DYNAMIC REDUNDANCY MANAGEMENT OF MULTIPATH
advertisement
DYNAMIC REDUNDANCY MANAGEMENT OF MULTIPATH ROUTING FOR INTRUSION TOLERANCE IN HETEROGENEOUS WIRELESS SENSOR NETWORKS R. Naveen Kumar, N. Selva Kumar, G. Sivasailam and R.Vinolee Department of Electronics and Communication Engineering, SRM University , Kattankulathur-603 203, India. In this paper we have propose redundancy management of heterogeneous wireless sensor networks (HWSNs), utilizing multipath routing to answer user queries in the presence of unreliable and malicious nodes. The key concept of our redundancy management is to exploit the tradeoff between energy consumption vs. the gain in reliability, timeliness, and security to maximize the system useful lifetime. formulate the tradeoff as an optimization problem for dynamically determining the best redundancy level to apply to multipath routing for intrusion tolerance so that the query response success probability is maximized while prolonging the useful lifetime. Furthermore, consider this optimization problem for the case in which a voting-based distributed intrusion detection algorithm is applied to detect and evict malicious nodes in a HWSN. The develop a novel probability model to analyze the best redundancy level in terms of path redundancy and source redundancy, as well as the best intrusion detection settings in terms of the number of voters and the intrusion invocation interval under which the lifetime of a HWSN is maximized. Then apply the analysis results obtained to the design of a dynamic redundancy management algorithm to identify and apply the best design parameter settings at runtime in response to environment changes, to maximize the HWSN lifetime. prolong the system useful lifetime. The tradeoff Index Terms—Heterogeneous wireless sensor networks, multipath routing, intrusion detection, reliability, security, energy conservation. consumption vs. QoS gain becomes much more ABSTRACT-- between energy consumption vs. reliability gain with the goal to maximize the WSN system lifetime has been well explored in the literature. However, no prior work exists to consider the tradeoff in the presence of malicious attackers. It is commonly believed in the research community that clustering is an effective solution for achieving scalability, energy conservation, homogeneous and nodes reliability. which rotate Using among themselves in the roles of cluster heads (CHs) and sensor nodes (SNs) leveraging CH election protocols such as HEED for lifetime maximization has been considered. Recent studies demonstrated that using heterogeneous nodes can further enhance performance and prolong the system lifetime. In the latter case, nodes with superior resources serve as CHs performing computationally intensive tasks while inexpensive less capable SNs are utilized mainly for sensing the environment. The tradeoff issue between energy complicated when inside attackers are present as a path may be broken when a malicious node is on 1. INTRODUCTION the path. This is especially the case in Many wireless sensor networks (WSNs) heterogeneous WSN (HWSN) environments in are deployed in an unattended environment in which CH nodes may take a more critical role in which energy replenishment is difficult if not gathering and routing sensing data. Thus, very impossible. Due to limited resources, a WSN must likely the system would employ an intrusion not only satisfy the application specific QoS detection system (IDS) with the goal to detect and requirements such as reliability, timeliness and remove malicious nodes. security, but also minimize energy consumption to While the literature is abundant in by which the optimal multipath redundancy levels intrusion detection techniques for WSNs, the issue and intrusion detection settings may be identified of how often intrusion detection should be invoked for satisfying application QoS requirements while for energy reasons in order to remove potentially maximizing the lifetime of HWSNs. malicious nodes so that the system lifetime is maximized (say to prevent a Byzantine failure) is 2. Existing System largely unexplored. The issue is especially critical Multipath routing is considered an effective for energy constrained WSNs designed to stay alive mechanism for fault and intrusion tolerance to for a long mission time. improve data delivery in WSNs. The basic idea is that the probability of at least one path reaching the Multipath routing is considered an sink node or base station increases as we have more effective mechanism for fault and intrusion paths doing data delivery. While most prior tolerance to improve data delivery in WSNs. The research focused on using multipath routing to basic idea is that the probability of at least one path improve reliability, some attention has been paid to reaching the sink node or base station increases as using multipath routing to tolerate insider attacks. we have more paths doing data delivery. While Prior research, however, largely ignored the most prior research focused on using multipath tradeoff between QoS gain vs. energy consumption routing to improve reliability, some attention has which can adversely shorten the system lifetime. been paid to using multipath routing to tolerate insider attacks. These studies, however, largely ignored the tradeoff between QoS gain vs. energy consumption which can adversely shorten the 2.1. Disadvantage: i. Ignore the tradeoff between QoS gain and energy consumption. system lifetime. The research problem we are addressing in this paper is effective redundancy management of a clustered HWSN to prolong its ii. Decrease the network lifetime. 3. Proposed System lifetime operation in the presence of unreliable and malicious nodes. We address the tradeoff between This project proposes to do effective energy consumption vs. QoS gain in reliability, redundancy management of a clustered HWSN to timeliness and security with the goal to maximize prolong its lifetime operation in the presence of the lifetime of a clustered HWSN while satisfying unreliable and malicious nodes. We address the application QoS requirements in the context of tradeoff between energy consumption vs. QoS gain multipath routing. More specifically, we analyze in reliability, timeliness and security with the goal the optimal amount of redundancy through which to maximize the lifetime of a clustered HWSN data are routed to a remote sink in the presence of while satisfying application QoS requirements in unreliable and malicious nodes, so that the query the context of multipath routing. More specifically, success probability is maximized while maximizing we analyze the optimal amount of redundancy the HWSN lifetime. We consider this optimization through which data are routed to a remote sink in problem for the case in which a voting-based the presence of unreliable and malicious nodes, so distributed intrusion detection algorithm is applied that the query success probability is maximized to remove malicious nodes from the HWSN. Our while maximizing the HWSN lifetime. We contribution is a model based analysis methodology consider this optimization problem for the case in which a voting-based distributed intrusion detection algorithm is applied to remove malicious energy consumption which can adversely shorten the system lifetime. nodes from the HWSN. 3.1 Block diagram: 3.3.2. Intrusion Tolerance: In this Module, intrusion tolerance through multipath routing, there are two major problems to solve: (1) How many paths to use and (2) What paths to use. To the best of our knowledge, we are the first to address the “how many paths to use” problem. For the “what paths to use” problem, our approach is distinct from existing work in that we do not consider specific routing protocols. 3.3.2. Energy Efficient IDS: In this module, there are two approaches by which energy efficient IDS can be implemented Fig.1. Block diagram 3.2. Advantages: ο· Increase the lifetime of the network ο· Ensure reliability in the communication ο· Tolerate the presence of malicious node in the HWSN in WSNs. One approach especially applicable to flat WSNs is for an intermediate node to feedback maliciousness and energy status of its neighbour nodes to the sender node (e.g., the source or sink node) who can then utilize the knowledge to route packets to avoid nodes with unacceptable maliciousness or energy status. Another approach which we adopt in this paper is to use local host- 3.3. Modules Description: 3.3.1. Multi – Path Routing: In this module, Multipath routing is based IDS for energy conservation. 3.3.3. System model: considered an effective mechanism for fault and A HWSN comprises sensors of different intrusion tolerance to improve data delivery in capabilities. We consider two types of sensors: CHs WSNs. The basic idea is that the probability of at and SNs. CHs are superior to SNs in energy and least one path reaching the sink node or base computational resources. While our approach can station increases as we have more paths doing data be applied to any shape of the operational area, for delivery. While most prior research focused on analytical using multipath routing to improve reliability, some deployment area of the HWSN is of size A2. CHs attention has been paid to using multipath routing and SNs are distributed in the operational area. To to tolerate insider attacks. These studies, however, ensure coverage, we assume that CHs and SNs are largely ignored the tradeoff between QoS gain vs. deployed randomly and distributed according to tractability, we assume that the homogeneous spatial Poisson processes with CH which takes a query to process is called a query intensities λch and λsn, respectively, with λch<λsn. processing centre (PC). Many mission critical The radio ranges used by CH and SN transmission applications, e.g., emergency rescue and military is denoted by rchand rsn, respectively. The radio battlefield, have a deadline requirement. We range and the transmission power of both CHs and assume that each query has a strict timeliness SNs are dynamically adjusted throughout the requirement (Treq). The query must be delivered system lifetime to maintain the connectivity within Treq seconds; otherwise, the query fails. between Any Redundancy management of multipath routing for communication between two nodes with a distance intrusion tolerance is achieved through two forms greater than single hop radio range between them of redundancy: (a) source redundancy by which ms would require multi-hop routing. Due to limited SNs sensing a physical phenomenon in the same energy, a packet is sent hop by hop without using feature zone are used to forward sensing data to acknowledgment or retransmission. All sensors are their CH (referred to as the source CH); (b) path subject to capture attacks, i.e., they are vulnerable redundancy by which mp paths are used to relay to physical capture by the adversary after which packets from the source CH to the PC through their code is compromised and they become inside intermediate CHs. Fig. 1 shows a scenario with a attackers. Since all sensors are randomly located in source redundancy of 3 (ms= 3) and a path the operational area, the same capture rate applies redundancy of 2 (mp= 2). It has been reported that to both CHs and SNs, and, as a result, the the number of edge-disjoint paths between nodes is compromised nodes are also randomly distributed equal to the average node degree with a very high in the operation area. Due to limited resources, we probability. assume that when a node is compromised, it only sufficiently high such that the average number of performs two most energy conserving attacks, one-hop neighbours is sufficiently larger than mp namely, bad-mouthing attacks (recommending a and ms, we can effectively result in mp redundant good node as a bad node and a bad node as a good paths for path redundancy and ms distinct paths node) when serving as a recommender, and packet from ms sensors for source redundancy. CHs and between SNs. Therefore, when the density is dropping attacks when performing packet routing to disrupt the operation of the network.. Environment conditions which could cause a node to fail with a certain probability include hardware failure (q), and transmission failure due to noise and interference (e). Moreover, the hostility to the HWSN is characterized by a per node capture rate of λc which can be determined based on historical data and knowledge about the target application environment. These probabilities are assumed to be constant and known at deployment time. Queries can be issued by a mobile user (while moving) and can be issued anywhere in the HWSN through a nearby CH. A Fig.2 Source and path redundancy required to install NS2, run simple examples, 4. SOFTWARE USED: modify the existing NS2 modules, and create as 4.1. Ns2: well as incorporate new modules into NS2. To this NS2 is an open-source event-driven simulator designed specifically for research in computer communication networks. Since its inception in 1989, NS2 has continuously gained end, the details of several built-in NS2 modules are explained in a comprehensive manner. 4.1.2. Cygwin: tremendous interest from industry, academia, and government. Cygwin a Unix-like environment and command-line Having been under constant investigation and enhancement for years, NS2 now contains modules for numerous network components such as routing, transport layer protocol, application, etc. To investigate network performance, researchers can simply use an easy-to-use scripting language to configure a network, and observe results generated by NS2. Undoubtedly, NS2 has become the most one of the most widely used network simulators. most research needs simulation modules which are beyond the scope of the built-in NS2 modules. Incorporating these modules into NS2 requires profound understanding Windows-based applications, data, and other system resources with applications, software tools, and data of the Unix-like environment. Thus it is possible to launch Windows applications from the Cygwin environment, as well as to use Cygwin tools and information mainly explains how to configure a network and collect results, but does not include sufficient information for building additional modules in NS2. Despite its details about NS2 modules, the formal documentation of NS2 is applications within the Windows operating context. Cygwin consists of two parts: a dynamiclink library (DLL) as an API compatibility layer providing a substantial part of the POSIXAPI functionality, and an extensive collection of software tools and applications that provide a Unixlike look and feel. of NS2 architecture. Currently, most NS2 beginners rely on online tutorials. Most of the available interface for Microsoft Windows. Cygwin provides native integration of widely used open source network simulator, and Unfortunately, is Cygwin was originally developed by Cygnus Solutions, which was later acquired by Red Hat. It is free and open source software, released under the GNU General Public License version 3. Today it is maintained by employees of Red Hat, Net App and many other volunteers. mainly written as a reference book, and does not provide much information for beginners. The lack of guidelines for extending NS2 is perhaps the greatest obstacle, which discourages numerous researchers from using NS2. At this moment, there is no guide book which can help the beginners understand the architecture of NS2 in depth. The objective of this textbook is to act as a primer for NS2 beginners. The book provides information 4.1.3. Description: Cygwin consists of a library that implements the POSIX system call API in terms of Win32 system calls, a GNU development tool chain (including GCC and GDB) to allow software development, and a large number of application programs equivalent to those on Unix systems. Programmers have ported many Unix, GNU, BSD and Linux programs and packages to OUTPUT AND GRAPHS Cygwin, including the X Window System, K Desktop Environment and TeX. 3, GNOME, Apache, Cygwin permits installing inetd,syslogd, sshd, Apache, and other daemons as standard Windows services, allowing Microsoft Windows systems to emulate Unix and Linux servers. Cygwin programs are installed by running Cygwin's "setup" program, which downloads the necessary program and feature package files from repositories on the Internet. Setup can install, update, and remove programs and their source code packages. A complete installation will take in excess of 17 GB of hard disk space, but usable configurations may require as little as 1 or 2 GB. Fig .4: No.of Packetdelivery Ratio vs number of nodes The Packet delivery ratio is the ratio of the data packets delivered to the destination successfully. The Packet delivery ratio is one of the important parameter to evaluate the quality of the network. The formula used to find the Packet delivery ratio is as follows: ππ·π = ππ. ππ ππππππ‘π πππππ£πππ ππΌππ The fig .4: graph shows that, the proposed scheme provides high performance when increasing the no. of nodes too. Above figure gives the comparison analysis output of the proposed scheme with the existing approach. Fig.3 Cygwin Execution Window. Fig .5: Packetdloss Ratio vs time The fig.5: shows that the Packet loss ratio is used to evaluate the quality of the network provided by the routing scheme. The packet loss ratio of the proposed scheme is compared with the existing approach. The packet loss ratio of the proposed scheme is lower than the existing scheme as shown in above graph. Lower the Packet loss ratio indicates that the high performance of the network. Fig .7:Throughput vs simulation period The fig.7: shows that the Throughput is the amount of packets delivered to the destination per unit of time. The Throughput is calculated by using the formula πβπππ’πβππ’π‘ ππ. ππ ππππππ‘π πππππ£ππππ = ⁄ππππ ππππππ Fig .6: Residual energy vs simulation period The system provides high throughput while the node is moving when compared with the proposed scheme than the existing approach. The comparative analysis of the proposed scheme with the existing approach is given by the graph. The fig.6: shows that the energy consumption of a node decides the life time of the node. The residual energy is calculated by using the following formula CONCLUSION : π ππ πππ’ππ πΈπππππ¦ = πΈπ − (π ∗ ππ ) We have performed the tradeoff analysis Where, of energy consumption vs. QoS gain in reliability, πΈπ ο Total Energy timeliness, n ο Number of Transmission management of clustered heterogeneous wireless ππ ο Transmission Power The above graph shows that the proposed scheme consumes less energy than the existing scheme. It indicates that the proposed scheme provides the higher battery lifetime. and security for redundancy sensor networks utilizing multipath routing to answer user queries. Also, developed a novel probability model to analyze the best redundancy level in terms of path redundancy and source redundancy, as well as the best intrusion detection settings in terms of voters and the intrusion invocation interval under which the lifetime of a heterogeneous maximized wireless while sensor satisfying network the is reliability, timeliness and security requirements of query processing applications in the presence of unreliable wireless communication and malicious Proc. 2005IEEE Conference. Computer Communication., vol. 2, nodes. Finally,applied our analysis results to the pp. 878–890. design of a dynamic redundancy management [5] H. M. Ammari and S. K. Das, “Promoting heterogeneity, mobility and energy-aware diagram in wireless sensor algorithm to identify and apply the best design networks,” IEEE Trans. Parallel Distribution System, vol. 19, parameter settings at runtime in response to no. 7, pp. 995–1008, 2008. environment changes to prolong the system lifetime. [6] X. Du and F. Lin, “Improving routing in sensor networks with heterogeneous sensor nodes,” in Proc. 2005 IEEE Technology Conference, pp.2528–2532. [7] S. Bo, L. Osborne, X. Yang, and S. Guizani, “Intrusion REFERENCES: [1] O. Younis and S. Fahmy, “HEED: a hybrid, detection techniques in mobile ad hoc and wireless sensor energy- networks,” IEEE Wireless Communication. Mag., vol. 14, no. 5, efficient, distributed clustering approach for ad hoc sensor pp. 560–563, 2007. networks,” IEEE Trans. Mobile Computing., vol. 3, no. 4, pp. [8] I. Krontiris, T. Dimitriou, and F. C. Freiling, 366–379, 2004. intrusion detection in wireless sensor networks,” in Proc. 2007 [2] E. Felemban, L. Chang-Gun, and E. Ekici, “MMSPEED: European Wireless Conference. multi path multi-SPEED protocol for QoS guarantee of [9] J. H. Cho, I. R. Chen, and P. G. Feng, “Effect of intrusion reliability and timeliness in wireless sensor networks,” IEEE detection on reliability of mission-oriented mobile group Trans. Mobile Computing., vol. 5, no.6, pp. 738–754, 2006. systems in mobile ad-hoc networks,” IEEE, vol. 59, no. 1, pp. [3] I. R. Chen, A. P. Speer, and M. Eltoweissy, “Adaptive fault- 231–241, 2010. tolerant QoS control algorithms for maximizing system lifetime [10] A. P. R. da Silva, M. H. T. Martins, B. P. S. Rocha, A. A. of query-based wireless sensor networks,” IEEE Trans. F. Loureiro, L.B. Ruiz, and H. C. Wong, “Decentralized Dependable Secure Computing, vol. 8, no. 2, pp. 161–176, intrusion detection in wireless sensor networks,” in Proc. 2005 2011. ACM Workshop Quality Service Security Wireless Mobile [4]M. Yarvis, N. Kushalnagar, H. Singh, A. Rangarajan, Y. Liu, Network. and S.Singh, “Exploiting heterogeneity in sensor networks,” in “Towards
