Energy Preserving Detection Model for Collaborative Black Hole Attacks in Wireless Sensor Networks

Transcription

1 016 1th International Conference on Mobile Ad-Hoc and Sensor Networks Energy Preserving Detection Model for Collaborative Black Hole Attacks in Wireless Sensor Networks Muhammad Umar Farooq Xingfu Wang Robail Yasrab Sara Qaisar Department of Technology Management, IIUI, Islamabad, Pakistan Abstract The security is a critical issue in wireless sensor networks (WSNs). A complex form of Denial of Service attack type is collaborative black hole attacks which challenge the security of wireless sensor networks. The purpose of this attack is to receive and drop all packets. Wireless sensor network nodes have limited energy and also have limited processing capability. WSNs devices have limited resources and they are particularly susceptible to the destruction and consumption of these limited resources. Collaborative black hole attacks are effective to partition the networks so the important data do not reach to base station. To secure wireless sensor network from collaborative black hole attacks, many security techniques have been proposed, most of them are energy inefficient and complex. In this paper, we discuss various techniques which detect and prevent the collaborative black hole attacks in WSNs and proposed a cluster-based energy preserving detection model of WSNs security against collaborative black hole attacks. Keywords wireless sensor network; collaborative black hole attacks; aodv; owca; security I. INTRODUCTION These days, Wireless sensor networks (WSNs) are popular in both civilian and military domains. WSNs composed of numerous small set of sensor nodes, which are distributed across an open environment without some specific any supervision [1]. A number of bottlenecks still hindering the secure implementation of these networks. Collaborative Black hole attacks are one of the key attacks in WSNs. A black hole attack swallows the entire messages it receives, similar to a black hole absorbing everything passing through it. By stopping the normal flow of the information, the attackers cripple the whole network communication []. There are number of solutions and methodologies to avert and defend against the black hole attacks [3,4,5,6]. However, these solutions are computation or energy inefficient. In recent years, the energy efficiency becomes an important study for improving the life span and performance of the WSNs. So there is a deciding solution with enhanced energy efficiency is one of key need present WSN technology paradigm. The aim of our research is to detect the Collaborative Black-hole attacks in Wireless Sensor Network. It will demonstrate how energy preserving model increase the efficiency of Wireless Sensor Network. In this paper we have proposed cluster based energy preserving detection model for wireless sensor networks security against collaborative black hole attacks. This technique offers a great deal of advantages for better detection and mitigation of collaborative black hole attacks. The proposed cluster based energy efficient security model is implemented through Optimized Weight Based Clustering Algorithm with Security (OWCAS) and energy computation algorithm. OWCAS is chosen as a base methodology for resolving the DoS attacks vulnerability. Later we have compared proposed methodology with Ad hoc On-Demand Distance Vector (AODV) protocol and OWCA under collaborative black hole attacks. This shows enhanced results with great performance. Various parameters are considered while implementing this method such as throughput, energy, packet delivery ratio and end-to-end delay. NS- network simulator is used to simulate the proposed method and assess the performance of OWCAS and energy computation algorithm. This simulation offers a comprehensive insight into proposed network performance under various operating conditions. This research has shown a reduced energy consumption of the specific network. It has enhanced the packet delivery ratio and throughput of network as well as reduced the end to end delay and to save the energy of network. II. LITERATURE REVIEW A lot of different mechanisms have been proposed to prevent Black-Hole attack. A complex form of Black-Hole attack is co-operative black hole attack where multiple malicious nodes collaborates together results in fully disruption of the routing and packet forwarding functionality of the sensor network during this attack. AODV (Ad hoc On-Demand Distance Vector) routing protocol does not incorporate any mechanism of security, such as authentication. However, there are several security mechanisms proposed for detection of malicious nodes in the sensor network. The collaborative black holes acting in group and prevent them from discovering safe route. Routing information table (DRI) is used to deal with modification and cross checking and data to identify the cooperative black hole nodes [7] and Analytic Hierarchy Process (AHP) mechanism [8]. [9] proposed multiple routes /16 $ IEEE DOI /MSN

2 detection method that authenticate Route Replies (RREP) message is also an interesting solution. Cryptographic techniques are also some improved solution to mitigate the security issues regarding black-hole attacks [10]. Black hole attacks can also be neutralized through advanced routing methods. The proactive routing technique which has the superior packet delivery ratio and detection probability [11]. According to Wazid et al [1], the proposed tree topology that helps in detection and prevention for black hole attack. The proposed tree topology consists of router nodes, sensor nodes and coordinator nodes. Though, this proposed mechanism works for static sensors networks and didn t consider mobility of nodes. III. KEY ISSUES The key issues in previous technologies are as follows: To reduce the energy consumption of the wireless sensor network To increase the packet delivery ratio and throughput of wireless sensor network To decrease the end to end delay of wireless sensor network IV. PROPOSED DETECTION MODEL AGAINST COLLABORATIVE BLACK HOLE ATTACKS Due to Collaborative black hole attacks in the network packets delivery time to destination gets effected and producing long delay and also decrement in throughput. In this paper we proposed a collaborative black hole attacks detection model which detects the collaborative black hole attacker nodes and produce the safe route to destination. Figure [1]: Clusters without Collaborative Black Hole Attacks Step1: In the proposed model, we deployed the sensor nodes and a base station (BS) by using zigzag model in a rectangular field. The base station is fixed and located within the sensor nodes. Step: The sensor nodes are randomly divided into clusters which are in the communication range of each other based on node distance using OWCA technique. The nodes among the sensor nodes act as malicious nodes. Malicious nodes are capable of sensing the data from environment but don t forward it to the cluster head or base station. The malicious nodes may become a cluster head any time. Step3: The sensor nodes elect the cluster head node (CH) based on high energy. Optimized Weight based Clustering Algorithm (OWCA) [13] is used for the election of cluster head. Step4: The Sensor nodes are randomly divided into different clusters. Each cluster has a cluster head (CH) while some nodes are in communication range with CH based on node distance using OWCA technique. When cluster is formed, it's the responsibility of cluster head to detect the malicious nodes in that cluster; the cluster head has the control on sensor nodes within the cluster. A table maintains by cluster head (CH) via assigning ID s and sequence numbers (Seqno) to all sensor nodes within the cluster as shown in (TABLE 1). When all clusters formed, it's the responsibility of base station to detect if any of the cluster head become the malicious node. The base station has the control on cluster heads. A table maintains by base station via assigning ID s and sequence numbers to all cluster heads within the network as shown in (TABLE ). TABLE 1: Assigning ID s and Seqno to nodes in a cluster Sensor Node ID Seqno SN1 IDSN1 SN IDSN... SNn IDSNn TABLE : Assigning ID s and Seqno to cluster heads in a network Cluster Head ID Seqno CH1 IDCH1 3 CH IDCH 3... CHn IDCHn 3 Step5: Authentication process between cluster heads (CHs) and base station (BS): In authentication process, the base station (BS) sends an Authentication Packet (AP) to each of the cluster head in the sensor network. The deism of authentication packet (AP) shown in (TABLE 3). The authentication bit contains two values 0 and 1. TABLE 3 IDCHn Seqno Authentication Bit TABLE 4 IDCHn Seqno Acknowledgment Bit (TABLE 4) shows the structure of the reply packet (RP). Acknowledgement (ACK) bit is used for authentication purpose to prove that the reply is coming from authenticated node. ACK bit has two values 0 and 1. Authentication process between cluster head and cluster nodes: In authentication process, Cluster head (CH) in the sensor network sends the Authentication Packet (AP) to each node in the cluster. This authentication packet contains three fields, ID of the node, Sequence Number (seqno) and an authentication bit as shown in (TABLE 5), which make it possible to recognize the authenticity of a sensor node. Authentication bit contains two values 0 and 1. TABLE 5 IDSNn Seqno Authentication Bit 396

3 (TABLE 6) shows the reply packet structure which contains three fields, ID of the node, Sequence Number (seqno) and ACK field having a particular bit is set which obtained by increment one to the Authentication bit. TABLE 6 IDSNn Seqno Acknowledgment Bit Step 6: Detection mechanism if a collaborative black hole attacker nodes present in a cluster: Figure [1] shows the normal flow of traffic in wireless sensor network. Sensor nodes (SN1, SN, -----) sense physical phenomenon, converts this into information and pass that information to the cluster head (CH) in the form of Data Packets (DPs). TABLE 7 IDSNn Seqno Data Figure []: Clusters with Collaborative Black Hole Attacks (Sensor Nodes as Attackers) Data Packets (DPs) contains three fields, the ID of the source node, Sequence Number of the node who is sending the data packet. Collaborative black hole attacker nodes (SN1, SN4...) will not send any data packets to cluster head (CH) as shown in Figure []. Cluster head waits (wait-ch) for a fixed period of time. If the node (SN1, SN4 ) in the cluster doesn t send any packet even after this time period, which means an attacker nodes exist in the cluster. The detection of collaborative black hole nodes by cluster head (CH) as ID's of IDSN1 and IDSN4 are detected because it is sending the Reply Packets (RP) but not the Data Packets (DPs). CH removes attacker nodes from their routing table and calls the procedure of clustering after broadcasting in sensor network. Now by re-clustering other nodes covered the area left unattended due to attacker nodes. Figure [3]: Clusters with Collaborative Black Hole Attacks (Sensor Nodes and Cluster Heads as Attackers) If a sensor node and cluster head become collaborative black hole attacker nodes: Figure [3] shows that the sensor node (SN) and cluster head (CH3) which collected data from all nodes in the cluster but does not send any data packets to cluster head (CH1) and the base station respectively. Cluster head (CH1) and Base station waits for a fixed period of time. Even after this time period, if sensor node (SN) and cluster head (CH3) does not send any packets, it means that the sensor node (SN) and Cluster Head (CH3) are collaborative black hole attacker nodes. Cluster head (CH1) and Base station send a stop packet to the source nodes in a cluster, after getting stop packet from cluster head (CH1) and base station, source nodes stop sending data packets to the cluster head and remove the sensor node (SN) and cluster head (CH3) from their routing tables. In Figure [3] sensor node (SN) and cluster head (CH3) becomes the collaborative black hole nodes as they consume all the Data Packets (DPs) coming from the Sensor nodes without forwarding them to the cluster head and base station respectively. The detection of collaborative black hole nodes by cluster head and base station as ID's of IDSN and IDCH3 are detected because they are sending the Reply Packet (RP) but not the Data Packets (DPs). CH and BS remove attacker nodes from their routing table and call the procedure of clustering after broadcasting in sensor network. Now by re-clustering a new cluster head is selected based on high energy. V. ENERGY COMPUTATION ALGORITHM FOR PROPOSED MODEL Both cluster head (CH) and Base Station (BS) used some energy in attack detection. The energy equations of cluster head and base station can be modified as given below. Step 1: Initialize all the first order radio model parameters i.e. Electronics energy (E elec), Amplifier energy (E amp), Aggregation energy (E DA). Step : Calculate the energy consumed by CH node in receiving data signals from its members, transmitting data to BS, attack detection (E CHD). E CH = (E elec* k* CH degree + E DA * k) + (E elec *k + E amp* d tonextch *k) + E CHD Where, k= number of bits transmitted, CH degree = degree of cluster head, d tonextch =distance between two cluster heads. Step 3: Energy used by all CH node is E TOT_CH= E CH (1) + E CH () +E CH (3) +. + E CH(NC) NC represents number of clusters. Step 4: Calculate the energy consumed by non-ch node to transmit data signals to the CH. E non_ch = (E elec *k) + (E amp * R Tx *k) Where, R Tx =range of data transmission Step 5: Energy used in all non-ch node is E TOT_nonCH = (N-NC) * E non_ch Where, N represents number of nodes. Step 6: Calculate the energy consumed by BS in receiving data signals from CHs, transmitting data, attack detection (E BSD). E BS = (E elec * k + E amp * R Tx *k + E DA * k) + E BSD Step 7: Total energy consumption is sum of energy used in all CH node and energy used in all non-ch node. E TOT = E TOT_CH + E TOT_nonCH + E BS 397

4 VI. SIMULATION Our detection model of collaborative black hole attacks performance is analyzed under the network simulator NS. The model of our experiment is built on 100 nodes distributed randomly with their unique id s on a network surface of 1500 x 1000 m. To evaluate the efficiency of our protocol, we assume a wireless sensor network. Then 100 sensor nodes are initialized with 100 joules of energy. The network simulation parameters used in our proposed experiment as driven from [14]. We assume that there are 8 collaborative black hole nodes randomly deployed in the network field. Those attacker nodes can be selected sensor nodes or cluster head nodes based on high energy. The proposed AODV-OWCAS protocol is used to detect and prevent those collaborative black hole nodes from routing table to get the safe route to base station. The simulation results will be presented later as a comparison of AODV Protocol under collaborative black hole attacks and OWCA protocol under collaborative black hole attacks with our proposed AODV-OWCAS Protocol under collaborative black hole attacks. VII. PERFORMANCE METRICS To evaluate the performance of AODV, OWCA and OWCAS under collaborative black hole attacks, the following performance metrics are given below. A. Energy Consumption The energy level of nodes is represented by the energy model in the network. The initial value in a node has been defined by energy model where in the beginning of the simulation the node has that level of energy which is termed as Initial Energy. During any time of the simulation, to determine the energy consumption level of a node by calculating the difference between current energy value and initial energy value. The node cannot transmit or receive any more packets, if the energy level of the node reaches to zero. The value of energy consumption in a sensor node can be finding through the trace file. The whole network energy level can be determined by summing each node s energy level in the network. B. Packet Delivery Ratio To measure the routing protocol performance in any network, packet delivery ratio is a very important factor. The packet delivery ratio is measured by total number of packets received at destinations divided by the total number of packets sent from the source. Formula of Packet Delivery Ratio: (Total number of packets received by all destination nodes) (Total number of packets send by all source nodes) C. Average End to End Delay Average end to end delay is count as the data packet taken the time to route through the network from source node to its destination node. It can be measured by computing the mean of end to end delay of all delivered packets successfully. However, end to end delay is somehow depends on the packet delivery ratio. The probability of packet drop increases due to increase the distance between source and destination. All possible delays in the network are included in average end to end delay i.e. retransmission delays at MAC, buffering route discovery latency and propagation and transmission delay. Formula of Average End to End delay: D = n i=1 (Tri Tsi) n Where D is average end to end delay, i is packet identifier, Tri is reception time, Tsi is send time and n is number of packets delivered successfully. D. Average Throughput An average throughput is the average of the total throughput of the network which refers to the amount of data packets successfully transferred from a source to a destination in a given time. Formula of Average Throughput: (ReceivedSize (StopTime StartTime)) Where ReceivedSize store received packet s size, StopTime is simulation stop time and StartTime is simulation start time. VIII. EVALUATION AND RESULTS Figure [4] shows the graphical view about the throughput of AODV under collaborative black hole attacks, OWCA under collaborative black hole attacks and Optimized Weight based Clustering Algorithm with Security (OWCAS). The comparison in graph shows that the throughput over time is pretty better in the case of OWCAS as compared to AODV and OWCA. Figure [4]: Throughput Comparison of AODV, OWCA and OWCAS AODV protocol with routing does not have any security mechanism thus collaborative black hole nodes drops the data packets in the network and also decrease the throughput of the network. As the number of sensor nodes increases the data packets drop increases which results in decrement in the throughput. In OWCAS, when collaborative black hole attacking nodes removed from the routing table, the data packets are sent to the destination successfully and throughput of the network increased. Figure [5] gives us the graphical view of end to end delay comparison between AODV protocol, OWCA and OWCAS with varying number of transmissions. Due to collaborative black hole attacks, a data packet doesn t reach the destination on time which produces long delay in the network. In OWCAS, when collaborative black hole attacker nodes are removed from the routing table, then the data packets are sent to the destination nodes successfully which decreases the end to end delay of the network. 398

5 Figure [5]: Delay Comparison of AODV, OWCA and OWCAS The comparison in the graph shows in figure [6], that the energy consumption over time between AODV, OWCA and OWCAS. In this comparison the energy consumed over time is much less in case of OWCAS as compared to AODV protocol and OWCA. Due to collaborative black hole attack, data packets are dropped by the attacker nodes and cannot reach to the destination successfully. Due to data packet dropped by the attackers, the data packets will have retransmitted by the source and energy of the node will be wasted. Figure [6]: Energy Comparison of AODV, OWCA and OWCAS Figure [7] shows the comparison of Packet delivery ratio over simulation time between AODV protocol, OWCA and OWCAS. From the graphical presentation of packet delivery ratio over simulation time shows much better results in case of OWCAS as compared to AODV and OWCA. As number of transmissions increase by time the packet drop increases which results in decrement of packet delivery ratio. When the collaborative black hole attacking nodes remove from the routing table, data packets delivered to destination successfully and it will increase the packet delivery ratio. Figure [7]: Packet Delivery Ratio Comparison of AODV, OWCA and OWCAS IX. CONCLUSION In this research we have offered a deep and detailed analysis of the collaborative black hole attacks. This research has presented a great deal of enhanced solution to mitigate collaborative black hole attacks. The proposed model offers enhanced results as compared to earlier techniques as well as it is much energy efficient. The energy efficiency currently is one of the key concerns in sensor network design. While designing our model we considered sensor s energy efficiency as a key aspect with high throughput, better packet delivery ratio and lower delay time. The experiment results have shown as great deal of improved performance and higher benchmark results. The research work will be extended in future by comparing this model with other clustering methodologies and protocols. ACKNOWLEDGMENT The authors would like to thank the anonymous reviewers for the helpful comments and suggestions. The National Natural Science Foundation of China (No , 61747, ) support this paper. REFERENCES [1] G. Han, X. Li, J. Jiang, L. Shu and J. Lloret, "Intrusion detection algorithm based on neighbor information against sinkhole attack in wireless sensor networks," The Computer Journal, pp , 014. [] K. Xing, S. S. R. Srinivasan, M. Rivera, J. Li and X. Cheng, "Attacks and countermeasures in sensor networks: A survey, in Network Security," Springer US, pp. 51-7, 010. [3] Sheela.D, Srividhya.V.R, A. Begam, Anjali and C. G.M., "Detecting black hole attack in wireless sensor network using mobile agent," In: Proc. of Int l Conf. on Artificial Intelligence and Embedded Systems, pp , 01. [4] J. Kaur and B. Kaur, "BHDP using fuzzy logic algorithm for wireless sensor network under black hole attack," International Journal of Advance Research in Computer Science and Management Studies, pp , 014. [5] D. Sheela, C. N. Kumar and G. Mahadevan, "A non-cryptographic method of sink hole attack detection in wireless sensor networks," In: Proc. of Int l Conf. on Recent Trends in Information Technology (ICRTIT), pp , 011. [6] F. J. Zhang, L. D. Zhai, J. C. Yang and X. Cui, "Sinkhole attack detection based on redundancy mechanism in wireless Sensor Networks," In: Proc. of nd Int l Conf. on information technology and quantitative management, ITQM, pp , 014. [7] Ebrahim, M. & Chong, C. W., Secure force: A low-complexity cryptographic algorithm for wireless sensor network (wsn), In: Proc. of IEEE Int l Conf. on Control System, Computing and Engineering (ICCSCE), pp , 013. [8] Nidhi, M., Sharma & Sharma, M. A., The black-hole node attack in MANET, In: Proc. of Second Int l Conf. on Advance Computing and Communication Technologies, pp , 01. [9] Ramaswamy, S., Fu, H., Sreekantaradhya, M. & Nygard, J. D. a. K., Prevention of cooperative black hole attack in wireless ad hoc network, In: Proc. of Int l Conf. on Wireless Networks, pp , 003. [10] Fei Shi, Weijie Liu, Dongxu Jin, Jooseok Song., A cluster-based countermeasure against black hole attacks in MANET, Telecommunication Systems 57, pp , 014. [11] Tseng, F.-H., Chou, L.-D. & Chao, H.-C., n.d, A survey of black hole attacks in wireless mobile ad hoc networks, Computing and Information Sciences, 011 [1] Mohammad Wazid, Avita Katal, Roshan Singh Sachan, R H Goudar., Detection and prevention mechanism for black hole attack in wireless sensor network, In: Proc. of IEEE Int l Conf. on Communication and Signal Processing, pp , 013. [13] Babu.N. V, Boregowda S B, Puttamadappa C and Shivaraj. S. Davanakatti, An optimized weight based clustering algorithm in heterogeneous wireless sensor networks, Computer Science & Information Technology, pp , 01. [14] Shilpa Mahajana, Jyoteesh Malhotrab, Sandeep Sharmac, An energy balanced QoS based cluster head selection strategy for WSN, Egyptian Informatics Journal, pp ,