WSN

IMPROVING THE FAULT TOLERANCE IN MULTIPATH ROUTING
OF HETEROGENOUS WIRELESS SENSOR NETWORKS

Submitted By
SONA NELSON
(Reg. No. 113112405013)
of
Department of Computer Science and Engineering
VEL TECH MULTITECH Dr. RANGARAJAN Dr. SAKUNTHALA
ENGINEERING COLLEGE
(ACCREDITED BY NBA & ISO 9001:2008 CERTIFIED INSTITUTION)
(Approved by AICTE, New Delhi & Affiliated to ANNA UNIVERSITY, CHENNAI)
Avadi, Chennai-600 062
A PROJECT PHASE II REPORT
Submitted To
Faculty of Computer Science and Engineering
in Partial Fulfillment of the Requirement for the Award of the Degree of
MASTER OF ENGINEERING
In
COMPUTER SCIENCE AND ENGINEERING
ANNA UNIVERSITY, CHENNAI
JUNE 2014
VEL TECH MULTITECH Dr. RANGARAJAN Dr. SAKUNTHALA
ENGINEERING COLLEGE
(ACCREDITED BY NBA & ISO 9001:2008 CERTIFIED INSTITUTION)
(Approved by AICTE, New Delhi & Affiliated to ANNA UNIVERSITY, CHENNAI)
Avadi, Chennai-600 062
________________________________________________________________
Date: ...../../2014
BONAFIDE CERTIFICATE
Certified that the project report titled IMPROVING THE FAULT TOLERANCE IN
MULTIPATH ROUTING OF HETEROGENOUS WIRELESS SENSOR NETWORKS,
is a bonafide project work of SONA NELSON (Reg. No. 113112405013) who carried out
research under my supervision certified further, that to the best of my knowledge the work
reported here in does not form part of any other project report or dissertation on the basis of
which a degree or award was conferred on an earlier occasion on this or any other candidate.
SIGNATURE SIGNATURE
Mr. N.INSOZHAN, M.E., Mr. R KARTHIKEYAN, M.E.,(Ph.D)
INTERNAL GUIDE HEAD OF THE DEPARTMENT
ASSISTANT PROFESSOR ASSISTANT PROFESSOR
Dept. of Computer Science & Engg Dept. of Computer Science & Engg
Vel Tech MultiTech Dr.Rangarajan Vel Tech MultiTech Dr.Rangarajan
Dr.Sakunthala Engineering College Dr.Sakunthala Engineering College
No 60, Avadi, Alamathi Road, Ch-62. No 60, Avadi, Alamathi Road, Ch-62.
SIGNATURE
Dr. V.RAJAMANI ME., Ph.D
PRINCIPAL
INTERNAL EXAMINER EXTERNAL EXAMINER
CERTIFICATE FOR EVALUATION
This is to certify that the project entitled IMPROVING THE FAULT
TOLERANCE IN MULTIPATH ROUTING OF HETEROGENOUS WIRELES SENSOR
NETWORKS is the bonafide record of work done by SONA NELSON (Reg
No.113112405013) to carry out the project work under our guidance during the year 2013-2014
in partial fulfillment for the award of Master Of Engineering degree in Computer Science and
Engineering conducted by Anna University Chennai.
This project report was submitted for viva voice held on at VelTech Multitech Dr.
Rangarajan Dr. Sakunthala Engineering College.
INTERNAL EXAMINER EXTERNAL EXAMINER
DATE
ACKNOWLEDGEMENT
I thank God Almighty for giving me such tremendous opportunity and support
through the way of Vel Tech MultiTech Dr. Rangarajan Dr. Sakunthala Engineering
College. I express my deep gratitude to the Founder & Chairman Prof. Col. Dr. R.
Rangarajan, B.E (Elec.), B.E (Mech.), M.S (Auto.), D.Sc. and our Vice-Chairman Smt Dr.
Sakunthala Ranagarajan MBBS. for the benefaction encouragement and facilities that were
offering to us to carry out this project.
I thank my Principal Dr. V.RAJAMANI ME,Ph.D and my dean
Dr.V.PARTHASARATHY, M.E.,M.B.A,,Ph.D. who have always served as an inspiration
for us to perform our institutes name and recognition. I would like to express our faithful thanks
to our beloved HOD Mr. R. KARTHIKEYAN, M.E., and my respected Internal Project
Guide, Mr. N.INSOZHAN, M.E., for having extended all the department facilities without
slightest hesitation.
I extend my gratitude to thank my Project Co-ordinator Mr. M. Ramesh Kumar, M.E.,
(Ph.D) for guiding me in every phase of the project development.
Further I thank my Parents, Friends, Faculty members, supporting staff members of
Computer Science & Engineering and PPT department for the help they extended to
completion of this project.
v
ABSTRACT
Security is one of an important factor to be considered seriously in wireless sensor
networks. To provide redundancy management for heterogeneous wireless sensor
networks (HWSNs), utilizing multipath routing to answer user queries in the presence of
unreliable and malicious nodes. The objective of redundancy management is to exploit
the tradeoff between energy consumption versus the gain in reliability, timeliness, and
security to maximize the system lifetime. Here a voting based intrusion detection
algorithm is used to detect and evict malicious node. The voting based IDS consider only
attack such as bad mouthing and packet dropping attack. A probability model is used to
analyze the best redundancy level in terms of path redundancy and source redundancy, as
well as the best intrusion detection settings in terms of the number of voters and the
intrusion invocation interval under which the lifetime of a HWSN is maximized.
v
vi
.
.
, , ,
,
.
. ,
vii
TABLE OF CONTENTS
CHAPTER
NO
TITLE PAGE
NO
ABSTRACT v
LIST OF FIGURES x
LIST OF ABBREVIATIONS xi
1 INTRODUCTION 1
1.1 Introduction 1
1.2 Routing Challenges In Wireless Sensor Networks 2
1.3 Basic Principals In Designing Multipath Routing
Protocols
3
1.4 Heterogeneous Wireless Sensor Networks 4
1.5 Security Threats 6
1.6 Application 9
1.7 Problem Definition And Objective 12
2
LITERATURE SURVEY 13
2.1 Adaptive Network Management for Countering Selective
Capture in Wireless Sensor Networks
13
2.2 Anomaly Detection Based Secure In-Network
Aggregation For Wireless Sensor Networks
13
2.3 An Application-Specific Protocol Architecture For
Wireless Micro sensor Networks
14
viii
2.4 A Routing-Driven Elliptic Curve Cryptography Based
Key Management Scheme For Heterogeneous Sensor
Networks
14
2.5 A Clustering Algorithm For Wireless Sensor Networks
Based On Social Insect Colonies
15
2.6 Dynamic Trust Management For Delay Tolerant Networks And
Its Application To Secure Routing
15
2.7 Dirchlet-Based Trust Management for Effective
Collaborative Intrusion Detection Networks
16
2.8 Distributed Fault Tolerant Algorithm For Identifying
Node Failures In Wireless Sensor Networks
16
2.9 DSF - A Distributed Security Framework For
Heterogeneous Wireless Sensor Networks
17
2.10 Ensemble Voting System For Anomaly Based
Network Intrusion Detection
17
2.11 Hdmrp: An Efficient Fault-Tolerant Multipath Routing
Protocol For Heterogeneous Wireless Sensor Networks
18
2.12 H-SPREAD: A Hybrid Multipath Scheme For Secure
And Reliable Data Collection In Wireless Sensor Networks
18
2.13 Intrusion Detection Based Security Solution For Cluster-
Based Wireless Sensor Networks
19
2.14 Lightweight Hierarchical Model For HWSNET 19
2.15 MMSPEED: Multipath Multi-SPEED Protocol For QoS
Guarantee Of Reliability And Timeliness In Wireless Sensor
Networks
20
2.16 Securing Structured Overlays Against Identity Attacks 20
ix
2.17 Sleep Deprivation Attack Detection In Wireless Sensor
Network
21
2.18 Trust-Based Intrusion Detection in Wireless Sensor Networks 21
2.19 Trust Based Node Replication Attack Detection Protocol For
Wireless Sensor Networks
22
2.20 Trust-Based Security For Wireless Ad Hoc And Sensor
Networks
22
3
EXISTING SYSTEM 23
3.1 Existing System 23
3.2 Disadvantages 24
4
PROPOSED SYSTEM 25
4.1 Proposed System 25
4.2 Advantages
26
5
SYSTEM REQUIREMENTS 27
5.1 Hardware Requirements 27
5.2 Software Requirements 27
6
ARCHITECTURAL REPRESENTATION 28
6.1 System Architecture 28
7 MODULES 29
7.1 Cluster Formation 30
7.2 Multipath Routing
31
x
7.3 Voting Based IDS 32
7.4 Trust Evaluation 33
8
DATA FLOW DIAGRAM 34
9
ALGORITHMS 35
9.1 CH Execution For Dynamic Redundancy Management 35
9.2 SN Execution For Dynamic Redundancy Management 36
10 CONCLUSION 37
11 APPENDIX A CODINGS 38
12 APPENDIX B COMPARISON TABLE
49
13 APPENDIX C SCREENSHOTS
50
REFERENCES 58
xi
LIST OF FIGURES
FIGURE NO TITLE PAGE NO
1.1 Architecture of Wireless Sensor Networks 2
1.5.2 Selective Forwarding 7
1.5.3 Sinkhole Attacks 7
6.1 Architectural diagram 29
7.1 Multipath routing 31
7.2 Find malicious nodes 32
7.3 Estimate mean time to failure 32
7.4 Detection of sinkhole attack 33
8.1 Data flow diagram 34
xii
LIST OF ABBREVIATIONS
HWSN Heterogeneous Wireless Sensor Networks
CH Cluster Head
SN Sensor Nodes
BS Base Station
MTTF Mean Time To Failure
PC Processing Centre
1
CHAPTER 1
INTRODUCTION
1.1. Introduction
A wireless sensor network (WSN) usually consists of a large number of tiny
sensor nodes (SNs) deployed in an operational area for data sensing, aggregating, and
processing. HWSNET is a rapidly growing area in the real life applications like
traffic, environment monitoring, healthcare, military applications, home automation,
disaster monitoring. The exposure to natural environments and the inherent
unreliability of wireless transmission make a WSN vulnerable to many attacks. SNs
deployed in hostile environments for military applications also could be compromised
through captures and become malicious. In heterogeneous sensor network, a large
number of inexpensive nodes perform sensing, while a few nodes having
comparatively more energy perform other tasks such as data filtering, transport.
WSNET suffers from several drawbacks like limited energy, computation, and storage
capabilities of sensor nodes.
The clustering is an effective solution for achieving scalability, energy
conservation and reliability. A lifetime of the network is determined by residual
energy of the system, hence main and most important challenge in WSN is the
efficient use of energy resources. Maximizing network lifetime is most important
design objectives for all the sensor networks that need to run for a long time. One of
the key techniques in improving lifetime of wireless sensor network is clustering.
Clustering partitions sensor network into groups called as cluster, with high energy
node among the sensor nodes acting as master of the cluster called as cluster head.
Sensor nodes in cluster gather data from the region of interest and communicate it to
the cluster head. Cluster head gather and aggregate the data and send it back to the
BS.
The tradeoff issue between energy consumption versus QoS gain becomes
much more complicated when inside attacker are present as a path may be broken
when a malicious node is on the path. This is especially the case in heterogeneous
WSN (HWSN) environments in which CH nodes may take a more critical role in
2
gathering and routing sensing data. Thus, very likely the system would employ an
intrusion detection system (IDS) with the goal to detect and remove malicious nodes
Multipath routing is considered an effective mechanism for fault and intrusion
tolerance to improve data delivery in WSNs. The basic idea is that the probability of
at least one path reaching the sink node or base station increases as we have more
paths doing data delivery. Multipath routing is used to improve reliability.
.
Figure.1.1 Architecture of Wireless Sensor Networks
1.2. Routing Challenges in Wireless Sensor Network
1.2.1 Data delivery model
Data delivery model overcomes the problem of fault tolerance domain by
providing the alternative path to save its data packets from nodes or link failures. It
severely affect the routing protocol in wireless sensor network, especially with regard
to use the limited energy of the node, security purpose, energy consumption and route
immobility.
1.2.2 Scalability
A system is said to be scalable if its effectiveness increases when the hardware is put-on
and proportional to the capacity added. Routing schemes make efforts with the vast collection
3
of motes in WSNs which should be scalable enough to talk back to the events take place in
the environment.
1.2.3 Resilience
Sometimes, due to environment problem or battery consumption sensors
erratically stop working. This problem is overcome by finding the alternate path when
current-in use nodes stop operating.
1.2.4 Production cost
The cost of single node is enough to justify the overall cost of the sensor
network. So the cost of each sensor node should be kept low.
1.3. Basic Principals in Designing Multipath Routing Protocols
1.3.1 Path Discovery
Since data transmission in wireless sensor networks is commonly performed
through multi-hop data forwarding techniques, the main task of the route discovery
process is to determine a set of intermediate nodes that should be selected to construct
several paths from the source nodes towards the sink node.
1.3.2 Path Selection and Traffic Distribution
After construction of multiple paths, another important issue that should be
addressed is the selection of an adequate number of paths for data transmission
purposes. According to the main intention of designing each multipath routing
protocol, a certain number of paths should be selected to meet the performance
demands of the intended application. Therefore, proposing a perfect path selection
mechanism to choose a sufficient number of paths is the most important part of
designing a high-performance multipath routing protocol. One protocol may decide to
use only the best path for data transmission and keep additional paths as the backup
paths for fault-tolerance purposes.
4
1.3.3. Path Maintenance
Due to the resource constrains of sensor nodes and high dynamics of low-
power wireless links, paths are highly error prone. Therefore, path reconstruction
should be provided to reduce performance degradation. This is the main task of the
path maintenance phase in multipath routing protocols. Path rediscovery process can
be initiated in three different situations: (1) when an active path has failed, (2) when
all the active paths have failed or, (3) when a certain number of active paths has
failed. Since, the frequency of initiating route rediscovery process in the first
approach is higher than for the two other approaches, using this strategy imposes a
high overhead.
1.4. Heterogeneous Wireless Sensor Networks
One type of typical applications of heterogeneous architecture is the indoor
sensing application, e.g., the wireless sensor network in large-scale greenhouse. In
order to guarantee the appropriate environment for plants growing, various sensors
are deployed in the greenhouse to collect environment information (e.g. temperature,
humidity, illumination intensity, concentration of CO2, concentration of O2, etc.) in
real-time. And some actuators are deployed to affect the environment via opening or
closing valves, or strengthening beam, and so on. To reduce the installation cost and
complexity, the sensors always use battery-power and wireless channel. These sensors
must conserve power, minimizing computation and communication, to maximize the
network lifetime. Additional few nodes, i.e., heterogeneous nodes, which possess
high-speed microprocessors and high-bandwidth, long distance network transceivers,
are placed where standard wall sockets are available. These nodes can provide in-
network data processing, longer-term storage, and access to building network
infrastructures, such as Ethernet, etc.
1.4.1 Types of Heterogeneous Resources
There are three common types of resource heterogeneity in sensor node:
computational heterogeneity, link heterogeneity, and energy heterogeneity.
Computational heterogeneity means that the heterogeneous node has a more
powerful microprocessor and more memory than the normal node. With the powerful
5
computational resources, the heterogeneous nodes can provide complex data
processing and longer-term storage.
Link heterogeneity means that the heterogeneous node has high-bandwidth and long-
distance network transceiver, such as Ethernet or 802.11 network, than the normal
node. Link heterogeneity can provide more reliable data transmission.
Energy heterogeneity means that the heterogeneous node is line powered, or its
battery is replaceable.
Among above three types of resource heterogeneity, the most important
heterogeneity is the energy heterogeneity because both computational heterogeneity
and link heterogeneity will consume more energy resource. If there is no energy
heterogeneity, computational heterogeneity and link heterogeneity will bring negative
impact to the whole sensor network, i.e., decreasing the network lifetime.
1.4.2 The impact of heterogeneous resources
Prolonging network lifetime: In the heterogeneous wireless sensor network, all
normal nodes can send data report to the sink via the nearest heterogeneous node. And
the normal nodes, especially around the sink, dont need forward vast packets from
other nodes. Under this data transmission scheme, the typical hops of data
transmission are 2 and significantly less than the average hops in homogeneous sensor
network. In other words, the average energy consumption for forwarding a packet
from the normal nodes to the sink in heterogeneous sensor networks will be much less
than the energy consumed in homogeneous sensor networks. With the size of network
increasing, the gap of energy consumption between these two kinds of networks will
be bigger and bigger.
Improving reliability of data transmission: It is well know, that sensor network
links tend to have low reliability. And each hop significantly lowers the end-to-end
delivery rate. With heterogeneous nodes, there will be fewer hops between normal
sensor nodes and the sink. So the heterogeneous sensor network can get much higher
end-to-end delivery rate than the homogeneous sensor network.
6
Decreasing latency of data transportation: Computational heterogeneity can
decrease the processing latency in immediate nodes. And link heterogeneity can
decrease the waiting time in the transmitting queue. Fewer hops between sensor nodes
and sink node also mean fewer forwarding latency.
1. 5. SECURITY THREATS
1.5.1 Spoofed, Altered, or Replayed Routing Information
While sending the data, the information in transition may be spoofed, altered,
replayed, or destroyed. Due to the short range transmission of the sensor nodes, an
attacker with high processing power and larger communication range could attack
several sensors simultaneously and modify transmitted information.
1.5.2 Selective Forwarding
In this kind of attack a malicious node may decline to forward every message
it gets, acting as black hole or it can forward some messages to the wrong receiver
and simply drop others.
7
1.5.3 Sinkhole Attacks
In the Sinkhole attack, the goal of the attacker is to attract all the traffic.
Especially, in the case of a flooding based protocol the compromised node may listen
to requests for routes, and then reply to the requesting node with messages containing
a bogus route with the shortest path to the requested destination.
1.5.4 Sybil Attacks
In Sybil attack the malicious node presents itself as multiple nodes. The attack
of this type tries to degrade the usage and the efficiency of the distributed algorithms
that are used. Sybil attack can be performed against distributed storage, routing, data
aggregation, voting, fair resource allocation, and misbehavior detection.
1.5.4 Wormholes
Wormhole attack is an attack in which the malicious node tunnels messages
from one part of the network over a link, that doesnt exist normally, to another part
of the network. The simplest form of the wormhole attack is to convince two nodes
8
that they are neighbours. This attack would likely be used in combination with
selective forwarding or eavesdropping.
1.5.5 HELLO Flood Attacks
This attack is based on the use by many protocols of broadcasting Hello
messages to announce themselves in the network. So an attacker with higher range of
transmission may send many Hello messages to a large number of nodes in a big area
of the network. These nodes are then convinced that the attacker is their neighbor.
Consequently the network is left in a state of confusion.
1.5.6 Acknowledgement
Some wireless sensor network routing algorithms require link layer
acknowledgements. A compromised node may exploit this by spoofing these
acknowledgements, thus convincing the sender that a weak link is strong or a dead
sensor is alive.
1.5.7 Sleep deprivation attack
A particularly devastating attack is the sleep deprivation attack, where a
malicious node forces legitimate nodes to waste their energy by resisting the sensor
nodes from going into low power sleep mode. The goal of this attack is to maximize
the power consumption of the target node, thereby decreasing its battery life. So, it is
also known as battery exhaustion attack.
9
1.6. Applications
1.6.1 Area monitoring
Area monitoring is a common application of WSNs. In area monitoring, the
WSN is deployed over a region where some phenomenon is to be monitored. A
military example is the use of sensors detects enemy intrusion; a civilian example is
the geo-fencing of gas or oil pipelines.
1.6.2 Environmental/Earth monitoring
The term Environmental Sensor Networks has evolved to cover many
applications of WSNs to earth science research. This includes sensing
volcanoes, oceans, glaciers, forests, etc. Some of the major areas are listed below.
1.6.3 Air quality monitoring
The degree of pollution in the air has to be measured frequently in order to
safeguard people and the environment from any kind of damages due to air pollution.
In dangerous surroundings, real time monitoring of harmful gases is a concerning
process because the weather can change with severe consequences in an immediate
manner. Fortunately, wireless sensor networks have been launched to produce specific
solutions for people.
1.6.4 Interior monitoring
Observing the gas levels at vulnerable areas needs the usage of high-end,
sophisticated equipment, capable to satisfy industrial regulations. Wireless internal
monitoring solutions facilitate keep tabs on large areas as well as ensure the precise
gas concentration degree.
1.6.5 Exterior monitoring
External air quality monitoring needs the use of precise wireless sensors, rain
& wind resistant solutions as well as energy reaping methods to assure extensive
liberty to machine that will likely have tough access.
1.6.6 Air pollution monitoring
10
Wireless sensor networks have been deployed in several cities (Stockholm,
London and Brisbane) to monitor the concentration of dangerous gases for citizens.
These can take advantage of the ad-hoc wireless links rather than wired installations,
which also make them more mobile for testing readings in different areas. There are
various architectures that can be used for such applications as well as different kinds
of data analysis and data mining that can be conducted.
1.6.7 Forest fire detection
A network of Sensor Nodes can be installed in a forest to detect when a fire
has started. The nodes can be equipped with sensors to measure temperature, humidity
and gases which are produced by fire in the trees or vegetation. The early detection is
crucial for a successful action of the firefighters; thanks to Wireless Sensor Networks,
the fire brigade will be able to know when a fire is started and how it is spreading.
1.6.8 Landslide detection
A landslide detection system makes use of a wireless sensor network to detect
the slight movements of soil and changes in various parameters that may occur before
or during a landslide. Through the data gathered it may be possible to know the
occurrence of landslides long before it actually happens.
1.6.9 Water quality monitoring
Water quality monitoring involves analyzing water properties in dams, rivers,
lakes & oceans, as well as underground water reserves. The use of many wireless
distributed sensors enables the creation of a more accurate map of the water status,
and allows the permanent deployment of monitoring stations in locations of difficult
access, without the need of manual data retrieval.
1.6.10 Natural disaster prevention
Wireless sensor networks can effectively act to prevent the consequences of
natural disasters, like floods. Wireless nodes have successfully been deployed in
rivers where changes of the water levels have to be monitored in real time.
1.7. Problem Definition and Objective
All sensors are subject to capture attacks, i.e., they are vulnerable to physical
capture by the adversary after which their code is compromised and they become
11
inside attackers. Since all sensors are randomly located in the operational area, the
same capture rate applies to both CHs and SNs, and, as a result, the compromised
nodes are also randomly distributed in the operation area. Due to limited resources,
we assume that when a node is compromised, it only performs two most energy
conserving attacks, namely, bad-mouthing attacks (recommending a good node as a
bad node and a bad node as a good node) when serving as a recommender, and packet
dropping attacks when performing packet routing to disrupt the operation of the
network.
The main aim is effective redundancy management of a clustered HWSN to
prolong its lifetime operation in the presence of unreliable and malicious nodes. The
tradeoff between energy consumption vs. QoS gain in reliability, timeliness and
security with the goal to maximize the lifetime of a clustered HWSN while satisfying
application QoS requirements in the context of multipath routing.
For the issue of intrusion tolerance through multipath routing, there are two
major problems to solve: (1) how many paths to use and (2) what paths to use.
Analyze the optimal amount of redundancy through which data are routed to a remote
sink in the presence of unreliable and malicious nodes, so that the query success
probability is maximized while maximizing the HWSN lifetime. We consider this
optimization problem for the case in which a voting based distributed intrusion
detection algorithm is applied to remove malicious nodes from the HWSN. Our
contribution is a model-based analysis methodology by which the optimal multipath
redundancy levels and intrusion detection settings may be identified for satisfying
application QoS requirements while maximizing the lifetime of HWSNs.
12
CHAPTER 2
LITERATURE SURVEY
Title: Adaptive Network Management for Countering Selective
Capture in Wireless Sensor Networks(MAR 2012)
Authors: Hamid Al-Hamadi and Ing-Ray Chen
Analyze adaptive network management for countering selective capture which aims
to compromise critical sensor nodes close to the base station in a wireless sensor
network (WSN) to block data delivery. In this paper consider 3 countermeasures in
the protocol design: (1) dynamic radio range adjustment; (2) multisource multipath
routing for intrusion tolerance; and (3) voting-based intrusion detection. Identify the
best protocol settings in terms of the best redundancy level used for multisource
multipath routing, and the best number of voters and the intrusion invocation interval
used for intrusion detection under which the lifetime of a WSN is maximized in the
presence of selective capture which turns nodes into malicious nodes capable of
performing packet dropping attacks and bad-mouthing attacks.
Title: Anomaly Detection based Secure In-Network Aggregation for
Wireless Sensor Networks (AUG 2007)
Authors: Bo Sun, Xuemei Shan, Yang Xiao
Secure in-network aggregation in Wireless Sensor Networks (WSNs) is a
necessary and challenging task. Proposed an Extended Kalman Filter (EKF) based
mechanism to detect false injected data. By monitoring behaviors of its neighbors and
using EKF to predict their future states (actual in-network aggregated values), each
node aims at setting up a normal range of the neighbors future transmitted
aggregated. Apply an algorithm of combining Cumulative Summation (CUSUM) and
Generalized Likelihood Ratio (GLR) to increase detection sensitivity. To overcome
the limitations of local detection mechanisms, we illustrate how our proposed local
detection approaches work together with the system monitoring module to
differentiate between malicious events and emergency events.
13
Title: An Application-Specific Protocol Architecture For Wireless
Microsensor Networks (FEB 2007)
Authors: Wendi B. Heinzelman, Anantha P. Chandrakasan and Hari
Balakrishnan
Networking together hundreds or thousands of cheap micro sensor nodes
allows users to accurately monitor a remote environment by intelligently combining
the data from the individual nodes. A low-energy adaptive clustering hierarchy
(LEACH), a protocol architecture for micro sensor networks that combines the ideas
of energy-efficient cluster-based routing and media access together with application-
specific data aggregation to achieve good performance in terms of system lifetime,
latency, and application-perceived quality is proposed. LEACH includes a new,
distributed cluster formation technique that enables self-organization of large numbers
of nodes, algorithms for adapting clusters and rotating cluster head positions to evenly
distribute the energy load among all the nodes, and techniques to enable distributed
signal processing to save communication resources. Results show that LEACH can
improve system lifetime by an order of magnitude compared with general-purpose
multi hop approaches.
Title: A Routing-Driven Elliptic Curve Cryptography Based Key
Management Scheme for Heterogeneous Sensor Networks
(MAR 2009)
Authors: Xiaojiang Du, Mohsen Guizani, Yang Xiao, Hsiao-Hwa
Chen
Homogeneous ad hoc networks have poor performance and scalability. The
many-to-one traffic pattern dominates in sensor networks, and hence a sensor may
only communicate with a small portion of its neighbors. Key management is a
fundamental security operation. Most existing key management schemes try to
establish shared keys for all pairs of neighbor sensors, no matter whether these nodes
communicate with each other or not, and this causes large overhead. In this paper, we
adopt a Heterogeneous Sensor Network (HSN) model for better performance and
security. We propose a novel routing-driven key management scheme, which only
establishes shared keys for neighbour sensors that communicate with each other. We
14
utilize Elliptic Curve Cryptography in the design of an efficient key management
scheme for sensor nodes. The performance evaluation and security analysis show that
our key management scheme can provide better security with significant reductions
on communication overhead, storage space and energy consumption than other key
management schemes.
Title: A Clustering Algorithm for Wireless Sensor Networks Based
on Social Insect Colonies (AUG 2006)
Authors: Chi-Tsun Cheng, Chi K. Tse, Francis C. M. Lau
A wireless sensor network comprises a number of inexpensive power
constrained wireless sensor nodes which collect data from the sensing environment
and transmit them toward the remote base station in a coordinated way. Employing
techniques of clustering can reduce energy consumption of wireless sensor nodes and
prolong the network lifetime. This paper proposes a decentralized clustering
algorithm for wireless sensor networks based on the structure of social insect
colonies. The clustering algorithm is evaluated assuming a first-order radio model.
Simulation results show that the proposed algorithm brings a consistent improvement
over other decentralized and centralized clustering algorithms in terms of network
lifetime and sensing coverage. Simulation results also show that the proposed
algorithm can reduce delays in data collection processes.
Title: Dynamic Trust Management for Delay Tolerant Networks and
Its Application to Secure Routing (FEB 2013)
Authors: Ing-Ray Chen, Fenye Bao, MoonJeong Chang, and Jin-Hee
Cho
In this paper, we design and validate a dynamic trust management protocol for
secure routing optimization in DTN environments in the presence of well-behaved,
selfish and malicious nodes. We develop a novel model-based methodology for the
analysis of our trust protocol and validate it via extensive simulation. Address
dynamic trust management, i.e., determining and applying the best operational
settings at runtime in response to dynamically changing network conditions to
minimize trust bias and to maximize the routing application performance. Performed a
comparative analysis of our proposed routing protocol against Bayesian trust-based
and non-trust based (PROPHET and epidemic) routing protocols. The results
15
demonstrate that our protocol is able to deal with selfish behaviours and is resilient
against trust-related attacks. Trust-based routing protocol can effectively trade off
message overhead and message delay for a significant gain in delivery ratio. Our trust
based routing protocol operating under identified best settings outperforms Bayesian
trust-based routing and PROPHET, and approaches the ideal performance of epidemic
routing in delivery ratio and message delay without incurring high message or
protocol maintenance overhead.
Title: Dirichlet-Based Trust Management for Effective Collaborative
Intrusion Detection Networks (JAN 2005)
Authors: Carol J Fung, Jie Zhang, Issam Aib
The accuracy of detecting intrusions within a Collaborative Intrusion
Detection Network (CIDN) depends on the efficiency of collaboration between peer
Intrusion Detection Systems (IDSes) as well as the security itself of the CIDN. In this
paper, we propose Dirichlet-based trust management to measure the level of trust
among IDSes according to their mutual experience. An acquaintance management
algorithm is also proposed to allow each IDS to manage its acquaintances according
to their trustworthiness. Our approach achieves strong scalability properties and is
robust against common insider threats, resulting in an effective CIDN. We evaluate
our approach based on a simulated CIDN, demonstrating its improved robustness,
efficiency and scalability for collaborative intrusion detection in comparison with
other existing models.
Title: Distributed Fault Tolerant Algorithm for Identifying Node
Failures in Wireless Sensor Networks (APR 2013)
Authors: Navneet N Tewani, Neeharika Ithapu, K Raghava Rao,
Sheik Nissar Sami, B. Sai Pradeep,V.Krishna Deepak
A Wireless Sensor Network is a set of multiple connected components.
Sometimes due to the failure of some of its nod8es, the sensor network
communication fails. So that we consider this problem of node(s) failure termed as
cut from the remaining nodes of a wireless sensor network. We propose an
algorithm that allows (i) every node to detect when the connectivity to a specially
designated node has been lost, and (ii) one or more nodes (that are connected to the
special node after the cut) to detect the occurrence of the cut. The algorithm we
16
proposed is distributed and asynchronous i.e. every node needs to communicate with
only those nodes that are within its communication range. The algorithm is based on
the iterative computation of the nodes. The convergence rate of the underlying
iterative scheme is independent of the size and structure of the network. In this
algorithm we devised a way to solve the problem of redundant information at the
destination which arises due to availability of information at every node that is
initially sent from the source node.
Title: DSF - A Distributed Security Framework for Heterogeneous
Wireless Sensor Networks (MAY 2008)
Authors: Himali Saxena, Chunyu Ai, Marco Valero, Yingshu Li, and
Raheem Beyah
Wireless sensor networks (WSNs) have many applications that handle
sensitive information such as surveillance, reconnaissance, and target tracking. The
current approach to defending against malicious threats is to develop mand deploy a
specific defense mechanism for a specific attack. This work addresses the challenges
with the traditional approach to securing sensor networks and presents a collaborative
framework (the Distributed Security Framework - DSF) that can defend against all
known attacks. The framework is extensible, therefore, as new attacks are discovered
they can also be defended against. The DSF leverages existing defense mechanisms
created by researchers. These defense mechanisms are distributed in such a way that
they can, collectively, provide comprehensive defense to the network. The efficacy of
the DSF is determined using simulations for scenarios consisting of multiple
stationary and multiple mobile attackers. The simulation results show that though the
DSF consumes more energy than single defense schemes, it can significantly enhance
the network security even when the network is under multiple types of attacks.
Title: Ensemble Voting System for Anomaly Based Network
Intrusion Detection (NOV 2009)
Authors: Mrutyunjaya Panda1 and Manas Ranjan Patra
The growing dependence of modern society on telecommunication and
information networks has become inevitable. Therefore, the security aspects of such
networks play a strategic role in ensuring protection of data against misuse. Intrusion
Detection systems (IDS) are meant to detect intruders who elude the first line
17
protection. Data mining techniques are being used for building effective IDS. In this
paper we analyze the performance of some data classifiers in a heterogeneous
environment using voting ensemble system with the purpose of detecting anomaly
based network intrusions. Experimental results using KDDCup 1999 benchmark
dataset demonstrate that the voting ensemble technique yield significantly better
results in detecting intrusions when compared to other techniques.
Title: HDMRP: An Efficient Fault-Tolerant Multipath Routing
Protocol for Heterogeneous Wireless Sensor Networks
(SEP 2009)
Authors: Abdelkrim Hadjidj, Abdelmadjid Bouabdallah, Yacine
Challal
In wireless sensor networks, fault tolerance represents a key issue and a design
goal of primary concern. Indeed, nodes in wireless sensor networks are prone to
failure due to energy depletion or hostile environments. Multipath routing protocols
are a category of solutions which enables the network to operate properly despite of
faults. In this paper, we present a new multipath routing protocol which provides
strong fault tolerance by increasing the number of constructed paths up to four times
in some scenarios. Our protocol relies on a new multipath constructions paradigm that
we have need specifically for heterogeneous WSN. We call this paradigm: energy-
node- disjointness. Our approach leverages a reasonable increase in the cost of the
network to a longer network lifetime and a higher resilience and fault tolerance.
Title: H-SPREAD: A Hybrid Multipath Scheme for Secure and
Reliable Data Collection in Wireless Sensor Networks
(FEB 2003)
Authors: Wenjing Lou and Younggoo Kwon
Communication security and reliability are two important issues in any
network. A hybrid multipath scheme (H-SPREAD) to improve both the security and
reliability of this task in a potentially hostile and unreliable wireless sensor network is
proposed. The new scheme is based on a distributed N-to-1 multipath discovery
protocol, which is able to find multiple node-disjoint paths from every sensor node to
the BS simultaneously in one route discovery process. On the other hand, in the face
18
of unreliable wireless links and/or sensor nodes, alternate path routing available at
each sensor node improves the reliability of each packet transmission significantly
results show that the hybrid multipath scheme is very efficient in improving both the
security and reliability of the data collection service seamlessly
Title: Intrusion Detection Based Security Solution for Cluster-Based
Wireless Sensor Networks (MAY 2007)
Authors: Shio Kumar Singh, M P Singh and D K Singh
Wireless sensor network (WSN) is an emerging technology that shows great
promise for various applications both for mass public and military. The sensing
technology combined with processing power and wireless communication makes it
lucrative for being exploited in abundance in future. In many important military and
commercial applications, it is critical to protect a sensor network from malicious
attacks, which presents a demand for providing security mechanisms in the network.
In this paper, we propose a new approach of an Intrusion Detection Based Security
Solution for Cluster-Based Wireless Sensor Networks. In the proposed methodology,
an efficient MAC address based intruder tracking system has been developed for early
intruder detection and its prevention.
Title: Lightweight Hierarchical Model For HWSNET (SEPT 2010)
Authors: Tapalina Bhattasali and Rituparna Chaki
Security of HWSNET becomes a very important issue with the rapid
development of HWSNET. Intrusion detection system is one of the major and
efficient defensive methods against attacks in HWSNET. Because of different
constraints of sensor networks, security solutions have to be designed with limited
usage of computation and resources. A particularly devastating attack is the sleep
deprivation attack. Here a malicious node forces legitimate nodes to waste their
energy by resisting the sensor nodes from going into low power sleep mode. The
target of this attack is to maximize the power consumption of the affected node,
thereby decreasing its battery life. Existing works on sleep deprivation attack have
mainly focused on mitigation using MAC based protocols, such as S-MAC (sensor
MAC), T-MAC (timeout MAC), B-MAC (Berkley MAC), G-MAC (gateway MAC).
In this article, a brief review of some of the recent intrusion detection systems in
wireless sensor network environment is presented. Finally, a framework of cluster
19
based layered countermeasure for Insomnia Detection has been proposed for
heterogeneous wireless sensor network (HWSNET) to efficiently detect sleep
deprivation attack
Title: MMSPEED: Multipath Multi-SPEED Protocol for QoS
Guarantee of Reliability and Timeliness in Wireless Sensor
Networks (JAN 2009)
Authors: Emad Felemban, Chang-Gun Lee, Eylem Ekici
In this paper, we present a novel packet delivery mechanism called Multi-Path
and Multi-SPEED Routing Protocol (MMSPEED) for probabilistic QoS guarantee in
wireless sensor networks. The QoS provisioning is performed in two quality domains,
namely, timeliness and reliability. Multiple QoS levels are provided in the timeliness
domain by guaranteeing multiple packet delivery speed options. In the reliability
domain, various reliability requirements are supported by probabilistic multipath
forwarding. These mechanisms for QoS provisioning are realized in a localized way
without global network information by employing localized geographic packet
forwarding augmented with dynamic compensation, which compensates for local
decision inaccuracies as a packet travels towards its destination. This way,
MMSPEED can guarantee end-to-end requirements in a localized way, which is
desirable for scalability and adaptability to large scale dynamic sensor networks.
Simulation results show that MMSPEED provides QoS differentiation in both
reliability and timeliness domains and, as a result, significantly improves the effective
capacity of a sensor network in terms of number of flows that meet both reliability
and timeliness requirements up to 50 percent.
Title: Securing Structured Overlays against Identity Attacks
(OCT 2009)
Authors: Krishna P.N. Puttaswamy, Haitao Zheng
Structured overlay networks can greatly simplify data storage and
management for a variety of distributed applications. Despite their attractive features,
these overlays remain vulnerable to the Identity attack, where malicious nodes assume
control of application components by intercepting and hijacking key-based routing
20
requests. Attackers can assume arbitrary application roles such as storage node for a
given file, or return falsified contents of an online shoppers shopping cart. In this
paper, we define a generalized form of the Identity attack, and propose a lightweight
detection and tracking system that protects applications by redirecting traffic away
from attackers. We describe how this attack can be amplified by a Sybil or Eclipse
attack, and analyze the costs of performing such an attack. Finally, we present
measurements of a deployed overlay that show our techniques to be significantly
more lightweight than prior techniques, and highly effective at detecting and avoiding
both single node and colluding attacks under a variety of conditions.
Title: Sleep Deprivation Attack Detection in Wireless Sensor
Network (MAY 2005)
Authors: Tapalina Bhattasali, Rituparna Chaki, Sugata Sanyal
Deployment of sensor network in hostile environment makes it mainly
vulnerable to battery drainage attacks because it is impossible to recharge or replace
the battery power of sensor nodes. Among different types of security threats, low
power sensor nodes are immensely affected by the attacks which cause random
drainage of the energy level of sensors, leading to death of the nodes. The most
dangerous type of attack in this category is sleep deprivation, where target of the
intruder is to maximize the power consumption of sensor nodes, so that their lifetime
is minimized. The need is to design a model for detecting intrusions accurately in an
energy efficient manner. This paper proposes a hierarchical framework based on
distributed collaborative mechanism for detecting sleep deprivation torture in wireless
sensor network efficiently. Proposed model uses anomaly detection technique in two
steps to reduce the probability of false intrusion
Title: Trust-Based Intrusion Detection in Wireless Sensor Networks
(MAR 2005)
Authors: Fenye Bao, Ing-Ray Chen, MoonJeong Chang and Jin-Hee
A trust-based intrusion detection scheme utilizing a highly scalable
hierarchical trust management protocol for clustered wireless sensor networks. A trust
metric considering both quality of service (QoS) trust and social trust for detecting
malicious nodes. By statistically analyzing peer-to-peer trust evaluation results
collected from sensor nodes, each cluster head applies trust-based intrusion detection
21
to assess the trustworthiness and maliciousness of sensor nodes in its cluster. Cluster
heads themselves are evaluated by the base station. Developed an analytical model
based on stochastic Petri nets for performance evaluation of the proposed trust-based
intrusion detection scheme, as well as a statistical method for calculating the false
alarm probability. Analyzed the sensitivity of false alarms with respect to the
minimum trust threshold below which a node is considered malicious. Results show
that there exists an optimal trust threshold for minimizing false positives and false
negatives. The optimal trust threshold differs depending on the anticipated wireless
sensor network lifetime.
Title: Trust Based Node Replication Attack Detection Protocol For
Wireless Sensor Networks (SEP 2012)
Authors: V. Manjula and C. Chellapan
The harmful attack against Wireless Sensor Networks (WSN) is Node
Replication attack, where one or more node(s) illegitimately claims an identity, are
also called clone attack due to identity theft. The Node replication attack can be
exceedingly injurious to many important functions of the sensor network such as
routing, resource allocation and misbehaviour detection. This study proposes a
method Randomized and Trust based witness finding strategy for replication attack
detection mechanisms in wireless sensor networks (RTRADP) with trust factor. The
proposed RTRADP method avoids malicious witnesses and maintains the detection
rate of 100 to 86.7% when malicious witness percentage increases. But in existing
approach detection rate is reduced from 100 to 0%, with increasing the malicious
witness percentage.
Title: Trust-Based Security For Wireless Ad Hoc And Sensor
Networks (AUG 206)
Authors: A. Boukerch a, L. Xua and K. EL-Khatib
Using the trust and reputation management scheme to secure wireless sensor
networks (WSNs) requires paying close attention to the incurred bandwidth and delay
overhead. Providing security in wireless sensor networks is a major requirement for
the acceptance and deployment of these networks. But achieving an acceptable level
of security has been a difficult problem. The difficulty stems from the fact that
wireless sensor networks have bandwidth and time constraints. A novel trust and
22
reputation management scheme that can protect the security of transacting entities is
used. The scheme uses a localized trust and reputation management strategy, hence
avoiding network-wide flooding. This approach enables each node in the network to
establish a trust value with other interacting entities with minimal communication cost
and acquisition latency. Extensive experimental results show that this scheme
provides minimal overhead and can be adequately adopted for wireless sensor
networks.
23
CHAPTER 3
EXISTING SYSTEM
3.1. Existing System
A wireless sensor network is a large collection of sensor nodes with limited
power supply and constrained computational capability. Sensor nodes operate in
hostile environments such as battle fields and surveillance zones. The main
responsibility of the sensor nodes in each application is to sense the target area and
transmit their collected information to the sink node for further operations. Due to
their operating nature, WSNs are often unattended, hence prone to several kinds of
novel attacks.
Clustering is an effective solution for achieving scalability, energy
conservation, and reliability. Nodes are grouped into clusters, and within each cluster,
a node with superior resources are elected as cluster head (CH). Nodes with lesser
energy are used as sensor nodes. A sensor node senses the data from the environment
and forwards the sensed data to cluster head. Cluster head aggregates data from sensor
nodes and routes the data to base station (BS). As part of clustering, a CH knows the
locations of SNs within its cluster, and vice versa. A CH also knows the location of
neighbour CHs along the direction towards the processing center.
paths doing data delivery. Redundancy management of multipath routing for intrusion
tolerance is achieved through two forms of redundancy: (a) source redundancy by
which ms SNs sensing a physical phenomenon in the same feature zone are used to
forward sensing data to their CH (referred to as the source CH); (b) path redundancy
by which mp paths are used to relay packets from the source CH to the PC through
intermediate CHs.
To preserve confidentiality, we assume that the HWSN executes a pairwise
key establishment protocol in a secure interval after deployment. Each node
24
establishes pairwise keys with its k-hop neighbours, where k is large enough to cover
a cluster area. Thus, when SNs join a new cluster, the CH node will have pairwise
keys with the SNs joining its cluster. Since every SN shares a pairwise key with its
CH, a SN can encrypt data sent to the CH for confidentiality and authentication
purposes. Every CH also creates a pairwise key with every other CH. Thus a pairwise
key exists for secure communication between CHs. This mechanism is useful to
prevent outside attackers, not inside attackers.
To remove malicious nodes from the system, a voting-based distributed IDS is
applied periodically in every TIDS time interval. A CH is being assessed by its
neighbour CHs, and a SN is being assessed by its neighbour SNs. In each interval, m
neighbour nodes (at the CH or SN level) around a target node will be chosen
randomly as voters and each cast their votes based on their host IDS results to
collectively decide if the target node is still a good node. The m voters share their
votes through secure transmission using their pairwise keys. When the majority of
voters come to the conclusion that a target node is bad, then the target node is evicted.
3.2. Disadvantages
Not able to detect and remove insidious attacks such as sinkhole attack.
Spoils the complete communication and a data loss between a pair of nodes as
source node and a destination node.
25
CHAPTER 4
PROPOSED SYSTEM
4.1. Proposed System
Trust-based IDS scheme considers the effect of both social trust and QoS trust
on trustworthiness or maliciousness. Social trust may include friendship, honesty,
privacy, similarity, centrality, and social ties (strengths). QoS trust may include
competence, protocol conformance, reliability, task completion capability, etc.
Hierarchical trust management protocol maintains two levels of trust: SN-level
trust and CH-level trust. Each SN evaluates other SNs in the same cluster while each
CH evaluates other CHs and SNs in its cluster. The peer-to-peer trust evaluation is
periodically updated based on either direct observations or indirect observations.
When two nodes are neighbors within radio range, they evaluate each other based on
direct observations via snooping or overhearing. Each SN sends its trust evaluation
results toward other SNs in the same cluster to its CH. Each CH performs trust
evaluation toward all SNs within its cluster. Similarly, each CH sends its trust
evaluation results toward other CHs in the WSN to the base station. The base station
performs trust evaluation toward all CHs in the system. Our peer-to-peer trust
evaluation process considers three different trust components as described earlier,
namely, honesty, energy, and cooperativeness. The trust value that node i evaluates
toward node j at time t, T
i j
(t) is represented as a real number in the range of [0,1]
where 1 indicates complete trust, 0.5 ignorance, and 0 distrust.
Where w1, w2, and w3 are weights associated with these three trust components with
w1 + w2 + w3 = 1.
26
4.2. Advantages
The system becomes more energy efficient.
The data sent through this network will be less vulnerable to attacks.
More attacks can be detected and removed using this intrusion detection
system.
MEAN TIME TO FAILURE can be increased.
27
CHAPTER 5
SYSTEM REQUIREMENTS
5.1. Software Requirements
Operating system : Linux
Language : C++,TCL,PERL
Software Tool : NS2
5.2. Hardware Requirements
Processor : Pentium IV
RAM : 512 MB
HDD : 80GB and above
28
CHAPTER 6
ARCHITECTURAL REPRESENTATION
6.1. System Architecture
Nodes are grouped into clusters, and within each cluster, a node with more
resources act as cluster head. Nodes with less number of resources act as sensor
nodes. When a sensor node join a new cluster area, the CH node will have pairwise
keys with the SNs joining its cluster. Since every SN shares a pair wise key with its
purposes. Every CH also creates a pairwise key with every other CH. Thus a pair wise
key exists for secure communication between CHs. Multipath routing is considered an
effective mechanism for fault and intrusion tolerance to improve data delivery in
WSNs. The basic idea is that the probability of at least one path reaching the sink
node or base station increases as we have more paths doing data delivery. The sensor
nodes within a cluster senses from environment. The cluster head aggregates the
sensed data from the sensor nodes and route to the base station. The redundancy
management of multipath routing for intrusion tolerance is achieved through two
forms of redundancy: Source Redundancy and Path Redundancy. Source redundancy
means, rather than sensing the data by a single source node, multiple source node
senses from the environment and forwards the packet to the cluster head through
multiple paths. The advantage of source redundancy is it will avoid retransmission of
packets. Path redundancy means multiple path are used to relay packets from cluster
head to the base station. During routing of packets, if any of the node is found as
malicious node, transmission of data through that node is avoided.
29
Figure 6.1 Architectural Diagram
30
CHAPTER 7
MODULES
7.1 Cluster formation
7.2 Multipath routing
7.3 Voting based IDS
7.4Trust evaluation
MODULES AND DESCRIPTION
7.1. Cluster Formation
Nodes are grouped into clusters, and within each cluster, a node with more
resources act as cluster head. Nodes with less number of resources act as sensor
nodes. When a sensor node join a new cluster area, the CH node will have pairwise
keys with the SNs joining its cluster. Since every SN shares a pair wise key with its
purposes. Every CH also creates a pairwise key with every other CH. Thus a pair wise
key exists for secure communication between CHs
Figure 7.1 Clustering
31
7.2. Multipath routing
paths doing data delivery. Redundancy management of multipath routing for intrusion
tolerance is achieved through two forms of redundancy: (a) source redundancy by
which ms SNs sensing a physical phenomenon in the same feature zone are used to
forward sensing data to their CH (referred to as the source CH); (b) path redundancy
by which mp paths are used to relay packets from the source CH to the PC through
intermediate CHs.
Figure 7.2 Multipath Routing
7.3. Voting Based IDS
To remove malicious nodes from the system, a voting-based distributed IDS is
applied periodically in every TIDS time interval. A CH is being assessed by its
neighbour CHs, and a SN is being assessed by its neighbour SNs. In each interval, m
neighbour nodes (at the CH or SN level) around a target node will be chosen
32
randomly as voters and each cast their votes based on their host IDS results to
collectively decide if the target node is still a good node. The m voters share their
votes through secure transmission using their pairwise keys. When the majority of
voters come to the conclusion that a target node is bad, then the target node is evicted
Figure 7.3 Find malicious nodes
7.4. Trust Evaluation
Trust enables a subset of the nodes to evaluate the behavior of neighboring
nodes and make decision about them. Trust values are usually obtained taking into
considerations different parameters such as personal reference also known as direct
trust and also getting recommendations from the neighboring nodes i.e. reference also
known as indirect trust and these parameters provided us a better assessment of
trustworthiness.
33
Figure 7.4 Trust Evaluation
34
CHAPTER 8
DATA FLOW DIAGRAM
Figure 8.1 Data Flow Diagram
35
CHAPTER 9
ALGORITHMS
9.1. CH execution for dynamic redundancy management
1.CH Execution:
2.Get next event
3.If event is TD timer then
4. determine radio range to maintain CH connectivity
5.determine optimal TIDS,m,ms,mp by table lookup bassed on the current estimated
density,CH radio range and compromise rate
6. notify SNs within the cluster of the new optimal settings of TIDS and m
7.else if event is query arrival then
8 . trigger multipath routing using ms and mp
9.else if event is Tclustering timer then
10. perform clustering
11.else if event is TIDS timer then
12. For each neighbour CH
13. if selected as a voter then
14. execute voting based intrusion detection
15.else / / event is data packet arrival
16. follow multipath routing protocol design to route the data packet.
9.2. SN execution for dynamic redundancy management
1.SN Execution
2.Get next event
3.If event is TD timer then
4. determine radio range to maintain SN connectivity within a cluster
5.else if event is control packet arrival from CH then
6. change the optimal settings of TIDS, and m
7.else if event is Tclustering timer then
8. perform clustering
36
9. else if event is TIDS timer then
10. For each neighbour SN
11. if selected as a voter then
12. execute voting based intrusion detection
13.else / / event is data packet arrival
14. follow multipath routing protocol design to route the data packet.
37
CHAPTER 10
CONCLUSION
Performed a tradeoff analysis of energy consumption vs. QoS gain in
reliability, timeliness, and security for redundancy management of clustered
heterogeneous wireless sensor networks utilizing multipath routing to answer user
queries. We developed a novel probability model to analyze the best redundancy level
in terms of path redundancy (mp) and source redundancy (ms), as well as the best
intrusion detection settings in terms of the number of voters (m) and the intrusion
invocation interval (TIDS) under the lifetime of a heterogeneous wireless sensor
network is maximized while satisfying the reliability, timeliness and security
requirements of query processing applications in the presence of unreliable wireless
communication and malicious nodes. Finally, we applied our analysis results to the
design of a dynamic redundancy management algorithm to identify and apply the best
design parameter settings at runtime in response to environment changes to prolong
the system lifetime.
For future work, explore more extensive malicious attacks in addition to
packet dropping and bad mouthing attacks, each with different implications to energy,
security and reliability, and investigate intrusion detection and multipath routing
based tolerance protocols to react to these attacks.
38
CHAPTER 11
APPENDIX A
CODING
#===================================
# Simulation parameters setup
#===================================
set val(chan) Channel/WirelessChannel ;# channel type
set val(prop) Propagation/TwoRayGround ;# radio-propagation model
set val(netif) Phy/WirelessPhy ;# network interface type
set val(mac) Mac/802_11 ;# MAC type
set val(ifq) Queue/DropTail/PriQueue ;# interface queue type
set val(ll) LL ;# link layer type
set val(ant) Antenna/OmniAntenna ;# antenna model
set val(ifqlen) 50 ;# max packet in ifq
set val(nn) 72 ;# number of mobilenodes
set val(rp) AODV ;# routing protocol
# set val(sce) scen
set val(x) 1000 ;# X dimension of topography
set val(y) 600 ;# Y dimension of topography
set val(stop) 16.0 ;# time of simulation end
#===================================
# Initialization
#===================================
#Create a ns simulator
set ns [new Simulator]
#Setup topography object
set topo [new Topography]
$topo load_flatgrid $val(x) $val(y)
create-god $val(nn)
#Open the NS trace file
set tracefile [open out.tr w]
$ns trace-all $tracefile
set rt [open Routingtable.tr w]
set param [open parameters w]
$ns trace-all $rt
#Open the NAM trace file
set namfile [open out.nam w]
$ns namtrace-all $namfile
$ns namtrace-all-wireless $namfile $val(x) $val(y)
set chan [new $val(chan)];#Create wireless channel
#===================================
# Mobile node parameter setup
39
#===================================
$ns node-config -adhocRouting $val(rp) \
-llType $val(ll) \
-macType $val(mac) \
-ifqType $val(ifq) \
-ifqLen $val(ifqlen) \
-antType $val(ant) \
-propType $val(prop) \
-phyType $val(netif) \
-channel $chan \
-topoInstance $topo \
-agentTrace ON \
-routerTrace ON \
-macTrace ON \
-movementTrace ON
# Energy model
$ns node-config -energyModel EnergyModel \
-initialEnergy 20 \
-txPower 0.9 \
-rxPower 0.8 \
-idlePower 0.0 \
-sensePower 0.0175
set hrate1 0
set hrate2 2
set hrate3 0
set hrate4 0
set hrate5 0
#===================================
# CLUSTER Definition
#===================================
#Create 7 clusters
$ns node-config -addressType hierarchical
AddrParams set domain_num 8 ;#number of domains
lappend cluster_num 1 1 1 1 1 1 1 1;#number of clusters domains
AddrParams set cluster_num $cluster_num ;
lappend nodes_num 10 10 10 10 10 10 10 2;#number of nodes in clusters
AddrParams set nodes_num $nodes_num ;#for each domain
set rng [new RNG]
$rng seed 0
# parameters for connections
set RVstart [new RandomVariable/Uniform]
$RVstart set min_ 0
$RVstart set max_ 1
$RVstart use-rng $rng
40
#We define two random parameters for each connections
for {set i 1} {$i<=$val(nn)} { incr i } {
set startT($i) [expr [$RVstart value]]
set dly($i) 1
#puts "startT($i) $startT($i) sec"
puts $param "$i $startT($i)"
}
$ns at 0.005 "$ns trace-annotate \"Creating nodes with transmission range of 150 meters\""
for { set a1 0} { $a1<$val(nn) } { incr a1} {
set ($a1) [expr rand()*512]
$ns at 0.0 "$n($a1) label $($a1)"
}
for { set a1 0} { $a1<$val(nn) } { incr a1} {
set energy($a1) 20
#$ns at 0.0 "$n($a1) label $energy($a1)"
$n($a1) color red
$ns at 0.0 "$n($a1) color red"
}
set energy1 [open energy.tr w]
proc energy {} {
global array names n ns array names val array names energy array names c energy1
set t [$ns now]
for {set i 0} {$i<$val(nn)} {incr i} {
if {$energy($i)>0.02} {
set energy($i) [expr $energy($i)-0.02]
#$ns at $t "$n($i) label $energy($i)"
puts $energy1 "$t $energy(1)"
}
}
$ns at [expr $t+0.5] "energy"
}
# Encryption functions
proc Encrypt {x1 x2 x3 x4 d} {
global Sum
set Sum [expr $x4 + [expr $x3 +[expr $x1 + $x2]]]
puts "node [$node_ id] received packet from \
$from with trip-time $rtt ms - contend: $mess - encrypted $originmess -hash: $hash"
puts [format "Encrypt = %0.2f" $Encrypt]
}
41
proc Decrypt {x1 x2 x3 x4 d} {
global Sum
set Sum [expr $x4 + [expr $x3 +[expr $x1 + $x2]]]
puts "node [$node_ id] received packet from \
$from with trip-time $rtt ms - contend: $mess - encrypted $originmess -hash: $hash"
puts [format "Dec = %0.2f" $Decrypt]
}
#===================================
# Applications Definition
#===================================
#Setup a CBR Application over UDP connection
set cbr0 [new Application/Traffic/CBR]
$cbr0 attach-agent $udp0
$cbr0 set packetSize_ 100
$cbr0 set rate_ 10Kb
#$cbr0 set random_ null
$ns at 1.0 "$ns trace-annotate \"Encrypted data is forwarding from node5 to ClusterHead1\""
$ns at 1.0 "$ns trace-annotate \"node5 starts forwards the data to ClusterHead1\""
$ns at 1.0 "$cbr0 start"
$ns at 5.0 "$cbr0 stop"
#$ns at 5.0 "$ns trace-annotate \"node5 stops forwards the data to ClusterHead1\""
42
$ns at 1.0 "$ns trace-annotate \"Encrypted data is forwarding from node15 to
ClusterHead2\""
ClusterHead2\""
ClusterHead2\""
ClusterHead3\""
43
ClusterHead3\""
ClusterHead3\""
ClusterHead5\""
ClusterHead5\""
44
#set cbr11 [new Application/Traffic/CBR]
#$cbr11 attach-agent $udp22
#$cbr11 set packetSize_ 100
#$cbr11 set rate_ 10Kb
#$ns at 1.0 "$cbr11 start"
#$ns at 40.0 "$cbr11 stop"
ClusterHead6\""
ClusterHead6\""
ClusterHead6\""
45
ClusterHead7\""
ClusterHead7\""
$ns at 3.5 "$ns trace-annotate \"Encrypted data is forwarding \""
$ns at 2.5 "$ns trace-annotate \"clusterhead1 starts forwards the data to ClusterHead4\""
46
$ns at 9.5 "$ns trace-annotate \"Data is Decrypting \""
$ns at 10.0 "$ns trace-annotate \"clusterhead6 starts forwards the data to AGGR\""
47
$ns at 10.0 "$ns trace-annotate \"Decrypted data is forwarding \""
$ns at 10.0 "$ns trace-annotate \"AGGR starts forwards the data to SINK\""
#Setup a CBR Application over TCP connection
#set cbr24 [new Application/Traffic/CBR]
#$cbr24 attach-agent $tcp50
#$cbr24 set packetSize_ 100
#$cbr24 set rate_ 10Kb
#$ns at 1.0 "$cbr24 start"
#$ns at 40.0 "$cbr24 stop"
$ns at 10.0 "$ns trace-annotate \"Decrypted data is forwarding \""
$ns at 10.5 "$ns trace-annotate \"AGGR starts forwards the data to SinkNode\""
$ns at 0.0 "$n(0) label CH1"
$ns at 0.0 "$n(70) label AGGR"
$ns at 0.0 "$n(71) label SINK"
#data transmision
proc attach-cbr-traffic { node sink size interval } {
global ns
set source [new Agent/UDP]
$ns attach-agent $node $source
set traffic [new Application/Traffic/CBR]
$traffic set packetSize_ $size
$traffic set interval_ $interval
$traffic attach-agent $source
$ns connect $source $sink
return $traffic
}
48
#===================================
# Termination
#===================================
#Define a 'finish' procedure
proc finish {} {
global ns tracefile namfile
$ns flush-trace
close $tracefile
close $namfile
exec nam out.nam &
exit 0
}
for {set i 0} {$i < $val(nn) } { incr i } {
$ns at $val(stop) "\$n($i) reset"
}
$ns at $val(stop) "$ns nam-end-wireless $val(stop)"
$ns at $val(stop) "finish"
$ns at $val(stop) "puts \"done\" ; $ns halt"
$ns run
49
CHAPTER 12
APPENDIX B
COMPARISON TABLE
EXISTING SYSTEM PROPOSED SYSTEM
By applying intrusion detection, the MTTF
value of the system under attack is increased.
Avoid forwarding of data to untrusted nodes
by considering the trust values of nodes, so
MTTF can be increased more.
Packet delivery ratio is achieved. Packet delivery ratio can be achieved in
higher rate.
Average delay. Delay is low.
Less secure. More secure.
50
CHAPTER 13
APPENDIX C
SCREENSHOTS
11.1 SCREENSHOTS
Fig 1.Pairwise Key Establishment
51
Fig 2.Data Transmission
52
Fig 3.Data Transmission to the base station
53
11.2 GRAPHS
Fig 1.Packet delivery ratio
54
Fig 2.Loss
55
Fig 3.Energy
56
Fig 4.Throughput
57
Fig 5.Delay
58
REFERENCES
[1] Hamid Al-Hamadi and Ing-Ray Chen, IEEE International Conference on
Electro/Information Technology (EIT 2011),Mankato, MN , pp 1-5, ISBN:978-1-
61284-465-7 DOI: 10.1109/ EIT.2011. 5978609. Adaptive Network Management for
Countering Selective Capture in Wireless Sensor Networks ,MAR 2002
[2] Bo Sun, Xuemei Shan, Yang Xiao Anomaly Detection based Secure In Network
Aggregation for Wireless Sensor Networks ,AUG 2003
[3] W. B. Heinzelman, A. P. Chandrakasan, and H. Balakrishnan, An application-
specific protocol architecture for wireless microsensor networks,IEEE Trans.
Wireless Commun., vol. 1, no. 4, pp. 660670,FEB 2005
[4] Xiaojiang Du, Mohsen Guizani,A Routing-Driven Elliptic Curve Cryptography
Based Key Management Scheme for Heterogeneous Sensor Networks,MAR 2005
[5] Chi-Tsun Cheng, Chi K. Tse, Francis C. M. Lau, Proceedings of the 6
th
International
Conference on Computer Information Systems and Industrial Management
Applications (CISIM '07). Minneapolis, MN, USA, pp.179 184, ISBN: 0-7695-
2894-5, DOI:10.1109/ CISIM.2007.38. A Clustering Algorithm for Wireless
Sensor Networks Based on Social Insect Colonie(AUG 2005)
[6] Ing-Ray Chen, Fenye Bao, MoonJeong Chang, and Jin-Hee Cho Dynamic
Trust Management for Delay Tolerant Networks and Its Application to Secure
Routing ,FEB 2006
[7] Carol J Fung, Jie Zhang, Issam Aib ,Dirichlet-Based Trust Management for Effective
Collaborative Intrusion Detection Networks, JAN 2007
[8] Distributed Fault Tolerant Algorithm for Identifying Node Failures in Wireless Sensor
Networks, Navneet N Tewani, Neeharika Ithapu, K Raghava Rao, Sheik Nissar Sami,
B. Sai Pradeep,V.Krishna Deepak (APR 2008)
[9] Himali Saxena, Chunyu Ai, Marco Valero, Yingshu Li,and Raheem Beyah DSF - A
Distributed Security Framework for Heterogeneous Wireless Sensor Networks,MAY
2008
[10] Mrutyunjaya Panda1 and Manas Ranjan Patra Ensemble Voting System for Anomaly
Based Network Intrusion Detection,NOV 2009
59
[11] Abdelkrim Hadjidj,Abdelmadjid Bouabdallah, Yacine Challal HDMRP: An Efficient
Fault-Tolerant Multipath Routing Protocol for Heterogeneous Wireless Sensor
Networks ,SEP 2009
[12] W. Lou and Y. Kwon, H-SPREAD: a hybrid multipath scheme for secure and
reliable data collection in wireless sensor networks, IEEE Trans. Veh. Technol.,
vol. 55, no. 4, pp. 13201330,FEB 2010
[13] Shio Kumar Singh, M P Singh and D K Singh, in 3rd IEEE International Symposium
on Network Computing and Applications, (NCA 2004),Boston, MA, pp.
343346Intrusion Detection Based Security Solution for Cluster-Based Wireless
Sensor Networks,MAY 2010
[14] Bhattasali T., Chaki R.: Lightweight Hierarchical Model For
HWSNET,International Journal of Advanced Smart Sensor Network
Systems(IJASSN), October 2011, Vol. 1, No. 2, pp. 17-32, ISSN: 2231-
4482[Online], 2231-5225[Print],DOI:10.5121/ ijassn. 2011.1202.SEP 2010
[15] E. Felemban, L. Chang-Gun, and E. Ekici, MMSPEED: multipath multi- SPEED
protocol for QoS guarantee of reliability and timeline in wireless sensor networks,
IEEE Trans. Mobile Comput., vol. 5, no6, pp. 738754,JAN 2011
[16] Krishna P.N Puttaswamy, Haitao Zheng Securing Structured Overlays against Identity
Attacks,OCT 2012
[17] Tapalina Bhattasali, Rituparna Chaki, Sugata Sanyal Sleep Deprivation Attack
Detection in Wireless Sensor Network,MAY 2012
[18] Fenye Bao, Ing-Ray Chen, MoonJeong Chang and Jin-Hee Cho Trust-Based
Intrusion Detection in Wireless Sensor Networks,MAR 2013
[19] V. Manjula and C. Chellapan Trust Based Node Replication Attack Detection
Protocol For Wireless Sensor Networks, SEP 2013
[20] A. Boukerch a, L. Xua and K. EL-Khati Trust-Based Security For Wireless Ad Hoc
And Sensor Networks, AUG 2006

WSN

Enviado por

Dados do documento

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

WSN

Enviado por

Direitos autorais:

Formatos disponíveis

IMPROVING THE FAULT TOLERANCE IN MULTIPATH ROUTING

OF HETEROGENOUS WIRELESS SENSOR NETWORKS

Você também pode gostar