Beruflich Dokumente
Kultur Dokumente
Grouping-Enhanced Resilient Probabilistic En-Route Filtering of Injected False Data in WSNs Abstract
In wireless sensor networks, the adversary may inject false reports to exhaust network energy or trigger false alarms with compromised sensor nodes. In response to the problems of existing schemes on the security resiliency, applicability and filtering effectiveness, this Project proposes a scheme, referred to as Grouping-enhanced Resilient Probabilistic En-route Filtering (GRPEF). In GRPEF, an efficient distributed algorithm is proposed to group nodes without incurring extra groups, and a multiaxis division based approach for deriving location-aware keys is used to overcome the threshold problem and remove the dependence on the sink immobility and routing protocols. Compared to the existing schemes, GRPEF significantly improves the effectiveness of the en-route filtering and can be applied to the sensor networks with mobile sinks while reserving the resiliency.
Existing System
These schemes adopt a general en-route filtering framework to protect data authenticity, detect and filter out false reports. This framework assumes that an event can be detected by more than T sensors. To protect the report authenticity, a legitimate report is collaboratively endorsed with T (T > 1) distinct Message Authentication Codes (MACs) from the nodes detecting the event simultaneously. To filter the false reports, the nodes in the routing path share the authentication keys for the report endorsement. As a result, an invalid report that has less than T MACs or any incorrect MAC can be detected and dropped by the forwarding nodes or the sinks. There are two ways to share the authentication keys for the report endorsement, that are, routingspecific way and probabilistic way. In the routing-specific key sharing schemes such as IHA, DEFS, and LEDS, the authentication keys of sensor nodes are shared with the forwarding nodes in the routing path by pairwise key establishment or key dissemination. Since the probabilistic key sharing schemes do not need periodic node association and key dissemination, they are superior to the routing-specific key sharing schemes and are preferred by the resource-constrained WSNs. However, the existing probabilistic schemes have their shortages.
Proposed System
In the probabilistic key sharing schemes such as SEF and LBRS , the sensor nodes are divided into n(n > T) groups according to the key distribution before deployment. The nodes in the same group share common authentication keys with a probability. A legitimate report is endorsed with T MACs each of which is generated by a detecting node from different group, which is referred to as T-group authentication. The extra n _ T groups are introduced to enable T-group authentication to work for events in as large area as possible. A random key predistribution approach is adopted in SEF . A global key pool is evenly divided into n partitions. Each node randomly picks k keys from one partition and the nodes holding keys from the same partition form a group. In LBRS, each node is preloaded with one of n master secrets, and the nodes having the same master secret form a group. The authentication keys are derived based on
the locations of cells in the terrain. All the nodes in the routing paths to the sink shares the authentication keys with a probability.
Comparing with SEF and LBRS, GRPEF has the following advantages.
1. In GRPEF, an efficient distributed algorithm is proposed to divide sensor nodes into exact T groups. It can guarantee that any location in the monitored area is covered simultaneously by T nodes from distinct groups with a high probability. The removal of the extra groups significantly improves the enrooting filtering effectiveness, as shown by our formal analysis. GRPEF achieves the same coverage percentage of T-group authentication as SEF and LBRS without requiring more than T groups. 2. To tackle the threshold limitation of SEF, a novel location-aware key derivation technique based on multiaxis division is proposed without assuming the sink immobility and specific routing models. As a result, GRPEF achieves the resiliency against node compromise while being applicable to the networks with mobile sinks and various routing protocols. Our theoretical analysis shows that GRPEF achieves much higher resiliency than SEF.
System Specification
Software Requirements Front End/GUI Tool Operating System Language Technology : Microsoft Visual studio 2008 : Windows family : C#.NET : ASP.NET 3.5
Hardware Specification
Module List
Sensor Node
In this module, the sensor node requests the mobile sink and then mobile sink response to the sensor node. Mobile sink provides the Message Authentication Code (MAC) to the sensor node .Each sensor node use this MAC and then actual data is send to the sensor node-2.Sensor node-2 may inject the false data .Finally send to the mobile sink.
Mobile sink:
The mobile sink receives the data from the all nodes in network which may be false data or integrity data. After receiving data, it will identify the false inject data by enroute-filtering.
to the cluster head CH. When CH collects MAC from distinct groups, it sends out the report with the endorsement to the sink.
En-route filtering
Every forwarding node verifies the MAC computed by its lower association node, and then removes that MAC from the received report. If the verification succeeds, it then computes and attaches a new MAC based on its pairwise key shared with its upper associated node. Finally, it forwards the report to the next node towards the BS.
Level 0:
Login
Sensor Node 1
Process
Level 1:
Sensor Node 1
Sensor Node 2
Request to server
Server Process
Level 2:
Server
To provide MAC
Sensor Node 1
Sensor Node 2
Level 3:
Sensor Node1
Server
System Architecture
Send Data
Sensor Node 1
MAC
Sensor Node 2
MAC
Request to server
Request to server
Server