Secure Data Collection in Wireless Sensor Networks Using Randomized Dispersive Routes

ABSTRACT
Compromised node and denial of service are two key attacks in wireless sensor networks (WSNs). In this paper, we study data delivery mechanisms that can with high pro a ility circumvent lack holes formed y these attacks. We argue that classic multipath routing approaches are vulnera le to such attacks, mainly due to their deterministic nature. So once the adversary ac!uires the routing algorithm, it can compute the same routes known to the source, hence, making all information sent over these routes vulnera le to its attacks. In this paper, we develop mechanisms that generate randomi"ed multipath routes.#nder our designs, the routes taken y the $shares% of different packets change over time. So even if the routing algorithm ecomes known to the adversary, the adversary still cannot pinpoint the routes traversed y each packet. &esides randomness, the generated routes are also highly dispersive and energy efficient, making them !uite capa le of circumventing lack holes. We analytically investigate the security and energy performance of the proposed schemes. We also formulate an optimi"ation pro lem to minimi"e the end'to'end energy consumption under given security constraints. ()tensive simulations are conducted to verify the validity of our mechanisms.

E isting S!stem" We argue that three security pro lems e)ist in the a ove counter'attack approach. *irst, this approach is no longer valid if the adversary can selectively compromise or +am nodes. ,his is ecause the route computation in the a ove multipath routing algorithms is deterministic in the sense that for a given topology and given source and destination nodes, the same set of routes are always computed y the routing algorithm. -s a result, once the routing algorithm ecomes known to the adversary (this can e done, e.g., through memory interrogation of the compromised node), the adversary can compute the set of routes for any given source and destination. ,hen, the adversary can pinpoint to one particular node in each route and compromise (or +am) these nodes. Such an attack can intercept all shares of the information,

rendering the a ove counter'attack approaches ineffective. rendering the above counter-attack approaches ineffective. actually very few node'dis+oint routes can e found when the node density is moderate and the source and destination nodes are several hops apart. on average only two node'dis+oint routes can e found etween a source and a destination that are at least / hops apart. 2ast. The adversary can pinpoint to one particular node in each route and compromise (or jam) these nodes. .e. Second. #roposed S!stem" In this paper..here is also 01 percent pro a ility that no node'dis+oint paths can e found etween the source and the destination. -s a result. *or e)ample.o intercept different packets. the routes are geographically separated as far as possi le such that they have high likelihood of not simultaneously passing through a lack hole. 3owever. the routes may not e spatially dispersive enough to circumvent a moderate'si"e lack hole. . for a node degree of . &ecause routes are now randomly generated..he main challenge in our design is to generate highly dispersive random routes at low energy cost. Such an attack can intercept all shares • of the information. the algorithm ensures that the randomly generated routes are as dispersive as possi le.he lack of enough routes significantly undermines the security performance of this multipath approach. as pointed out in. they may no longer e node'dis+oint. Considering the stringent constraint on energy consumption in WSNs. which is practically not possi le. i. the main challenge in our design is to . ecause the set of routes is computed under certain constraints. multiple paths are computed in a randomi"ed way each time an information packet needs to e sent. In this algorithm. These two attacks are generating block holes. we propose a randomi"ed multipath routing algorithm that can overcome the a ove pro lems. a large num er of routes can e potentially generated for each source and destination. such that the set of routes taken y various shares of different packets keep changing over time. Disadvantages" • • . . the adversary has to compromise or +am all possi le routes from the source to the destination.

-s e)plained later. -s a result. consuming lots of energy) without achieving good depressiveness. and therefore. consuming lots of energy) without achieving good depressiveness. 7) . a small num er of colluding5compromised nodes cannot dominate the selection result. such that the set of routes taken y various shares of different packets keep changing over time Arc$itecture" .o intercept different packets. Advantages" 6) . for efficiency purposes. we also re!uire that the randomi"ed route selection algorithm only incurs a small amount of communication overhead. 0) In this algorithm. the adversary has to compromise or +am all possi le routes from the source to the destination. and therefore. only leads to long paths (containing many hops. only leads to long paths (containing many hops. which is practically not possi le.naive algorithm of generating random routes. multiple paths are computed in a randomi"ed way each time an information packet needs to e sent. we also re!uire that the route computation e implemented in a distri uted way. such as Wanderer scheme (a pure random'walk algorithm). such a challenge is not trivial. . such as Wanderer scheme (a pure random'walk algorithm).naive algorithm of generating random routes.generate highly dispersive random routes at low energy cost. In addition. 4ue to security considerations. such that the final route represents the aggregate decision of all the nodes participating in the route selection.

So%tware Re&uirements Speci%ication" So%tware Re&uirements" 8perating System .<. CSS . .1 C&.echnology *ramework We .y (clipse. . 6. 6B= Colour . .onitor .ouse.B C3".BB .1 . :avaScript. 616 >ey oards.echnologies I4( We Server 4ata ase Software=s 9 9 9 9 9 9 9 9 Windows )p .ouse Dam >ey oard 9 9 9 9 9 9 9 @entium IA 7. <67 .. 8racle ?i 'ardware Re&uirements" System 3ard 4isk *loppy 4rive .omcat <.onitor.< 8racle :7S4>6. . 2inu) :ava Struts 3tml. 8ptical .

4D@. . .oH among all feasi le com inations of N and . In. . respectively. which finds the most energy' efficient parameter setting ENoG. .his is in contrast to the worst'case interception pro a ility that could happen to any single source node.D@.he results will help us optimi"ation.2 value (N) and the num er of shares (. NDD@.hese nodes are added to the simulation se!uentially. yielding the average packet interception pro a ility as a function of num er of source nodes.) that each packet is roken into. we plot the packet interception pro a ility as a function of the .he packet interception pro a ility calculated according to our asymptotic analytical model for @D@ is also plotted in the same figure for comparison. that satisfy a given security re!uirement. In this section. *or a given num er of source nodes. we use the outcome of our optimi"ation to drive the simulation under @D@. and then measure the resulting packet interception pro a ility and the end'to'end energy consumption.. the solution provided y our optimi"ation is only optimal for @D@ in an ideali"ed setting.. 4ue to the asymptotic nature of the analytical model. E%%ect o% t$e *ptimization o% N and ( we have formulated an optimi"ation pro lem for @D@. and .(odules Description" • • • Single-Source Case Effect of the Optimization of N and M Multisource Case Single)Source Case We first fi) the location of the source node at EF<1G 1H. etter to understand the practical effect of our . the average packet interception pro a ility is defined as the total num er of packets intercepted y the eavesdropper divided y the total num er of packets sent y various sources. (ultisource Case We study the average packet interception pro a ility of the proposed algorithms when there are multiple source nodes that are sending packets simultaneously in the system.

Algorit$ms" • • • Distri+uted localization algorit$ms Randomized multipat$ routing algorit$ms Secure multipat$ routing algorit$ms .

Master your semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master your semester with Scribd & The New York Times

Cancel anytime.