The internet of things and wireless sensor networks rely on the routing protocol for low-power and lossy networks to manage data transmission. The networks are vulnerable to advanced vampire attacks, which exhaust energy resources by manipulating routing mechanisms, leading to severe network degradation. The advanced vampire attack exploits the control logic of the routing protocol for low-power and lossy networks, so it is crucial to identify and counter such attacks to ensure network stability. The paper presents an improved detection technique using an optimized method that extends the Theil index with Taylor series expansion to improve computation efficiency and sensitivity to anomalies. The performance is tested with the ToN-IoT dataset with the isolated random forest employed for anomaly detection. Anomaly scores and threshold values from the isolated random forest help choose and improve features in the Theil index, leading to better detection accuracy. Existing anomaly-detection methods in wireless sensor networks are mostly simulation-driven and overlook deployment constraints, such as energy and computation. Standard baselines like Isolation Forest also fail to address resource-depletion attacks, such as vampire attacks, motivating our optimized Theil Index approach. The optimized Theil Index reduces computation time by approximately 31 percent and boosts throughput by around 43 percent, enabling faster and more efficient data handling. In addition, medium access control address-based anomaly analysis also increases precision. By integrating statistics and machine learning, our solution provides a very efficient and scalable detection and countermeasure for advanced vampire attacks on low-power networks.
Geethika et al. (Thu,) studied this question.