a novel approach for detecting compromised nodes in wireless

advertisement
International Journal of Wireless Communications and Networking 3(1), 2011, pp. 15-19
A NOVEL APPROACH FOR DETECTING COMPROMISED
NODES IN WIRELESS SENSOR NETWORKS
P. Vijayalakshmi1, D. Somasundareswari2 and V. Duraisamy1
1
Hindusthan College of Engineering and Technology Coimbatore, India, E-mail: vijihicet@gmail.com
2
Adithya Institute of Technology, Coimbatore, India, E-mail: dsomasundareswari@yahoo.com
Abstract: Increased interest in the field of wireless sensor networks has proved that wireless sensor networks
can have a broad variety of applications. Current applications of wireless sensor networks are in the fields
of medical care, battlefield monitoring, environment monitoring, surveillance and disaster prevention. Many
of these applications require that the sensor network be deployed in an area that is hostile, inaccessible and
mission critical. However, since sensor nodes are inexpensive devices, which could be easily compromised
and controlled by an adversary, the compromised nodes could report false sensed results and degrade the
reliability of the whole network. Therefore, how to identify these compromised nodes in a wireless sensor
network is a very important security issue. In this paper we propose a novel approach using genetic algorithm
to logically identify the anomalous behavior of compromised nodes in an efficient and effective way.
Keywords: Wireless sensor network, security, identify compromised nodes, Genetic algorithm
I.
INTRODUCTION
Wireless sensor networking has been subject to
extensive research efforts in recent years, and has
been well recognized as a ubiquitous and general
approach for some emerging applications ranging
from the civilian domain, such as environmental
monitoring, to the military domain, such as
battlefield surveillance]. A wireless sensor network
(WSN) is usually composed of a large number of
sensor nodes which use wireless links to perform
distributed sensing tasks. Here, each sensor node
is cheap with low battery power and computation
capacity, but is equipped with sensing, data
processing, and communicating components. Since
a WSN is usually deployed in a harsh environment
and each low-cost sensor node could be easily
compromised, the security becomes a major
concern. For example, when some sensor nodes are
compromised and controlled by an adversary, they
could behave abnormally and randomly report true
/ false sensing results to the sink, by which the
reliability of the whole network is seriously
degraded. Therefore, it will be a critical issue to
develop an effective strategy for the sink to detect
and identify these compromised nodes. Assume
that a WSN consists of n sensor nodes, where the
compromised nodes are less than the normal nodes,
and each normal node can know other nodes’ trust
status by adopting the similar techniques in [23],
[24]. Then, a straightforward way for the sink to
identify the compromised nodes is that the sink
inquiries each senor node with n – 1 queries on other
nodes. In such a way, after total n(n – 1) queries,
the sink can logically identify all compromised
nodes based on these returned results. Although this
approach is effective, but it is not efficient because
the n(n – 1) queries could consume a significant
amount of the sensor nodes’ energy.
In this paper, in order to reduce the query
number, we propose a novel approach to Identify
Compromised Nodes using genetic algorithm in
wireless sensor networks.
II. PRELIMINARIES
In this section, we describe our sensor network
model, provide a brief overview on the trust
assumptions, and define our design goal.
A. Network Model
We consider a simple abstraction of a WSN
consisting of a fixed sink S and a number of sensor
nodes N = {N1, N2, · · · , Nn}, where n ≥ 3, deployed
at a remote area (around one or more hop
neighborhood of the sink), as shown in Figure 1.
Note that such an abstraction can be taken as a
16
International Journal of Wireless Communications and Networking
building block of a large-scale WSN. The sink S is a
data collection unit, which could be a powerful
workstation with plentiful resources. However, the
sensor nodes N = {N1, N2, · · · ,Nn} are inexpensive,
low power devices which have limited resources,
memory space, computation capability, and
communication bandwidth. Once such a WSN is
deployed and the corresponding data paths are
established, the sink S can inquire each sensor node
Ni ∈ N with a certain query, and then the sensor
node Ni reports its sensing results back to the sink
S over the pre-defined path. Additionally, in order
to provide confidentiality to the sensing results, a
pre-shared key between each Ni ∈ N and S is
assumed and used to encrypt/decrypt the sensing
results. We assume that the compromised nodes
will be excluded from the network if the nodes resist
to forward data for the other nodes. While
identifying the compromised nodes under a Denial
of Service (Dos) attack is not our focus, we
concentrate on the case where the compromised
nodes still forward data but could falsely report the
sensing results.
With the passing of time, nc sensor nodes are
compromised by an adversary, and form
compromised-set Nc = {N*1, N*1 , · · · ,N*nc}; and the
rest nd sensor nodes keep normal and form normal
set Nd = {N† 1, N† 2 , · · · , N†nd}. Then, we will have
N = Nc ∪ Nd. As in the most application scenarios,
it is reasonable for us to assume the normal-set Nd
is larger than the compromised-set Nc. Then, we will
have the following relations:
Nc < Nd
Nc + Nd = N
In the WSN abstraction, the sink S can clearly
know the network topology and properly
reconfigure the data path connecting each sensor
node, and each normal sensor node Ni ∈ Nd can
exchange their local information and get to know
all nodes’ trust status within its communication
range.
C. Design Goal
As the compromised nodes report the true / false
sensing results randomly, the reliability of the
whole network will be seriously impaired.
Therefore, undoubtedly, it is of ultimate importance
for the sink S to exactly know each sensor node’s
trust status. Based on the above assumptions, we
design a novel algorithm to help the sink S to
identify the compromised nodes. Compared with
the straightforward approach where n(n–1) queries
are required, the proposed approaches are much
more efficient.
III. PROPOSED ALGORITHM
Figure 1: A Wireless Sensor Network
B. Assumptions
The sink S equipped with tamper-proof devices is
trustworthy and unassailable. All sensor nodes N
= {N1, N2, · · · ,Nn} will be able to report their sensing
results to the sink S through the pre-defined routes.
Each sensor node Ni ∈ N is inexpensive, and
easily compromised by an adversary. Once the
sensor node Ni is compromised and controlled by
an adversary, Ni will behave abnormally and may
randomly report true / false sensing results to
sink S.
The proposed algorithm aims to distinguish the
compromised nodes from the normal ones with the
lowest number of queries. Genetic Algorithm (GA)
has been used to solve many optimization
problems. In this a initial population is randomly
generated and is evaluated with a fitness function.
With higher probability of fitness is being chosen
to create the next generation. The size of the
population is same for all the iterations and the
process is iterated until a predefined threshold
value is met or a maximum number of iterations
are reached.
A. Overview
Genetic algorithm used to evolve simple rules for
network traffic. Initially the genes should be
represented as different data types like byte, integer,
17
Caching in Wireless Sensor Networks based on Grids
float etc., and the data range of the genes should be
generated, in each iteration randomly. Then the
genetic algorithm uses set of rules for the network
of the form
If {condition} then {act}
B. Genetic Algorithm Parameters
simulation process, there were several parameters
altered for different runs to determine what kind
of effect they had on various performance measures
that were taken for consideration.
Figure 3 shows that the number of messages
that are transmitted using GA are more compared
to conventional methods.
The general structure of the genetic algorithm for
the proposed search of compromised node is given
in Figure 2.
Figure 3: Analysis of Number of Messages
Figure 2: Structure of Genetic Algorithm
The fitness function will compute the best
solutions from the information mentioned from the
initial population. The selection operators like
mutation and crossover form the most effective parts
in the algorithm when they involve in operation of
the each iteration. On completion of a single iteration
the best individual is selected. Selection operation
has two procedures. Firstly, computing fitness value;
secondly, queuing it from the smallest to the biggest.
Then the min fitness value is the best individual,
selecting the best individual as father-individual, the
selection probability of each individual is
proportional to its fitness value, the selected
probability is higher when the individual fitness
value is bigger. The two chromosomes chosen for
crossover should have at least one common gene
(node), but there is no requirement that they be
located at the same locus. The population undergoes
mutation by an actual change or flipping of one of
the genes of the candidate chromosomes, which
keeping away from local optima
The smaller networks take less time than the
larger networks for two main reasons. The obvious
reason is that there are more compromised nodes in
the larger networks, so more times is needed to find
all of them. The second reason is that there is more
traffic generated in the larger networks, so it
takes longer for the base station to process all the
requests.
Figure 4 shows the average number of packets
sent by a compromised node once it has been
IV. PERFORMANCE ANALYSIS
The NS-2 simulator was chosen to simulate the
designed algorithm for detecting compromised
nodes in a wireless sensor network. To begin the
Figure 4: Analysis of Packet Delivery Ratio
18
International Journal of Wireless Communications and Networking
injected into the network. Here that the number of
compromised nodes is dependent on the network
size. For example, the network with 40 nodes will
include 4 compromised nodes. The algorithm works
efficiently since only a few packets at most are sent
compared to the hundreds of valid packets.
Figure 5 shows that the delay is reduced to a
considerable level on using GA
VI. CONCLUSIONS
We have presented an algorithm to detect the
compromised nodes in wireless sensor networks.
The base station is alerted to claims of abnormal
behavior and verifies them by checking the
difference in packet transmission times of the
suspected node. Simulations are conducted to
demonstrate the performance metrics. We believe
that a base station that has more computation and
power resources would further decrease the
detection time. The concept implementation has
proved that the rules generated by GA have the
potential capability to detect the compromised
nodes effectively in wireless sensor network
environment.
The purpose of the work reported in the paper
is to analysis the performance metric using genetic
algorithm. The future work is to extend the scope
of the rules involved
REFERENCES
[1]
I. Akyildiz, W. Su, Y. Sankarasubramaniam, and E.
Cayirci, “A survery on sensor networks”, IEEE
Communications Magazine, Vol. 40, No. 8, pp. 102116, 2002.
[2]
I. Akyildiz and I. Kasimoglu, “Wireless sensor and
actor networks: research challenges”, Ad Hoc
Networks, Vol. 2, No. 4, pp. 351-367, 2004.
[3]
I. Akyildiz and E. Stuntebeck, “Wireless
underground sensor networks :research
challenges”, Ad Hoc Networks, Vol. 4, No. 6, pp. 669686, 2006.
[4]
A. Perrig, R. Szewczyk, J. D. Tygar, V. Wen, and D.
Culler “SPINS:security protocols for sensor
networks”, Wireless Networks, Vol. 8, No. 5, pp. 521534, 2002.
[5]
W. Du, J. Deng, Y. Han, and P. Varshney, “A key
predistribution scheme for sensor networks using
deployment knowledge”, IEEE Transactions on
Dependable and Secure Computing, Vol. 3, No. 1, pp.
62-77, 2006.
[6]
A. Perrig, J. Stankovic, and D. Wagner, “Security
in wireless sensor networks”, Communications of the
ACM, Vol. 47, No. 6, pp. 53-57, 2004.
[7]
H. Chan, A. Perrig, and D. Song, “ Random key
predistribution schemes for sensor networks”, in
Proc. Symposium on Security and Privacy 2003, May
2003, pp. 197-213.
[8]
S. Zhu, S. Setia, and S. Jajodia, “LEAP: efficient
security mechanisms for large-scale distributed
sensor networks”, in Proc. ACM CCS 2003, October
2003, pp. 62-72.
Figure 5: Analysis of Delay during Transmission
Figure 6 shows that the message over-head is
reduced on using GA compared to conventional
techniques.
The results have shown a good improvement
in number of messages transmitted, delay, packet
delivery ratio and message overhead.
Figure 6: Analysis of Message Over-head
Caching in Wireless Sensor Networks based on Grids
[9]
B. Przydatek, D. Song, and A. Perrig, “SIA: secure
information aggregation in sensor networks”, in
Proc. Conference on Embedded Networked Sensor
System 2003, November 2003, pp. 255-265.
[10] X. Lin, H. Zhu, B. Lin, P.-H. Ho, and X. Shen, “ A
novel voting mechanism for compromised node
revocation in wireless ad hoc networks”, in IEEE
Global Communications Conference (GLOBECOM’06),
San Francisco, Nov. 27-Dec. 1, 2006.
[11] X. Lin, P.-H. Ho, and X. Shen, “Towards
compromise-resilient localized authentication
architecture for wireless mesh networks”, in Proc.
Of QShine 2007, Vancouver, British Columbia,
August 14 - 17, 2007.
[12] H. Yang, F. Ye, Y. Yuan, S. Lu, and W. Arbaugh,
“Toward resilient security in wireless sensor
networks”, in Proc. ACM Mobihoc 2005, May 2005,
pp. 34-45.
[13] F. Ye, H. Luo, S. Lu, and L. Zhang, “Statistical enroute filtering of injected false data in sensor
networks”, in Proc. IEEE Infocom 2004, March 2004,
pp. 2446-2457.
[14] W. Du, R. Wang, and P. Ning, “An efficient scheme
for authenticating public keys in sensor networks”,
in Proc. ACM Mobihoc 2005, May 2005, pp. 58-67.
[15] W. Zhang, H. Song, S. Zhu, and G. Cao, “Least
privilege and privilege deprivation: towards
tolerating mobile sink compromises in wireless
sensor networks”, in Proc. ACM Mobihoc 2005, May
2005, pp. 378-389.
[16] W. Yu and K. Liu, “Secure cooperative mobile ad
hoc networks against injecting traffic attacks”, in
Proc. IEEE SECON 2005, September 2005, pp. 5564.
[17] W. Zhang, S. Das, and Y. Liu, “ A trust based
framework for secure data aggregation in wireless
sensor networks”, in Proc. IEEE SECON 2006,
September 2006.
[18] F. Delgosha and F. Fekri, “ Threshold keyestablishment in distributed sensor networks using
19
a multivariate scheme”, in Proc. IEEE Infocom 2006,
April 2006.
[19] M. Miller and N. Vaidya, “ Leveraging channel
diversity for key establishment in wireless sensor
networks “, in Proc. IEEE Infocom 2006, April 2006.
[20] X. Lin, R. Lu, H. Zhu, P.-H. Ho, X. Shen and Z. Cao,
“SRPAKE: An Anonymous Secure Routing Protocol
with Authenticated Key Exchange for Wireless Ad
Hoc Networks”, in Proc. IEEE ICC 2007, June 2007.
[21] K. Ren, W. Lou, and Y. Zhang, “LEDS: providing
location-aware end-toend data security in wireless
sensor networks “, in Proc. IEEE Infocom 2006, April
2006, pp. 1-12.
[22] K. Ren, W. Lou, and Y. Zhang, “Multi-user
broadcast authentication in wireless sensor
networks”, in Proc. IEEE SECON 2007, June 2007.
[23] A. P. da Silva, M. Martins, B. Roacha, A. Loureiro,
L. Ruiz, and H. Wong, “Decentralized intrusion
detection in wireless sensor networks”, in ACM
Q2SWinet’05, 2005.
[24] Y. Huang and W. Lee, “A cooperative intrusion
detection system for ad hoc networks”, in ACM
SASN’03, October 2003.
[25] Intrusion-Detection. http://en.wikipedia.org /wiki/
intrusion-detection.
[26] Biswanth Mukherjee, L. Todd Heberlein and Karl
N. Levitt, “Network Intrusion Detection”, IEEE
Networks, May/June 1994, pp. 26-41.
[27] T. Ozyer, R. Alhaji, and K. Barker, “Intrusion
detection by integrating boosting genetic fuzzy
classifier and data mining criteria for rule
prescreening”, Journal of Network and Computer
Applications, pp. 99-113, 2007.
[28] Sartid Vongpradhip and Wichet Plaimart, “Survival
Architecture for Distributed Intrusion Detection
System using Mobile Agent”, Sixth IEEE
International Symposium on Network Computing
and Applications (NCA 2007), IEEE Computer
Society, 2007.
Download