International Journal of Engineering Trends and Technology (IJETT) – Volume 17 Number 2 – Nov 2014
An Empirical Model of Malicious Node detection
and Prevention with Data rating
Santoshi Kancherla1, Kollati Vijaya kumar2
1
1,2
Final M.Tech Student,2Assistant Professor
Department of CSE, Vignan's Institute of Engineering for women, Vadlamudi, Duvvada, Visakhapatnam, AP, India.
Abstract: Identification and prevention of malicious nodes
is always an interesting research issue in wireless sensor
networks. In this paper we are proposing an efficient
approach for identification of anonymous or malicious
node with signature and data rating techniques. Initially
every node can be verified genuine or malicious node with
signature mechanism and only genuine nodes can
communicate with each other based on the data ratings of
intermediate nodes, priority given to the nodes based of the
highest average data rating of in and out data packets and
secure transmission of data can be done with Triple DES
cryptographic algorithm.
The intruder detection in wireless sensor networks
is based on the base station level and where some
important predictions can be against the attacks. The
malicious node detection methods are proposed in many
existing approaches. The nodes differently based on the
hosting position and energy and the proximity of the nodes
from the base stations. In our malicious node detection
schemas we select an infrastructure for the sensor networks
having the attributes. That is sensor nodes are deployed by
manual installation. If node cannot get their self-area of
locations and the sensors through a single time
authentication method after their deployment in the field.
I. INTRODUCTION
The base station, sometimes called access point,
acting as a controller and as a key server, is assumed to be
a laptop class device and supplied with long-lasting power.
We also assume that the base station will not be
compromised. The measured values provided by each
sensor present a strong deterministic component rather than
a truly random (stochastic) one (e.g. wind speed or
temperature measurements in different locations). In this
case there exists a correlation between past values and the
current one.[4]
In wireless sensor networks are one of the main
domains of present days. Some of the main features of
wireless sensor networks are the property and the ability of
self-maintaining during the whole life cycle. The hosted in
any type of the environment are the attacks and without
high security the data passing through the network could be
listened and also manipulated. Based on the architecture
the wireless sensor network implementation and varies the
cost. The reading and writing operations of software is not
required for the network than the security of the network is
very high using proof hardware and leaving no chance of
usage for intruder purposes in an attacker.[1,3]
In any case an attacker, he will read new software
for malicious applications. It is a main prediction should be
taken in order to select the architecture and regarding the
hosting environment and the sensor network applications.
By preventing the corruption of the wireless sensor
networks by rewritten code and finds its solution detection
in instant decision from the topology in their recovery by
copying the original software
In wireless sensor network is collection of the
nodes deployed in the environment having the property of
self-organization in various from wired networks. The
intruder detection methods in wireless sensor networks
should take consideration in their limited architecture with
calculated power and the usage of the energy. The anomaly
detection identifies the published and unpublished attacks
by comparing the general behavior of the sensor node with
its activities. These types of the models may require large
resources for log files.
ISSN: 2231-5381
Efficient secret-key cryptography with predistributed keys using Skipjack, RC5 or AES algorithms to
encipher all data communications inside the sensor network
[8][9]; All these three types of encryption algorithms have
a common feature that makes them an attractive option in
case of sensor networks: they are able to encrypt short or
medium size messages, like the ones send by sensors and
received by base stations, in the case of limited power
consumption. By using such appropriate cryptographic
techniques the harmful potential of the passive
attacks(eavesdropping and traffic analysis) can be
neglected.
Probably the biggest threat for a wireless sensor
network is node-capturing attack [10] where an adversary
gains full control over sensor nodes through direct physical
access. This type of attack is fundamentally different from
the attacks already mentioned because it doesn’t rely on
security holes in protocols, broadcasting, operating
systems, etc. It is based on the geographic deployment of
the sensor nodes in the field.
Realistically, we cannot expect to control access
to hundreds of nodes spread over several kilometers and,
http://www.ijettjournal.org
Page 56
International Journal of Engineering Trends and Technology (IJETT) – Volume 17 Number 2 – Nov 2014
by this, we make a node capturing attack very possible. In
addition, sensors are rarely tamper resistant, so an attacker
can damage or replace sensors and computation hardware
or extract sensitive material such as cryptographic keys to
gain unrestricted access to higher levels of communication.
Moreover, all sensors are usually assumed to run
the same software, in particular, the same operating system.
Finding an appropriate bug in the sensor Network, through
reverse engineering techniques applied to the captured
sensor, allows the adversary to control the entire sensor
network.
II. RELATED WORK
Security issues of wireless sensor networks:
In traditional networks the security problems in
the wireless networks are faced with new security issues
and such attacks are passive attacks and the active attacks,
internal attacks and external attacks, host and network
attacks. These attacks are classified into different protocols
based on layers.
For physical layer there are physical capture and
radio interference attacks etc. For the data link layer there
are conflict on the frames and reducing of the energy
attacks etc. For network layer all the researches focus and
attacks from this layer. Consider an example false
messages and manipulation and sink hole attach and the
selective forwarding attack. For the transport layer is main
attack and out of memory attacks. For the application layer
attacks the data gathering and the task distribution etc.
which need the security methods.
The secure communication is required for sending
the data securely between the sensor networks. The
configuration goals of the network will based in the needs
that protects the data packets. It shares the features of the
networks and also has some distinct features. The security
issues of the existing networks and those are suited in the
distinct constraints of the wireless networks. There four
security goals there are confidentiality, integrity,
authentication and availability [10,7].
In the concept of confidentiality the sensor node
should not retrieve the data to other nodes. Consider an
example that a malicious program is injected to malicious
nodes into the network channel in a military application.
The confidentiality will not let in from the access to data of
other nodes.
Integrity in the network is required to provide the
flexibility of the data that links to the capability to confirm
that a message is not tampered and also it is not manipulate
the changes on the network. The integrity of the network
will be in question if a malicious node present in the
ISSN: 2231-5381
network injects bogus data or turbulent conditions due to
wireless channel cause damage or loss of data.
Authentication indicates the reliability of the
message. Attacks in sensor networks do not just involve the
alteration of packets; adversaries can also inject additional
bogus packets. So the receiving node needs to be able to
confirm that a packet it has received is actually comes from
the node who have claim to send it. In other words, data
authentication verifies the identity of senders. Data
authentication is achieved through symmetric or
asymmetric mechanisms where sending and receiving
nodes share secret keys to compute the message
authentication code (MAC)[3,8].
Availability means the service should be available
all the time. It means whether a node has the ability to use
the resources and whether the network is available for the
messages to communicate. Complex security measures
require a higher consumption of energy and computation
power. It keeps availability of the network challenging.
However, failure of the base station or cluster leader’s
availability will eventually threaten the entire sensor
network. Therefore availability is most important factor for
maintaining an operational network
Intrusion detection systems (IDS) according to
collect data in different ways can be classified based on
host and network- based intrusion detection. IDS of
traditional wired network cannot be directly used to
wireless sensor networks, because of its characteristics of
"wireless”, autonomy, and multiple nodes distributed in
unattended environment, not the central node, but consider
the issue of energy consumption, the system should be as
much as possible to avoid excessive complexity in the
design and communication.
MANET is a self-configuration wireless ad hoc
network of mobile nodes. A MANET organization depends
upon the location of the nodes, their connectivity, their
service discover capability and their ability to search and
route messages using the nearest node or nearby nodes.
The MANET's are self-organizing, each MANET node
requires much smaller frequency spectrum than node in
fixed network.
Routing protocol specifies the method used and
phases deployed for maintaining and updating the routing
table at the nodes in the network. The Routing Algorithm is
used for service discovery and for caching maintaining and
updating the routing table.
Security is an important issue for MANETs,
especially for security-sensitive applications. To secure a
MANET, we consider the following attributes.
Availability: It ensures the survivability of the network
services depicts denial of service.
http://www.ijettjournal.org
Page 57
International Journal of Engineering Trends and Technology (IJETT) – Volume 17 Number 2 – Nov 2014
Confidentiality: It ensures the certain information is never
disclosed to unauthorized entities.
6) if S (send by GN)= S (stored in MN)
Then “Node is genuine”
Authentication: It enables a node to ensure the identity of
the peer node with which it is communicating.
else
Non-Repudiation: It ensures the origin of the message
cannot deny having sent the message, non-repudiation is
useful for detection and isolation of compromised nodes.
Malicious Node
Friend based Ad hoc routing using Challenges to
Establish Security (FACES) is an algorithm to provide
secure routing in ad hoc mobile networks. The algorithm
works by sending challenges and sharing friend Lists to
provide a list of trusted nodes to the source node through
which data transmission finally takes place. The nodes in
the friend list are rated on the basis of the amount of data
transmission they accomplish and their friendship with
other nodes in the network. The account of friendship of a
node with other nodes in the network is obtained through
the Share Your Friends process which is a periodic event in
the network.
Data rating:
Drawbacks: Time complexity increases in the process of
detecting malicious nodes. More number of computations
are needed for identify the trusted nodes by challenging
process. So much memory space is required for each node
to maintain the number of lists. So much power
consumption.
III. PROPOSED WORK
We are proposing an efficient malicious node
detection and prevention mechanism with signature and
data rating techniques. Master node (MN) is a centralized
server it generates a random session key and distributed to
all available nodes or general nodes (GN) in the networks,
nodes in turn applies signature over the key which is
received from master node and forward back to master
node. Master node itself generates signature on key and
compares the signatures of all individual nodes, if signature
generated at master node and general node are equal then
that node is genuine otherwise it is malicious.
ALGORITHM: Node recognition
Step1 :A random session Sk is shared by MN to each node
individually.
Step2 : MN computes signature(Sk).
Step43: Individual GN computes hash or signature over
received Sk
S=[h(Sk)]
h=hash function known by both MN and general node
end if
After node recognition, genuine nodes can communicate
with each other, any node can transmit data packets to
destination node through the intermediate nodes by
computing the data rating of the nodes. Here data rating
can be computed based on packets which are incoming to a
node and packets which are going out from the node .Let
use consider a source node “A” wants to transmits some
data packets to destination node “E” and B,C,D are
intermediate nodes, path can be based on highest data
rating by computing average of in out packet transmission.
The following table shows sample data rating table as
follows.
In (data packets in Bytes)
30
40
25
23
45
46
Out (data packets in Bytes)
20
40
22
23
40
44
Data rating can be computed with average of in and out
with respect to all intermediate nodes and data transmitted
through highest rating path of genuine nodes. For secure
transmission of data packets from source to destination
data packets can be encrypted with Triple DES
cryptographic algorithm and these data packets can
decrypted only at destination node even though
transmitting through intermediate node. The following
algorithm shows triple DES algorithm as follows
Secure Transmission:
Triple DES is the common name for the
Triple Data Encryption Algorithm (TDEA) block cipher. It
is
so
named
because
it
applies
the Data
Encryption Standard (DES) cipher algorithm three times to
each data block. Triple DES provides a relatively simple
method of increasing the key size of DES to protect against
brute force attacks, without requiring a completely new
block cipher algorithm.
5) GN requests MN for sign verification with S or [h(Sk)]
ISSN: 2231-5381
http://www.ijettjournal.org
Page 58
International Journal of Engineering Trends and Technology (IJETT) – Volume 17 Number 2 – Nov 2014
The standards define three keying options:
 Keying option 1: All three keys are independent.
 Keying option 2: K1 and K2 are independent, and K3
= K1.
 Keying option 3: All three keys are identical, i.e. K1 =
K2 = K3.
Keying option 1 is the strongest, with 3 x 56 = 168
independent key bits.
Keying option 2 provides less security, with 2 x 56 = 112
key bits. This option is stronger than simply DES
encrypting twice, e.g. with K1 and K2, because
it protects against meet-in-the-middle attacks.
Keying option 3 is no better than DES, with only
56 key bits. This option provides backward compatibility
with DES, because the first and second DES operations
simply cancel out. It is no longer recommended by the
National Institute of Standards and Technology (NIST) and
not supported by ISO/IEC 18033-3.
In general Triple DES with three independent
keys (keying option 1) has a key length of 168 bits (three
56-bit DES keys), but due to the meet-in-the-middle attack
the effective security it provides is only 112 bits. Keying
option 2, reduces the key size to 112 bits. However, this
option is susceptible to certain chosen-plaintext or knownplaintext attacks and thus it is designated by NIST to have
only 80 bits of security.
For experimental analysis ,we implemented our
current research work with Java, in the following example,
node 0 and node1 are malicious nodes and other nodes are
genuine nodes, data cannot be passed through malicious
nodes
REFERENCES
[1]
Berkeley
MICA
mote.ttp://webs.cs.berkeley.edu/tos/hardware/hardware.html,2003.
[2] MICA2 radio stack for TinyOS.http://webs.cs.berkeley.edu/tos/tinyos1.x/doc/mica2radio/CC1000.html, 2003.
[3] Chipcon. SmartRF CC1000 single chip very low power
RFtransceiver.http://www.chipcon.com/files/CC1000 Data Sheet 2
1.pdf,2003.
[4] J. Hill and D. Culler. A wireless embedded sensor architecturefor
system-level optimization. Technical report, Universityof California,
Berkeley, 2001.
[5] S. Hollar. COTS Dust.Master’s thesis, University of
California,Berkeley, December 2000.
[6] Y.-C. Hu, A. Perrig, and D. B. Johnson. Packet leashes:A defense
against wormhole attacks in wireless ad hoc networks.Proceedings of the
22nd Annual Joint Conference ofthe IEEE Computer and
Communications Societies (INFOCOM2003), April 2003.
[7] J. M. Kahn, R. H. Katz, and K. S. J. Pister. Next centurychallenges:
Mobile networking for “smart dust”. In InternationalConference on
Mobile Computing and Networking(MOBICOM), pages 271–278, 1999.
[8] J. M. Kahn, R. H. Katz, and K. S. J. Pister. Emerging
challenges:Mobile
networking
for
“smart
dust”.
Journal
ofCommunications and Networks, 2(3):188–196, September2000.
[9] C. Karlof and D. Wagner. Secure routing in wireless sensornetworks:
Attacks and countermeasures. First IEEE InternationalWorkshop on
Sensor Network Protocols and Applications,May 2003.
[10] T. S. Rappaport. Wireless communications: principles andpractice.
Prentice Hall, 2nd edition, 2002.
BIOGRAPHIES
Santoshi Kancherla pursuing M.Tech in
department of CSE in Vignan's Institute of
Engineering for women, Vadlamudi,
Duvvada, Vskp, AP, India.Her interesting
areas are data mining, network security.
Path
Kollati Vijaya kumar completed mtech and
pursuing Ph.D He is working as Asst. prof
in department of CSECSE in Vignan's
Institute of Engineering for women,
Vadlamudi, Duvvada, Vskp, AP, India. He
is Researchers Scholar in Karpagam
University, Coimbatore. His interesting areas are
datamining, network security, cloud computing.
IV. CONCLUSION
We are concluding our current research work with
efficient signature and data rating technique for
authenticated and secure transmission of data packets in
wireless sensor networks, to maintain the data
confidentiality data packets can be encrypted with Triple
DES cryptographic algorithm. Our experimental results
show efficient results than the traditional approach.
ISSN: 2231-5381
http://www.ijettjournal.org
Page 59