Wireless Sensor Networks With High Detection Probability

Published Date: 02 Nov 2017

WIRELESS SENSOR NETWORKS WITH HIGH DETECTION PROBABILITY

Abstract—A wireless sensor network is a collection of sensors with limited resources that collaborate to achieve a common goal.Wireless sensor networks can be deployed in harsh environments to fulfil both military and civil applications.An adversary may replicate captured sensors and deploy them in the network to launch a variety of malicious activities.This attack is reffered to as the clone attack.The existing solutions are not satisfactory.They are high energy and memory demanding process.RED(Randomized, efficient and Distributed)protocol is used for the detection of node replication attacks.RED protocol provides the high detection probability when compared with the existing methods.It reduces memory and storage overhead.

Index Terms—Wireless sensor networks security, node replication attack detection, distributed protocol, resilience, efficiency.

Introduction

A Wireless Sensor Network (WSN) is a collection of sensors with limited resources that collaborate to achieve a common goal. WSNs can be deployed in harsh environments to fulfil both military and civil applications. Due to their operating nature, they are often unattended, hence prone to different kinds of novel attacks. For instance, an adversary could eavesdrop all network communications;further, an adversary could capture nodes acquiring all the information stored there in sensors are commonly assumed to be not tamper-proof.Therefore, an adversary may replicate captured sensors and deploy them in the network to launch a variety of malicious activities.This attack is referred to as the clone attack.Since a clone has legitimate information (code and cryptographic material), it may participate in the network operations in the same way as a non compromised node;hence, cloned nodes can launch a variety of attacks.A few have been described in the literature.For instance, a clone could create a black hole, initiate a wormhole attack with a collaborating adversary, or inject false data or aggregate data in such a way to bias the final result.Further,clones can leak data.

The threat of a clone attack can be characterized by two main points:

i)A clone is considered totally honest by its neighbors.In fact, without global countermeasures, honest nodes cannot be aware of the fact that they have a clone among their neighbors.

ii)To have a large amount of compromised nodes, the adversary does not need to compromise a high number of nodes. Indeed, once a single node has been captured and compromised, the main cost of the attack has been sustained. Making further clones of the same node can be considered cheap.

EXSISTING METHOD

Conventional In wireless sensor network,to detect node replication attack,i.e., an attempt by the adversary to add one or more nodes to the network that use the same ID as another node in the network.To detect this behavior without centralized monitoring,since centralized solutions suffer from several inherent drawbacks.The scheme should also revoke the replicated nodes,so that non faulty nodes in the network cease to communicate with any nodes injected in this fashion.Randomized Multicast,distributes location claims to a randomly selected set of witness nodes.

When a node announces its location,each of its neighbors sends a copy of the location claim to a set of randomly selected witness nodes.If the adversary replicates a node,then two sets of witnesses will be selected.In a network of n nodes, if each location produces √n witnesses,then the birthday paradox predicts at least one collision with high probability,i.e.,at least one witness will receive a pair of conflicting location claims.The two conflicting locations claims form sufficient evidence to revoke the node,so the witness can flood the pair of locations claims through the network,and each node can independently confirm the revocation decision.

PROPOSED SCHEME

RED protocol is to mainly used to detect the clone attacks in wireless sensor networks.Clone attack (also called node replication attack) is a severe attack in WSNs.In this attack,an adversary capturesonly a few of nodes,replicates them and then deploys the number of replicas throughout the network.Randomized,Efficient,and Distributed (RED) protocol for the detection of node replication attacks it is completely satisfactory with respect to the requirements.Extensive simulations of RED show that it is highly efficient with regards to required communications, memory, and computations and moreover,as compared to other distributed protocols, it sets out improved attack detection probability that RED is more energy,memory,and computationally efficient,and that it detects node replication attacks with higher probability.

Randomized,Efficient,and Distributed (RED) protocol for the detection of node replication attacks it is completely satisfactory with respect to the requirements. RED is more energy,memory,and computationally efficient,and that it detects node replication attacks with higher probability.RED executes at fixed intervals of time.Every run of the protocol consists of two steps.In the first step a random value,rand,is shared among all the nodes.

This can be performed with centralized broadcasting (for example,from a satellite or other kinds of ground based central stations),or with distributed mechanisms(for instance,detection phase by using distributed leader election).In the second step each node digitally signs and broadcasts its claim,ID and geographic location.For each node, each of its neighbors sends(with probability p) the claim to a set of g ≥ 1 pseudo randomly selected network locations.

RED avoid sending the claim to a specific node ID because this kind of solution needs more information to scale.The main reasons include,a claim sent to a witness ID no longer present in the network would be lost and nodes deployed after the first network deployment could not be used as witnesses without updating information in all the nodes.

Fig:Example of RED protocol iteration

RED can easily be adapted to work in case an ID is randomly chosen as the message destination.RED is actually independent of the routing protocol used in the network.It assume that the routing will deliver a message sent to a network location to the node closest to this location that the routing protocol will not fail that message forwarding is not affected by dropping or worm hole attacks.

In RED protocol iteration the black small filled squares indicate two clones(nodes with the same ID),the black filled small circles indicate nodes that route a claim from the clones,and finally the larger empty circle indicates the witness.The square at the center of the network indicates a central area whose size is 20% of the total area of the network.The witness nodes(large not filled circles) are located differently in RED.The several claims are forwarded only one in RED.

Network configuration

Network configuration is mainly used to form the network and which type of protocols are used in the network.There are several nodes are placed in the network with non overlapping.

Server selection and deployment

After creating all the nodes,the server node can be represented nearly center position of the network.The server is very high powered capacity because it has stored large amount of information.In deployment processs the server sends the ID and its key to the triggered node.

Broadcast claim

In claim processing the server sends the ID,private key and the location only to the triggered node.There are different parameters applied in claim processing ie.,ID,location,time,key.

Claim processing

The triggered node get the claim(message)from the server.The claim message is encrypted as signed claim.The signed claim consists of claim and its signature.Again it will be decrypted the claim and signature.This process is used for the authentication purpose.If the claim is bad signature,it will discard the claim(message)or if the location is incoherent location for the particular ID,it cancel or withdraw the process of the particular ID.

Forward claim processing

Each node signs its claim message with signature.The nodes that forward the signed claim to its neighbours nodes.If bad signature or replayed claim occurs,it will automatically discards the message.Otherwise it detect the cloned node ID,location,time and cancel the procedure for the particular doubtful ID or store the forward claim in memory.

Clone detection

Every message that passes the previous checks, the possible witness node extracts the ID and location.If the first claim carrying this ID,then the node simply stores the message.If another claim form the same ID has been received,the node checks if the new claim is coherent with the claim stored in memory for this ID.If it is not the witness triggers a revocation procedure for the ID ie,the incoherent location for the ID.

CONCLUSION

Clone attack is a severe attack in wireless sensor networks.In this work design the best method for detect the clone attack.Cloning gives the adversary and easy way to build an army of malicious node that can cripping the sensor networks.In this attack,an adversary captures only a few of nodes,replicates them and then deploys arbitrary number of replicas through out the network.A new RED protocol to detect the cloned affect id.The proposed system gives the fast detection of cloned nodes and reduces the memory and storage overhead.RED protocol using clone attack in wireless sensor network with high detection probability provides better solution than existing clone detection method.