IMPROVING THE FAULT TOLERANCE IN MULTIPATH ROUTING
OF HETEROGENOUS WIRELESS SENSOR NETWORKS
Submitted By SONA NELSON (Reg. No. 113112405013) of Department of Computer Science and Engineering VEL TECH MULTITECH Dr. RANGARAJAN Dr. SAKUNTHALA ENGINEERING COLLEGE (ACCREDITED BY NBA & ISO 9001:2008 CERTIFIED INSTITUTION) (Approved by AICTE, New Delhi & Affiliated to ANNA UNIVERSITY, CHENNAI) Avadi, Chennai-600 062 A PROJECT PHASE II REPORT Submitted To Faculty of Computer Science and Engineering in Partial Fulfillment of the Requirement for the Award of the Degree of MASTER OF ENGINEERING In COMPUTER SCIENCE AND ENGINEERING ANNA UNIVERSITY, CHENNAI JUNE 2014 VEL TECH MULTITECH Dr. RANGARAJAN Dr. SAKUNTHALA ENGINEERING COLLEGE (ACCREDITED BY NBA & ISO 9001:2008 CERTIFIED INSTITUTION) (Approved by AICTE, New Delhi & Affiliated to ANNA UNIVERSITY, CHENNAI) Avadi, Chennai-600 062 ________________________________________________________________ Date: ...../../2014 BONAFIDE CERTIFICATE Certified that the project report titled IMPROVING THE FAULT TOLERANCE IN MULTIPATH ROUTING OF HETEROGENOUS WIRELESS SENSOR NETWORKS, is a bonafide project work of SONA NELSON (Reg. No. 113112405013) who carried out research under my supervision certified further, that to the best of my knowledge the work reported here in does not form part of any other project report or dissertation on the basis of which a degree or award was conferred on an earlier occasion on this or any other candidate. SIGNATURE SIGNATURE Mr. N.INSOZHAN, M.E., Mr. R KARTHIKEYAN, M.E.,(Ph.D) INTERNAL GUIDE HEAD OF THE DEPARTMENT ASSISTANT PROFESSOR ASSISTANT PROFESSOR Dept. of Computer Science & Engg Dept. of Computer Science & Engg Vel Tech MultiTech Dr.Rangarajan Vel Tech MultiTech Dr.Rangarajan Dr.Sakunthala Engineering College Dr.Sakunthala Engineering College No 60, Avadi, Alamathi Road, Ch-62. No 60, Avadi, Alamathi Road, Ch-62. SIGNATURE Dr. V.RAJAMANI ME., Ph.D PRINCIPAL INTERNAL EXAMINER EXTERNAL EXAMINER CERTIFICATE FOR EVALUATION This is to certify that the project entitled IMPROVING THE FAULT TOLERANCE IN MULTIPATH ROUTING OF HETEROGENOUS WIRELES SENSOR NETWORKS is the bonafide record of work done by SONA NELSON (Reg No.113112405013) to carry out the project work under our guidance during the year 2013-2014 in partial fulfillment for the award of Master Of Engineering degree in Computer Science and Engineering conducted by Anna University Chennai. This project report was submitted for viva voice held on at VelTech Multitech Dr. Rangarajan Dr. Sakunthala Engineering College. INTERNAL EXAMINER EXTERNAL EXAMINER DATE ACKNOWLEDGEMENT I thank God Almighty for giving me such tremendous opportunity and support through the way of Vel Tech MultiTech Dr. Rangarajan Dr. Sakunthala Engineering College. I express my deep gratitude to the Founder & Chairman Prof. Col. Dr. R. Rangarajan, B.E (Elec.), B.E (Mech.), M.S (Auto.), D.Sc. and our Vice-Chairman Smt Dr. Sakunthala Ranagarajan MBBS. for the benefaction encouragement and facilities that were offering to us to carry out this project. I thank my Principal Dr. V.RAJAMANI ME,Ph.D and my dean Dr.V.PARTHASARATHY, M.E.,M.B.A,,Ph.D. who have always served as an inspiration for us to perform our institutes name and recognition. I would like to express our faithful thanks to our beloved HOD Mr. R. KARTHIKEYAN, M.E., and my respected Internal Project Guide, Mr. N.INSOZHAN, M.E., for having extended all the department facilities without slightest hesitation. I extend my gratitude to thank my Project Co-ordinator Mr. M. Ramesh Kumar, M.E., (Ph.D) for guiding me in every phase of the project development. Further I thank my Parents, Friends, Faculty members, supporting staff members of Computer Science & Engineering and PPT department for the help they extended to completion of this project. v ABSTRACT Security is one of an important factor to be considered seriously in wireless sensor networks. To provide redundancy management for heterogeneous wireless sensor networks (HWSNs), utilizing multipath routing to answer user queries in the presence of unreliable and malicious nodes. The objective of redundancy management is to exploit the tradeoff between energy consumption versus the gain in reliability, timeliness, and security to maximize the system lifetime. Here a voting based intrusion detection algorithm is used to detect and evict malicious node. The voting based IDS consider only attack such as bad mouthing and packet dropping attack. A probability model is used to analyze the best redundancy level in terms of path redundancy and source redundancy, as well as the best intrusion detection settings in terms of the number of voters and the intrusion invocation interval under which the lifetime of a HWSN is maximized. v vi . . , , , , . . , vii TABLE OF CONTENTS CHAPTER NO TITLE PAGE NO ABSTRACT v LIST OF FIGURES x LIST OF ABBREVIATIONS xi 1 INTRODUCTION 1 1.1 Introduction 1 1.2 Routing Challenges In Wireless Sensor Networks 2 1.3 Basic Principals In Designing Multipath Routing Protocols 3 1.4 Heterogeneous Wireless Sensor Networks 4 1.5 Security Threats 6 1.6 Application 9 1.7 Problem Definition And Objective 12 2 LITERATURE SURVEY 13 2.1 Adaptive Network Management for Countering Selective Capture in Wireless Sensor Networks 13 2.2 Anomaly Detection Based Secure In-Network Aggregation For Wireless Sensor Networks 13 2.3 An Application-Specific Protocol Architecture For Wireless Micro sensor Networks 14 viii 2.4 A Routing-Driven Elliptic Curve Cryptography Based Key Management Scheme For Heterogeneous Sensor Networks 14 2.5 A Clustering Algorithm For Wireless Sensor Networks Based On Social Insect Colonies 15 2.6 Dynamic Trust Management For Delay Tolerant Networks And Its Application To Secure Routing 15 2.7 Dirchlet-Based Trust Management for Effective Collaborative Intrusion Detection Networks 16 2.8 Distributed Fault Tolerant Algorithm For Identifying Node Failures In Wireless Sensor Networks 16 2.9 DSF - A Distributed Security Framework For Heterogeneous Wireless Sensor Networks 17 2.10 Ensemble Voting System For Anomaly Based Network Intrusion Detection 17 2.11 Hdmrp: An Efficient Fault-Tolerant Multipath Routing Protocol For Heterogeneous Wireless Sensor Networks 18 2.12 H-SPREAD: A Hybrid Multipath Scheme For Secure And Reliable Data Collection In Wireless Sensor Networks 18 2.13 Intrusion Detection Based Security Solution For Cluster- Based Wireless Sensor Networks 19 2.14 Lightweight Hierarchical Model For HWSNET 19 2.15 MMSPEED: Multipath Multi-SPEED Protocol For QoS Guarantee Of Reliability And Timeliness In Wireless Sensor Networks 20 2.16 Securing Structured Overlays Against Identity Attacks 20 ix 2.17 Sleep Deprivation Attack Detection In Wireless Sensor Network 21 2.18 Trust-Based Intrusion Detection in Wireless Sensor Networks 21 2.19 Trust Based Node Replication Attack Detection Protocol For Wireless Sensor Networks 22 2.20 Trust-Based Security For Wireless Ad Hoc And Sensor Networks 22 3 EXISTING SYSTEM 23 3.1 Existing System 23 3.2 Disadvantages 24 4 PROPOSED SYSTEM 25 4.1 Proposed System 25 4.2 Advantages 26 5 SYSTEM REQUIREMENTS 27 5.1 Hardware Requirements 27 5.2 Software Requirements 27 6 ARCHITECTURAL REPRESENTATION 28 6.1 System Architecture 28 7 MODULES 29 7.1 Cluster Formation 30 7.2 Multipath Routing 31 x 7.3 Voting Based IDS 32 7.4 Trust Evaluation 33 8 DATA FLOW DIAGRAM 34 9 ALGORITHMS 35 9.1 CH Execution For Dynamic Redundancy Management 35 9.2 SN Execution For Dynamic Redundancy Management 36 10 CONCLUSION 37 11 APPENDIX A CODINGS 38 12 APPENDIX B COMPARISON TABLE 49 13 APPENDIX C SCREENSHOTS 50 REFERENCES 58 xi LIST OF FIGURES FIGURE NO TITLE PAGE NO 1.1 Architecture of Wireless Sensor Networks 2 1.5.2 Selective Forwarding 7 1.5.3 Sinkhole Attacks 7 6.1 Architectural diagram 29 7.1 Multipath routing 31 7.2 Find malicious nodes 32 7.3 Estimate mean time to failure 32 7.4 Detection of sinkhole attack 33 8.1 Data flow diagram 34 xii LIST OF ABBREVIATIONS HWSN Heterogeneous Wireless Sensor Networks CH Cluster Head SN Sensor Nodes BS Base Station MTTF Mean Time To Failure PC Processing Centre 1 CHAPTER 1 INTRODUCTION 1.1. Introduction A wireless sensor network (WSN) usually consists of a large number of tiny sensor nodes (SNs) deployed in an operational area for data sensing, aggregating, and processing. HWSNET is a rapidly growing area in the real life applications like traffic, environment monitoring, healthcare, military applications, home automation, disaster monitoring. The exposure to natural environments and the inherent unreliability of wireless transmission make a WSN vulnerable to many attacks. SNs deployed in hostile environments for military applications also could be compromised through captures and become malicious. In heterogeneous sensor network, a large number of inexpensive nodes perform sensing, while a few nodes having comparatively more energy perform other tasks such as data filtering, transport. WSNET suffers from several drawbacks like limited energy, computation, and storage capabilities of sensor nodes. The clustering is an effective solution for achieving scalability, energy conservation and reliability. A lifetime of the network is determined by residual energy of the system, hence main and most important challenge in WSN is the efficient use of energy resources. Maximizing network lifetime is most important design objectives for all the sensor networks that need to run for a long time. One of the key techniques in improving lifetime of wireless sensor network is clustering. Clustering partitions sensor network into groups called as cluster, with high energy node among the sensor nodes acting as master of the cluster called as cluster head. Sensor nodes in cluster gather data from the region of interest and communicate it to the cluster head. Cluster head gather and aggregate the data and send it back to the BS. The tradeoff issue between energy consumption versus QoS gain becomes much more complicated when inside attacker are present as a path may be broken when a malicious node is on the path. This is especially the case in heterogeneous WSN (HWSN) environments in which CH nodes may take a more critical role in 2 gathering and routing sensing data. Thus, very likely the system would employ an intrusion detection system (IDS) with the goal to detect and remove malicious nodes Multipath routing is considered an effective mechanism for fault and intrusion tolerance to improve data delivery in WSNs. The basic idea is that the probability of at least one path reaching the sink node or base station increases as we have more paths doing data delivery. Multipath routing is used to improve reliability. . Figure.1.1 Architecture of Wireless Sensor Networks 1.2. Routing Challenges in Wireless Sensor Network 1.2.1 Data delivery model Data delivery model overcomes the problem of fault tolerance domain by providing the alternative path to save its data packets from nodes or link failures. It severely affect the routing protocol in wireless sensor network, especially with regard to use the limited energy of the node, security purpose, energy consumption and route immobility. 1.2.2 Scalability A system is said to be scalable if its effectiveness increases when the hardware is put-on and proportional to the capacity added. Routing schemes make efforts with the vast collection 3 of motes in WSNs which should be scalable enough to talk back to the events take place in the environment. 1.2.3 Resilience Sometimes, due to environment problem or battery consumption sensors erratically stop working. This problem is overcome by finding the alternate path when current-in use nodes stop operating. 1.2.4 Production cost The cost of single node is enough to justify the overall cost of the sensor network. So the cost of each sensor node should be kept low. 1.3. Basic Principals in Designing Multipath Routing Protocols 1.3.1 Path Discovery Since data transmission in wireless sensor networks is commonly performed through multi-hop data forwarding techniques, the main task of the route discovery process is to determine a set of intermediate nodes that should be selected to construct several paths from the source nodes towards the sink node. 1.3.2 Path Selection and Traffic Distribution After construction of multiple paths, another important issue that should be addressed is the selection of an adequate number of paths for data transmission purposes. According to the main intention of designing each multipath routing protocol, a certain number of paths should be selected to meet the performance demands of the intended application. Therefore, proposing a perfect path selection mechanism to choose a sufficient number of paths is the most important part of designing a high-performance multipath routing protocol. One protocol may decide to use only the best path for data transmission and keep additional paths as the backup paths for fault-tolerance purposes. 4 1.3.3. Path Maintenance Due to the resource constrains of sensor nodes and high dynamics of low- power wireless links, paths are highly error prone. Therefore, path reconstruction should be provided to reduce performance degradation. This is the main task of the path maintenance phase in multipath routing protocols. Path rediscovery process can be initiated in three different situations: (1) when an active path has failed, (2) when all the active paths have failed or, (3) when a certain number of active paths has failed. Since, the frequency of initiating route rediscovery process in the first approach is higher than for the two other approaches, using this strategy imposes a high overhead. 1.4. Heterogeneous Wireless Sensor Networks One type of typical applications of heterogeneous architecture is the indoor sensing application, e.g., the wireless sensor network in large-scale greenhouse. In order to guarantee the appropriate environment for plants growing, various sensors are deployed in the greenhouse to collect environment information (e.g. temperature, humidity, illumination intensity, concentration of CO2, concentration of O2, etc.) in real-time. And some actuators are deployed to affect the environment via opening or closing valves, or strengthening beam, and so on. To reduce the installation cost and complexity, the sensors always use battery-power and wireless channel. These sensors must conserve power, minimizing computation and communication, to maximize the network lifetime. Additional few nodes, i.e., heterogeneous nodes, which possess high-speed microprocessors and high-bandwidth, long distance network transceivers, are placed where standard wall sockets are available. These nodes can provide in- network data processing, longer-term storage, and access to building network infrastructures, such as Ethernet, etc. 1.4.1 Types of Heterogeneous Resources There are three common types of resource heterogeneity in sensor node: computational heterogeneity, link heterogeneity, and energy heterogeneity. Computational heterogeneity means that the heterogeneous node has a more powerful microprocessor and more memory than the normal node. With the powerful 5 computational resources, the heterogeneous nodes can provide complex data processing and longer-term storage. Link heterogeneity means that the heterogeneous node has high-bandwidth and long- distance network transceiver, such as Ethernet or 802.11 network, than the normal node. Link heterogeneity can provide more reliable data transmission. Energy heterogeneity means that the heterogeneous node is line powered, or its battery is replaceable. Among above three types of resource heterogeneity, the most important heterogeneity is the energy heterogeneity because both computational heterogeneity and link heterogeneity will consume more energy resource. If there is no energy heterogeneity, computational heterogeneity and link heterogeneity will bring negative impact to the whole sensor network, i.e., decreasing the network lifetime. 1.4.2 The impact of heterogeneous resources Prolonging network lifetime: In the heterogeneous wireless sensor network, all normal nodes can send data report to the sink via the nearest heterogeneous node. And the normal nodes, especially around the sink, dont need forward vast packets from other nodes. Under this data transmission scheme, the typical hops of data transmission are 2 and significantly less than the average hops in homogeneous sensor network. In other words, the average energy consumption for forwarding a packet from the normal nodes to the sink in heterogeneous sensor networks will be much less than the energy consumed in homogeneous sensor networks. With the size of network increasing, the gap of energy consumption between these two kinds of networks will be bigger and bigger. Improving reliability of data transmission: It is well know, that sensor network links tend to have low reliability. And each hop significantly lowers the end-to-end delivery rate. With heterogeneous nodes, there will be fewer hops between normal sensor nodes and the sink. So the heterogeneous sensor network can get much higher end-to-end delivery rate than the homogeneous sensor network. 6 Decreasing latency of data transportation: Computational heterogeneity can decrease the processing latency in immediate nodes. And link heterogeneity can decrease the waiting time in the transmitting queue. Fewer hops between sensor nodes and sink node also mean fewer forwarding latency. 1. 5. SECURITY THREATS 1.5.1 Spoofed, Altered, or Replayed Routing Information While sending the data, the information in transition may be spoofed, altered, replayed, or destroyed. Due to the short range transmission of the sensor nodes, an attacker with high processing power and larger communication range could attack several sensors simultaneously and modify transmitted information. 1.5.2 Selective Forwarding In this kind of attack a malicious node may decline to forward every message it gets, acting as black hole or it can forward some messages to the wrong receiver and simply drop others. 7 1.5.3 Sinkhole Attacks In the Sinkhole attack, the goal of the attacker is to attract all the traffic. Especially, in the case of a flooding based protocol the compromised node may listen to requests for routes, and then reply to the requesting node with messages containing a bogus route with the shortest path to the requested destination. 1.5.4 Sybil Attacks In Sybil attack the malicious node presents itself as multiple nodes. The attack of this type tries to degrade the usage and the efficiency of the distributed algorithms that are used. Sybil attack can be performed against distributed storage, routing, data aggregation, voting, fair resource allocation, and misbehavior detection. 1.5.4 Wormholes Wormhole attack is an attack in which the malicious node tunnels messages from one part of the network over a link, that doesnt exist normally, to another part of the network. The simplest form of the wormhole attack is to convince two nodes 8 that they are neighbours. This attack would likely be used in combination with selective forwarding or eavesdropping. 1.5.5 HELLO Flood Attacks This attack is based on the use by many protocols of broadcasting Hello messages to announce themselves in the network. So an attacker with higher range of transmission may send many Hello messages to a large number of nodes in a big area of the network. These nodes are then convinced that the attacker is their neighbor. Consequently the network is left in a state of confusion. 1.5.6 Acknowledgement Some wireless sensor network routing algorithms require link layer acknowledgements. A compromised node may exploit this by spoofing these acknowledgements, thus convincing the sender that a weak link is strong or a dead sensor is alive. 1.5.7 Sleep deprivation attack A particularly devastating attack is the sleep deprivation attack, where a malicious node forces legitimate nodes to waste their energy by resisting the sensor nodes from going into low power sleep mode. The goal of this attack is to maximize the power consumption of the target node, thereby decreasing its battery life. So, it is also known as battery exhaustion attack. 9 1.6. Applications 1.6.1 Area monitoring Area monitoring is a common application of WSNs. In area monitoring, the WSN is deployed over a region where some phenomenon is to be monitored. A military example is the use of sensors detects enemy intrusion; a civilian example is the geo-fencing of gas or oil pipelines. 1.6.2 Environmental/Earth monitoring The term Environmental Sensor Networks has evolved to cover many applications of WSNs to earth science research. This includes sensing volcanoes, oceans, glaciers, forests, etc. Some of the major areas are listed below. 1.6.3 Air quality monitoring The degree of pollution in the air has to be measured frequently in order to safeguard people and the environment from any kind of damages due to air pollution. In dangerous surroundings, real time monitoring of harmful gases is a concerning process because the weather can change with severe consequences in an immediate manner. Fortunately, wireless sensor networks have been launched to produce specific solutions for people. 1.6.4 Interior monitoring Observing the gas levels at vulnerable areas needs the usage of high-end, sophisticated equipment, capable to satisfy industrial regulations. Wireless internal monitoring solutions facilitate keep tabs on large areas as well as ensure the precise gas concentration degree. 1.6.5 Exterior monitoring External air quality monitoring needs the use of precise wireless sensors, rain & wind resistant solutions as well as energy reaping methods to assure extensive liberty to machine that will likely have tough access. 1.6.6 Air pollution monitoring 10 Wireless sensor networks have been deployed in several cities (Stockholm, London and Brisbane) to monitor the concentration of dangerous gases for citizens. These can take advantage of the ad-hoc wireless links rather than wired installations, which also make them more mobile for testing readings in different areas. There are various architectures that can be used for such applications as well as different kinds of data analysis and data mining that can be conducted. 1.6.7 Forest fire detection A network of Sensor Nodes can be installed in a forest to detect when a fire has started. The nodes can be equipped with sensors to measure temperature, humidity and gases which are produced by fire in the trees or vegetation. The early detection is crucial for a successful action of the firefighters; thanks to Wireless Sensor Networks, the fire brigade will be able to know when a fire is started and how it is spreading. 1.6.8 Landslide detection A landslide detection system makes use of a wireless sensor network to detect the slight movements of soil and changes in various parameters that may occur before or during a landslide. Through the data gathered it may be possible to know the occurrence of landslides long before it actually happens. 1.6.9 Water quality monitoring Water quality monitoring involves analyzing water properties in dams, rivers, lakes & oceans, as well as underground water reserves. The use of many wireless distributed sensors enables the creation of a more accurate map of the water status, and allows the permanent deployment of monitoring stations in locations of difficult access, without the need of manual data retrieval. 1.6.10 Natural disaster prevention Wireless sensor networks can effectively act to prevent the consequences of natural disasters, like floods. Wireless nodes have successfully been deployed in rivers where changes of the water levels have to be monitored in real time. 1.7. Problem Definition and Objective All sensors are subject to capture attacks, i.e., they are vulnerable to physical capture by the adversary after which their code is compromised and they become 11 inside attackers. Since all sensors are randomly located in the operational area, the same capture rate applies to both CHs and SNs, and, as a result, the compromised nodes are also randomly distributed in the operation area. Due to limited resources, we assume that when a node is compromised, it only performs two most energy conserving attacks, namely, bad-mouthing attacks (recommending a good node as a bad node and a bad node as a good node) when serving as a recommender, and packet dropping attacks when performing packet routing to disrupt the operation of the network. The main aim is effective redundancy management of a clustered HWSN to prolong its lifetime operation in the presence of unreliable and malicious nodes. The tradeoff between energy consumption vs. QoS gain in reliability, timeliness and security with the goal to maximize the lifetime of a clustered HWSN while satisfying application QoS requirements in the context of multipath routing. For the issue of intrusion tolerance through multipath routing, there are two major problems to solve: (1) how many paths to use and (2) what paths to use. Analyze the optimal amount of redundancy through which data are routed to a remote sink in the presence of unreliable and malicious nodes, so that the query success probability is maximized while maximizing the HWSN lifetime. We consider this optimization problem for the case in which a voting based distributed intrusion detection algorithm is applied to remove malicious nodes from the HWSN. Our contribution is a model-based analysis methodology by which the optimal multipath redundancy levels and intrusion detection settings may be identified for satisfying application QoS requirements while maximizing the lifetime of HWSNs. 12 CHAPTER 2 LITERATURE SURVEY Title: Adaptive Network Management for Countering Selective Capture in Wireless Sensor Networks(MAR 2012) Authors: Hamid Al-Hamadi and Ing-Ray Chen Analyze adaptive network management for countering selective capture which aims to compromise critical sensor nodes close to the base station in a wireless sensor network (WSN) to block data delivery. In this paper consider 3 countermeasures in the protocol design: (1) dynamic radio range adjustment; (2) multisource multipath routing for intrusion tolerance; and (3) voting-based intrusion detection. Identify the best protocol settings in terms of the best redundancy level used for multisource multipath routing, and the best number of voters and the intrusion invocation interval used for intrusion detection under which the lifetime of a WSN is maximized in the presence of selective capture which turns nodes into malicious nodes capable of performing packet dropping attacks and bad-mouthing attacks. Title: Anomaly Detection based Secure In-Network Aggregation for Wireless Sensor Networks (AUG 2007) Authors: Bo Sun, Xuemei Shan, Yang Xiao Secure in-network aggregation in Wireless Sensor Networks (WSNs) is a necessary and challenging task. Proposed an Extended Kalman Filter (EKF) based mechanism to detect false injected data. By monitoring behaviors of its neighbors and using EKF to predict their future states (actual in-network aggregated values), each node aims at setting up a normal range of the neighbors future transmitted aggregated. Apply an algorithm of combining Cumulative Summation (CUSUM) and Generalized Likelihood Ratio (GLR) to increase detection sensitivity. To overcome the limitations of local detection mechanisms, we illustrate how our proposed local detection approaches work together with the system monitoring module to differentiate between malicious events and emergency events. 13 Title: An Application-Specific Protocol Architecture For Wireless Microsensor Networks (FEB 2007) Authors: Wendi B. Heinzelman, Anantha P. Chandrakasan and Hari Balakrishnan Networking together hundreds or thousands of cheap micro sensor nodes allows users to accurately monitor a remote environment by intelligently combining the data from the individual nodes. A low-energy adaptive clustering hierarchy (LEACH), a protocol architecture for micro sensor networks that combines the ideas of energy-efficient cluster-based routing and media access together with application- specific data aggregation to achieve good performance in terms of system lifetime, latency, and application-perceived quality is proposed. LEACH includes a new, distributed cluster formation technique that enables self-organization of large numbers of nodes, algorithms for adapting clusters and rotating cluster head positions to evenly distribute the energy load among all the nodes, and techniques to enable distributed signal processing to save communication resources. Results show that LEACH can improve system lifetime by an order of magnitude compared with general-purpose multi hop approaches. Title: A Routing-Driven Elliptic Curve Cryptography Based Key Management Scheme for Heterogeneous Sensor Networks (MAR 2009) Authors: Xiaojiang Du, Mohsen Guizani, Yang Xiao, Hsiao-Hwa Chen Homogeneous ad hoc networks have poor performance and scalability. The many-to-one traffic pattern dominates in sensor networks, and hence a sensor may only communicate with a small portion of its neighbors. Key management is a fundamental security operation. Most existing key management schemes try to establish shared keys for all pairs of neighbor sensors, no matter whether these nodes communicate with each other or not, and this causes large overhead. In this paper, we adopt a Heterogeneous Sensor Network (HSN) model for better performance and security. We propose a novel routing-driven key management scheme, which only establishes shared keys for neighbour sensors that communicate with each other. We 14 utilize Elliptic Curve Cryptography in the design of an efficient key management scheme for sensor nodes. The performance evaluation and security analysis show that our key management scheme can provide better security with significant reductions on communication overhead, storage space and energy consumption than other key management schemes. Title: A Clustering Algorithm for Wireless Sensor Networks Based on Social Insect Colonies (AUG 2006) Authors: Chi-Tsun Cheng, Chi K. Tse, Francis C. M. Lau A wireless sensor network comprises a number of inexpensive power constrained wireless sensor nodes which collect data from the sensing environment and transmit them toward the remote base station in a coordinated way. Employing techniques of clustering can reduce energy consumption of wireless sensor nodes and prolong the network lifetime. This paper proposes a decentralized clustering algorithm for wireless sensor networks based on the structure of social insect colonies. The clustering algorithm is evaluated assuming a first-order radio model. Simulation results show that the proposed algorithm brings a consistent improvement over other decentralized and centralized clustering algorithms in terms of network lifetime and sensing coverage. Simulation results also show that the proposed algorithm can reduce delays in data collection processes. Title: Dynamic Trust Management for Delay Tolerant Networks and Its Application to Secure Routing (FEB 2013) Authors: Ing-Ray Chen, Fenye Bao, MoonJeong Chang, and Jin-Hee Cho In this paper, we design and validate a dynamic trust management protocol for secure routing optimization in DTN environments in the presence of well-behaved, selfish and malicious nodes. We develop a novel model-based methodology for the analysis of our trust protocol and validate it via extensive simulation. Address dynamic trust management, i.e., determining and applying the best operational settings at runtime in response to dynamically changing network conditions to minimize trust bias and to maximize the routing application performance. Performed a comparative analysis of our proposed routing protocol against Bayesian trust-based and non-trust based (PROPHET and epidemic) routing protocols. The results 15 demonstrate that our protocol is able to deal with selfish behaviours and is resilient against trust-related attacks. Trust-based routing protocol can effectively trade off message overhead and message delay for a significant gain in delivery ratio. Our trust based routing protocol operating under identified best settings outperforms Bayesian trust-based routing and PROPHET, and approaches the ideal performance of epidemic routing in delivery ratio and message delay without incurring high message or protocol maintenance overhead. Title: Dirichlet-Based Trust Management for Effective Collaborative Intrusion Detection Networks (JAN 2005) Authors: Carol J Fung, Jie Zhang, Issam Aib The accuracy of detecting intrusions within a Collaborative Intrusion Detection Network (CIDN) depends on the efficiency of collaboration between peer Intrusion Detection Systems (IDSes) as well as the security itself of the CIDN. In this paper, we propose Dirichlet-based trust management to measure the level of trust among IDSes according to their mutual experience. An acquaintance management algorithm is also proposed to allow each IDS to manage its acquaintances according to their trustworthiness. Our approach achieves strong scalability properties and is robust against common insider threats, resulting in an effective CIDN. We evaluate our approach based on a simulated CIDN, demonstrating its improved robustness, efficiency and scalability for collaborative intrusion detection in comparison with other existing models. Title: Distributed Fault Tolerant Algorithm for Identifying Node Failures in Wireless Sensor Networks (APR 2013) Authors: Navneet N Tewani, Neeharika Ithapu, K Raghava Rao, Sheik Nissar Sami, B. Sai Pradeep,V.Krishna Deepak A Wireless Sensor Network is a set of multiple connected components. Sometimes due to the failure of some of its nod8es, the sensor network communication fails. So that we consider this problem of node(s) failure termed as cut from the remaining nodes of a wireless sensor network. We propose an algorithm that allows (i) every node to detect when the connectivity to a specially designated node has been lost, and (ii) one or more nodes (that are connected to the special node after the cut) to detect the occurrence of the cut. The algorithm we 16 proposed is distributed and asynchronous i.e. every node needs to communicate with only those nodes that are within its communication range. The algorithm is based on the iterative computation of the nodes. The convergence rate of the underlying iterative scheme is independent of the size and structure of the network. In this algorithm we devised a way to solve the problem of redundant information at the destination which arises due to availability of information at every node that is initially sent from the source node. Title: DSF - A Distributed Security Framework for Heterogeneous Wireless Sensor Networks (MAY 2008) Authors: Himali Saxena, Chunyu Ai, Marco Valero, Yingshu Li, and Raheem Beyah Wireless sensor networks (WSNs) have many applications that handle sensitive information such as surveillance, reconnaissance, and target tracking. The current approach to defending against malicious threats is to develop mand deploy a specific defense mechanism for a specific attack. This work addresses the challenges with the traditional approach to securing sensor networks and presents a collaborative framework (the Distributed Security Framework - DSF) that can defend against all known attacks. The framework is extensible, therefore, as new attacks are discovered they can also be defended against. The DSF leverages existing defense mechanisms created by researchers. These defense mechanisms are distributed in such a way that they can, collectively, provide comprehensive defense to the network. The efficacy of the DSF is determined using simulations for scenarios consisting of multiple stationary and multiple mobile attackers. The simulation results show that though the DSF consumes more energy than single defense schemes, it can significantly enhance the network security even when the network is under multiple types of attacks. Title: Ensemble Voting System for Anomaly Based Network Intrusion Detection (NOV 2009) Authors: Mrutyunjaya Panda1 and Manas Ranjan Patra The growing dependence of modern society on telecommunication and information networks has become inevitable. Therefore, the security aspects of such networks play a strategic role in ensuring protection of data against misuse. Intrusion Detection systems (IDS) are meant to detect intruders who elude the first line 17 protection. Data mining techniques are being used for building effective IDS. In this paper we analyze the performance of some data classifiers in a heterogeneous environment using voting ensemble system with the purpose of detecting anomaly based network intrusions. Experimental results using KDDCup 1999 benchmark dataset demonstrate that the voting ensemble technique yield significantly better results in detecting intrusions when compared to other techniques. Title: HDMRP: An Efficient Fault-Tolerant Multipath Routing Protocol for Heterogeneous Wireless Sensor Networks (SEP 2009) Authors: Abdelkrim Hadjidj, Abdelmadjid Bouabdallah, Yacine Challal In wireless sensor networks, fault tolerance represents a key issue and a design goal of primary concern. Indeed, nodes in wireless sensor networks are prone to failure due to energy depletion or hostile environments. Multipath routing protocols are a category of solutions which enables the network to operate properly despite of faults. In this paper, we present a new multipath routing protocol which provides strong fault tolerance by increasing the number of constructed paths up to four times in some scenarios. Our protocol relies on a new multipath constructions paradigm that we have need specifically for heterogeneous WSN. We call this paradigm: energy- node- disjointness. Our approach leverages a reasonable increase in the cost of the network to a longer network lifetime and a higher resilience and fault tolerance. Title: H-SPREAD: A Hybrid Multipath Scheme for Secure and Reliable Data Collection in Wireless Sensor Networks (FEB 2003) Authors: Wenjing Lou and Younggoo Kwon Communication security and reliability are two important issues in any network. A hybrid multipath scheme (H-SPREAD) to improve both the security and reliability of this task in a potentially hostile and unreliable wireless sensor network is proposed. The new scheme is based on a distributed N-to-1 multipath discovery protocol, which is able to find multiple node-disjoint paths from every sensor node to the BS simultaneously in one route discovery process. On the other hand, in the face 18 of unreliable wireless links and/or sensor nodes, alternate path routing available at each sensor node improves the reliability of each packet transmission significantly results show that the hybrid multipath scheme is very efficient in improving both the security and reliability of the data collection service seamlessly Title: Intrusion Detection Based Security Solution for Cluster-Based Wireless Sensor Networks (MAY 2007) Authors: Shio Kumar Singh, M P Singh and D K Singh Wireless sensor network (WSN) is an emerging technology that shows great promise for various applications both for mass public and military. The sensing technology combined with processing power and wireless communication makes it lucrative for being exploited in abundance in future. In many important military and commercial applications, it is critical to protect a sensor network from malicious attacks, which presents a demand for providing security mechanisms in the network. In this paper, we propose a new approach of an Intrusion Detection Based Security Solution for Cluster-Based Wireless Sensor Networks. In the proposed methodology, an efficient MAC address based intruder tracking system has been developed for early intruder detection and its prevention. Title: Lightweight Hierarchical Model For HWSNET (SEPT 2010) Authors: Tapalina Bhattasali and Rituparna Chaki Security of HWSNET becomes a very important issue with the rapid development of HWSNET. Intrusion detection system is one of the major and efficient defensive methods against attacks in HWSNET. Because of different constraints of sensor networks, security solutions have to be designed with limited usage of computation and resources. A particularly devastating attack is the sleep deprivation attack. Here a malicious node forces legitimate nodes to waste their energy by resisting the sensor nodes from going into low power sleep mode. The target of this attack is to maximize the power consumption of the affected node, thereby decreasing its battery life. Existing works on sleep deprivation attack have mainly focused on mitigation using MAC based protocols, such as S-MAC (sensor MAC), T-MAC (timeout MAC), B-MAC (Berkley MAC), G-MAC (gateway MAC). In this article, a brief review of some of the recent intrusion detection systems in wireless sensor network environment is presented. Finally, a framework of cluster 19 based layered countermeasure for Insomnia Detection has been proposed for heterogeneous wireless sensor network (HWSNET) to efficiently detect sleep deprivation attack Title: MMSPEED: Multipath Multi-SPEED Protocol for QoS Guarantee of Reliability and Timeliness in Wireless Sensor Networks (JAN 2009) Authors: Emad Felemban, Chang-Gun Lee, Eylem Ekici In this paper, we present a novel packet delivery mechanism called Multi-Path and Multi-SPEED Routing Protocol (MMSPEED) for probabilistic QoS guarantee in wireless sensor networks. The QoS provisioning is performed in two quality domains, namely, timeliness and reliability. Multiple QoS levels are provided in the timeliness domain by guaranteeing multiple packet delivery speed options. In the reliability domain, various reliability requirements are supported by probabilistic multipath forwarding. These mechanisms for QoS provisioning are realized in a localized way without global network information by employing localized geographic packet forwarding augmented with dynamic compensation, which compensates for local decision inaccuracies as a packet travels towards its destination. This way, MMSPEED can guarantee end-to-end requirements in a localized way, which is desirable for scalability and adaptability to large scale dynamic sensor networks. Simulation results show that MMSPEED provides QoS differentiation in both reliability and timeliness domains and, as a result, significantly improves the effective capacity of a sensor network in terms of number of flows that meet both reliability and timeliness requirements up to 50 percent. Title: Securing Structured Overlays against Identity Attacks (OCT 2009) Authors: Krishna P.N. Puttaswamy, Haitao Zheng Structured overlay networks can greatly simplify data storage and management for a variety of distributed applications. Despite their attractive features, these overlays remain vulnerable to the Identity attack, where malicious nodes assume control of application components by intercepting and hijacking key-based routing 20 requests. Attackers can assume arbitrary application roles such as storage node for a given file, or return falsified contents of an online shoppers shopping cart. In this paper, we define a generalized form of the Identity attack, and propose a lightweight detection and tracking system that protects applications by redirecting traffic away from attackers. We describe how this attack can be amplified by a Sybil or Eclipse attack, and analyze the costs of performing such an attack. Finally, we present measurements of a deployed overlay that show our techniques to be significantly more lightweight than prior techniques, and highly effective at detecting and avoiding both single node and colluding attacks under a variety of conditions. Title: Sleep Deprivation Attack Detection in Wireless Sensor Network (MAY 2005) Authors: Tapalina Bhattasali, Rituparna Chaki, Sugata Sanyal Deployment of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maximize the power consumption of sensor nodes, so that their lifetime is minimized. The need is to design a model for detecting intrusions accurately in an energy efficient manner. This paper proposes a hierarchical framework based on distributed collaborative mechanism for detecting sleep deprivation torture in wireless sensor network efficiently. Proposed model uses anomaly detection technique in two steps to reduce the probability of false intrusion Title: Trust-Based Intrusion Detection in Wireless Sensor Networks (MAR 2005) Authors: Fenye Bao, Ing-Ray Chen, MoonJeong Chang and Jin-Hee A trust-based intrusion detection scheme utilizing a highly scalable hierarchical trust management protocol for clustered wireless sensor networks. A trust metric considering both quality of service (QoS) trust and social trust for detecting malicious nodes. By statistically analyzing peer-to-peer trust evaluation results collected from sensor nodes, each cluster head applies trust-based intrusion detection 21 to assess the trustworthiness and maliciousness of sensor nodes in its cluster. Cluster heads themselves are evaluated by the base station. Developed an analytical model based on stochastic Petri nets for performance evaluation of the proposed trust-based intrusion detection scheme, as well as a statistical method for calculating the false alarm probability. Analyzed the sensitivity of false alarms with respect to the minimum trust threshold below which a node is considered malicious. Results show that there exists an optimal trust threshold for minimizing false positives and false negatives. The optimal trust threshold differs depending on the anticipated wireless sensor network lifetime. Title: Trust Based Node Replication Attack Detection Protocol For Wireless Sensor Networks (SEP 2012) Authors: V. Manjula and C. Chellapan The harmful attack against Wireless Sensor Networks (WSN) is Node Replication attack, where one or more node(s) illegitimately claims an identity, are also called clone attack due to identity theft. The Node replication attack can be exceedingly injurious to many important functions of the sensor network such as routing, resource allocation and misbehaviour detection. This study proposes a method Randomized and Trust based witness finding strategy for replication attack detection mechanisms in wireless sensor networks (RTRADP) with trust factor. The proposed RTRADP method avoids malicious witnesses and maintains the detection rate of 100 to 86.7% when malicious witness percentage increases. But in existing approach detection rate is reduced from 100 to 0%, with increasing the malicious witness percentage. Title: Trust-Based Security For Wireless Ad Hoc And Sensor Networks (AUG 206) Authors: A. Boukerch a, L. Xua and K. EL-Khatib Using the trust and reputation management scheme to secure wireless sensor networks (WSNs) requires paying close attention to the incurred bandwidth and delay overhead. Providing security in wireless sensor networks is a major requirement for the acceptance and deployment of these networks. But achieving an acceptable level of security has been a difficult problem. The difficulty stems from the fact that wireless sensor networks have bandwidth and time constraints. A novel trust and 22 reputation management scheme that can protect the security of transacting entities is used. The scheme uses a localized trust and reputation management strategy, hence avoiding network-wide flooding. This approach enables each node in the network to establish a trust value with other interacting entities with minimal communication cost and acquisition latency. Extensive experimental results show that this scheme provides minimal overhead and can be adequately adopted for wireless sensor networks. 23 CHAPTER 3 EXISTING SYSTEM 3.1. Existing System A wireless sensor network is a large collection of sensor nodes with limited power supply and constrained computational capability. Sensor nodes operate in hostile environments such as battle fields and surveillance zones. The main responsibility of the sensor nodes in each application is to sense the target area and transmit their collected information to the sink node for further operations. Due to their operating nature, WSNs are often unattended, hence prone to several kinds of novel attacks. Clustering is an effective solution for achieving scalability, energy conservation, and reliability. Nodes are grouped into clusters, and within each cluster, a node with superior resources are elected as cluster head (CH). Nodes with lesser energy are used as sensor nodes. A sensor node senses the data from the environment and forwards the sensed data to cluster head. Cluster head aggregates data from sensor nodes and routes the data to base station (BS). As part of clustering, a CH knows the locations of SNs within its cluster, and vice versa. A CH also knows the location of neighbour CHs along the direction towards the processing center. Multipath routing is considered an effective mechanism for fault and intrusion tolerance to improve data delivery in WSNs. The basic idea is that the probability of at least one path reaching the sink node or base station increases as we have more paths doing data delivery. Redundancy management of multipath routing for intrusion tolerance is achieved through two forms of redundancy: (a) source redundancy by which ms SNs sensing a physical phenomenon in the same feature zone are used to forward sensing data to their CH (referred to as the source CH); (b) path redundancy by which mp paths are used to relay packets from the source CH to the PC through intermediate CHs. To preserve confidentiality, we assume that the HWSN executes a pairwise key establishment protocol in a secure interval after deployment. Each node 24 establishes pairwise keys with its k-hop neighbours, where k is large enough to cover a cluster area. Thus, when SNs join a new cluster, the CH node will have pairwise keys with the SNs joining its cluster. Since every SN shares a pairwise key with its CH, a SN can encrypt data sent to the CH for confidentiality and authentication purposes. Every CH also creates a pairwise key with every other CH. Thus a pairwise key exists for secure communication between CHs. This mechanism is useful to prevent outside attackers, not inside attackers. To remove malicious nodes from the system, a voting-based distributed IDS is applied periodically in every TIDS time interval. A CH is being assessed by its neighbour CHs, and a SN is being assessed by its neighbour SNs. In each interval, m neighbour nodes (at the CH or SN level) around a target node will be chosen randomly as voters and each cast their votes based on their host IDS results to collectively decide if the target node is still a good node. The m voters share their votes through secure transmission using their pairwise keys. When the majority of voters come to the conclusion that a target node is bad, then the target node is evicted. 3.2. Disadvantages Not able to detect and remove insidious attacks such as sinkhole attack. Spoils the complete communication and a data loss between a pair of nodes as source node and a destination node. 25 CHAPTER 4 PROPOSED SYSTEM 4.1. Proposed System Trust-based IDS scheme considers the effect of both social trust and QoS trust on trustworthiness or maliciousness. Social trust may include friendship, honesty, privacy, similarity, centrality, and social ties (strengths). QoS trust may include competence, protocol conformance, reliability, task completion capability, etc. Hierarchical trust management protocol maintains two levels of trust: SN-level trust and CH-level trust. Each SN evaluates other SNs in the same cluster while each CH evaluates other CHs and SNs in its cluster. The peer-to-peer trust evaluation is periodically updated based on either direct observations or indirect observations. When two nodes are neighbors within radio range, they evaluate each other based on direct observations via snooping or overhearing. Each SN sends its trust evaluation results toward other SNs in the same cluster to its CH. Each CH performs trust evaluation toward all SNs within its cluster. Similarly, each CH sends its trust evaluation results toward other CHs in the WSN to the base station. The base station performs trust evaluation toward all CHs in the system. Our peer-to-peer trust evaluation process considers three different trust components as described earlier, namely, honesty, energy, and cooperativeness. The trust value that node i evaluates toward node j at time t, T i j (t) is represented as a real number in the range of [0,1] where 1 indicates complete trust, 0.5 ignorance, and 0 distrust. Where w1, w2, and w3 are weights associated with these three trust components with w1 + w2 + w3 = 1. 26 4.2. Advantages The system becomes more energy efficient. The data sent through this network will be less vulnerable to attacks. More attacks can be detected and removed using this intrusion detection system. MEAN TIME TO FAILURE can be increased. 27 CHAPTER 5 SYSTEM REQUIREMENTS 5.1. Software Requirements Operating system : Linux Language : C++,TCL,PERL Software Tool : NS2 5.2. Hardware Requirements Processor : Pentium IV RAM : 512 MB HDD : 80GB and above 28 CHAPTER 6 ARCHITECTURAL REPRESENTATION 6.1. System Architecture Nodes are grouped into clusters, and within each cluster, a node with more resources act as cluster head. Nodes with less number of resources act as sensor nodes. When a sensor node join a new cluster area, the CH node will have pairwise keys with the SNs joining its cluster. Since every SN shares a pair wise key with its CH, a SN can encrypt data sent to the CH for confidentiality and authentication purposes. Every CH also creates a pairwise key with every other CH. Thus a pair wise key exists for secure communication between CHs. Multipath routing is considered an effective mechanism for fault and intrusion tolerance to improve data delivery in WSNs. The basic idea is that the probability of at least one path reaching the sink node or base station increases as we have more paths doing data delivery. The sensor nodes within a cluster senses from environment. The cluster head aggregates the sensed data from the sensor nodes and route to the base station. The redundancy management of multipath routing for intrusion tolerance is achieved through two forms of redundancy: Source Redundancy and Path Redundancy. Source redundancy means, rather than sensing the data by a single source node, multiple source node senses from the environment and forwards the packet to the cluster head through multiple paths. The advantage of source redundancy is it will avoid retransmission of packets. Path redundancy means multiple path are used to relay packets from cluster head to the base station. During routing of packets, if any of the node is found as malicious node, transmission of data through that node is avoided. 29 Figure 6.1 Architectural Diagram 30 CHAPTER 7 MODULES 7.1 Cluster formation 7.2 Multipath routing 7.3 Voting based IDS 7.4Trust evaluation MODULES AND DESCRIPTION 7.1. Cluster Formation Nodes are grouped into clusters, and within each cluster, a node with more resources act as cluster head. Nodes with less number of resources act as sensor nodes. When a sensor node join a new cluster area, the CH node will have pairwise keys with the SNs joining its cluster. Since every SN shares a pair wise key with its CH, a SN can encrypt data sent to the CH for confidentiality and authentication purposes. Every CH also creates a pairwise key with every other CH. Thus a pair wise key exists for secure communication between CHs Figure 7.1 Clustering 31 7.2. Multipath routing Multipath routing is considered an effective mechanism for fault and intrusion tolerance to improve data delivery in WSNs. The basic idea is that the probability of at least one path reaching the sink node or base station increases as we have more paths doing data delivery. Redundancy management of multipath routing for intrusion tolerance is achieved through two forms of redundancy: (a) source redundancy by which ms SNs sensing a physical phenomenon in the same feature zone are used to forward sensing data to their CH (referred to as the source CH); (b) path redundancy by which mp paths are used to relay packets from the source CH to the PC through intermediate CHs. Figure 7.2 Multipath Routing 7.3. Voting Based IDS To remove malicious nodes from the system, a voting-based distributed IDS is applied periodically in every TIDS time interval. A CH is being assessed by its neighbour CHs, and a SN is being assessed by its neighbour SNs. In each interval, m neighbour nodes (at the CH or SN level) around a target node will be chosen 32 randomly as voters and each cast their votes based on their host IDS results to collectively decide if the target node is still a good node. The m voters share their votes through secure transmission using their pairwise keys. When the majority of voters come to the conclusion that a target node is bad, then the target node is evicted Figure 7.3 Find malicious nodes 7.4. Trust Evaluation Trust enables a subset of the nodes to evaluate the behavior of neighboring nodes and make decision about them. Trust values are usually obtained taking into considerations different parameters such as personal reference also known as direct trust and also getting recommendations from the neighboring nodes i.e. reference also known as indirect trust and these parameters provided us a better assessment of trustworthiness. 33 Figure 7.4 Trust Evaluation 34 CHAPTER 8 DATA FLOW DIAGRAM Figure 8.1 Data Flow Diagram 35 CHAPTER 9 ALGORITHMS 9.1. CH execution for dynamic redundancy management 1.CH Execution: 2.Get next event 3.If event is TD timer then 4. determine radio range to maintain CH connectivity 5.determine optimal TIDS,m,ms,mp by table lookup bassed on the current estimated density,CH radio range and compromise rate 6. notify SNs within the cluster of the new optimal settings of TIDS and m 7.else if event is query arrival then 8 . trigger multipath routing using ms and mp 9.else if event is Tclustering timer then 10. perform clustering 11.else if event is TIDS timer then 12. For each neighbour CH 13. if selected as a voter then 14. execute voting based intrusion detection 15.else / / event is data packet arrival 16. follow multipath routing protocol design to route the data packet. 9.2. SN execution for dynamic redundancy management 1.SN Execution 2.Get next event 3.If event is TD timer then 4. determine radio range to maintain SN connectivity within a cluster 5.else if event is control packet arrival from CH then 6. change the optimal settings of TIDS, and m 7.else if event is Tclustering timer then 8. perform clustering 36 9. else if event is TIDS timer then 10. For each neighbour SN 11. if selected as a voter then 12. execute voting based intrusion detection 13.else / / event is data packet arrival 14. follow multipath routing protocol design to route the data packet. 37 CHAPTER 10 CONCLUSION Performed a tradeoff analysis of energy consumption vs. QoS gain in reliability, timeliness, and security for redundancy management of clustered heterogeneous wireless sensor networks utilizing multipath routing to answer user queries. We developed a novel probability model to analyze the best redundancy level in terms of path redundancy (mp) and source redundancy (ms), as well as the best intrusion detection settings in terms of the number of voters (m) and the intrusion invocation interval (TIDS) under the lifetime of a heterogeneous wireless sensor network is maximized while satisfying the reliability, timeliness and security requirements of query processing applications in the presence of unreliable wireless communication and malicious nodes. Finally, we applied our analysis results to the design of a dynamic redundancy management algorithm to identify and apply the best design parameter settings at runtime in response to environment changes to prolong the system lifetime. For future work, explore more extensive malicious attacks in addition to packet dropping and bad mouthing attacks, each with different implications to energy, security and reliability, and investigate intrusion detection and multipath routing based tolerance protocols to react to these attacks. 38 CHAPTER 11 APPENDIX A CODING #=================================== # Simulation parameters setup #=================================== set val(chan) Channel/WirelessChannel ;# channel type set val(prop) Propagation/TwoRayGround ;# radio-propagation model set val(netif) Phy/WirelessPhy ;# network interface type set val(mac) Mac/802_11 ;# MAC type set val(ifq) Queue/DropTail/PriQueue ;# interface queue type set val(ll) LL ;# link layer type set val(ant) Antenna/OmniAntenna ;# antenna model set val(ifqlen) 50 ;# max packet in ifq set val(nn) 72 ;# number of mobilenodes set val(rp) AODV ;# routing protocol # set val(sce) scen set val(x) 1000 ;# X dimension of topography set val(y) 600 ;# Y dimension of topography set val(stop) 16.0 ;# time of simulation end #=================================== # Initialization #=================================== #Create a ns simulator set ns [new Simulator] #Setup topography object set topo [new Topography] $topo load_flatgrid $val(x) $val(y) create-god $val(nn) #Open the NS trace file set tracefile [open out.tr w] $ns trace-all $tracefile set rt [open Routingtable.tr w] set param [open parameters w] $ns trace-all $rt #Open the NAM trace file set namfile [open out.nam w] $ns namtrace-all $namfile $ns namtrace-all-wireless $namfile $val(x) $val(y) set chan [new $val(chan)];#Create wireless channel #=================================== # Mobile node parameter setup 39 #=================================== $ns node-config -adhocRouting $val(rp) \ -llType $val(ll) \ -macType $val(mac) \ -ifqType $val(ifq) \ -ifqLen $val(ifqlen) \ -antType $val(ant) \ -propType $val(prop) \ -phyType $val(netif) \ -channel $chan \ -topoInstance $topo \ -agentTrace ON \ -routerTrace ON \ -macTrace ON \ -movementTrace ON # Energy model $ns node-config -energyModel EnergyModel \ -initialEnergy 20 \ -txPower 0.9 \ -rxPower 0.8 \ -idlePower 0.0 \ -sensePower 0.0175 set hrate1 0 set hrate2 2 set hrate3 0 set hrate4 0 set hrate5 0 #=================================== # CLUSTER Definition #=================================== #Create 7 clusters $ns node-config -addressType hierarchical AddrParams set domain_num 8 ;#number of domains lappend cluster_num 1 1 1 1 1 1 1 1;#number of clusters domains AddrParams set cluster_num $cluster_num ; lappend nodes_num 10 10 10 10 10 10 10 2;#number of nodes in clusters AddrParams set nodes_num $nodes_num ;#for each domain set rng [new RNG] $rng seed 0 # parameters for connections set RVstart [new RandomVariable/Uniform] $RVstart set min_ 0 $RVstart set max_ 1 $RVstart use-rng $rng 40 #We define two random parameters for each connections for {set i 1} {$i<=$val(nn)} { incr i } { set startT($i) [expr [$RVstart value]] set dly($i) 1 #puts "startT($i) $startT($i) sec" puts $param "$i $startT($i)" } $ns at 0.005 "$ns trace-annotate \"Creating nodes with transmission range of 150 meters\"" for { set a1 0} { $a1<$val(nn) } { incr a1} { set ($a1) [expr rand()*512] $ns at 0.0 "$n($a1) label $($a1)" } for { set a1 0} { $a1<$val(nn) } { incr a1} { set energy($a1) 20 #$ns at 0.0 "$n($a1) label $energy($a1)" $n($a1) color red $ns at 0.0 "$n($a1) color red" } set energy1 [open energy.tr w] proc energy {} { global array names n ns array names val array names energy array names c energy1 set t [$ns now] for {set i 0} {$i<$val(nn)} {incr i} { if {$energy($i)>0.02} { set energy($i) [expr $energy($i)-0.02] #$ns at $t "$n($i) label $energy($i)" puts $energy1 "$t $energy(1)" } } $ns at [expr $t+0.5] "energy" } # Encryption functions proc Encrypt {x1 x2 x3 x4 d} { global Sum set Sum [expr $x4 + [expr $x3 +[expr $x1 + $x2]]] puts "node [$node_ id] received packet from \ $from with trip-time $rtt ms - contend: $mess - encrypted $originmess -hash: $hash" puts [format "Encrypt = %0.2f" $Encrypt] } 41 proc Decrypt {x1 x2 x3 x4 d} { global Sum set Sum [expr $x4 + [expr $x3 +[expr $x1 + $x2]]] puts "node [$node_ id] received packet from \ $from with trip-time $rtt ms - contend: $mess - encrypted $originmess -hash: $hash" puts [format "Dec = %0.2f" $Decrypt] } #=================================== # Applications Definition #=================================== #Setup a CBR Application over UDP connection set cbr0 [new Application/Traffic/CBR] $cbr0 attach-agent $udp0 $cbr0 set packetSize_ 100 $cbr0 set rate_ 10Kb #$cbr0 set random_ null $ns at 1.0 "$ns trace-annotate \"Encrypted data is forwarding from node5 to ClusterHead1\"" $ns at 1.0 "$ns trace-annotate \"node5 starts forwards the data to ClusterHead1\"" $ns at 1.0 "$cbr0 start" $ns at 5.0 "$cbr0 stop" #$ns at 5.0 "$ns trace-annotate \"node5 stops forwards the data to ClusterHead1\"" #Setup a CBR Application over UDP connection set cbr1 [new Application/Traffic/CBR] $cbr1 attach-agent $udp2 $cbr1 set packetSize_ 100 $cbr1 set rate_ 10Kb #$cbr1 set random_ null $ns at 1.5 "$ns trace-annotate \"Encrypted data is forwarding from node3 to ClusterHead1\"" $ns at 1.5 "$cbr1 start" $ns at 5.5 "$cbr1 stop" $ns at 1.5 "$ns trace-annotate \"node3 starts forwards the data to ClusterHead1\"" #Setup a CBR Application over UDP connection set cbr2 [new Application/Traffic/CBR] $cbr2 attach-agent $udp4 $cbr2 set packetSize_ 100 $cbr2 set rate_ 10Kb #$cbr2 set random_ null $ns at 2.0 "$ns trace-annotate \"Encrypted data is forwarding from node2 to ClusterHead1\"" $ns at 2.0 "$cbr2 start" $ns at 5.0 "$cbr2 stop" $ns at 2.0 "$ns trace-annotate \"node2 starts forwards the data to ClusterHead1\"" 42 #Setup a CBR Application over UDP connection set cbr3 [new Application/Traffic/CBR] $cbr3 attach-agent $udp6 $cbr3 set packetSize_ 100 $cbr3 set rate_ 10Kb #$cbr3 set random_ null $ns at 1.0 "$ns trace-annotate \"Encrypted data is forwarding from node15 to ClusterHead2\"" $ns at 1.0 "$cbr3 start" $ns at 5.0 "$cbr3 stop" $ns at 1.0 "$ns trace-annotate \"node15 starts forwards the data to ClusterHead2\"" #Setup a CBR Application over UDP connection set cbr4 [new Application/Traffic/CBR] $cbr4 attach-agent $udp8 $cbr4 set packetSize_ 100 $cbr4 set rate_ 10Kb #$cbr4 set random_ null $ns at 1.8 "$ns trace-annotate \"Encrypted data is forwarding from node18 to ClusterHead2\"" $ns at 1.8 "$cbr4 start" $ns at 5.0 "$cbr4 stop" $ns at 1.8 "$ns trace-annotate \"node18 starts forwards the data to ClusterHead2\"" #Setup a CBR Application over UDP connection set cbr5 [new Application/Traffic/CBR] $cbr5 attach-agent $udp10 $cbr5 set packetSize_ 100 $cbr5 set rate_ 10Kb #$cbr5 set random_ null $ns at 2.0 "$ns trace-annotate \"Encrypted data is forwarding from node16 to ClusterHead2\"" $ns at 2.0 "$cbr5 start" $ns at 5.0 "$cbr5 stop" $ns at 2.0 "$ns trace-annotate \"node16 starts forwards the data to ClusterHead2\"" #Setup a CBR Application over UDP connection set cbr6 [new Application/Traffic/CBR] $cbr6 attach-agent $udp12 $cbr6 set packetSize_ 100 $cbr6 set rate_ 10Kb #$cbr6 set random_ null $ns at 5.0 "$ns trace-annotate \"Encrypted data is forwarding from node23 to ClusterHead3\"" $ns at 5.0 "$cbr6 start" $ns at 7.0 "$cbr6 stop" $ns at 5.0 "$ns trace-annotate \"node23 starts forwards the data to ClusterHead3\"" #Setup a CBR Application over UDP connection 43 set cbr7 [new Application/Traffic/CBR] $cbr7 attach-agent $udp14 $cbr7 set packetSize_ 100 $cbr7 set rate_ 10Kb #$cbr7 set random_ null $ns at 5.0 "$ns trace-annotate \"Encrypted data is forwarding from node22 to ClusterHead3\"" $ns at 5.0 "$cbr7 start" $ns at 7.0 "$cbr7 stop" $ns at 5.0 "$ns trace-annotate \"node22 starts forwards the data to ClusterHead3\"" #Setup a CBR Application over UDP connection set cbr8 [new Application/Traffic/CBR] $cbr8 attach-agent $udp16 $cbr8 set packetSize_ 100 $cbr8 set rate_ 10Kb #$cbr8 set random_ null $ns at 8.0 "$ns trace-annotate \"Encrypted data is forwarding from node25 to ClusterHead3\"" $ns at 8.0 "$cbr8 start" $ns at 10.0 "$cbr8 stop" $ns at 8.0 "$ns trace-annotate \"node25 starts forwards the data to ClusterHead3\"" #Setup a CBR Application over UDP connection set cbr9 [new Application/Traffic/CBR] $cbr9 attach-agent $udp18 $cbr9 set packetSize_ 100 $cbr9 set rate_ 10Kb #$cbr9 set random_ null $ns at 7.50 "$ns trace-annotate \"Encrypted data is forwarding from node41 to ClusterHead5\"" $ns at 7.5 "$cbr9 start" $ns at 10.0 "$cbr9 stop" $ns at 10.0 "$ns trace-annotate \"node41 starts forwards the data to ClusterHead5\"" #Setup a CBR Application over UDP connection set cbr10 [new Application/Traffic/CBR] $cbr10 attach-agent $udp20 $cbr10 set packetSize_ 100 $cbr10 set rate_ 10Kb #$cbr10 set random_ null $ns at 8.0 "$ns trace-annotate \"Encrypted data is forwarding from node42 to ClusterHead5\"" $ns at 8.0 "$cbr10 start" $ns at 11.0 "$cbr10 stop" $ns at 8.0 "$ns trace-annotate \"node42 starts forwards the data to ClusterHead5\"" 44 #Setup a CBR Application over UDP connection #set cbr11 [new Application/Traffic/CBR] #$cbr11 attach-agent $udp22 #$cbr11 set packetSize_ 100 #$cbr11 set rate_ 10Kb #$cbr11 set random_ null #$ns at 1.0 "$cbr11 start" #$ns at 40.0 "$cbr11 stop" #Setup a CBR Application over UDP connection set cbr12 [new Application/Traffic/CBR] $cbr12 attach-agent $udp24 $cbr12 set packetSize_ 100 $cbr12 set rate_ 10Kb #$cbr12 set random_ null $ns at 11.0 "$ns trace-annotate \"Encrypted data is forwarding from node24 to ClusterHead6\"" $ns at 11.0 "$cbr12 start" $ns at 15.0 "$cbr12 stop" $ns at 11.0 "$ns trace-annotate \"node24 starts forwards the data to ClusterHead6\"" #Setup a CBR Application over UDP connection set cbr13 [new Application/Traffic/CBR] $cbr13 attach-agent $udp26 $cbr13 set packetSize_ 100 $cbr13 set rate_ 10Kb #$cbr13 set random_ null $ns at 11.0 "$ns trace-annotate \"Encrypted data is forwarding from node58 to ClusterHead6\"" $ns at 11.0 "$cbr13 start" $ns at 15.0 "$cbr13 stop" $ns at 11.0 "$ns trace-annotate \"node58 starts forwards the data to ClusterHead6\"" #Setup a CBR Application over UDP connection set cbr14 [new Application/Traffic/CBR] $cbr14 attach-agent $udp28 $cbr14 set packetSize_ 100 $cbr14 set rate_ 10Kb #$cbr14 set random_ null $ns at 11.0 "$ns trace-annotate \"Encrypted data is forwarding from node57 to ClusterHead6\"" $ns at 11.0 "$cbr14 start" $ns at 15.0 "$cbr14 stop" $ns at 11.0 "$ns trace-annotate \"node57 starts forwards the data to ClusterHead6\"" #Setup a CBR Application over UDP connection 45 set cbr15 [new Application/Traffic/CBR] $cbr15 attach-agent $udp30 $cbr15 set packetSize_ 100 $cbr15 set rate_ 10Kb #$cbr15 set random_ null $ns at 12.0 "$ns trace-annotate \"Encrypted data is forwarding from node67 to ClusterHead7\"" $ns at 12.0 "$cbr15 start" $ns at 17.0 "$cbr15 stop" $ns at 12.0 "$ns trace-annotate \"node67 starts forwards the data to ClusterHead7\"" #Setup a CBR Application over UDP connection set cbr16 [new Application/Traffic/CBR] $cbr16 attach-agent $udp32 $cbr16 set packetSize_ 100 $cbr16 set rate_ 10Kb #$cbr16 set random_ null $ns at 10.0 "$ns trace-annotate \"Encrypted data is forwarding from node62 to ClusterHead7\"" $ns at 10.0 "$cbr16 start" $ns at 12.0 "$cbr16 stop" $ns at 12.0 "$ns trace-annotate \"node62 starts forwards the data to ClusterHead7\"" #Setup a CBR Application over UDP connection set cbr17 [new Application/Traffic/CBR] $cbr17 attach-agent $udp34 $cbr17 set packetSize_ 100 $cbr17 set rate_ 10Kb #$cbr17 set random_ null $ns at 3.5 "$ns trace-annotate \"Encrypted data is forwarding \"" $ns at 3.5 "$cbr17 start" $ns at 8.5 "$cbr17 stop" $ns at 2.5 "$ns trace-annotate \"clusterhead1 starts forwards the data to ClusterHead4\"" #Setup a CBR Application over UDP connection set cbr18 [new Application/Traffic/CBR] $cbr18 attach-agent $udp36 $cbr18 set packetSize_ 100 $cbr18 set rate_ 10Kb #$cbr18 set random_ null $ns at 3.0 "$ns trace-annotate \"Encrypted data is forwarding \"" $ns at 3.0 "$cbr18 start" $ns at 10.0 "$cbr18 stop" $ns at 3.0 "$ns trace-annotate \"clusterhead2 starts forwards the data to ClusterHead3\"" #Setup a CBR Application over UDP connection set cbr19 [new Application/Traffic/CBR] 46 $cbr19 attach-agent $udp38 $cbr19 set packetSize_ 100 $cbr19 set rate_ 10Kb #$cbr19 set random_ null $ns at 8.0 "$ns trace-annotate \"Encrypted data is forwarding \"" $ns at 8.0 "$cbr19 start" $ns at 14.0 "$cbr19 stop" $ns at 5.0 "$ns trace-annotate \"clusterhead1 starts forwards the data to ClusterHead4\"" #Setup a CBR Application over UDP connection set cbr20 [new Application/Traffic/CBR] $cbr20 attach-agent $udp40 $cbr20 set packetSize_ 100 $cbr20 set rate_ 10Kb #$cbr20 set random_ null $ns at 3.0 "$ns trace-annotate \"Encrypted data is forwarding \"" $ns at 3.0 "$cbr20 start" $ns at 12.0 "$cbr20 stop" $ns at 3.0 "$ns trace-annotate \"clusterhead3 starts forwards the data to ClusterHead6\"" #Setup a CBR Application over UDP connection set cbr21 [new Application/Traffic/CBR] $cbr21 attach-agent $udp44 $cbr21 set packetSize_ 100 $cbr21 set rate_ 10Kb #$cbr21 set random_ null $ns at 5.0 "$ns trace-annotate \"Encrypted data is forwarding \"" $ns at 5.0 "$cbr21 start" $ns at 12.0 "$cbr21 stop" $ns at 5.0 "$ns trace-annotate \"clusterhead5 starts forwards the data to ClusterHead7\"" #Setup a CBR Application over UDP connection set cbr22 [new Application/Traffic/CBR] $cbr22 attach-agent $udp46 $cbr22 set packetSize_ 100 $cbr22 set rate_ 10Kb #$cbr22 set random_ null $ns at 10.0 "$ns trace-annotate \"Encrypted data is forwarding \"" $ns at 10.0 "$cbr22 start" $ns at 14.5 "$cbr22 stop" $ns at 9.5 "$ns trace-annotate \"Data is Decrypting \"" $ns at 10.0 "$ns trace-annotate \"clusterhead6 starts forwards the data to AGGR\"" #Setup a CBR Application over UDP connection set cbr23 [new Application/Traffic/CBR] $cbr23 attach-agent $udp48 $cbr23 set packetSize_ 100 $cbr23 set rate_ 10Kb 47 #$cbr23 set random_ null $ns at 10.0 "$ns trace-annotate \"Decrypted data is forwarding \"" $ns at 10.0 "$cbr23 start" $ns at 15.0 "$cbr23 stop" $ns at 10.0 "$ns trace-annotate \"AGGR starts forwards the data to SINK\"" #Setup a CBR Application over TCP connection #set cbr24 [new Application/Traffic/CBR] #$cbr24 attach-agent $tcp50 #$cbr24 set packetSize_ 100 #$cbr24 set rate_ 10Kb #$cbr24 set random_ null #$ns at 1.0 "$cbr24 start" #$ns at 40.0 "$cbr24 stop" #Setup a CBR Application over UDP connection set cbr25 [new Application/Traffic/CBR] $cbr25 attach-agent $udp53 $cbr25 set packetSize_ 100 $cbr25 set rate_ 10Kb #$cbr25 set random_ null $ns at 10.0 "$ns trace-annotate \"Decrypted data is forwarding \"" $ns at 10.0 "$cbr25 start" $ns at 14.99 "$cbr25 stop" $ns at 10.5 "$ns trace-annotate \"AGGR starts forwards the data to SinkNode\"" $ns at 0.0 "$n(0) label CH1" $ns at 0.0 "$n(10) label CH2" $ns at 0.0 "$n(20) label CH3" $ns at 0.0 "$n(30) label CH4" $ns at 0.0 "$n(40) label CH5" $ns at 0.0 "$n(50) label CH6" $ns at 0.0 "$n(60) label CH7" $ns at 0.0 "$n(70) label AGGR" $ns at 0.0 "$n(71) label SINK" #data transmision proc attach-cbr-traffic { node sink size interval } { global ns set source [new Agent/UDP] $ns attach-agent $node $source set traffic [new Application/Traffic/CBR] $traffic set packetSize_ $size $traffic set interval_ $interval $traffic attach-agent $source $ns connect $source $sink return $traffic } 48 #=================================== # Termination #=================================== #Define a 'finish' procedure proc finish {} { global ns tracefile namfile $ns flush-trace close $tracefile close $namfile exec nam out.nam & exit 0 } for {set i 0} {$i < $val(nn) } { incr i } { $ns at $val(stop) "\$n($i) reset" } $ns at $val(stop) "$ns nam-end-wireless $val(stop)" $ns at $val(stop) "finish" $ns at $val(stop) "puts \"done\" ; $ns halt" $ns run 49 CHAPTER 12 APPENDIX B COMPARISON TABLE EXISTING SYSTEM PROPOSED SYSTEM By applying intrusion detection, the MTTF value of the system under attack is increased. Avoid forwarding of data to untrusted nodes by considering the trust values of nodes, so MTTF can be increased more. Packet delivery ratio is achieved. Packet delivery ratio can be achieved in higher rate. Average delay. Delay is low. Less secure. More secure. 50 CHAPTER 13 APPENDIX C SCREENSHOTS 11.1 SCREENSHOTS Fig 1.Pairwise Key Establishment 51 Fig 2.Data Transmission 52 Fig 3.Data Transmission to the base station 53 11.2 GRAPHS Fig 1.Packet delivery ratio 54 Fig 2.Loss 55 Fig 3.Energy 56 Fig 4.Throughput 57 Fig 5.Delay 58 REFERENCES [1] Hamid Al-Hamadi and Ing-Ray Chen, IEEE International Conference on Electro/Information Technology (EIT 2011),Mankato, MN , pp 1-5, ISBN:978-1- 61284-465-7 DOI: 10.1109/ EIT.2011. 5978609. Adaptive Network Management for Countering Selective Capture in Wireless Sensor Networks ,MAR 2002 [2] Bo Sun, Xuemei Shan, Yang Xiao Anomaly Detection based Secure In Network Aggregation for Wireless Sensor Networks ,AUG 2003 [3] W. B. Heinzelman, A. P. Chandrakasan, and H. Balakrishnan, An application- specific protocol architecture for wireless microsensor networks,IEEE Trans. Wireless Commun., vol. 1, no. 4, pp. 660670,FEB 2005 [4] Xiaojiang Du, Mohsen Guizani,A Routing-Driven Elliptic Curve Cryptography Based Key Management Scheme for Heterogeneous Sensor Networks,MAR 2005 [5] Chi-Tsun Cheng, Chi K. Tse, Francis C. M. Lau, Proceedings of the 6 th International Conference on Computer Information Systems and Industrial Management Applications (CISIM '07). Minneapolis, MN, USA, pp.179 184, ISBN: 0-7695- 2894-5, DOI:10.1109/ CISIM.2007.38. A Clustering Algorithm for Wireless Sensor Networks Based on Social Insect Colonie(AUG 2005) [6] Ing-Ray Chen, Fenye Bao, MoonJeong Chang, and Jin-Hee Cho Dynamic Trust Management for Delay Tolerant Networks and Its Application to Secure Routing ,FEB 2006 [7] Carol J Fung, Jie Zhang, Issam Aib ,Dirichlet-Based Trust Management for Effective Collaborative Intrusion Detection Networks, JAN 2007 [8] Distributed Fault Tolerant Algorithm for Identifying Node Failures in Wireless Sensor Networks, Navneet N Tewani, Neeharika Ithapu, K Raghava Rao, Sheik Nissar Sami, B. Sai Pradeep,V.Krishna Deepak (APR 2008) [9] Himali Saxena, Chunyu Ai, Marco Valero, Yingshu Li,and Raheem Beyah DSF - A Distributed Security Framework for Heterogeneous Wireless Sensor Networks,MAY 2008 [10] Mrutyunjaya Panda1 and Manas Ranjan Patra Ensemble Voting System for Anomaly Based Network Intrusion Detection,NOV 2009 59 [11] Abdelkrim Hadjidj,Abdelmadjid Bouabdallah, Yacine Challal HDMRP: An Efficient Fault-Tolerant Multipath Routing Protocol for Heterogeneous Wireless Sensor Networks ,SEP 2009 [12] W. Lou and Y. Kwon, H-SPREAD: a hybrid multipath scheme for secure and reliable data collection in wireless sensor networks, IEEE Trans. Veh. Technol., vol. 55, no. 4, pp. 13201330,FEB 2010 [13] Shio Kumar Singh, M P Singh and D K Singh, in 3rd IEEE International Symposium on Network Computing and Applications, (NCA 2004),Boston, MA, pp. 343346Intrusion Detection Based Security Solution for Cluster-Based Wireless Sensor Networks,MAY 2010 [14] Bhattasali T., Chaki R.: Lightweight Hierarchical Model For HWSNET,International Journal of Advanced Smart Sensor Network Systems(IJASSN), October 2011, Vol. 1, No. 2, pp. 17-32, ISSN: 2231- 4482[Online], 2231-5225[Print],DOI:10.5121/ ijassn. 2011.1202.SEP 2010 [15] E. Felemban, L. Chang-Gun, and E. Ekici, MMSPEED: multipath multi- SPEED protocol for QoS guarantee of reliability and timeline in wireless sensor networks, IEEE Trans. Mobile Comput., vol. 5, no6, pp. 738754,JAN 2011 [16] Krishna P.N Puttaswamy, Haitao Zheng Securing Structured Overlays against Identity Attacks,OCT 2012 [17] Tapalina Bhattasali, Rituparna Chaki, Sugata Sanyal Sleep Deprivation Attack Detection in Wireless Sensor Network,MAY 2012 [18] Fenye Bao, Ing-Ray Chen, MoonJeong Chang and Jin-Hee Cho Trust-Based Intrusion Detection in Wireless Sensor Networks,MAR 2013 [19] V. Manjula and C. Chellapan Trust Based Node Replication Attack Detection Protocol For Wireless Sensor Networks, SEP 2013 [20] A. Boukerch a, L. Xua and K. EL-Khati Trust-Based Security For Wireless Ad Hoc And Sensor Networks, AUG 2006