IETF Logo Mail Archive

Re: [MEXT] Energy consumption attacks

Pars Mutaf <pars.mutaf@gmail.com> Tue, 22 March 2011 08:28 UTC

Return-Path: <pars.mutaf@gmail.com>
X-Original-To: mext@core3.amsl.com
Delivered-To: mext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 356233A67B4 for <mext@core3.amsl.com>; Tue, 22 Mar 2011 01:28:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bhsnmsVnkCDV for <mext@core3.amsl.com>; Tue, 22 Mar 2011 01:28:47 -0700 (PDT)
Received: from mail-qy0-f179.google.com (mail-qy0-f179.google.com [209.85.216.179]) by core3.amsl.com (Postfix) with ESMTP id E73CC3A67AF for <mext@ietf.org>; Tue, 22 Mar 2011 01:28:46 -0700 (PDT)
Received: by qyk7 with SMTP id 7so5247288qyk.10 for <mext@ietf.org>; Tue, 22 Mar 2011 01:30:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=7gReevYGd4gc/Smxv988ZERP5lfanrsG5aZ9IUwl1RU=; b=jE7DRY1KSnZMNCH2iYI8FIA/GmA++GuBCqMLgJX78XwXS2GxUQz3kfAXrsPKSmb1Iu 2omnmxTZtESC8HG5t3wCiiUDdfQyHpwddS/gE5MhOAYxxqCflTjOXmMZgbmUjQq+8fmY Amq7FVqSymv80FCWbOqYLiICwqiwne/0Ilj1Y=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=cAj+pb/CbUgYhQM7xHPRG6cvcHZNKjsccW9QvcXSPoFbOh+k/212UGx5D9TuS+WhsG 5CIzM12hRgDrcQZPF7PcK//VlWGs3CBWNCy2RYHWlqeVr8PvFKYpTW+yHyI8cC9bxUXg knxZsl4G2PeEUGiWelMI8P439uhFI0FImXpVM=
MIME-Version: 1.0
Received: by 10.224.55.212 with SMTP id v20mr4545740qag.22.1300782619520; Tue, 22 Mar 2011 01:30:19 -0700 (PDT)
Received: by 10.224.67.13 with HTTP; Tue, 22 Mar 2011 01:30:19 -0700 (PDT)
In-Reply-To: <008c01cbe83d$fb4763c0$f1d62b40$@a-star.edu.sg>
References: <AANLkTikW+MfR_R4A+g2+o=BZDnsAoOmfLHNgiOm4Z_-n@mail.gmail.com> <AANLkTikGc4JDgzBivYQNGfPTzf8r75L_od2etQMq3Rm5@mail.gmail.com> <008c01cbe83d$fb4763c0$f1d62b40$@a-star.edu.sg>
Date: Tue, 22 Mar 2011 10:30:19 +0200
Message-ID: <AANLkTikeEOd_-w9GrSNX8keajJ-iizEiht8h36Q1fZ-B@mail.gmail.com>
From: Pars Mutaf <pars.mutaf@gmail.com>
To: QIU Ying <qiuying@i2r.a-star.edu.sg>
Content-Type: multipart/alternative; boundary=001485f2ca38f77ee0049f0e0d27
Cc: mext@ietf.org
Subject: Re: [MEXT] Energy consumption attacks
X-BeenThere: mext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Mobile IPv6 EXTensions WG <mext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mext>
List-Post: <mailto:mext@ietf.org>
List-Help: <mailto:mext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Mar 2011 08:28:48 -0000

Hi Qiu,

On Tue, Mar 22, 2011 at 5:05 AM, QIU Ying <qiuying@i2r.a-star.edu.sg> wrote:

> This topic is interesting.
>
>
>
> But I am afraid that there is an efficient way to prevent this kind of DOS
> attacks because the mobile node must wake up from sleep to receive and
> process these required messages before simply drop them.
>
>
>
> Could you please provide more details?
>
>
>

I am not entering in the solution space, various solutions may be possible.
You cannot simply drop the incoming packets as you suggested because you
would become unreachable in this case. The attacker can spoof source IP
addresses so you cannot differentiate between malicious and legitimate
packets.

Regards,

Pars



> Regards
>
> Qiu Ying
>
>
>
>
>
> *From:* mext-bounces@ietf.org [mailto:mext-bounces@ietf.org] *On Behalf Of
> *Pars Mutaf
> *Sent:* Monday, March 21, 2011 7:07 PM
> *To:* mext@ietf.org
> *Subject:* Re: [MEXT] Energy consumption attacks
>
>
>
> Some details that may not be obvious:
>
> The victim consumes energy for:
>
> - Receiving the messages (continuously waking up from sleep mode)
> - Processing them and preparing reply packets (L2 and L3)
> - Sending replies (L2 ACKs and upper layer replies e.g. SIP or TCP replies)
>
> Sending replies especially consumes more energy. It was shown that in
> 802.11 sending 1 bit over the air consumes as much as executing 1,000 CPU
> instructions.
>
> Regards,
>
> Pars
>
> On Mon, Mar 21, 2011 at 11:43 AM, Pars Mutaf <pars.mutaf@gmail.com> wrote:
>
> Hello,
>
> I was wondering if solutions to energy consumption attacks on battery
> powered mobile hosts would be of interest to IETF Mobile IPv6 community.
>
> The attack consists of sending frequent request packets e.g. SIP INVITE or
> TCP SYN to a victim's home address.
>
> For example, experiments showed that the battery of a mobile phone with
> 802.11 access can be remotely consumed in 3 hours (full battery). Attacks on
> phones using an outdoor technology would result in more energy consumption
> because of the longer distance to the base station.
>
> The victim becomes unusable.
>
> Regards,
>
> Pars
>
>
>  Institute for Infocomm Research disclaimer: "This email is confidential
> and may be privileged. If you are not the intended recipient, please delete
> it and notify us immediately. Please do not copy or use it for any purpose,
> or disclose its contents to any other person. Thank you."
>

v2.8.7 | Report a Bug | By Email