EFFICIENT CLONE NODE DETECTION AND ELIMINATION IN WIRELESS SENSOR NETWORKS

Similar documents
Detection of Node Clone in Wireless Sensor Networks

Duplicate Node Detection Using Distributed Protocols (3D-NUP) in WSN

Node Clone Detection in Wireless Sensor Networks

Node Clone Detection in Wireless Sensor Networks

DISTRIBUTED HASH TABLE PROTOCOL DETECTION IN WIRELESS SENSOR NETWORKS

Providing High Security for WSN s Using Distributed Hash Table (DHT)

On the Node Clone Detection in Sensor Networks for Electronic Copy Right Management System

Two Novel Approaches on the Node Clone Detection in Wireless Sensor Networks

Key Words: Wireless Sensor network, Clones, DHT, RDE.

AN APPROACH TO DETECT NODE REPLICATION IN MOBILE SENSOR NETWORKS- SURVEY

II Year M.E Student, #2 Assistant Professor #1, #2

Detection of Node Replication Attacks in Mobile Sensor Networks Using Efficient Localized Detection Algorithm

Keywords:- Replication attack, security, wireless sensor networks, localized detection.

A Review on Various Routing Attacks on Wireless. Sensor Network

Distributed Detection of Node Replication Attacks in Sensor Networks

Distributed Detection of Node Replication Attacks in Sensor Networks

Temporal Key Based Randomized Efficient and Distributed Detection of Clone Attack in WSNs

Detection of Node Replication Attacks in Mobile Sensor Networks Using Localized Algorithms

Effective Cluster Based Certificate Revocation with Vindication Capability in MANETS Project Report

ESTABLISHMENT OF SECURE COMMUNICATION IN WIRELESS SENSOR NETWORKS

TDMA-Based Detection of Packet Modification Attacks in Wireless Sensor Networks 1

Key establishment in sensor networks

DETECTING, DETERMINING AND LOCALIZING MULTIPLE ATTACKS IN WIRELESS SENSOR NETWORK - MALICIOUS NODE DETECTION AND FAULT NODE RECOVERY SYSTEM

Unpredictable Software-based Attestation Solution for Node Compromise Detection in Mobile WSN

Dynamic Key Ring Update Mechanism for Mobile Wireless Sensor Networks

Efficient Distributed Detection of Node Replication Attacks in Sensor Networks

Black Hole Detection Scheme in WSN for Mobile Replica Node Detection and Rejection

Enhancing the Security in WSN using Three Tier Security Architecture Chanchal G. Agrawal *

Use of Symmetric And Asymmetric Cryptography in False Report Filtering in Sensor Networks

Detection of Replica Nodes in Wireless Sensor Network: A Survey

DETECTION OF NODE CAPTURE ATTACKS IN WIRELESS SENSOR NETWORKS

Secure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks

Impact of Black Hole and Sink Hole Attacks on Routing Protocols for WSN

REPUTATION BASED ZONE TRUST DETECTION AND SWATT REVOCATION METHOD USING SPRT IN SENSOR NETWORKS

Code Verification Work of Sybil Attack in Wireless Sensor Network

Identity Replicas in WSN

Key establishment in sensor networks

Chord-based Key Establishment Schemes for Sensor Networks

Efficient and Effective Detection of Node Replication Attacks in Mobile Sensor Networks

Providing Transparent Security Services to Sensor Networks

A Time-Based Key Management Protocol for Wireless Sensor Networks

Source Anonymous Message Authentication and Source Privacy using ECC in Wireless Sensor Network

Sleep/Wake Aware Local Monitoring (SLAM)

Sequential Hypothesis Testing Based Approach for Replica Cluster Detection in Wireless Sensor Networks

A METHOD FOR DETECTING FALSE POSITIVE AND FALSE NEGATIVE ATTACKS USING SIMULATION MODELS IN STATISTICAL EN- ROUTE FILTERING BASED WSNS

Key Management for Static Wireless Sensor Networks With Node Adding

E±cient Detection Of Compromised Nodes In A Wireless Sensor Network

SELECTING VOTES FOR ENERGY EFFICIENCY IN PROBABILISTIC VOTING-BASED FILTERING IN WIRELESS SENSOR NETWORKS USING FUZZY LOGIC

Wireless Network Security Spring 2016

Re-examining Probabilistic Versus Deterministic Key Management

A NOVEL APPROACH FOR DETECTING COMPROMISED NODES IN WIRELESS SENSOR NETWORKS

Efficient Detection and Elimination of Vampire Attacks in Wireless Ad-Hoc Sensor Networks

Detecting and Recovering from Overlay Routing Attacks in Peer-to-Peer Distributed Hash Tables

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures

Building a low-latency, proximity-aware DHT-based P2P network

On Demand secure routing protocol resilient to Byzantine failures

An Efficient Key Management Scheme for Heterogeneous Sensor Networks

Security Issues In Mobile Ad hoc Network Routing Protocols

An Efficient Secured Scheme for Detecting Source of Packet Drop and Forgery Attack in WSN

Wireless Sensor Networks: Security Issues, Challenges and Solutions

Routing Scheme in Energy efficient based Protocols for Wireless Sensor Networks

ENSF: ENERGY-EFFICIENT NEXT-HOP SELECTION METHOD USING FUZZY LOGIC IN PROBABILISTIC VOTING-BASED FILTERING SCHEME

Abstract. 1. Introduction

Contending Against Energy Debilitating Attacks in Wireless Ad Hoc Sensor Networks

CSC 774 Advanced Network Security

Clone Detection for Efficient System in Wireless Sensor Network Using Ad Hoc on Demand Distance Vector (AODVC)

Wireless Network Security Spring 2015

A Security Infrastructure for Trusted Devices

Sybil Attack In High Throughput Multicast Routing In Wireless Mesh Network

The Best Keying Protocol for Sensor Networks

Fig. 2: Architecture of sensor node

Time Synchronization in Wireless Sensor Networks: CCTS

ENHANCED THREE TIER SECURITY ARCHITECTURE FOR WSN AGAINST MOBILE SINK REPLICATION ATTACKS USING MUTUAL AUTHENTICATION SCHEME

Cluster based certificate revocation For mobile ad hoc networks

IMPROVE NETWORK LIFETIME AND LOAD BALANCING MOBILE DATA CLUSTERING FOR WIRELESS SENSOR NETWORKS

Peer-to-Peer Systems. Chapter General Characteristics

Clustering Based Certificate Revocation Scheme for Malicious Nodes in MANET

CS555: Distributed Systems [Fall 2017] Dept. Of Computer Science, Colorado State University

Computer Based Image Algorithm For Wireless Sensor Networks To Prevent Hotspot Locating Attack

WSN Routing Protocols

Security in Mobile Ad-hoc Networks. Wormhole Attacks

A Feedback-based Multipath Approach for Secure Data Collection in. Wireless Sensor Network.

Random Key Pre-distribution Schemes using Multi-Path in Wireless Sensor Networks

An Efficient Data-Centric Routing Approach for Wireless Sensor Networks using Edrina

Implementing Crytoptographic Technique in Cluster Based Environment for Secure Mobile Adhoc Networks

MITIGATING DENIAL OF SERVICE ATTACKS IN OLSR PROTOCOL USING FICTITIOUS NODES

LIGHTWEIGHT KEY MANAGEMENT SCHEME FOR HIERARCHICAL WIRELESS SENSOR NETWORKS

Energy-Efficient Security Threshold Determination Method for the Enhancement of Interleaved Hop-By-Hop Authentication

Mitigating Malicious Activities by Providing New Acknowledgment Approach

Catching BlackHole Attacks in Wireless Sensor Networks

Dynamic Neighbor Positioning In Manet with Protection against Adversarial Attacks

How to Break and Repair Leighton and Micali s Key Agreement Protocol

ALL ABOUT DATA AGGREGATION IN WIRELESS SENSOR NETWORKS

BISS: Building secure routing out of an Incomplete Set of Security associations

Security of Aggregated Data in Wireless Sensor Network

Social Closeness Based Clone Attack Detection for Mobile Healthcare System

TO DETECT AND RECOVER THE AUTHORIZED CLI- ENT BY USING ADAPTIVE ALGORITHM

CONCEALED CLIENT DATA AGGREGATION FOR DATABASE-AS-SERVICE (DAS)

A hybrid IP Trace Back Scheme Using Integrate Packet logging with hash Table under Fixed Storage

Presented by: Mariam Ahmed Moustafa Faculty of Engineering, Alexandria University, Egypt. 24 March 2016 RIPE NCC / MENOG 16

Transcription:

EFFICIENT CLONE NODE DETECTION AND ELIMINATION IN WIRELESS SENSOR NETWORKS V.Lincy Shobika PG research scholar Department of Computer Science S.N.R Sons College,CBE-06 lincyshobika@gmail.com Dr.N.Sumathi Associate Professor Department of Computer Science S.N.R Sons College,CBE-06 Sumathikari73@gmail.com ABSTRACT In the Wireless sensor networks are vulnerable to the node clone, and several protocols have been proposed to detect this attack. So sensor networks are required too strong assumptions to be practical for large-scale, deployed sensor networks. We use two novel node clone detection protocols with different tradeoffs on network conditions and performance. The first one is based on a distributed hash table (DHT) in which Chord algorithm is used to detect the cloned node, every node is assigned with the key, before transmits the data nodes has to give its key which would be verified by the witness node. If same key is given by another Node then the witness node identifies the duplicated Node. The second one is based on the Distributed Detection Protocol which is same as Distributed Hash Table (DHT), but it is easy and cheaper implementation. Every node only needs to know the neighbor-list containing all neighbor IDs and its locations. In the proposed work, we are implementing RDE protocol, by location based nodes identification, where every region/location will have a group leader. The leader will generate a random number with time stamp to the available nodes in that location. Witness nodes verify the random number and time stamp to detect the duplicated node. The user messages are also encrypted for security purpose. Keywords DHT, Cloned Nodes, adversary s, Wireless Networks. 1. INTRODUCTION A wireless sensor network is a collection of nodes organized into a cooperative network. Each node consists of processing capability may contain multiple types of memory, have a Radio Frequency transceiver have a power source, and accommodate various sensors and actuators. Nodes communicate wirelessly and often self-organize after being deployed in an ad hoc fashion. Systems of 1000s nodes are anticipated; such systems can revolutionize the way we live and work. Currently, wireless sensor networks are beginning to be deployed at an accelerated pace. It is not unreasonable to expect that in 10-15 years that the world will be covered with wireless sensor networks with access to them via the Internet. This new technology is exciting with unlimited potential for numerous application areas including military, transportation, entertainment, crisis management, environmental, medical, homeland defense, and smart spaces. Wireless sensor networks gained a great deal of attention in the past decade due to their wide range of application areas and formidable design challenges. Wireless sensor networks consist of hundreds and thousands of low-cost, resource-constrained, distributed sensor nodes, which usually scatter in the surveillance area randomly, working without attendance. The operation environment is hostile, security mechanisms against adversaries should be taken into consideration. Among many physical attacks to sensor networks, the duplicate node is a serious and dangerous one. Because of production expense limitation, nodes are generally short of tamper-resistance hardware components; thus, 50

an adversary can capture a few nodes, extract code and al secret credentials, and use those materials to clone many nodes out of off-the-shelf sensor hardware. Those duplicated nodes that seem legitimate can freely join the sensor network and then significantly enlarge the adversary s capacities to manipulate the network maliciously. For example, those victim nodes occupy strategic positions and cooperatively corrupt the collected information. A large number of duplicated nodes under command, the adversary may even gain control of the whole network. Furthermore, the node duplication will exacerbate most of inside attacks against sensor networks. In this paper, we present two novel, practical duplication detection protocols with different tradeoffs on network conditions and performance. 2. RELATED WORKS The basic challenge for any distributed protocol for detecting node replicas is to minimize communication and per node memory costs while ensuring that the adversary cannot defeat the protocol. A protocol that deterministically maps a node s ID to a unique witness node would minimize communication costs and memory requirements per node, but would not offer much security because the adversary would need to compromise just a single witness node in order to be able to introduce a replica without detection. Unfortunately, sensor nodes typically employ low-cost commodity hardware components unprotected by the type of physical shielding that could preclude access to a sensor s memory, processing, sensing and communication components. Cost considerations make it impractical to use shielding that could detect pressure, voltage, and temperature changes that an adversary might use to access a sensor s internal state. Deploying unshielded sensor nodes in hostile environments enables an adversary to capture, replicate, and insert 51 duplicated nodes at chosen network locations with little effort. Thus, if the adversary compromises even a single node, she can replicate it indefinitely, spreading her influence throughout the network. If left undetected, node replication leaves any network vulnerable to a large class of insidious attacks. Using replicated nodes, the adversary can subvert data aggregation protocols by injecting false data or suppressing legitimate data. Further, blame for abnormal behavior can now be spread across the replicas, reducing the likelihood that any one node exceeds the detection threshold. Even more insidiously, node replicas placed at judiciously chosen locations can revoke legitimate nodes and disconnect the network by triggering correct execution of node-revocation protocols that rely on threshold voting schemes. Previous approaches for detecting node replication typically rely on centralized monitoring, since localized voting systems cannot detect distributed replication. A. Sensor Network Environments A sensor network typically consists of hundreds, or even thousands, of small, low-cost nodes distributed over a wide area. The nodes are expected to function in an unsupervised fashion even if new nodes are added, or old nodes disappear. While some networks include a central location for data collection, many operate in an entirely distributed manner, allowing the operators to retrieve aggregated data from any of the nodes in the network. Furthermore, data collection may only occur at irregular intervals. For example, many military applications strive to avoid any centralized and fixed points of failure. Instead, data is collected by mobile units that access the sensor network at unpredictable locations and utilize the first sensor node they encounter as a conduit for the information accumulated by the network. Since these networks often operate in an unsupervised fashion for long periods of time, we would like to detect a node replication attack

soon after it occurs. If we wait until the next data collection cycle, the adversary has time to use its presence in the network to corrupt data, decommission legitimate nodes, or otherwise subvert the network s intended purpose. Thus far, protocols for detecting node replication have relied on a trusted base station to provide global detection. For the sake of completeness, we also discuss the use of localized voting mechanisms. We consider these protocols in the abstract; for specific examples of previous protocols. Until now, it was generally believed that these two alternatives exhausted the space of possibilities. This paper expands the design space to offer new alternatives with strong security and efficiency characteristics. B. Centralized Detection The most straightforward detection scheme requires each node to send a list of its neighbors and their claimed locations to the base station. The base station can then examine every neighbor list to look for replicated nodes. If it discovers one or more replicas, it can revoke the replicated nodes by flooding the network with an authenticated revocation message. C. Local Detection To avoid relying on a central base station, we could instead rely on a node s neighbors to perform replication detection. Using a voting mechanism, the neighbors can reach a consensus on the legitimacy of a given node. Unfortunately, while achieving detection in a distributed fashion, this method fails to detect distributed node replication in disjoint neighborhoods within the network. As long as the replicated nodes are at least two hops away from each other, a purely local approach cannot succeed. 3. PROPOSED WORK We use two novels in node clone detection and elimination protocols with different tradeoffs on network conditions and performance. The first one is based on a distributed hash table (DHT) which is implemented by Chord algorithm; every node is assigned with the unique key before it transmits the data it has to give its key which would be verified by the witness node. If same key is given by another Node then the witness node identifies the cloned Node. The second one is based on the Distributed Detection Protocol which is same as DHT, but it is easy and cheaper implementation. Here every node only needs to know the neighbor-list containing all neighbor IDs and its locations. So that can detect node clone with high security level and holds strong resistance against adversary s attacks. The straightforward node-to-network broadcasting is a quite practical way to distributively detect the node clone, in which every node collects all of its neighbor s identities along with their locations and broadcasts to the network. The main problem in this approach is its extremely high communication overhead. Key-based caching and checking system is constructed to catch cloned nodes. To detect and eliminate the Clone Attacks in Wireless Sensor Networks. Cloning detection ensures that the number of attack edges is independent of the number of Cloning identities and is limited by the number of trust relation pairs between malicious users and honest users. Cloning detection observes that if malicious users create too many Cloning identities. Trusted central authority Limited by the number of trust relation pairs Prevention of Cloning 52

message s key. Messages with a same key will be stored in one destination node. Those facts build the foundation for our first detection protocol. Fig.1.Shows detected clone node in WSNs. Fig.2 shows the eliminated clone node in WSNs. Fig.1.Clone node detection Fig.2.Clone node elimination A. DHT-BASED DETECTION PROTOCOL The principle of our first distributed detection protocol is to make use of the DHT mechanism to form a decentralized caching and checking system that can effectively detect cloned nodes. Essentially, DHT enables sensor nodes to distributively construct an overlay network upon a physical sensor network and provides an efficient key-based routing within the overlay network. A message associated with a key will be transmitted through the overlay network to reach a destination node that is solely determined by the key; the source node does not need to specify or know which node a message s destination is the DHT key-based routing takes care of transportation details by the 53 As a beginning of a round of DHT-based clone detection, the initiator broadcasts the action message including a random seed. Then, every observer constructs a claiming message for each neighbor node, which is referred to as an examinee of the observer and the message, and sends the message with probability independently. The introduction of the claiming probability is intended to reduce the communication overwork in case of a high-node-degree network. In the protocol, a message s DHT key that determines its routing and destination is the hash value of concatenation of the seed and the examinee ID. By means of the DHT mechanism, a claiming message will eventually be transmitted to a deterministic destination node, which will cache the ID-location pair and check for duplicate node detection, acting as an inspector. In addition, some intermediate nodes also behave as inspectors to improve resilience against the adversary in an efficient way. CHORD There are several different types of DHT proposals to implement the DHT protocol, such as CAN, Chord, and Pastry. Chord is widely used, and we choose Chord as a DHT implementation to demonstrate our protocol. However, our protocol can easily migrate to build upon Pastry and present similar security and performance results. The technical core of Chord is to form a massive virtual ring in which every node is located at one point, owning a segment of the periphery. To achieve pseudo-randomness on output, a hash function is used to map an arbitrary input into a -bit space, which can be conceived as a ring. Each node is assigned with a

Chord coordinate upon joining the network. Practically for our protocol, a node s Chord point s coordinate is the hash value of the node s MAC address. Nodes divide the ring into segments by their Chord points. Likewise, the key of a record is the result of the hash function. Every node is responsible for one segment that ends at the node s Chord point, and all records whose keys fall into that segment will be transmitted to and stored in that node. CONCLUSION Sensor nodes lack tamper-resistant hardware and are subject to the node duplication attack. In this proposed work we present two distributed detection protocols: One is based on a distributed hash table, which forms a Chord network and provides the keybased routing, and checking facilities for duplicated node detection, and the other uses probabilistic directed technique to achieve efficient communication overhead for satisfactory detection probability. The randomly directed exploration presents outstanding communication performance and minimal storage consumption for dense sensor networks. Moreover, the proposed approach, the probability of detecting node duplication is much higher than that achieved in previous distributed protocols. However this protocol detects and eliminates the clone node efficiently than the previous proposed protocols. REFERENCES [1] B. Parno, A. Perrig, and V. Gligor, Distributed detection of node replication attacks in sensor networks, in Proc. IEEE Symp. Security Privacy, 2005, pp. 49 63. [2] B. Zhu, V. G. K. Addada, S. Setia, S. Jajodia, and S. Roy, Efficient distributed detection of node replication attacks in sensor networks, in Proc. 23rd ACSAC, 2007, pp. 257 267. [3] H. Balakrishnan, M. F. Kaashoek, D. Karger, R. Morris, and I. Stoica, Looking up data in P2P systems, Commun. ACM, vol. 46, no. 2, pp. 43 48, 2003. [4] H. Choi, S. Zhu, and T. F. La Porta, SET: Detecting node clones in sensor networks, in Proc. 3rd SecureComm, 2007, pp. 341 350. [5] L. Eschenauer and V. D. Gligor, A keymanagement scheme for distributed sensor networks, in Proc. 9th ACM Conf. Comput. Commun. Security, Washington, DC, 2002, pp. 41 47. [6] M. Conti, R. D. Pietro, L. V. Mancini, and A. Mei, A randomized, efficient, and distributed protocol for the detection of node replication attacks inwireless sensor networks, in Proc. 8thACMMobiHoc,Montreal, QC, Canada, 2007, pp. 80 89. [7] R. Brooks, P. Y. Govindaraju, M. Pirretti, N. Vijaykrishnan, and M. T. Kandemir, On the detection of clones in sensor networks using random key predistribution, IEEE Trans. Syst.s, Man, Cybern. C, Appl. Rev., vol. 37, no. 6, pp. 1246 1258, Nov. 2007. [8] S. Zhu, S. Setia, and S. Jajodia, LEAP: Efficient security mechanisms for large-scale distributed sensor networks, in Proc. 10th ACM CCS, Washington, DC, 2003, pp. 62 72. [9] Y. Zhang,W. Liu,W. Lou, andy. Fang, Locationbased compromisetolerant security mechanisms for wireless sensor networks, IEEE J. Sel. Areas Commun., vol. 24, no. 2, pp. 247 260, Feb. 2006. 54

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback