Ensuring Basic Security and Preventing Replay Attack in a Query Processing Application Domain in WSN

Transcription

1 Ensurng Basc Securty and Preventng Replay Attack n a Query Processng Applcaton Doman n WSN Amrta Ghosal 1, Subr Halder 1, Sanjb Sur 2, Avshek Dan 2, and Spra DasBt 2 1 Dept. of Comp. Sc. & Engg, Dr. B. C. Roy Engneerng College, Durgapur, Inda ghosal_amrta@yahoo.com, subr_ece@redffmal.com 2 Dept. of Comp. Sc. & Tech., Bengal Engneerng and Scence Unversty, Shbpur, Inda {sanjb.sur11,avshekdan}@gmal.com, sprad@hotmal.com Abstract. Nodes n a wreless sensor network are susceptble to varous attacks prmarly due to ther nature of deployment. Therefore, provdng securty to the network becomes a bg challenge. We propose a scheme consderng cluster archtecture based on LEACH protocol to buld a securty mechansm n a queryprocessng paradgm wthn wreless sensor network. The scheme s capable of thwartng replay attack whle ensurng essental propertes of securty such as authentcaton, data ntegrty and data freshness. Our scheme s lghtweght as t employs symmetrc key cryptography wth very short-length key. We smulate our scheme to show ts effcacy of provdng basc securty to the network as well as detectng replay attack n the sensor network. Further we compare our scheme wth one of the exstng schemes takng packet loss and packet rejecton rato as performance metrcs. Keywords: replay attack, denal of servce attack, authentcaton, data ntegrty, data freshness. 1 Introducton The advent of effcent short range rado communcaton and advances n mnaturzaton of computng devces have gven rse to strong nterest n wreless sensor networks (WSNs) [1]. A wreless sensor network (WSN) conssts of a large number of small, battery-powered [2], [3] wreless sensor nodes. The nodes are dstrbuted n adhoc fashon and process sensng tasks. A sensor network may be deployed n hostle envronments where there can be malcous attackers. On the other hand, the WSNs are used n crtcal applcaton doman e.g. defense, medcal nstrument montorng. Therefore, securng the actvtes of WSNs s of utmost mportance. These WSNs are prone to attacks [4], [5] due to ther nature of deployment n an unattended envronment and also due to the broadcast nature of the medum. One such attack s Denal of servce (DoS) attack [6] that possesses a great threat to wreless sensor network envronment. One form of DoS attack attempts to dsrupt the network servce, may be by blockng communcaton between nodes. The other form of DoS attack s the path-based DoS (PDoS) attack where the network s flooded wth bogus packets along a mult-hop data delvery path [7]. The packets are contnuously D. Tanar et al. (Eds.): ICCSA 2010, Part III, LNCS 6018, pp , Sprnger-Verlag Berln Hedelberg 2010

2 322 A. Ghosal et al. replayed back to the snk node. Ths attack s known as replay attack. However, the objectve of both types of such attacks s to elmnate or dmnsh the network performance and thereby hamper the workng of the whole system. In replay attack, because of the broadcast nature of sensor networks, an adversary eavesdrops on the traffc, njects new messages and replays/changes old messages. Many works are so far reported towards the soluton of varous forms of DoS attack. Deng et al. [7] have consdered a type of DoS attack along a multhop data delvery path. As WSNs are generally tree structured, so an attack on the nodes of a path also affects the branches connected to that path. A one way hash chan mechansm has been proposed by the authors to prevent such path based DoS attacks and protect end to end communcaton along a multhop data delvery path. Here an OHC (One way Hash Chan) number s added wth each message packet leadng to an extra overhead of 8 bytes per packet. These 8 bytes of addtonal overhead s a major constrant for a resource constraned sensor mode. Authors n [8] have proposed an authentcaton protocol capable of resstance aganst replay attacks and other DoS attacks. But the scheme uses symmetrc keys where keys are shared by sensor nodes and therefore a compromsed node can send forged messages whch may possess a great securty threat to the network. Perrg et al. [9] have used RC5 algorthm for encryptng messages whch means a lot of computatons have to be done. Here the µ TESLA protocol s used for secure broadcast of messages and an 8-byte Message Authentcaton Code (MAC) s used by each node for verfcaton along the communcaton path. However, exchange of huge authentcaton nformaton s a real bottleneck for the resource-constraned WSN. Moreover a node must have pror knowledge of all the nodes along ts path. The authors n [10] have devsed a mechansm to prevent replay attacks. Here t s consdered that the packets used for tme-synchronzaton of any two nodes are replayed. A recever-recever model for tme synchronzaton has been consdered where a reference node broadcasts beacon message to all ts neghbours. Based on the arrval tme of the beacon message the recevng nodes adjust ther clocks. A tme offset s calculated based on the dfference between the recordng tmes of the beacon message by these recevng nodes. The tme offsets are exchanged between the recevng nodes to calculate a threshold value whch s the dfference between the two tme offsets of two nodes. But the arrval of a beacon message at a node can be delayed by certan factors leadng to gross errors whle dervng the tme requred for synchronzaton between the nodes. Moreover, by not usng global tme synchronzaton model a large overhead has been ntroduced as huge number of tme offsets need to be computed by the nodes. Dong et al. [11] have proposed the use of hash chans n ther work where each node combnes the hash value wth ts own node-d and forwards ths combned value to ts next hgher hop count node. The recevng node s able to detect replay attacks by observng the combned value of node-d and hash value. But the computaton of all these values by nodes takes sgnfcant amount of tme. Soroush et al. [12] have developed a scheme to defend replay attacks where a monotoncally ncreasng counter s mantaned to keep track of old replayed messages. But here each node mantans a counter to store the tmng nformaton of all other nodes whch requres a large amount of memory leadng to a major bottleneck for memory- constraned sensor nodes.

3 Ensurng Basc Securty and Preventng Replay Attack 323 In ths paper we propose a secured query processng scheme n WSN wth a target to buld a securty mechansm from wthn a query-drven applcaton envronment. The proposed securty mechansm gves a soluton of replay attack whle ensurng authentcaton, data ntegrty and data freshness. The rest of the paper s organzed as follows. In secton 2 system model along wth a bref descrpton of the present work s gven. A detaled descrpton of the scheme s gven n secton 3. Secton 4 gves the performance evaluaton of the proposed scheme and also the comparatve study between the proposed scheme and another scheme. Concludng remarks and future scope has been stated n secton 5. 2 System Model An attack [6] s defned as an attempt to gan unauthorzed access to a servce, resource, or nformaton, or the attempt to compromse ntegrty, avalablty, or confdentalty. DoS s one type of attack whch hnders communcaton among the sensor nodes. The present work consders replay attack, whch s one form of path based DoS (PDoS) attack. If there s a PDoS attack, the network gets flooded wth bogus packets along a mult-hop delvery path [7]. The occurrence of bogus packets n the network s due to the replayng of packets by adversares leadng to replay attack. So PDoS attacks n the network may result n replay attacks. The system model n the present work consders clustered network archtecture based on LEACH protocol [13]. In ths archtecture nodes organze themselves nto local clusters wth one node actng as the cluster head (CH). LEACH performs local data fuson to reduce the amount of data sent from the clusters to the base staton/ snk. Once all the nodes are organzed nto clusters, each CH assgns a tme slot (TDMA schedule) for the member nodes n ts cluster. The member nodes sense data and transmt data to the cluster head nodes that are located at one hop dstance away from them. The cluster head nodes transmt the same to the base staton after recevng data from ther member nodes. The present work consders a query-drven applcaton platform where base staton generates query messages and broadcasts the query. Cluster heads receve the broadcasts query and start the regstraton process to authentcate ther respectve member nodes. Once the regstraton phase s over, the CHs forward the query messages to ther members. Dependng on the nature of queres, specfc member nodes send response-packets. The objectve of the proposed scheme named as Secured Query Processng Scheme (SQPS) s to ensure basc securty n general and prevent replay attack n partcular whle workng for a query-drven applcaton. The essental propertes [14] of a WSN requred for mantanng basc securty wthn the network are: Authentcaton- A sensor network must be able to dfferentate between data comng from relable sources and those comng from adversares. Data Integrty- The receved data should not be tampered durng communcaton between the sender and the recever. Data Freshness- The data receved at a partcular tme should be current data and not old data whch may be replayed by adversares.

4 324 A. Ghosal et al. 3 The Scheme In ths secured query processng scheme as shown n fgure 1, perodcally queres are broadcast from base staton. The process begns as soon as the cluster heads receve queres from base staton. The scheme has two phases- Regstraton Phase Query Response Phase 3.1 Regstraton Phase Ths phase s used for regsterng member nodes by the respectve cluster head nodes. The objectve of ths phase s to regster only the authentcated nodes. Moreover the phase provdes a mechansm that wll help a CH to ensure data ntegrty and data freshness durng query processng phase. Upon recevng a query from the base staton, cluster heads ntally broadcast regstraton packet. The regstraton packet contans 8 bts ncludng 0 as MSB. Ths MSB dfferentates between a regstraton packet and a query packet sent by the cluster heads. As mentoned n secton 2, each member node s allotted a partcular tme slot whch s used for sendng a regstraton response packet to the cluster head correspondng to the regstraton packet and also for recevng dentfcaton (node-d) for the member node from the cluster head for contnung the query processng sesson. On recevng the regstraton packet, the respectve member nodes decde the number of bts to be shfted and accordngly left shft the bts of regstraton packet. Then the nodes generate regstraton response packet ncludng left-shfted regstraton packet (8 bt), number of bts left shfted (3 bt), and present tme-stamp (12 bt). The key used here s the number of left shfted bts. Symmetrc key cryptography s used as the same key s used for encrypton and decrypton of the data packets. Symmetrc key cryptography s benefcal for sensor networks as less computaton has to be done and memory requrement s also mnmzed. Here, though the key s beng sent along wth the regstraton packet t wll not be possble for any adversary who captures or eavesdrops the contents of the packet to decpher whch bts n the packet refer to the key. Moreover n tradtonal networks the adversary performs some computatons to obtan the key used n the network; ths s not possble n case of sensor networks as the adversary nodes are also equpped wth less computatonal power. The present tmestamp ndcates the tme when a member node sends a reply packet n response to the regstraton packet. The tme-stamp s represented n mnutes and seconds. Immedately after recevng a regstraton response packet from one of ts member node, the CH rght shfts the reply packet desgnated number of tmes. The number of bts to be rght shfted s same as the number of bts the regstraton packet s left shfted and t s provded as control data n the regstraton response packet tself. If the CH can retreve the orgnal regstraton packet after rght shftng the receved regstraton response packet, the member node s consdered as an authentcated and regstered node. Upon authentcatng a member node, the CH generates a node-d and sends t to the member node at the same tme slot of authentcatng and regsterng the member node. Once the regstraton of a member node s successful, the CH stores ths nformaton.

5 Ensurng Basc Securty and Preventng Replay Attack Encrypton at Regstraton Phase Let us consder an 8-bt bnary regstraton packet as S= m 7 m 0, where MSB s m 7 and LSB s m 0. The regstraton packet s broadcast by cluster head at a partcular tme slot. Tme slots are assgned to member nodes accordng to TDMA schedule. On recevng the regstraton packet S, member nodes randomly choose the shft bt B for left shftng. If B s 100, S s encrypted as m 3 m 2 m 1 m 0 m 7 m 6 m 5 m 4 ( S'). Accordngly a 3-tuple regstraton response (RR) packet s formed by the member node as ( S", B, T MN _ present ), where T MN _ present s present tme-stamp Decrypton at Regstraton Phase Upon recevng the encrypted regstraton response packet ( S", B, T MN _ present ) from a member node, the cluster head performs the reverse process of encrypton to get back the orgnal regstraton packet. So S' s rght shfted B tmes and converted to S". After decryptng, f S" matches wth S, the cluster head accepts the regstraton packet and authentcates the correspondng member nodes Data Stored by Cluster Head Once the cluster head authentcates a member node, t generates an dentfcaton (node-d) for the member node and stores a 6-tuple data (node-d, S, S', B, T MN _ present, T MN _ prevous ) for the member node where S', B, T MN _ present s RR (packet sent by the node desgnated by node-d), S s the orgnal regstraton packet and T MN _ prevous s a tme-stamp whch s set to null ntally Data Stored by Member Node Once a member node gets ts node-d from the cluster head durng regstraton, the member node stores 3-tuple (node-d, B, T MN _ present ) data Algorthm for Regstraton Begn // Acton executed by cluster heads (CHs) 1: CH broadcasts 8-bt regstraton packet (S) at tme t // Actons executed by member nodes (MNs) 2: On recevng S at tme (t+1) 3: for =t+1, <=t+n, ++ 4: left shft S to obtan ' S 5: Generate RR /* 6: Send RR to CH /* th member node (MN ) encrypts S by left shftng t by B -bt whch s ' arbtrarly chosen by MN to obtan S */ MN generates 3-tuple regstraton response packet RR( S, // Actons executed by cluster head (CH) on recevng RR from ' B, MN _ present MN T ) */

6 326 A. Ghosal et al. 7: rght shft ' S to obtan S" /* CH decrypts B -bt to obtan ' S by rght shftng t by S" */ 8: f S" = S then 9: RR s authentc /* regstraton response packet RR s 10: accept RR authentc */ /* CH accepts regstraton response packet RR */ 11: generate node-d for MN 12: send node-d to MN 13: store 6-tuple data ' /* 6-tuple data: ( node d, S, S, B, T MN _ present, T MN _ prevous )*/ // Acton executed by MN on recevng node d 14: store 3-tuple data /*3-tuple data: node d, B, T MN _ present */ 15: else 16: reject RR 17: end f 18: end for End Node authentcaton s one of the major parameters of network securty. The regstraton phase of the present scheme s able to ensure ths part of securty. 3.2 Query Response Phase In the event of query processng, the base staton broadcasts query. Upon recevng the query, a CH starts regstraton phase. Once the regstraton phase s over (secton 3.1), the CH broadcasts the query for ts member nodes. Dependng on the query, specfc member nodes send response and cluster head nodes forward the responses to base staton. For example, f the query s related to temperature, then member nodes responsble for sensng temperature provde response to the query. Query packet s of 8 bts. The MSB bt of the query packet s always 1, to dstngush between regstraton packet and query packet. So, 128 dfferent queres can be generated wth the remanng 7 bts of the query packet Encrypton at Query-Response Phase On recevng query packet member nodes respond to the query n the form of a query response (QR) packet that contans 5-tuple (node-d, m, m', T MN _ present, T MN _ prevous ) where m s an 8-bt response message for the correspondng query and m' s left shfted (B tmes) message. Further, T MN _ present and TMN _ prevous are

7 Ensurng Basc Securty and Preventng Replay Attack 327 present tme stamps when the member node s sendng the response packet for the query and prevous tme stamp of last communcaton (packet exchange) between member node and CH respectvely. To start wth, T MN _ present of the 3-tuple data stored by the member node at regstraton phase replaces T MN _ prevous Data Stored by Cluster Head After recevng query response packet from member node, the cluster head updates the 6-tuple data stored at regstraton phase. Durng regstraton phase the stored 6- tuple data was (node-d, S, S', B, T MN _ present, T MN _ prevous ). Durng query response phase, S and S' attrbutes are replaced by m and m' respectvely. TMN _ prevous whch contaned null value durng regstraton phase s now replaced by T MN _ present whch was stored durng regstraton phase and TMN _ present s replaced by the tme when the query response packet s beng sent by the member node Decrypton at Query-Response Phase Cluster head on recevng the QR packet, fnds the node-d of the member node from the packet. Then to decrypt the encrypted message m', the CH rght shfts m', B tmes where B s found from the stored tuple correspondng to the node-d of the member node. The m' s converted to m" after decrypton. Once the CH decrypts the message part of the QR packet, t checks for data ntegrty, data freshness and replay attack Check for Data Integrty If t s found that the decrypted message m" s same as the orgnal message m, data ntegrty s preserved Check for Replay Attack and Data Freshness In replay attack the malcous node repeats the already sent packets and results n energy exhauston of nodes and eventually collapse of the network. Wth the help of two attrbutes TMN _ present and TMN _ prevous stored at cluster head correspondng to every regstered/ authentcated member nodes, replay attack s detected. The cluster head compares the T MN _ present and TMN _ prevous of an entry correspondng to a member node and f TMN _ present stored by t and the T MN _ prevous n QR s equal, then t can be ensured that no replay attack has taken place and data freshness s preserved. If a malcous node attempts to send query response packet posng as an authentcated member node, cluster head rejects the packet. Due to ths unauthorzed attempt, an authorzed node s TDMA tme slot wll be consumed and as a result of whch a packet to be sent by the authorzed node s lost. Therefore, there may be two dstnct effects of malcous attempt- one s packet loss and the other s packet rejecton.

8 328 A. Ghosal et al Algorthm for Query Response Begn // Acton executed by cluster head (CH) 1: Broadcasts query packet receved from base staton at tme (t+n+1) // Actons executed by member nodes (MNs) 2: On recevng query packet at tme (t+n+2) 3: for = t+n+2, <=t+2n+2, ++ 4: send 5-tuple QR to CH /* th member node sends query response packet, QR ( node d, m, m' ( m left shfted by B bt)), T MN _ present T )to CH */, MN _ prevous 5: rght shft m ' to obtan m" /* CH decrypts m ' by rght shftng t by B -bt to obtan m" */ 6: f m" = m then /* check for data ntegrty */ 7: accept /* data ntegrty s mantaned */ 8: else 9: reject QR /* data ntegrty s volated */ 10: end f 11: f CH.T MN _ present = QR.T then /* CH compares T MN _ present MN _ prevous stored n t wth T MN _ prevous n QR */ 12: accept QR /* no replay attack s detected */ 13: update ts (CH s) stored data /* replaces S by m, S' bym', correspondng to MN T by T MN _ present, TMN _ present MN _ prevous by MN _ present T of QR */ // Acton executed by CH on recevng QR 14: else 15: reject QR 16: end f 17: end for End /* CH rejects query response packet QR */ The present scheme s based on LEACH protocol whch s an nternatonally accepted standard protocol. It adds securty feature to the LEACH protocol n a lghtweght manner nvolvng shftng of bts. The scheme s mplementable as computatons for shftng of bts s hghly mplementable n sensor nodes e.g. mca-2 motes.

9 3.3 Dagrammatc Representaton of the Scheme Ensurng Basc Securty and Preventng Replay Attack 329 The entre scheme s llustrated wth the help of an actvty dagram shown n Fgure 1.The dagram shows how a cluster wth n number of nodes and one cluster head works. To be more specfc, t shows communcaton among dfferent components of a wreless sensor network and control flow among varous computatonal modules wthn the components of the network. Broadcast communcaton from cluster head s shown by lghtnng symbol whereas uncast communcaton between cluster head and member nodes and control flows are shown by sold lnes wth arrowhead. All communcaton symbols are labeled to make understand the content of the packet along wth the tmestamp at whch t s beng sent. For example, one broadcast communcaton labeled by RB t means regstraton packet has been broadcast at tme t. Tmestamp helps to know the steps of operatons vsbly. Fg. 1. Actvty dagram of the proposed scheme (SQPS) The notatons used n Fgure 1 has been descrbed below- RB t Regstraton Packet broadcast at tme t by cluster head. RR t + 1 Regstraton response packet transmtted at tme t+1 by member node M 1. RR t + n Regstraton response packet transmtted at tme t+n by member node M n. Node d M 1 Node-d of member node M 1 transmtted at tme t+1 by cluster head.

10 330 A. Ghosal et al. Node d M n Node-d of member node M n transmtted at tme t+n by cluster head. QB t + n + 1 Query packet broadcast at tme t+n+1 by cluster head. QR t + n + 2 Query response packet transmtted at tme t+n+2 by member node M 1. QR t + 2n + 2 Query response packet transmtted at tme t+2n+2 by member node M n. 4 Performance Evaluaton The effectveness of the proposed securty scheme reported n the earler secton s evaluated through smulaton. 4.1 Smulaton Envronment Smulaton s performed usng MATLAB (verson 7.1). We consder 500 nodes n the network and number of malcous nodes s vared from 25 to 100. Performance of the scheme s evaluated based on the followng two metrcs: Authentcaton Rate Number of authentcated nodes / total number of nodes n the network. Data freshness (%) (Number of receved packets contanng current data / total number of packets sent) x 100. The relevant parameters and ther assocated values are lsted below n Table 1- Table 1. Parameters and ther correspondng values used n smulaton Parameters Value Intal Energy ( E ntal ) 2 J Network area (user nput) 25m 25m to 100 m 100 m Communcaton range of sensor ( R c ) 160 m Sensng range of sensor ( R s ) 80 m In presence of replay attack, data freshness s affected. In other words, f replay attack can be consdered as a cause, data freshness s an effect. Therefore, the metrc, data freshness s measured to cover analyss on both the securty parameters replay attack and data freshness. Authentcaton rate s computed to cover another securty parameter.e. authentcaton. No separate experment s carred out to measure data ntegrty as volaton of data ntegrty due to presence of malcous node does not arse. 4.2 Smulaton Results Authentcaton rate s measured and plotted wth tme n Fgure 2 for varyng number of malcous nodes. Two sets of experments are conducted to compute authentcaton rate.

11 Ensurng Basc Securty and Preventng Replay Attack TDMA tme slots vs Authentcaton rate (25 malcous nodes) Authentcaton rate Regstraton wthout attack Regstraton wth attck TDMA tme slots (sec) (a) wth 25 malcous nodes 1.05 TDMA tme slots vs Authentcaton rate (50 malcous nodes) Authentcaton rate Regstraton wthout attack Regstraton wth attack TDMA tme slots (sec) (b) wth 50 malcous nodes TDMA tme slots vs Authentcaton rate (100 malcous nodes) Authentcaton rate Regstraton wthout attack Regstraton wth attack TDMA tme slots (sec) (c) wth 100 malcous nodes Fg. 2. Authentcaton rate over a perod of tme

12 332 A. Ghosal et al. In one set of experment, we consder that malcous nodes are present and attempt to partcpate for sendng data but stop partcpaton once t s refused to do so. Results are plotted n Fgure 2 for varyng number of malcous nodes and desgnated as wthout attack. In the other set of experment, malcous nodes attempt to send data repeatedly resultng n replay attack. Results of the same are plotted and desgnated as wth attack. We observe that n all the cases of Fgure 2 ((a), (b), (c)) results wth attack show a fall of authentcaton rate compared to the results of wthout attack. Ths sgnfes presence of replay attack from malcous nodes. Further, f we compare results of all the plots ((a), (b), (c)), t s observed that authentcaton rate decreases wth ncrease n number of malcous nodes. Fgure 3 shows percentage of data freshness over a perod of tme n presence of malcous nodes. Results n presence of 25 malcous nodes show that average data freshness s near about 96% whereas ts values are 88% and 81% for 50 and 100 malcous nodes respectvely. The results ndcate that data freshness s nversely related to the number of malcous nodes present n the network. 1.2 TDMA tme slots vs Data Freshness (%) Data Freshness (%) Query 25 malcous Query 50 malcous Query 100 malcous TDMA tme slots (sec) Fg. 3. Data freshness (%) over a perod of tme 4.3 Comparatve Study Due to unavalablty of an exstng sutable work so that our scheme can be compared based on all the securty parameters consdered here, we have chosen a work [11] on secured routng scheme to compare packet loss and data packet rejecton rato as comparson metrcs as defned below. Packet loss (%) Total number of receved packets by a CH / total number of packets sent by the member nodes. Packet rejecton rato (%) Total number of receved packets by a CH contanng tampered data / total number of packets sent by the member nodes. Packet loss and packet rejecton rato (%) are computed and plotted for varyng number of malcous nodes n Fgure 4 and Fgure 5 respectvely.

13 Ensurng Basc Securty and Preventng Replay Attack Number of malcous nodes vs Packet loss (%) Packet loss (%) MVCS SQPS Number of Malcous nodes Fg. 4. Packet loss by varyng number of malcous nodes The fgures also show the results for secured routng scheme named as MVCS (mtgatng attack aganst vrtual coordnate system) [11]. We observe that packet loss (Fgure 4) ncreases wth the ncrease of malcous nodes for both the schemes. However, n our scheme (SQPS), packet loss s about 16% less than MVCS for up to 25 numbers of malcous nodes. For 25 to 85 numbers of malcous nodes packet loss n SQPS s about 20% less than MVCS and ths onwards packet loss s about 16% less n SQPS. Summarly, t can be sad that packet loss n SQPS s less than MVCS for all sets of values of malcous nodes. Packet Rejecton Rato (%) Number of malcous nodes vs Packet Rejecton Rato (%) MVCS SQPS Number of Malcous nodes Fg. 5. Packet Rejecton (%) by varyng number of malcous nodes

14 334 A. Ghosal et al. Further we observe that packet rejecton rato (Fgure 5) ncreases wth the ncrease of malcous nodes for both the schemes. But n our scheme (SQPS), packet rejecton s about 10% less than MVCS for up to 25 malcous nodes. For 25 to 100 malcous nodes packet rejecton rato n SQPS s 20% less than MVCS and ths trend contnues. So t can be nferred that packet rejecton n SQPS s less than MVCS for all sets of values of malcous nodes. As all the member nodes denttes are verfed through regstraton phase, there s very lttle chance that a malcous node s able to steal the dentty of a legtmate node and passes through regstraton phase. That s why SQPS packet rejecton rato s lower than MVCS. 5 Concluson In ths paper, we have proposed a scheme to defend replay attacks on nodes of WSN as well as preserve the essental basc securty propertes such as authentcaton, data ntegrty and data freshness of such a network. The scheme s desgned n such a manner that no malcous node can take part n actual query processng thereby ensurng authentcaton. Moreover, as there s no partcpatng malcous node, volaton of data ntegrty due to attack has been elmnated. However, a malcous node can attempt to partcpate stealng some tme slots due to whch there may be some packet loss. The mert of the scheme les on the fact that smple symmetrc key cryptography has been used to mantan securty makng the soluton very lghtweght. We have substantated our clams by smulatng the scheme n presence of attacks. Fnally the scheme s compared wth one of the exstng routng schemes consderng packet loss and data packet rejecton rato as comparson metrcs. Results show our scheme outperforms the exstng one. As a future extenson, the scheme may be made more realstc consderng cluster head nodes are also vulnerable to attack. Further enhancement may be done to make t applcable for contnuous data-flow applcaton doman as well. References 1. Akyldz, I.F., Su, W., Sankarasubramanam, Y., Cayrc, E.: A survey on sensor networks. IEEE Communcatons Magazne 40(8), (2002) 2. DasBt, S., Ragupathy, R.: Routng n MANET and Sensor Network- A 3D poston based approach. Journal of Foundaton of Computng and Decson Scences 33(3), (2008) 3. Halder, S., Ghosal, A., Sur, S., Dan, A., DasBt, S.: A Lfetme Enhancng Node Deployment Strategy n WSN. In: Lee, Y.-h., et al. (eds.) FGIT LNCS, vol. 5899, pp Sprnger, Hedelberg (2009) 4. Ghosal, A., Halder, S., DasBt, S.: A Scheme to tolerate Jammng n multple nodes n Wreless Sensor Networks. In: Proceedngs of Wreless VITAE, pp IEEE Press, Los Alamtos (2009) 5. Ghosal, A., Halder, S., Chatterjee, S., Sen, J., DasBt, S.: Estmatng delay n a data forwardng scheme for defendng jammng attack n wreless sensor network. In: Proceedngs of 3rd Internatonal Conference NGMAST, pp IEEE CS Press, Los Alamtos (2009)

15 Ensurng Basc Securty and Preventng Replay Attack Wood, A.D., Stankovc, J.A.: Denal of Servce n Sensor Networks. IEEE Computer 35(10), (2002) 7. Deng, J., Han, R., Mshra, S.: Lmtng DoS attacks durng multhop data delvery n wreless sensor networks. Journal of Securty and Networks 1(3/4), (2006) 8. Lu, D., Nng, P.: Effcent dstrbuton of key chan commtments for broadcast authentcaton n dstrbuted sensor networks. In: Proceedngs of 10th annual Network and Dstrbuted System Securty Symposum, pp (2003) 9. Perrg, A., Szewczyk, R., Wen, V., Culler, D., Tygar, J.: SPINS: Securty Protocols for Sensor Networks. Wreless Networks Journal (WINET) 8(5), (2002) 10. Song, H., Zhu, S., Cao, G.: Attack-Reslent Tme Synchronzaton for Wreless Sensor Network. In: Proceedngs of IEEE Internatonal Conference on Moble Adhoc and Sensor Systems Conference, vol. (7-7), pp (2005) 11. Dong, J., Ackermann, K.E., Bavar, B., Nta-Rotaru, C.: Mtgatng Attacks aganst Vrtual Coordnate Based Routng n Wreless Sensor Networks. In: Proceedngs of 1st ACM conference on Wreless Network Securty, pp (2008) 12. Soroush, H., Salajegheh, M., Dmtrou, T.: Provdng Transparent Securty Servces to Sensor Networks. In: Proceedngs of IEEE Internatonal Conference on Communcatons, pp (2007) 13. Henzelman, W.R., Chandrakasan, A., Balakrshnan, H.: Energy Effcent Communcaton protocol for Wreless Mcrosensor Networks. In: Proceedngs of the 33rd Hawa Internatonal Conference on System Scences, vol. 2, pp (2000) 14. Za, T., Zomaya, A.: Securty Issues n Wreless Sensor Networks. In: Proceedngs of Internatonal Conference on Systems and Network Communcatons, p. 40 (2006)