(2, "Secure_Transmission");

s = new Socket("localhost", 8401);

os = s.getOutputStream();

oos = new ObjectOutputStream(os);

oos.writeObject(array);

oos.close();

os.close();

s.close();

}

catch (UnknownHostException ex)

{

35


}

catch (IOException ex)

{


}

}

if (get().equalsIgnoreCase("Carousel_Attack"))

{

System.out.println("carousel send");

jTextArea2.append("Node-A-->>>Node-B-->>>Node-C-->>>Node-D-->>>Node-E-->>>Node-F-->>>Sink");

new DesignSimcar().setVisible(true);



t3.start();

try

{







array.add(2, "carousel");

36





oos.close();

os.close();

s.close();

}


{


}


{


}

}

if (get().equalsIgnoreCase("Stretch_Attack"))

{

System.out.println("stretch send");

jTextArea2.append("Node-A-->Node-B-->Node-C-->Node-D-->Node-E-->Sink");

new DesignSimstret().setVisible(true);



t3.start();

37

try

{







array.add(2, "stretch");





oos.close();

os.close();

s.close();

}


{


}


{


}

38

}

}

}

catch (Exception e)

{

}

}

39

CHAPTER 5

TESTING

Testing is used to find out errors in the application. Testing is the major task to be performed

during software development. During testing process, a program is executed over a set of

prepared test cases. The results of the program over the test cases are evaluated to find out

whether the program is working as expected or not.

5.1 Testing Strategies

The main aim of testing is developing error free software system. To attain this goal we need to

perform different tests at different stages of software development are:

5.1.1 Unit Testing

Unit testing is performed on each module as they are developed completely and ready to

execution. Each module will be tested by following two strategies which are:

5.1.1.1 Black Box Testing:

In this testing test cases are considered as input conditions to check all well-designed

requirements of the application are correctly reached or not.

5.1.1.2 White Box Testing:

In this testing the test cases are prepared with a purpose of examining the logic of each module

and logical decisions.

40

5.2 Validation

The system has been tested completely to ensure that all the requirements as mentioned in the

software requirements specification are fully satisfied.

5.3Test cases

Testing is the set of actions which are planned in advance and they can be conducted

that procedure only.

Motivation of program testing is to achieve the software quality.

5.5 Limitations

Network Failures: Due to the network failure the user may not receive the result

fast and no responsibility is provided by the project for this failure.

Power Failures: Also no responsibility is provided for power fail.

5.6 Test Results

Other than the general testing methods, Alpha testing method is used for testing the functionality

within the development place. The errors that were fixed are incorporated in the application. We

have tested the energy levels of the nodes after preventing from the vampire attack. It shows that

nodes consuming the less energy.

41

CHAPTER 6

SCREEN SHOTS

Sink

Figure 12: Sink Schematic RepresentationSource

Figure 13: Source Schematic Representation

42

Node

Figure 14: Node Schematic RepresentationSource Display Available Nodes

Figure 15: Source Display Available Nodes

43

Method Selection

Figure 16: Selection of MethodNode Receive and Transfer

Figure 17: Messages Transfer and Receive

44

Sink Receive Messages

Figure 18: Sink Receiving Message Checking status

Figure 19: Checking the status

45

Carousel Attack

Stretch Attack

46

Secure Transmission

Figure 20: Secure Transmission

Figure 21: Energy usage

47

CHAPTER 7

CONCLUSION AND FUTURE WORK

7.1 Conclusion

Following conclusions were made during the course of this project work.

Vampire attacks are defined and understood as a new class of attacks that are responsible for

causing complete exhaustion of the network resources by draining the nodes battery power,

thereby causing the permanent Denial of Service.

Vampire attacks are not definite to specific protocols and also do not depend on specific

implementations.

These attacks depict the weaknesses of WSNs in several major protocol classes.

Representation of these attacks on a modeled i.e., representative environment of a routing

protocols has been done using a small no of weak adversaries.

The measurement of those attacks has also been done to understand the effect of these

attacks on the network, and to understand the effectiveness of the proposed methodology to

secure the WSN from vampire attacks on a accidentally generated topology.

To safeguard such attacks, defense measures were proposed in the form of PLGPa protocol.

7.2 Future Work

The solution offered in the present work is working but not a comprehensive and complete

satisfactory solution for protecting the WSNs against Vampire attacks during the topology

finding phase. However, the proposed method has given some idea about how damage limitation

can be done with further changes to the existing PLGPa. It protects from the affects and military

protection for handling the mobile networks, as well as for topology discovery, is left for future

work.

48

References

[1] I. Aad, J.-P. Hubaux, and E.W. Knightly, “Denial of Service Resilience in Ad Hoc

Networks,” Proc. ACM MobiCom, 2004.

[2] G. Acs, L. Buttyan, and I. Vajda, “Provably Secure On-Demand Source Routing in Mobile

Ad Hoc Networks,” IEEE Trans. Mobile Computing, vol. 5, no. 11, pp. 1533-1546, Nov. 2006.

[3] T. Aura, “Dos-Resistant Authentication with Client Puzzles,” Proc. Int’l Workshop Security

Protocols, 2001.

[4] J. Bellardo and S. Savage, “802.11 Denial-of-Service Attacks: Real Vulnerabilities and

Practical Solutions,” Proc. 12th Conf. USENIX Security, 2003.

[5] D. Bernstein and P. Schwabe, “New AES Software Speed Records,” Proc. Ninth Int’l Conf.

Cryptology in India: Progress in Cryptology (INDOCRYPT), 2008.

[6] D.J. Bernstein, “Syn Cookies,” http://cr.yp.to/syncookies.html, 1996.

[7] I.F. Blaked, G. Seroussi, and N.P. Smart, Elliptic Curves in Cryptography, vol. 265.

Cambridge Univ. , 1999.

[8] J.W. Bos, D.A. Osvik, and D. Stefan, “Fast Implementations of AES on Various Platforms,”

Cryptology ePrint Archive, Report 2009/ 501, http://eprint.iacr.org, 2009.

[9] H. Chan and A. Perrig, “Security and Privacy in Sensor Networks,” Computer, vol. 36, no.

10, pp. 103-105, Oct. 2003.

[10] H. Chan and A. Perrig, “Security and Privacy in Sensor Networks,” Computer, vol. 36, no.

10, pp. 103-105, Oct. 2003.

49

http://cr.yp.to/syncookies.html

[11] J.-H. Chang and L. Tassiulas, “Maximum Lifetime Routing in Wireless Sensor Networks,”

IEEE/ACM Trans. Networking, vol. 12, no. 4, pp. 609-619, Aug. 2004.

[12] A.J. Goldsmith and S.B. Wicker, “Design Challenges for Energy-Constrained Ad Hoc

Wireless Networks,” IEEE Wireless Comm., vol. 9, no. 4, pp. 8-27, Aug. 2002.

[13] Y.-C. Hu, D.B. Johnson, and A. Perrig, “Ariadne: A Secure On-Demand Routing Protocol

for Ad Hoc Networks,” Proc. MobiCom, 2002.

[14] M. Maleki, K. Dantu, and M. Pedram, “Power-Aware Source Routing Protocol for Mobile

Ad Hoc Networks,” Proc. Int’l Symp. Low Power Electronics and Design (ISLPED), 2002.

50

navya doc

Documents

Transcript of navya doc