WWW.MICANSINFOTECH.COM WWW.IEEEPROJECTS-FINALYEARPROJECTS.BLOGSPOT.

IN +91 90036 28940

Grouping-Enhanced Resilient Probabilistic En-Route Filtering of Injected False Data in WSNs Abstract
In wireless sensor networks, the adversary may inject false reports to exhaust network energy or trigger false alarms with compromised sensor nodes. In response to the problems of existing schemes on the security resiliency, applicability and filtering effectiveness, this Project proposes a scheme, referred to as Grouping-enhanced Resilient Probabilistic En-route Filtering (GRPEF). In GRPEF, an efficient distributed algorithm is proposed to group nodes without incurring extra groups, and a multiaxis division based approach for deriving location-aware keys is used to overcome the threshold problem and remove the dependence on the sink immobility and routing protocols. Compared to the existing schemes, GRPEF significantly improves the effectiveness of the en-route filtering and can be applied to the sensor networks with mobile sinks while reserving the resiliency.

Existing System

WWW.MICANSINFOTECH.COM WWW.IEEEPROJECTS-FINALYEARPROJECTS.BLOGSPOT.IN +91 90036 28940

These schemes adopt a general en-route filtering framework to protect data authenticity, detect and filter out false reports. This framework assumes that an event can be detected by more than T sensors. To protect the report authenticity, a legitimate report is collaboratively endorsed with T (T > 1) distinct Message Authentication Codes (MACs) from the nodes detecting the event simultaneously. To filter the false reports, the nodes in the routing path share the authentication keys for the report endorsement. As a result, an invalid report that has less than T MACs or any incorrect MAC can be detected and dropped by the forwarding nodes or the sinks. There are two ways to share the authentication keys for the report endorsement, that are, routingspecific way and probabilistic way. In the routing-specific key sharing schemes such as IHA, DEFS, and LEDS, the authentication keys of sensor nodes are shared with the forwarding nodes in the routing path by pairwise key establishment or key dissemination. Since the probabilistic key sharing schemes do not need periodic node association and key dissemination, they are superior to the routing-specific key sharing schemes and are preferred by the resource-constrained WSNs. However, the existing probabilistic schemes have their shortages.

Proposed System
In the probabilistic key sharing schemes such as SEF and LBRS , the sensor nodes are divided into n(n > T) groups according to the key distribution before deployment. The nodes in the same group share common authentication keys with a probability. A legitimate report is endorsed with T MACs each of which is generated by a detecting node from different group, which is referred to as T-group authentication. The extra n _ T groups are introduced to enable T-group authentication to work for events in as large area as possible. A random key predistribution approach is adopted in SEF . A global key pool is evenly divided into n partitions. Each node randomly picks k keys from one partition and the nodes holding keys from the same partition form a group. In LBRS, each node is preloaded with one of n master secrets, and the nodes having the same master secret form a group. The authentication keys are derived based on

WWW.MICANSINFOTECH.COM WWW.IEEEPROJECTS-FINALYEARPROJECTS.BLOGSPOT.IN +91 90036 28940

the locations of cells in the terrain. All the nodes in the routing paths to the sink shares the authentication keys with a probability.
Comparing with SEF and LBRS, GRPEF has the following advantages.

1. In GRPEF, an efficient distributed algorithm is proposed to divide sensor nodes into exact T groups. It can guarantee that any location in the monitored area is covered simultaneously by T nodes from distinct groups with a high probability. The removal of the extra groups significantly improves the enrooting filtering effectiveness, as shown by our formal analysis. GRPEF achieves the same coverage percentage of T-group authentication as SEF and LBRS without requiring more than T groups. 2. To tackle the threshold limitation of SEF, a novel location-aware key derivation technique based on multiaxis division is proposed without assuming the sink immobility and specific routing models. As a result, GRPEF achieves the resiliency against node compromise while being applicable to the networks with mobile sinks and various routing protocols. Our theoretical analysis shows that GRPEF achieves much higher resiliency than SEF.

System Specification
Software Requirements Front End/GUI Tool Operating System Language Technology : Microsoft Visual studio 2008 : Windows family : C#.NET : ASP.NET 3.5

WWW.MICANSINFOTECH.COM WWW.IEEEPROJECTS-FINALYEARPROJECTS.BLOGSPOT.IN +91 90036 28940

Hardware Specification

Processor RAM Hard Disk Drive Monitor

: Pentium dual core : 1 GB : 80 GB : 17 Color Monitor

Module List

Login Sensor node Mobile Sink Monitoring and Reporting Phase

WWW.MICANSINFOTECH.COM WWW.IEEEPROJECTS-FINALYEARPROJECTS.BLOGSPOT.IN +91 90036 28940

False Data Injection En-Route Filtering

Module Description Login

In this module the user can get in to the system by enter the username and password. The user can register them self in the particular Sensor Node. Therefore we can easily identify a Mobile Sink, where it is resident.

Sensor Node
In this module, the sensor node requests the mobile sink and then mobile sink response to the sensor node. Mobile sink provides the Message Authentication Code (MAC) to the sensor node .Each sensor node use this MAC and then actual data is send to the sensor node-2.Sensor node-2 may inject the false data .Finally send to the mobile sink.

Mobile sink:
The mobile sink receives the data from the all nodes in network which may be false data or integrity data. After receiving data, it will identify the false inject data by enroute-filtering.

Monitoring and Reporting Phase:

When an event occurs in partition. All detecting nodes are organized into a cluster and collaboratively generate the event report E with the event location. The message authentication code of report E generated with a symmetric key. The detecting node in group computes MAC where k is the endorsement key bound with the partition. Then the detecting node sends a tuple

WWW.MICANSINFOTECH.COM WWW.IEEEPROJECTS-FINALYEARPROJECTS.BLOGSPOT.IN +91 90036 28940

to the cluster head CH. When CH collects MAC from distinct groups, it sends out the report with the endorsement to the sink.

False Data Injection

In this module focus on the false data injection attack, in which the compromised nodes inject forged event reports to trigger false alarms or to deplete the limited resources of nodes in the routing paths. Our problem is to design a scheme that can detect and filter false reports such that false reports is detected and dropped as early as possible, the threshold limitation of the solutions is overcome, graceful performance degradation is achieved when more and more nodes are compromised, and the scheme should be independent of routing protocols and applicable to the WSNs with mobile sinks.

En-route filtering
Every forwarding node verifies the MAC computed by its lower association node, and then removes that MAC from the received report. If the verification succeeds, it then computes and attaches a new MAC based on its pairwise key shared with its upper associated node. Finally, it forwards the report to the next node towards the BS.

Data Flow Diagram

Level 0:

WWW.MICANSINFOTECH.COM WWW.IEEEPROJECTS-FINALYEARPROJECTS.BLOGSPOT.IN +91 90036 28940

Login

Sensor Node 1

Process

Level 1:

WWW.MICANSINFOTECH.COM WWW.IEEEPROJECTS-FINALYEARPROJECTS.BLOGSPOT.IN +91 90036 28940

Sensor Node 1

Sensor Node 2

Request to server

Server Process

Level 2:

WWW.MICANSINFOTECH.COM WWW.IEEEPROJECTS-FINALYEARPROJECTS.BLOGSPOT.IN +91 90036 28940

Server

To provide MAC

Sensor Node 1

Sensor Node 2

Level 3:

WWW.MICANSINFOTECH.COM WWW.IEEEPROJECTS-FINALYEARPROJECTS.BLOGSPOT.IN +91 90036 28940

Sensor Node1

Select the data

Send to Sensor node 2

False data injection

Server

Detect the false data

WWW.MICANSINFOTECH.COM WWW.IEEEPROJECTS-FINALYEARPROJECTS.BLOGSPOT.IN +91 90036 28940

System Architecture

Send Data

Sensor Node 1
MAC

Sensor Node 2

False data injected

MAC

Request to server

Request to server

Server