Beruflich Dokumente
Kultur Dokumente
Yuxin Mao
School of Computer and Information Engineering, Zhejiang Gongshang University, Hangzhou 310018, P.R
China
maoyuxin@zjgsu.edu.cn
ABSTRACT
In this paper, we propose a novel approach of secure data collection for wireless
sensor networks. We explore secret sharing and multipath routing to achieve
secure data collection in a wireless sensor network with compromised nodes. We
present the notion of secure path, which makes full use of the routing functionality
of wireless sensor networks, to support secure data collection. Moreover, we
propose to perform intrusion detection for wireless sensor network based on the
results of data collection.We evaluate the approach with a simulation experiment
and analyze the simulation results in detail. We argue that the approach is simple
but efficient to support secure data collection in wireless sensor network.
Keywords: Data Collection, Feedback, Intrusion Detection, Multipath, Security,
Wireless Sensor Network.
i =1
τ= (1) Sensor Node Number 50
n
Drop Rate 0.2
where ΔKi is the number of newly-generated
secure paths the neighbor with identity di owns in all, Threshold Value k 5
and Δki is the number of newly-generated secure
paths that involves S among those paths. If ΔKi = 0, Initial Counter Value λ 3
Δk
we consider the value of i as 0. Number of Source Nodes 10
ΔK i
(3) The reputation increment of S is calculated
according to the following equation: 5.1 Packet Interception Probability Evaluation
−N We first fix the location of the source node that
E=e τ (2) sends data the sink. We first investigate the PIP for
where N is the coefficient and we can set the the source node under different numbers of
value of N to 10. compromised nodes. For each number of
(4) The reputation value of S is updated in the ith compromised nodes, we evaluate the average PIP for
round according to the following equation: the source node. Figure 2 shows a plot of the PIP for
γi = (1-α)* γi +α*Ei, γ0 = γ (3) the source node under different numbers of
compromised nodes. It’s obvious to see that the PIP
increases when the number of compromised nodes
becomes larger. When half of the sensor nodes are
compromised nodes, most of the data packets are
intercepted. We also compare the performance of the
SPDC algorithm with that of NRRP algorithm
proposed in [5]. As can be seen in the figure, the
performance of SPDC is better than NRRP with the
same number of compromised nodes. When the
number of compromised nodes is small or large, the
performance of the two algorithms is very close.
However, SPDC behaves much better than NRRP
with number of compromised nodes falling into the
extent (13, 18).
Figure 3: The PIP values for SPDC and NRRP with
a collection of source nodes.
6 RELATED WORKS
There have been a few of on-going efforts about
multipath routing for secure data collection presented
in literature. For example, the SPREAD algorithm in
[10] attempts to find multiple most-secure and node-
disjoint paths. A modified Dijkstra algorithm is used
to iteratively find the top-K most secure node-
disjoint paths. The H-SPREAD algorithm [11]
improves the SPREAD algorithm by simultaneously
accounting for both security and reliability
requirements. The work in [12] presents distributed
Bound-Control and Lex-Control algorithms, which
Figure 2: The PIP values for SPDC and NRRP with compute multiple paths respectively. Shu et al. in [5]
different numbers of compromised nodes. present an approach for secure data collection by
using (t, n)-threshold secret sharing algorithm and
5.2 Performance Evaluation with Source Node randomized multipath routes. A packet is broken into
Set shares, which are sent to the sink through randomly-
The work in [5] performs simulation by using a generated paths. Compared with our approach, they
fixed source node that sends data to the sink. Using use a fixed source node to evaluate the approach in
only fixed source node is not enough to simulate the simulation, while we extend their simulation with a
behaviors of WSN. In practice, data are always collection of source nodes. Nasser and Chen in [13]
generated by different sensor node distributed across propose a routing protocol that uses multipath
an area. In fact, our approach can achieve better alternately as the path for communicating between
performance as long as there is secure path from the two nodes. The protocol defends against some
source node to the sink. It is insufficient to evaluate specific attacks like selective forwarding by
the PIP with a fixed source node. Therefore we advertising an attractive route to the destination.
evaluate the overall PIP with a collection of source Deng et al. in [14] propose an intrusion-tolerant
nodes. We select a collection of source nodes and routing protocol for WSNs. They try to preserve
each one is likely to generate data and send it to the WSN security by using one way hash chains and
sink. Then we evaluate the overall performance for nested keyed message authentication codes, as well
our approach for the collection of source nodes. as multipath routing.
The process of simulation with a collection of
source nodes is similar with that of a fixed source 7 CONCLUSION
node. We run the data collection algorithms for each In this paper, we propose a novel approach of
source node in the collection and record the secure data collection for WSN. We explore secret
accumulative result for the collection. Here the sharing and multipath routing to achieve secure data
number of source nodes in the collection is 10 (see collection in a WSN with compromised nodes. We
table 1). As can be seen in figure 3, the performance propose to use a novel tracing-feedback mechanism,
of SPDC is better than NRRP with the same number which makes full use of the routing functionality of
of compromised nodes. WSN, to improve the quality of data collection.
Moreover, we propose to perform intrusion detection
for wireless sensor network based on the results of
data collection. Moreover, we propose to perform the presence of frequent topological changes,
intrusion detection for wireless sensor network based IEEE Communication Magazine, Vol. 39(11), pp.
on the results of data collection. Compared with 132-138 (2001).
existing works in this field, our approach use a novel [5] T. Shu, S. Liu, and M. KrunzSecure: Data
tracing-feedback mechanism, which makes full use Collection in Wireless Sensor Networks Using
of the routing functionality of WSN, to improve the Randomized Dispersive Routes, Proc. IEEE
quality of data collection. The major difference INFOCOM Conference, pp. 2846-2850 (2009).
between our approach and the existing multipath [6] W. Lou, and Y. Kwon: H-spread: a hybrid
methods is that the secure paths here are potentially multipath scheme for secure and reliable data
safe for data collection. In all, our work tries to take collection in wireless sensor networks, IEEE
a step forward secure data collection for WSN. Transactions on Vehicular Technology, Vol.
Future works may include: (1) improve the 55(4), pp. 1320–1330 (2006).
efficiency of the algorithms; (2) evaluate the [7] N. Nasser, and Y. Chen: SEEM: Secure and
intrusion detection algorithm under different energy-efficient multipath routing protocol for
conditions; (3) considering a more complex WSN wireless sensor networks, Computer
model to evaluate the algorithm. Communications, Vol. 30(11-12), pp. 2401-2412
(2007).
ACKNOWLEDGEMENT [8] J. Deng, R. Han, and S. Mishra: INSENS:
This work is partially supported by a grant from Intrusion-tolerant routing for wireless sensor
a NSFC Program (NO. NSFC60803161), a Science networks, Computer Communication, Vol. 29(2),
and Technology Program of ZJGSU (NO. pp. 216-230 ( 2006).
1130XJ200920), and also a grant from Educational [9] F. Akyildiz, W. Su, Y. Sankarasubramaniam,
Commission of Zhejiang Province (NO. and E. Cayirci: Wireless Sensor Networks: A
Y200908082). Survey, Computer Networks, Vol. 38, pp. 393-
422 (2002).
8 REFERENCES [10] K. Ioannis, T. Dimitriou, and F.C. Freiling:
[1] K. S. Low, W. N. Win, and M. J. Er: Wireless Towards Intrusion Detection in Wireless Sensor
Sensor Networks for Industrial Environments, Networks, Proc. the 13th European Wireless
Mater. Sci. Forum, Vol. 119, pp. 83-87 (1992). Conference, (2007).
[2] F. Akyildiz, W. Su, Y. Sankarasubramaniam, [11] I. Onat, and A. Miri: An Intrusion Detection
and E. Cayirci: A survey on sensor networks, System for Wireless Sensor Networks, Proc.
IEEE Communications Magazine, Vol. 40(8), pp. IEEE International Conference on Wireless and
102–114 (2002). Mobile Computing, Networking and
[3] Y. Zhang, and W. Lee: Intrusion Detection in Communications (2005).
Wireless Ad-Hoc Networks, Proc. the 6th [12] A. Shamir: How to Share a Secret,
Annual International Conference on Mobile Communication of the ACM, Vol. 22(11), pp.
Computing and Networking, (2000). 612-613 (1979).
[4] A. Tsirigos, and Z.J. Haas: Multipath routing in