Jamming Attacks and Secure Routing In Wireless Sensor Networks

advertisement

International Journal of Engineering Trends and Technology (IJETT) - Volume4 Issue8- August 2013

Jamming Attacks and Secure Routing In Wireless Sensor Networks

G. Ravi Kumar

#1

, B. Uma Mahesh

*2

Abstract— we consider about routing security in wireless sensor networks. Several sensor network routing protocols are planned; however none of them are designed with security as a goal. we tend to propose security goals for routing in sensor networks, show however attacks against ad-hoc and peer-to-peer networks is tailored into powerful attacks against sensor networks, introduce 2 categories of novel attacks against sensor networks

— sinkholes and hi floods, and analyze the protection of all the main sensor network routing protocols. We tend to describe incapacitating attacks against all of them and recommend countermeasures and style concerns. This is often the rest such analysis of secure routing in sensor networks.

Keywords— wireless sensor, Networking, Security, Attacks.

I.

I NTRODUCTION

Our focus is on routing security in wireless sensor networks. Current proposals for routing protocols in sensor networks

Optimize for the restricted capabilities of the nodes and therefore the application specific nature of the networks, however don't take into account Security. Though these protocols haven't been designed with security as a goal, we have a tendency to feel it's vital to investigate their Security properties. Once the defender has the liabilities of insecure wireless communication, restricted node capabilities, and possible insider threats, and therefore the adversaries will use powerful laptops with high energy and long vary communication to attack the network, planning a secure routing protocol is non-trivial. We have a tendency to present crippling attacks against all the foremost routing protocols for sensor networks. As a result of these protocols haven't been designed with security as a goal, it's expected they're all insecure. However, this is often} non-trivial to fix: it's unlikely a sensor network routing protocol can be created secure by incorporating security mechanisms when design has completed. Our assertion is that sensor network routing protocols should be designed with security in mind, and this can be the sole effective answer for secure routing in sensor networks.

We build five main contributions. We have a tendency to propose threat models and security goals for secure routing in wireless sensor networks. We have a tendency to introduce 2 novel categories of antecedent unregistered attacks against sensor networks1 swallow hole Attacks and howdy floods.

We show, for the primary time, however attacks against adhoc wireless networks and peer-to-peer networks [1], [2] is tailored into powerful attacks against sensor networks. We

1#

M.Tech 2nd year, Dept of CSE, AITS, Tirupati, AP, India

2*

Assistant Professor, Dept of CSE, AITS, Tirupati, AP, India have a tendency to present the primary detailed security analysis of all the foremost routing protocols and energy protective topology maintenance algorithms for sensor networks. We have a tendency to describe sensible attacks against all of them that may defeat any reasonable security goals. We have a tendency to discuss countermeasures and design concerns for secure routing protocols in sensor networks.

II. SENSOR NETWORKS VS. AD-HOC WIRELESS

NETWORKS

Wireless sensor networks share similarities with ad-hoc wireless networks. The dominant communication technique in each is multi-hop networking, however many vital distinctions is drawn between the 2. Ad-hoc networks generally support routing between any combine of nodes [4], [5], [6], [7], whereas sensor networks have an additional specialised communication pattern. Most traffic in sensor networks is classified into one in all 3 categories:

1) Many-to-one: Multiple sensor nodes send sensor readings to a base station or aggregation purpose within the network.

2) One-to-many: one node (typically a base station) multicasts or floods a question or control information to many

Sensor nodes.

3) Native communication: Neighbouring nodes send localized messages to get and coordinate with one another. A node could broadcast messages meant to be received by all neighbouring nodes or uncast messages meant for a solely single neighbor3. Nodes in ad-hoc networks have usually been thought of to possess restricted resources, sensor nodes are even additional forced. Of all of the resource constraints, restricted energy is that the most pressing. When preparation, several sensor networks are designed to be unattended for long periods and battery recharging or replacement could also be impossible or not possible. Nodes in sensor networks typically exhibit trust relationships on the far side people who are generally found in ad-hoc networks. Neighbour nodes in sensor networks typically witness equivalent or correlative environmental events. If every node sends a packet to the bottom station in response, precious energy and informationrmation measure are wasted. To prune these redundant messages to cut back traffic and save energy, sensor networks need in-network process, aggregation, and duplicate elimination. This typically 3By neighbour we have a tendency to mean a node at intervals normal radio vary.

ISSN: 2231-5381 http://www.ijettjournal.org

Page 3336

International Journal of Engineering Trends and Technology (IJETT) - Volume4 Issue8- August 2013

Fig.:1. Representative sensor network architecture.

Necessitates trust relationships between nodes that are not typically assumed in ad-hoc networks.

III. RELATED WORK

Security problems in ad-hoc networks are kind of like that in sensor networks and are well enumerated within the literature

[8], [9], however the defence mechanisms developed for adhoc networks aren't directly applicable to sensor networks.

There are many reasons for why this is often thus, however all of them relate to the variations between sensor and ad-hoc networks enumerated within the previous section. Some adhoc network security mechanisms for authentication and secure routing protocols are supported public key cryptography [8], [10], [11], [12], [13], [14], [15], [16]. Public key cryptography is just too high-priced for sensor nodes.

Security protocols for sensors networks should trust completely on efficient even key cryptography. Secure routing protocols for ad-hoc networks supported even key cryptography are planned [17], [18], [19], [20]. These protocols are supported supply routing or distance vector protocols and are unsuitable for sensor networks. {They are they’re} too high-priced in terms of node state and packet overhead and are designed to seek out and establish routes between any combine of nodes—a mode of communication not current in sensor networks. poet et al. [21] and Buchegger and Boudec [22] take into account the matter of minimizing the impact of is behaving or egotistical nodes on routing through penalty, reporting, and holding grudges. These application of those techniques to sensor networks is promising; however these protocols are susceptible to blackmailers. Perrig et al. [23] gift 2 building block security protocols optimized to be used in sensor networks, SNEP and

TESLA. SNEP provides confidentiality, authentication, and freshness between nodes and also the sink, and TESLA provides attested broadcast.

IV. PROBLEM STATEMENT

Before diving into specific routing protocols, it helps to own a clear statement of the routing security problem. Within the following sections we tend to define our assumptions regarding the underlying network, propose models for various categories of adversaries, and take into account security goals during this setting.

A. Network Assumptions as a result of sensor networks use wireless communications; we tend to should assume that radio links are insecure. At the very least, attackers will snoop on our radio transmissions, inject bits within the channel, and replay antecedent detected packets. we tend to assume that if the defender will deploy several sensor nodes, then the human can seemingly even be ready to deploy a number of malicious nodes with similar hardware capabilities because the legitimate nodes. The attacker might encounter these malicious nodes by buying them singly, or by “turning” a number of legitimate nodes by capturing them and physically overwriting their memory. We tend to assume that the attacker may need management of over one node, and these malicious nodes may interact to attack the system. Also, in some cases colluding nodes may need high-quality communications links accessible for coordinating their attack (see, e.g., Section VI-E for a method within which attackers may place such a capability to use). We tend to don't assume sensor nodes are tamper resistant. We tend to assume that if Associate in An human compromises a node, she will be able to extract all key material, data, and code hold on it node. Whereas tamper resistance could be a viable defence for physical node compromise for a few networks, we tend to don't see it as a general purpose resolution. Extraordinarily effective tamper resistance tends to feature important per-unit price, and sensor nodes are meant to be very cheap.

B. Trust necessities:

Since base stations interface a sensor network to the outside world, the compromise of a major variety of them will Render the whole network useless. For this reason we tend to assume that base stations are trustworthy, within the sense that they'll

Be trusty if necessary and are assumed to behave properly.

Most, however not all routing protocols rely upon nodes to trust Messages from base stations. Aggregation points are also trusty parts in sure protocols. Nodes might trust routing info from aggregation points and trust that messages sent to aggregation points are accurately combined with different messages and forwarded to a base station. Aggregation points are usually regular sensor nodes. It’s potential that adversaries might try and deploy malicious aggregation points or commit to flip presently compromised nodes into aggregation points.

For this reason aggregation points might not essentially be trustworthy.

C. Threat Models

An important distinction may be created between mote-class attackers and laptop-class attackers. Within the former case, the attacker has access to a number of sensor nodes with similar capabilities to our own, however not rather more than this. In distinction, a laptop-class attacker might have access to additional powerful sensors, like laptops or their equivalent.

Thus, within the latter case, malicious nodes have a bonus

ISSN: 2231-5381 http://www.ijettjournal.org

Page 3337

International Journal of Engineering Trends and Technology (IJETT) - Volume4 Issue8- August 2013 over legitimate nodes: they will have larger battery power, an additional capable central processing unit, a high-energy transmitter, or a sensitive antenna. Associate in An attacker with laptop-class sensors will do over Associate in An attacker with solely standard sensor nodes. A standard sensor node may solely be ready to jam the link in its immediate neck of the woods, whereas a laptop-class attacker could be ready to jam the whole sensor network exploitation its stronger transmitter. A single laptop-class attacker could be ready to snoop on a complete network, whereas sensor nodes would usually have a Limited vary. Also, laptop-class attackers may need a high information measure, low-latency communications channel not accessible to standard sensor nodes, permitting such attackers to coordinate their efforts. A second distinction may be created between outsider attacks and insider attacks. We’ve got to date been discussing outsider attacks, wherever the attacker has no special access to the sensor network. One may take into account insider attacks, wherever a certified participant within the sensor network has gone dangerous. insider attacks is also mounted from either compromised sensor nodes running malicious code or adversaries who have purloined the key material, code, and information from legitimate nodes, and who then use one or additional laptop-class sensors to attack the network.

D. Security Goals:

In the ideal world, a secure routing protocol ought to guarantee the integrity, believability, and convenience of messages within the presence of adversaries of discretionary power. Each eligible receiver ought to receive all messages meant for it and be ready to verify the integrity of each message similarly because the identity of the sender. In our read, protection against eavesdropping isn't a definite security goal of a secure routing algorithmic program. Secrecy is sometimes most relevant to application information, and it's arguably not the responsibility of a routing protocol to supply it. However, we tend to do take into account it the responsibility of a routing protocol to stop eavesdropping caused by misuse or abuse of the protocol itself.

Eavesdropping achieved by the biological research or rerouting of an information flow ought to be prevented, as an example. Similarly, we tend to believe protection against the replay of information packets shouldn't be a security goal of a secure routing protocol. This practicality is best provided at the appliance layer as a result of solely the appliance will absolutely and accurately discover the replay of information packets (as hostile retransmissions, for example).

In the presence of solely outsider adversaries, it's conceivable to realize these idealised goals but, within the presence of compromised or insider attackers, particularly those with laptop computer category capabilities, it's possible that some if not all of these goals aren't absolutely gettable. Rather, rather than complete compromise of the whole network, the most effective we will hope for within the presence of insider adversaries is swish degradation.

V. COUNTER MEASURES

A. Outsider attacks and link layer security

The majority of outsider attacks against sensor network routing protocols may be prevented by straightforward link layer cryptography and authentication employing a globally shared key. The Sybil attack is not any longer relevant as a result of nodes are unwilling to simply accept even one identity of the oppose. The bulk of selective forwarding and swallow wormhole attacks aren’t potential as a result of the oppose is prevented from connection the topology. Link layer acknowledgements will currently be authenticated. Major categories of attacks not countered by link layer cryptography and authentication mechanisms are wormhole attacks and hello flood attacks. though AN oppose is prevented from connection the network, nothing prevents her from employing a wormhole to tunnel packets sent by legitimate nodes in one half of} the network to legitimate nodes in Another pared to convert them their neighbours or by amplifying an overheard broadcast packet with enough power to be received by each node within the network. The attacks against TinyOS beaconing illustrate these techniques, and link layer security mechanisms will do nothing to prevent them. If a wormhole has been established, cryptography might create some selective forwarding attacks against packets using the wormhole harder, however clearly will do nothing to prevent

“black wormhole” selective forwarding. Link layer security mechanisms employing a globally shared key are completely ineffective in presence of insider attacks or compromised nodes. Insiders will attack the network by spoofing or injecting bestirred routing data, making sink wormholes, by selection forwarding packets, using the Sybil attack, and broadcasting hello floods. A lot of refined defence mechanisms are required to supply affordable protection against wormholes and insider attacks. We have a tendency to specialize in countermeasures against these attacks within the remaining sections.

B. The Sybil attack

An insider can't be prevented from collaborating within the network; however she ought to only be able to do thus using the identities of the nodes she has compromised.

Employing a globally shared key permits AN insider to masquerade as any (possibly even nonexistent) node.

Identities should be verified. Within the ancient setting, this could be done using public key cryptography, however generating and confirmative digital signatures is on the fare side the capabilities of sensor nodes. One resolution is to own each node share a singular even key with a trustworthy base station. 2 nodes will then use a Needham-Schroeder like protocol to verify every other’s identity and establish a shared key. A combine of neighbour nodes will use the ensuing key to implement AN authenticated, encrypted link between them.

So as to prevent AN insider from wandering around a

ISSN: 2231-5381 http://www.ijettjournal.org

Page 3338

International Journal of Engineering Trends and Technology (IJETT) - Volume4 Issue8- August 2013 stationary network and establishing shared keys with each node within the network, the bottom station will fairly limit the quantity of neighbours a node is allowed to own and send a slip message once a node exceeds it. Thus, once a node is compromised, it's restricted to (meaningfully) communication only with its verified neighbours. This is often to not say that nodes are taboo from causing messages to base stations or aggregation points multiple hops away, however they're restricted from using any node except their verified neighbours to try to thus. Additionally, AN oppose will still use a wormhole to make a man-made link between 2 nodes to convert them their neighbours, however the oppose won't be able to listen in on or modify any future communications between them.

C. hello flood attacks

The simplest defence against hello flood attacks is to verify the bidirectionality of a link before taking meaning action supported a message received over that link. The identification protocol described in Section VIII-B is enough to prevent hello flood attacks. Not only will it verify the bidirectionality of the link between 2 nodes, however even though a well-funded oppose had a sensitive receiver or had wormholes to a multiple locations within the network, a trustworthy base station that limits vareiety|the amount|the quantity} of verified neighbours for every node can still forestall hello flood attacks on large segments of the network once a tiny low number of nodes are compromised.

D. WORMHOLE AND SWALLOW WORMHOLE

ATTACKS

Wormhole and swallow wormhole attacks are terribly tough to defend against, particularly once the 2 are utilized in combination. Wormholes are laborious to observe as a result of they use a non-public, out-of-band channel invisible to the underlying sensor network.

Sink wormholes are tough to defend against in protocols that use publicised data like remaining energy or AN estimate of end-to-end dependability to construct a routing topology as a result of this data is tough to verify. Routes that minimize the hop-count to a base station are easier to verify, but hop-count may be completely distorted through a wormhole. Once routes are established merely supported the reception of a packet as in TinyOS beaconing or directed diffusion, sink wormholes are straightforward to make as a result of there's no data for a defender to verify. A method for sleuthing wormhole attacks is given in [1]; however it needs extraordinarily tight time synchronization and is so unfeasible for many sensor networks. As a result of its extraordinarily tough to retrofit existing protocols with defences against these attacks, the most effective resolution is to fastidiously style routing protocols during which wormholes and sink wormholes are no meaningful. As an example, one category of protocols proof against these attacks is geographic routing protocols.

Protocols that construct a topology initiated by a base station are most prone to wormhole and swallow wormhole attacks.

Geographic protocols construct a topology on demand using only localized interactions and knowledge and while not initiation from the bottom station. As a result of traffic is of course routed towards the physical location of a base station, it's tough to draw in it elsewhere to make a swallow wormhole. A wormhole is simplest once accustomed produce sink wormholes or artificial links that attract traffic. Artificial links are simply detected in geographic routing protocols as a result of the “neighbouring” nodes can notice the gap between them is well on the fare side traditional radio varies.

E. investment international data

A significant challenge in securing large sensor networks is their inherent self-organizing, localised nature. Once the network size is proscribed or the topology is well-structured or controlled, international data may be leveraged in security mechanisms. Take into account a relatively little network of around a hundred nodes or less. If it may be assumed that no nodes are compromised throughout preparation, then once the initial topology is created, every node may send data like neighbour nodes and its geographic location (if known) back to a base station. Using this data, the bottom station(s) will map the topology of the wormhole network. To account for topology changes attributable to radio interference or node failure, nodes would sporadically update a base station with the suitable data. Forceful or suspicious changes to the topology may indicate a node compromise, and therefore the acceptable action may be taken. We’ve mentioned why geographic routing may be relatively secure against wormhole, sink wormhole, and Sybil attacks, however the most remaining drawback is that location data publicised from neighbour nodes should be trustworthy. A compromised node advertising its location on a line between the targeted node and a base station can guarantee it's the destination for all forwarded packets from that node. Probabilistic choice of a next hop from many acceptable destinations or multipath

Routing to multiple base stations will facilitate with this drawback, however it's not good. Once a node should route around a “wormhole”, AN oppose will “help” by showing to be the sole affordable node to forwarded packets to.

Sufficiently limiting the structure of the topology will eliminate the need for nodes to advertise their locations if all nodes’ locations are acknowledge. As an example, nodes may be organized in a very grid with sq., triangular, or hex shaped cells. Each node will simply derive its neighbours’ locations from its own, and nodes may be self-addressed by location instead of by a symbol.

F. SELECTIVE FORWARDING

Even in protocols resistant to sink wormholes, wormholes, and therefore the Sybil attack, a compromised node contains an important chance of as well as itself on an information flow to launch a selective forwarding attack if it's strategically set close to the supply or a base station. Multipath routing may be accustomed counter these varieties of selective forwarding attacks. Messages routed over methods whose nodes are

ISSN: 2231-5381 http://www.ijettjournal.org

Page 3339

International Journal of Engineering Trends and Technology (IJETT) - Volume4 Issue8- August 2013 completely disjoint are completely protected against selective forwarding attacks involving at the most compromised nodes and still provide some probabilistic protection once over nodes are compromised. However, completely disjoint methods could also be tough to make. Adorned methods [30] might have nodes in common; however haven't any links in common (i.e., no 2 consecutive nodes in common). The employment of multiple adorned methods might give probabilistic protection against selective forwarding and use only localized data. Permitting nodes to dynamically opt for a packet’s next hop probabilistically from a collection of potential willdidates can more scale back the possibilities of

AN oppose gaining complete management of an information flow.

G. AUTHENTICATED BROADCAST AND FLOODING

Since base stations are trustworthy, adversaries should not be able to spoof broadcast or flooded messages from any base station. This needs some level of asymmetry: since each node within the network will probably be compromised, no node ought to be able to spoof messages from a base station; nevertheless each node ought to be able to verify them. Authenticated broadcast is additionally helpful for localized node interactions. Several protocols need nodes to broadcast hello messages to their neighbours. These messages ought to be authenticated and not possible to spoof.

Proposals for authenticated broadcast supposed to be used in a very a lot of typical setting either use digital signatures and/or have packet overhead that well exceed the length of typical sensor network packet. TESLA [23] could be a protocol for economical, authenticated broadcast and flooding that uses only even key cryptography and needs lowest packet overhead. TESLA achieves the imbalance necessary for authenticated broadcast and flooding by using delayed key revealing and unidirectional key chains made with a publically calculable cryptographically secure hash perform. Replay is prevented as a result of messages authenticated with antecedent disclosed keys are unnoticed.

_

TESLA additionally needs loose time synchronization.

Flooding [36] may be a strong suggests that for data dissemination in hostile environments as a result of it needs the set of compromised nodes to create a vertex cut on the underlying topology to prevent a message from reaching each node within the network. The downsides of flooding embody high messaging and corresponding energy prices, furthermore as potential losses caused by collisions. SPIN [37] and gossip mongering algorithms [38], [39] are techniques to cut back the messaging prices and collisions that still bring home the bacon sturdy probabilistic dissemination of Messages to each node within the network.

H. STEP OUTLINE

Link-layer cryptography and authentication, multipath routing, identification, bidirectional link verification, and authenticated broadcast will shield sensor network routing protocols against outsiders, bestirred routing data, Sybil attacks, hello floods, and acknowledgement spoofing, and it's possible to enhance existing protocols with these mechanisms.

Swallow wormhole attacks and wormholes create important challenges to secure routing protocol style, and its unlikely there exists effective countermeasures against these attacks that may be applied once the look of a protocol has completed.

It’s crucial to style routing protocols during which these attacks are no meaningful or ineffective. Geographic routing protocols are one category of protocols that holds promise.

VII. FINAL LIMITATIONS OF SECURE MULTI-HOP

ROUTING

A final limitation of building a multi-hop routing topology around a set of base stations is that those nodes inside one or 2 hops of the bottom stations are significantly enticing for compromise. Once a major range of those nodes are compromised, all is lost. This means that clustering protocols like LEACH wherever cluster-heads communicate directly with a base station might ultimately yield the foremost secure solutions against node compromise and insider attacks. An alternative choice could also be to own an every which way rotating set of “virtual” base stations to make AN overlay network. Once a collection of virtual base stations are elect, a multi-hop topology is built using them. The virtual base stations then communicate directly with the important base stations. The set of virtual base stations ought to be modified oft enough to create it tough for adversaries to decide on the

“right” nodes to compromise.

VIII. CONCLUSION

Secure routing is important to the acceptance and use of sensor networks for several applications; however we've incontestable that presently proposed routing protocols for these networks are insecure. We have a tendency to leave it as

AN open drawback to style a sensor network routing protocol that satisfies our proposed security goals. Link layer cryptography and authentication mechanisms may be an affordable 1st approximation for defence against mote-class outsiders, however cryptography isn't enough to defend against laptop-class adversaries and insiders: careful protocol style is required furthermore.

REFERENCES

[1] Y.-C. Hu, A. Perrig, and D. B. Johnson, “Wormhole detection in wireless ad hoc networks,” Department of Computer Science, Rice University, Tech.

Rep. TR01-384, June 2002.

[2] J. R. Douceur, “The Sybil Attack,” in 1st International Workshop on Peerto-Peer Systems (IPTPS ’02) , March 2002.

[3] J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler, and K. Pister,“System architecture directions for networked sensors,” in Proceedings of ACM

ASPLOS IX , November 2000.

[4] V. D. Park and M. S. Corson, “A highly adaptive distributed routing algorithm for mobile wireless networks,” in IEEE INFOCOM ’97 , 1997, pp.

1405–1413.

ISSN: 2231-5381 http://www.ijettjournal.org

Page 3340

International Journal of Engineering Trends and Technology (IJETT) - Volume4 Issue8- August 2013

[5] C. Perkins and E. Royer, “Ad-hoc on-demand distance vector routing,” in

MILCOM ’97 panel on Ad Hoc Networks , 1997.

[6] D. B. Johnson and D. A. Maltz, “Dynamic source routing in ad hoc wireless networks,” in Mobile Computing , Imielinski and Korth, Eds. Kluwer

Academic Publishers, 1996, vol. 353.

[7] C. Perkins and P. Bhagwat, “Highly dynamic destination-sequenced distance-vector routing (DSDV) for mobile computers,” in

ACM/SIGCOMM’94 Conference on Communications Architectures,

Protocols and Applications , 1994, pp. 234–244.

[8] L. Zhou and Z. Haas, “Securing ad hoc networks,” IEEE Network

Magazine , vol. 13, no. 6, November/December 1999.

[9] F. Stajano and R. J. Anderson, “The resurrecting duckling: Security issues for ad-hoc wireless networks,” in Seventh International Security Protocols

Workshop , 1999, pp. 172–194.

[10] J. Hubaux, L. Buttyan, and S. Capkun, “The quest for security in mobile ad hoc networks,” in Proceedings of the ACM Symposium on Mobile Ad Hoc

Networking and Computing (MobiHOC 2001) , 2001.

[11] J. Kong, P. Zerfos, H. Luo, S. Lu, and L. Zhang, “Providing robust and ubiquitous security support for mobile ad-hoc networks,” in ICNP , 2001,pp.

251–260.

[12] M. G. Zapata, “Secure ad-hoc on-demand distance vector (SAODV) routing,” IETF MANET Mailing List,

Message-ID: 3BC17B40.BBF52E09@nokia.com, Available ftp://manet.itd.nrl.navy.mil/pub/manet/2001-10.mail, October 8, 2001. at

[13] H. Luo, P. Zefros, J. Kong, S. Lu, and L. Zhang, “Self-securing ad hoc wireless networks,” in Seventh IEEE Symposium on Computers and

Communications (ISCC ’02) , 2002.

[14] J. Binkley and W. Trost, “Authenticated ad hoc routing at the link layer for mobile systems,” Wireless Networks , vol. 7, no. 2, pp. 139–145, 2001.

[15] B. Dahill, B. N. Levine, E. Royer, and C. Shields, “A secure routing protocol for ad-hoc networks,” Electrical Engineering and Computer Science,

University of Michigan, Tech. Rep. UM-CS-2001-037, August 2001.

[16] J. Kong, H. Luo, K. Xu, D. L. Gu, M. Gerla, and S. Lu, “Adaptive security for multi-layer ad-hoc networks,” Special Issue of Wireless

Communications and Mobile Computing, Wiley Interscience Press , 2002.

[17] Y.-C. Hu, D. B. Johnson, and A. Perrig, “SEAD: Secure efficient distance vector routing for mobile wireless ad hoc networks,” in Proceedings of the 4th IEEE Workshop on Mobile Computing Systems and Applications

(WMCSA 2002) , June 2002, pp. 3–13.

[18] Y.-C. Hu, A. Perrig, and D. B. Johnson, “Ariadne: A secure on-demand routing protocol for ad hoc networks,” Department of Computer Science, Rice

University, Tech. Rep. TR01-383, December 2001.

[19] S. Basagni, K. Herrin, E. Rosti, and D. Bruschi, “Secure pebblenets,” in

ACM International Symposium on Mobile Ad Hoc Networking and

Computing (MobiHoc 2001) , October 2001, pp. 156–163.

[20] P. Papadimitratos and Z. Haas, “Secure routing for mobile ad hoc networks,” in SCS Communication Networks and Distributed Systems

Modeling and Simulation Conference (CNDS 2002) , January 2002.

[21] S. Marti, T. J. Giuli, K. Lai, and M. Baker, “Mitigating routing misbehavior in mobile ad hoc networks,” in Sixth annual ACM/IEEE

Internation Conference on Mobile Computing and Networking , 2000, pp.

255–265.

[22] S. Buchegger and J.-Y. L. Boudec, “Nodes bearing grudges: Towards routing security, fairness, and robustness in mobile ad hoc networks,” in

Proceedings of the Tenth Euromicro Workshop on Parallel, Distributed and

Network-based Processing . Canary Islands, Spain: IEEE Computer Society,

January 2002, pp. 403–410.

[23] A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. Tygar, “SPINS:

Security protocols for sensor networks,” in Proceedings of Mobile

Networking and Computing 2001 , 2001.

[24] Castro and Liskov, “Practical byzantine fault tolerance,” in OSDI:

Symposium on Operating Systems Design and Implementation . USENIX

Association, Co-sponsored by IEEE TCOS and ACM SIGOPS, 1999.

[25] A. Banerjea, “A taxonomy of dispersity routing schemes for fault tolerant real-time channels,” in Proceedings of ECMAST , vol. 26, May 1996, pp. 129–148.

[26] K. Ishida, Y. Kakuda, and T. Kikuno, “A routing protocol for finding two node-disjoint paths in computer networks,” in Internation Conference on

Network Protocols , November 1992, pp. 340–347.

[27] Y. Xu, J. Heidemann, and D. Estrin, “Geography-informed energy conservation for ad hoc routing,” in Proceedings of the Seventh Annual

ACM/IEEE International Conference on Mobile Computing and Networking ,

2001.

[28] B. Chen, K. Jamieson, H. Balakrishnan, and R. Morris, “Span: An energy-efficient coordination algorithm for topology maintenance in ad hoc wireless networks,” ACM Wireless Networks Journal , vol. 8, no. 5, September

2002.

[29] C. Intanagonwiwat, R. Govindan, and D. Estrin, “Directed diffusion: A scalable and robust communication paradigm for sensor networks,” in

Proceedings of the Sixth Annual International Conference on Mobile

Computing and Networks (MobiCOM ’00) , August 2000.

[30] D. Ganesan, R. Govindan, S. Shenker, and D. Estrin, “Highly-resilient, energy-efficient multipath routing in wireless sensor networks,” Mobile

Computing and Communications Review , vol. 4, no. 5, October 2001.

[31] Y. Yu, R. Govindan, and D. Estrin, “Geographical and energy aware routing: A recursive data dissemination protocol for wireless sensor networks,” University of California at Los Angeles Computer Science

Department, Tech. Rep. UCLA/CSD-TR-01-0023, May 2001.

[32] B. Karp and H. T. Kung, “GPSR: greedy perimeter stateless routing for wireless networks,” in Mobile Computing and Networking , 2000, pp. 243–

254.

[33] F. Ye, A. Chen, S. Lu, and L. Zhang, “A scalable solution to minimum cost forwarding in large sensor networks,” in Tenth Internation Conference on Computer Communications and Networks , 2001, pp. 304–309.

[34] W. R. Heinzelman, A. Chandrakasan, and H. Balakrishnan,

“Energyefficient communication protocol for wireless microsensor networks,” in 33rd Annual Hawaii International Conference on System

Sciences , 2000, pp. 3005–3014.

[35] D. Braginsky and D. Estrin, “Rumour routing algorithm for sensor networks,” in First ACM International Workshop on Wireless Sensor

Networks and Applications , 2002.

ISSN: 2231-5381 http://www.ijettjournal.org

Page 3341

Download