The Performance Of Wireless Sensor Networks

Published Date: 02 Nov 2017

When wireless network nodes are organized into a cooperative network, the same will result in wireless sensor network. Every node in the above network consists of its own process capability which contains multiple types of memory. The communication from the nodes is in wireless form. Spatially distributed autonomous sensors are employed in this communication system catering to health care, home, commercial and environmental applications. Many sensor networks have critical applications, in military and healthcare areas. The inherent drawbacks in these type of networks lies in distinctive security challenges because of their inherent limitations in communication and computing. The various Limitations in Wireless Sensor Networks include node limitations, network limitations and physical limitations. Wireless sensor networks also suffer from inherent constraints in node functioning .A few of the major constraints are Energy constraints, Memory Limitations, Higher latency in communication. The various security challenges in Wireless sensor network include Security goals, Availability, Authorization, Authentication, Confidentiality, Dependability, Integrity, Non repudiation. An attempt is made in this paper to address the above issues.WSN presents challenges namely Privacy, Security, Safety, Environmental Impact, Mobility, Limited Bandwidth, Memory and Battery Power to the network designers. Providing security in WSN is a major concern. Security protocols must be constructed for effectiveness and efficiency. In this research various defensive approaches for node replication attacks in static and mobile WSN were studied and a few novel protocols have been proposed.

Keywords : Protocols, Mobility, Limited bandwidth, Node replication, Novel Protocols.

1. INTRODUCTION

A Wireless Sensor Network (WSN) is a collection of nodes organized into a cooperative network. Each node consists of processing capability (one or more microcontrollers, Central Processing Units (CPUs) or Digital Signal Processor (DSP) chips), may contain multiple types of memory (program, data and flash memories),has a Radio Frequency transceiver (usually with a single Omni-directional antenna), and a power source (e.g., batteries and solar cells), and accommodates various sensors and actuators. The nodes communicate wirelessly and often self-organize after being deployed in an ad hoc fashion. Systems of 1000s or even 10,000 nodes are anticipated in the application field.

Such systems can revolutionize the way people live and work. These are spatially distributed autonomous sensors employed in military, healthcare, home, commercial and environmental applications to monitor physical and environmental conditions, such as temperature, sound, pressure and for other remote sensing applications to cooperatively pass their data through the network to a main location (end System in a application).

Many sensor networks have mission-critical tasks, in military and healthcare applications, Thus it is clear that security needs to be taken into account at the time of design. While WSNs come from wireless ad hoc networks, important distinctions exist between wireless sensor network and ad hoc network, and these differences greatly affect the system designs including security designs.

A WSN consists of a large number of sensor nodes which are

inherently resource-constrained. These nodes have limited processing

capability, very low storage capacity, and constrained communication

bandwidth. These limitations arise from limited energy and physical size of the sensor nodes. They prevent direct employment of the conventional security mechanisms in WSNs. In order to optimize the conventional security algorithms for WSNs, it is necessary to be aware of the constraints of sensor nodes.

Some of the major constraints of a WSN are Energy constraints, Memory constraints and higher latency in communications. The goal of security services in WSNs is to protect the information and resources from attacks and misbehavior. The security requirements in WSNs include Availability, Authorization, Authentication, confidentiality, Dependability, Integrity, Non repudiation.

The security services in WSNs are usually centered on cryptography. However, due to the constraints in WSNs, many already existing secure algorithms cannot be used for practical purposes.

Hence in this paper an attempt is made to identify the various challenges faced by WSN and to address the same.

2. LITERATURE REVIEW

A comprehensive literature review was carried out on node replication attacks and other security issues in static and mobile wireless sensor networks. This literature survey revealed various mathematical and operational methods for solving the above problems.

One of the first solutions for the detection of clone attacks relies on a centralized Base Station (BS) [1].In this solution, each node sends a list of its neighbors and their locations (i.e the geographical coordinates of each node) to a BS. The same node ID in two lists with inconsistent locations will result in clone detection. Then, the BS revokes the clones. However, this solution has several drawbacks, such as the presence of a single point of failure (the BS) and high communication cost due to the large number of messages. Further, nodes close to the BS will be required to route many more messages than other nodes, thus shortening their operational life.

Another centralized clone node detection protocol has been recently proposed for sensor network to detect the presence of clones [2]. Keys that are present on the cloned nodes are detected by looking at how often they are used to authenticate nodes in the network. This solution assumes that a random key pre distribution security scheme is implemented in the sensor network. That is, each node is assigned a set of ‘k’ symmetric keys, randomly selected from a larger pool of keys. For detection, each node constructs a counting Bloom filter from the keys it uses for communication. Then, each node sends its own filter to the BS. From all the reports, the BS counts the number of times each key is used in the network. The keys used too often (above a threshold) are considered cloned and a corresponding revocation procedure is raised. The system can recover from a cloning attack by terminating connections using cloned keys.

The two main drawbacks of this approach are the existence of a single point of failure and the need to have such a permanently present base station. Both drawbacks disappear in distributed approaches. Third non negligible drawback is the large imbalance of message processing.

Clone attacks can also be detected through a localized approach without depending on BS.

In the localized algorithm [3], a voting mechanism is used within a neighborhood to agree on the legitimacy of a given node. However, this method fails to detect clones that are not within the same neighborhood. As described in [4] a naive distributed solution for the detection of the node replication attack is Node-To-Network Broadcasting. Here, each node floods the network with a message containing its own location information and compares the received location information with that of its neighbors. If a neighbor Sw of node Sa receives a location claim that the same node Sa is in a position not coherent with the originally detected position of Sa, this will result in a clone detection. However, this method is very energy consuming since it requires ‘n’ flooding per iteration, where ‘n’ is the number of nodes in the WSN.

In the Sybil attack, a node claims multiple existing identities stolen from corrupted nodes. Both the Sybil and the clone attacks are based on identity theft, but they are different in nature. The Sybil attack can be efficiently addressed with a mechanism based on Received Signal Strength Indicator (RSSI) or with authentication based on the knowledge of a fixed key set.

Parno proposed two protocols: Randomized Multicast (RM) and Line-Selected Multicast (LSM). In RM, each node broadcasts a location claim to its neighbors. Then each neighbor selects some random locations within the network and forwards the location claim with a probability to the nodes (refer to as witness nodes) closest to chosen locations by using geographic routing. According to Birthday Paradox, at least one witness node is likely to receive conflicting location claims when replicated nodes exist in the network. In RM, when a node announces (locally broadcasts) its location, each of its neighbors sends (with probability ‘p’) a digitally signed copy of the location claim to a set of randomly selected nodes. Assuming that there is a replicated node, if every neighbor randomly selects O destinations, with a not negligible probability, at least one node will receive a pair of not coherent location claims. The node that detects the existence of a node in two different locations within the same protocol run is called a witness node. But the communication cost is high in the RM protocol as each neighbor has to send Omessages. To reduce the limitations of RM, authors proposed the following LSM protocol.

Besides storing location claims in randomly selected witness nodes, the intermediate nodes that forward location claims can also be witness nodes. This seems like a line randomly drawn across the network, and the intersection of two lines becomes the evidence node of receiving conflicting location claims. In LSM, when a node announces its location, every neighbor first locally checks the signature of the claim, and then, with probability ‘p’, forwards it to g ≥ 1 randomly selected destination nodes. A location claim, when traveling from source to destination, has to pass through several

intermediate nodes that form the so-called claim message path. Moreover, every node that routes this claim message has to check the signature, store the message and check the coherence with the other location claims received within the same run of the detection protocol. Node replication is detected by the node (if present) on the intersection of two paths generated by two different node claims carrying the same ID and coming from two different nodes.

Attempts were made for the use of [5] location-based keys to the wart and defend against several attacks, including nodes replication attacks. Their protocol is based on the use of a bilinear map along with the use of identity based cryptography, in addition to the capability of sensors to retrieve their exact location coordinates once they are deployed. Initially, the BS which is a widely trusted entity in the network defines a bilinear map ‘e’ over two cyclic groups G1 and G2 of the same prime order Q. Then define G1 as an additive operation and G2 as a multiplicative operation.

e : G1 × G1 → G2, R, S, G1 and a, b Z

It achieves a strong security, by preventing an attacker from injecting any node in the network, either a cloned node, or a node with a false identity. To prove its identity, which is also its unique location coordinates, a node must have possession of the corresponding location-based key, and otherwise it can never pass the location-based node-to-node authentication phase. This protocol relies highly on the trust of the mobile robots that provide sensors with their position and location-based keys, and relies also on the properties of bilinear map and identity based cryptography, which are mathematically based on Elliptic Curves Cryptography (ECC).

Intrusion detection is one of the critical applications in WSNs, and recently, several approaches for intrusion detection in homogeneous WSNs have been presented .This approach aims at effectively detecting the presence of an intruder. First, the problem is investigated from the aspect of the network architecture.

The hierarchical tree consists of connected sensors and is built upon expected properties of intruder mobility patterns such as its movement frequency over a region. Based on the hierarchical tree, it allows an efficient record of an intruder’s moving information and supports fast querying from the base station. Another tree structure for tracking an intruder, called as a logic object-tracking tree, is developed by [6]. The logic object tracking tree reduces the communication cost for data updating and querying by taking into account the physical network topology. In particular, the logic object tracking tree targets to balance the update cost and the query cost so as to minimize the total communication cost.

Zhu proposed two more efficient distributed protocols for detecting node replication attacks: Single Deterministic Cell (SDC) and Parallel Multiple Probabilistic Cells (P-MPC). Both protocols need the sensor network to be a geographic grid, each unit of which is called a cell. In SDC, each node’s ID is uniquely mapped to one of the cells in the grid. When executing detection procedure, each node broadcasts a location claim to its neighbors. Then each neighbor forwards the location claim with a probability to a unique cell by executing a geographic hash function with the input of node’s ID. Once any node in the destination cell receives the location claim, it floods the location claim to the entire cell. Each node in the destination cell stores the location claim with a probability. Therefore, the clone nodes will be detected with a certain probability since the location claims of clone nodes will be forwarded to the same cell. The difference between SDC and P-MPC is the number of destination cells. In P -MPC the location claim is forwarded to multiple deterministic cells with various probabilities by executing a geographic hash function with the input of node’s ID. The rest of the procedure is similar to SDC. Therefore, the clone nodes will be detected with a certain probability as well.

Choi proposed a clone detection approach in sensor networks called SET. In SET, the network is randomly divided into exclusive subsets. Each subset has a subset leader, and members are one-hop away from their subset leader. Next, multiple roots are randomly decided to construct multiple sub-trees and each subset is a node of the sub-tree. Each subset leader collects member information and forwards it to the root of the sub-tree. Each root of the sub-tree performs an intersection operation to detect replicated nodes. If the intersection of all subsets of a sub-tree is empty, there are no clone nodes in this sub-tree. Each root then forwards its report to the BS. In the final stage, the BS detects the clone nodes by computing the intersection of any two received sub-trees.

The only approach that achieves real-time detection of clone attacks in WSN was proposed [7]. In this approach, each sensor computes a fingerprint by incorporating the neighborhood information through a superimposed s-disjunct code. Each node stores the fingerprint of all neighbors. A node sends a message along with its fingerprint to its neighbors which verify the fingerprint. The messages sent by clone nodes deployed in other locations will be detected and dropped since the fingerprint does not belong to the same "community".

An active detection approach was proposed [8], in which witness nodes actively obtain location claims. Each node first randomly chooses several nodes and becomes their witness node. Then if ‘a’ node is node a’s witness node, it will send location-claim request through several relay nodes to node ‘a’. These relay nodes are randomly chosen by the witness node for ‘a’. Thus if ‘a’ has a replica, the replica will have high probability to receive the request as well, and reply a conflicting location claim to the witness node.

3. METHODOLOGY OF PRESENT WORK

A brief review of prevention of clone attacks or node replication attacks in pervasive environments is made. Security of the emerging WSNs in pervasive applications is a crucial problem because information must be protected against misdeeds like change or theft. The WSN has emerged as a new technology for pervasive applications that allows the data to be collected by small wearable or implantable sensors and communicated using short-range wireless communication techniques. The security and privacy protection of the data collected from a WSN, either while being stored inside the WSN or during their transmission outside of the WSN, is a major unsolved concern, with challenges coming from stringent resource constraints of WSN devices and the high demand for both security/privacy and practicality/ usability. This section presents a secure inter sensor communication within one group of WSNs and communication between multiple groups of WSNs (motes) and base station (access pointer or sink node) for preserving not only the privacy of data, but also ensuring the safety of information delivery.

The application of WSN in military, civil and other applications is considered. Due to their operating nature, they are often unattended and hence prone to different kinds of novel attacks. For instance, an adversary could eavesdrop all network communications, and further an adversary could capture the nodes for acquiring all the information stored therein. Sensors are commonly assumed to be not tamper-proof. Therefore, an adversary may replicate captured sensors and deploy them in the network to launch a variety of malicious activities. This attack is referred to as the clone attack .Since a clone has legitimate information (code and cryptographic material) and it may participate in the network operations in the same way as a non-compromised node and hence, cloned nodes can launch a variety of attacks. A few solutions have been described in the related works to solve the above said attacks. For instance, a clone could create a black hole, initiate a wormhole attack with a collaborating adversary, or inject false data or aggregate data in such a way to bias the final result. Further, clones can leak data and the threat of a clone attack can be characterized by two main points:

In this paper, Distributed Approach is taken up and a Secure Randomized, Efficient and Distributed (SRED) algorithm has been developed.

Attempts are made in this paper to present the need and formulation of enhanced Randomized, Efficient and Distributed (RED) algorithm called SRED algorithm for solving node replication attacks problems in wireless sensor networks. The classical RED algorithm employs the selection of random witness from the network and makes it as a deciding factor for the elimination process of duplicate or clone nodes. This leads to premature convergence and ineffective process. Hence, to overcome these drawbacks, certain changes are brought about through the combined application of location and ID based methods. In this section the detailed description is provided about a network self-healing mechanism, where nodes autonomously identify the presence of clones and exclude them from any further network activity even though the selected witness may be the clone. In particular, SRED is designed to iterate as a "routine" event. It is designed for continuous iteration without significantly affecting the network performances, while achieving high clone detection rate.

The SRED algorithm introduces new diversification and intensification strategy into the selection of witness. During the selection of witness node, there is a possibility that the witness may be the malicious node and therefore it finds one or more witnesses to verify and approve the trust- worthiness of initial selected witness, and thereby plays a vital role in the deciding phenomena of the network operations.

A major contribution of the present work is the proposal of a self-healing and Secure Randomized, Efficient, and Distributed protocol to detect node replication attacks. An analytical comparison of SRED with LSM and RED shows that the SRED has high probability rate to find out the replication present in the network. Extensive simulations confirm these results. The detection probability at the tenth iteration is 0.36 for LSM Protocol, 0.8 for RED and 0.9 for SRED. The detection probability of SRED consequently increases in all iterations. Lastly, in spite of the high presence of compromised nodes, SRED has more resilience in its detection capabilities than RED and LSM.

By the application of a few of the above techniques or a combination of above techniques, the above described challenges can be addressed effectively.

4. CONCLUSIONS

Establishing an efficient and stable method for detection of node replication attacks is a challenge in static WSN. SRED protocol is developed as an effective mechanism to defend against such attacks. It provides strong security to the nodes, particularly in the unattended and hostile environments. SRED shows a significant increase in malicious node detection probability in the network, when compared to LSM: it is from 0.35 to 0.9 in the first 5 iterations. With RED, it is from 0.8 to 0.9 and consecutively the detection probability increases in all iterations of the protocol run. At the same time the memory overhead increases in SRED when compared to LSM, but this is a negligible amount when compared to energy and replication detection probability. Also when considering the network security in high critical applications, the memory overhead will not affect the node’s performance. In conclusion, SRED improves network security and stability, also ensures an attack free operation of the network.

A Pro-Active prevention of node replication attacks in static WSN is described as a second method for the same. It is an enhancement to SRED. It prevents the malicious or cloned node at the entry level of the network itself. It uses the location of the node as an identifying factor, which can be verified before any node enters the network directly through the base station or through some other node in the edges of the network via a multi hop communication. It shows significant improvement in malicious node detection probability from 0.9 to 0.98 when compared to SRED. These improvements continue with all other iterations of the protocol run. At the same time, there is a small amount of increase in memory and energy overheads of PRED protocol when compared to SRED. The memory overhead increases from 40% to 70% at the peak of node’s memory and energy overhead increases from 13% to 28% at the 120th iteration of the protocol run. To conclude, the overhead introduced by the PRED method is negligible when compared to security nature of critical applications, because the detection strategy improves network security and stability when compared to SRED.

The Distance Vector Based Detection of node replication in static sensor network is another method which uses the new claim as distance between the nodes and the base station. Normally all the previous defense mechanisms use the claim of ID and location as the deciding factor for the trustworthiness of nodes. Distance vector based detection method uses distance as the third phenomenon which is the helping factor in addition to location claim of the node. The overall communication overhead decreases from 4.89 % to 2.44 % and there is a reduction of 2.45 % when the protocol runs for the detection of clone node detection. This method helps the detection of clone or malicious nodes in the network, even though the location of the nodes gets duplicated.

To solve the problem of mobile node replication attacks in wireless sensor networks during high mobility, the ORTM is introduced with validating parameters namely initial deployment position (origin) of the node and local route it has traveled (trace) from the origin. Presumably, this is the second method after the SPRT which is hypothesis testing based and which will fail if any of the assumptions are not met. The proposed ORTM scheme is robust when compared to SPRT scheme and the detection probability of ORTM technique is comparatively high. But the communication (memory and energy) overheads of nodes and base station are comparatively high with SPRT because of its computational ability and iterative run. The overhead, which is negligible, doesn’t affect the network performance.