192 CHAPTER 8 Defending Against Identity-Based Attacks in Wireless Networks which will enable the network to actively exploit a wide range of defense strategies. In this chapter, we first provide an overview of the feasibility of launching identity-based attacks and their threats on network performance. We then discuss the existing studies on addressing identity-based attacks. The traditional approaches to prevent identity-based attacks are to apply cryptographic authentication. However, authentication requires additional infrastructural overhead and compu- tational power associated with distributing, and maintaining cryptographic keys. Due to the lim- ited power and resources available to the wireless devices and sensor nodes, it is not always possible to deploy authentication. Thus, recently researchers are seeking solu- tions that do not require much overhead or changes to the wireless devices themselves and cannot be undermined easily even when nodes are compromised. Along this direction, a broad 8.2. FEASIBILITY OF LAUNCHING IDENTITY-BASED ATTACKS In this section, we provide an overview of the feasibility of launching identity-based attacks and their impact on network performance. 8.2.1. Spoofing Attacks The broadcast-based communication combined with the increasingly flexible programming inter- face of commodity devices makes launching the spoofing attacks with little effort. Attackers can gather useful identity information of wireless devices during passive monitoring and utilize the identity information to launch identity-based spoofing attacks in wireless and sensor networks. For instance, in an 802.11 network, it is easy for a wireless device to acquire a valid MAC address and masquerade as another device. The 802.11