JOURNAL OF TELECOMMUNICATIONS, VOLUME 27, ISSUE 1, SEPTEMBER 2014

1

Designing Architecture for Security of
Wireless Sensor Networks Environmental
Asif Ikbal Mondal, Bijay Mandal, Subhra Jyoti Mandal, Arindam Biswas and A K Bhattacherjee
Abstract The Wireless Sensors Network (WSN) is an emergent technology resulting from progress of various fields.
Many applications of networks WSN are developed. In the last years, wireless sensor networks (WSNs) have gained increasing
attention from both the research community and actual users. As sensor nodes are generally battery-powered devices, the
critical aspects to face concern how to reduce the energy consumption of nodes, so that the network lifetime can be extended to
reasonable times. As sensor networks are deployed in adversarial environments and used for critical applications. In this paper,
we consider routing security in wireless sensor networks. Many sensor network routing protocols have been proposed, but very
few of them have been designed with security as a goal. We propose security goals for routing in sensor networks. We describe
crippling attacks against all of them and suggest counter measures and design considerations.

Index Terms Wireless Sensors Networks, Routing protocols, Crippling attackrs, Security Architecture, Energy Consumption
of Nodes.

!

1 INTRODUCTION
wireless sensor network consists of sensor nodes
deployed over a geographical area for monitoring
physical phenomena like temperature, humidity,
vibrations, seismic events, and so on[1]. Typically, a sen-
sor node is a tiny device that includes three basic compo-
nents: a sensing subsystem for data acquisition from the
physical surrounding environment, a processing subsys-
tem for local data processing and storage, and a wireless
communication subsystem for data transmission. In addi-
tion, a power source supplies the energy needed by the
device to perform the programmed task. This power
source often consists of a battery with a limited energy
budget. In addition, it could be impossible or inconven-
ient to recharge the battery, because nodes may be de-
ployed in a hostile or unpractical environment. On
the other hand, the sensor network should have a lifetime
long enough to fulfill the application requirements. In
many cases a lifetime in the order of several months, or
even years, may be required. In this paper we will refer
mainly to the sensor network model depicted in Figure 1
and consisting of one sink node(or base station) and a
(large) number of sensor nodes deployed over a large
geographic area (sensing field). Data are transferred from
sensor nodes to the sink through a multi-hop communica-
tion paradigm [2].



Figure 1. Sensor network architecture

Our focus is on routing security in wireless sensor net-
works. Current proposals for routing protocols in sensor
networks optimize for the limited capabilities of the
nodes and the application specific nature of the networks,
but do not consider security. Although these protocols
have not been designed with security as a goal, we feel it
is important to analyze their security properties. When
the defender has the liabilities of insecure wireless com-
munication, limited node capabilities, and possible insid-
er threats, and the adversaries can use powerful laptops
with high energy and long range communication to attack
the network, designing a secure routing protocol is non-
trivial. Security is critical for many wireless sensor net-
work applications such as battlefield surveillance, medi-
cal monitoring, and emergency response. However, many
security mechanisms developed for the Internet or ad-hoc
networks cannot be applied directly to wireless sensor
networks (WSNs) due to their limited resources in com-
putation, memory, communication bandwidth, and ener-
gy. The severe resource constraints of WSNs give rise to
the need for resource bound security solutions. There are
at least two interesting aspects of this concept. First, indi-

A I Mandal and S J Mandal is with Dumkal Polytechnic and Dumkal
Institute of Enggineering and Technology, Dumkal, W.B, India-742406.
Bijay Mandal is with NSHM Knowledge Campus, Durgapur, W.B.
Arindam Biswas is with Hooghly Engineering and Technology College,
Hooghly, Vivekanada Road, Pipulpati, West Bengal.
Anup Kumar Bhattercharjee is with dept of ECE, NIT, Durgapur, Mahat-
ma Gandhi Avenue, Burdwan..


A
2

vidual security mechanisms must be efficient in memory,
computation, energy and bandwidth. For example, cer-
tain cryptographic schemes are inappropriate because
ciphertext message expansion results in costly memory,
bandwidth and energy use. Second, the resource con-
sumption of all security mechanisms installed together at
a node must not exceed the amount of resources allocated
for security and they cannot degrade performance to an
unacceptable level during normal operation or when an
attack is underway.
We present crippling attacks against all the major routing
protocols for sensor networks. Because these protocols
have not been designed with security as a goal, it is un-
surprising they are all insecure. However, this is non-
trivial to fix: it is unlikely a sensor network routing proto-
col can be made secure by incorporating security mecha-
nisms after design has completed. Our assertion is that
sensor network routing protocols must be designed with
security in mind, and this is the only effective solution for
secure routing in sensor networks. We make five main
contributions.

We propose threat models and security goals for
secure routing in wireless sensor networks.

We introduce two novel classes of previously
undocumented attacks against sensor networks sinkhole
attacks and HELLO floods.

We show, for the first time, how attacks against
ad-hoc wireless networks and peer-to-peer networks [3],
[4] can be adapted into powerful attacks against sensor
networks.

We present the first detailed security analysis of
all the major routing protocols and energy conserving
topology maintenance algorithms for sensor networks.
We describe practical attacks against all of them that
would defeat any reasonable security goals.

We discuss countermeasures and design consid-
erations for secure routing protocols in sensor networks.

2 BACKGROUND
We use the term sensor network to refer to a heterogene-
ous system combining tiny sensors and actuators with
general purpose computing elements. Sensor networks
may consist of hundreds or thousands of low-power, low-
cost nodes, possibly mobile but more likely at fixed loca-
tions, deployed en masse to monitor and affect the envi-
ronment. For the remainder of this paper we assume that
all nodes locations are fixed for the duration of their life-
time. Sensor networks often have one or more points of
centralized control called base stations. A base station is
typically a gateway to another network, a powerful data
processing or storage center, or an access point for human
interface. They can be used as a nexus to disseminate con-
trol information into the network or extract data from it.
In some previous work on sensor network routing proto-
cols, base stations have also been referred to as sinks. Base
stations are typically many orders of magnitude more
powerful than sensor nodes. They might have work-
station or laptop class processors, memory, and storage,
AC power, and high bandwidth links for communication
amongst themselves. However, sensors are constrained to
use lower-power, lower bandwidth, shorter range radios,
and so it is envisioned that the sensor nodes would form
a multi-hop wireless network to allow sensors to com-
municate to the nearest base station as shown in figure 2.
A base station might request a steady stream of data, such
as a sensor reading every second, from nodes able to sat-
isfy a query. We refer to such a stream as a data flow and
to the nodes sending the data as sources.














Figure 2. Sensor Network Architecture

The resource-starved nature of sensor networks poses
great challenges for security. These devices have very
little computational power: public-key cryptography is so
expensive as to be unusable, and even fast symmetric-key
ciphers must be used sparingly. With only 4 KB of RAM,
memory is a resource that must be husbanded carefully,
so our security protocols cannot maintain much state.
Also, communication bandwidth is extremely dear: each
bit transmitted consumes about as much power as execut-
ing 800 1000 instructions [5], and as a consequence, any
message expansion caused by security mechanisms comes
at significant cost. Power is the scarcest resource of all:
each milliamp consumed is one milliamp closer to death,
and as a result,nearly every aspect of sensor networks
must be designed with power in mind. Lest the reader
think that these barriers may disappear in the future, we
point out that it seems unlikely that Moores law will help
in the foreseeable future. Because one of the most im-
portant factors determining the value of a sensor network
comes from how many sensors can be deployed, it seems
likely there will be strong pressure to develop ever
cheaper sensor nodes. In other words, we expect that us-
ers will want to ride the Moores law curve down towards
ever-cheaper systems at a fixed performance point, rather
than holding price constant and improving performance
over time. This leaves us with a very demanding envi-
ronment. How can security possibly be provided under
such tight constraints? But security is critical. With sensor
networks being envisioned for use in critical applications
3

such as building monitoring, burglar alarms, and emer-
gency response, with the attendant lack of physical secu-
rity for hundreds of exposed devices, and with the use of
wireless links for communications, these networks are at
risk.
3 ASSUMPTIONS AND ATTACKS
Routing is an essential service for enabling communica-
tion in sensor networks, and is therefore potentially the
target of many different attacks. First, we identify our
assumptions about the system. We review the general
classes of attacks on sensor network routing, then focus
on attack mechanisms specific to our protocol in the next
section.

A. System Assumptions
We assume that radio links are insecure, i.e., attackers
may eavesdrop on radio transmissions, inject messages,
and record and later replay messages. If an attacker is
able to interact with the routing protocol, it can also drop
messages for which it is responsible. Attackers possess
hardware capabilities similar to that of legitimate nodes,
and wireless transmissions use the same power levels.
Network nodes move only infrequently or slowly once
deployed, and know their own locations. They may addi-
tionally know that of their neighbors. Nodes know the
location of important resources, like base stations, and
use it for geographic routing. This may be fulfilled by
many different key distribution schemes in the literature
[6, 7, and 8]. Nodes trust their own clocks, measurements,
and storage.

B. Routing Attacks

Karlof and Wagner [9] and others [10, 11] have systemati-
cally studied attacks on routing protocols. We summarize
these attacks below, noting whether they are applicable.
Then we discuss those attacks which are not obviously
thwarted in greater detail.

Routing state corruption:
By spoofing, altering, or replaying routing information,
attackers are able to create routing loops, attract or redi-
rect network traffic, increase end-to-end delay, etc. IGF
keeps no information, and SIGF keeps only locally gener-
ated information.

Wormholes:
In this attack, an adversary tunnels messages received in
one part of the network over a low latency link and re-
plays them elsewhere. Since IGF chooses the next-hop
dynamically, a wormhole does not cause disruption when
it ceases to operate.

HELLO Foods:
An attacker convinces nodes in the network that the at-
tacker is a neighbor by broadcasting HELLO messages
with high energy. As with the wormhole attack, dynamic
routing in IGF prevents disruption by a HELLO Flood.

Black holes:
In a black hole attack, an adversary or compromised node
lures nearly all the traffic from a particular area through
itself, where the messages are dropped. We further dis-
cuss this attack below.

Selective forwarding:
Attackers selectively forward packets instead of faithfully
forwarding all received packets or completely dropping
all packets. At one end of the spectrum, messages are
rarely dropped. At the other end is a black hole attack.
We group this attack with the black hole attack since its
mechanism is the same and consider its impact on IGF.

Sybil attack:
In the Sybil attack, a malicious node behaves as if it were
a larger number of nodes by impersonating other nodes
or simply by claiming false identities. We further discuss
this attack below.

Denial of Service:
Most attacks result in a denial of service of some sort, but
this moniker is usually reserved for attacks that waste
resources or disrupt service in a way that far exceeds the
effort required of an attacker. Message amplification and
jamming are general examples. We consider specific
mechanisms for mounting this attack on IGF below.
In an insider attack, a compromised node uses any means
available to legitimate nodes to disrupt the protocol or
perform a specific attack listed above. All state, including
keys possessed by the node, may be used by the attacker.
Since IGF keeps no routing tables, it prevents a priori at-
tacks such as state corruption, wormholes, and HELLO
floods. Further, the impact of all attacks is limited to the
local area, since routing is fully distributed and inde-
pendent from hop to hop. IGF and SIGF do not trust
neighboring nodes to behave correctly, so they are re-
sistant to attacks from outsiders and insiders alike.
4 PROBLEM STATEMENT
Before diving into specific routing protocols, it helps to
have a clear statement of the routing security problem. In
the following sections we outline our assumptions about
the underlying network, propose models for different
classes of adversaries, and consider security goals in this
setting.

A. Network Topology

As, sensor networks use wireless communications. One
important property of a sensor network is its diameter,
that is, the maximum number of hops between any two
nodes in the network. In its simplest form, a sensor net-
work forms a single-hop network, with every sensor node
being able to directly communicate with every other
node. An infrastructure-based network with a single base
station forms a star network with a diameter of two. A
multi-hop network may form an arbitrary graph, but of-
4

ten an overlay network with a simpler structure is con-
structed such as a tree or a set of connected stars. The to-
pology affects many network characteristics such as la-
tency, robustness, and capacity. The complexity of data
routing and processing also depends on the topology.
We must assume that radio links are insecure. At the very
least, attackers can eavesdrop on our radio transmissions,
inject bits in the channel, and replay previously heard
packets. We assume that if the defender can deploy many
sensor nodes, then the adversary will likely also be able to
deploy a few malicious nodes with similar hardware ca-
pabilities as the legitimate nodes. The attacker may come
upon these malicious nodes by purchasing them separate-
ly, or by turning a few legitimate nodes by capturing
them and physically overwriting their memory. We as-
sume that the attacker might have control of more than
one node, and these malicious nodes might collude to
attack the system. Also, in some cases colluding nodes
might have high-quality communications links available
for coordinating their attack. We do not assume sensor
nodes are tamper resistant. We assume that if an adver-
sary compromises a node, she can extract all key material,
data, and code stored on that node. While tamper re-
sistance might be a viable defense for physical node com-
promise for some networks, we do not see it as a general
purpose solution. Extremely effective tamper resistance
tends to add significant per-unit cost, and sensor nodes
are intended to be very inexpensive.

B. Trust Requirements

Since base stations interface a sensor network to the out-
side world, the compromise of a significant number of
them can render the entire network useless. For this rea-
son we assume that base stations are trustworthy, in the
sense that they can be trusted if necessary and are as-
sumed to behave correctly. Most, but not all routing pro-
tocols depend on nodes to trust messages from base sta-
tions. Aggregation points may be trusted components in
certain protocols. Nodes may rely on routing information
from aggregation points and trust that messages sent to
aggregation points will be accurately combined with oth-
er messages and forwarded to a base station. Aggregation
points are often regular sensor nodes. It is possible that
adversaries may try to deploy malicious aggregation
points or attempt to turn currently compromised nodes
into aggregation points. For this reason aggregation
points may not necessarily be trustworthy.

C. Threat Models

An important distinction can be made between mote class
attackers and laptop-class attackers. In the former case,
the attacker has access to a few sensor nodes with similar
capabilities to our own, but not much more than this. In
contrast, a laptop-class attacker may have access to more
powerful devices, like laptops or their equivalent. Thus,
in the latter case, malicious nodes have an advantage over
legitimate nodes: they may have greater battery power, a
more capable CPU, a high-power radio transmitter, or a
sensitive antenna. An attacker with laptop-class devices
can do more than an attacker with only ordinary sensor
nodes. An ordinary sensor node might only be able to jam
the radio link in its immediate vicinity, while a laptop-
class attacker might be able to jam the entire sensor net-
work using its stronger transmitter. A single laptop-class
attacker might be able to eavesdrop on an entire network,
while sensor nodes would ordinarily have a limited
range. Also, laptop-class attackers might have a high
bandwidth, low-latency communications channel not
available to ordinary sensor nodes, allowing such attack-
ers to coordinate their efforts. A second distinction can be
made between outsider attacks and insider attacks. We
have so far been discussing outsider attacks, where the
attacker has no special access to the sensor network. One
may also consider insider attacks, where an authorized
participant in the sensor network has gone badly. Insider
attacks may be mounted from either compromised sensor
nodes running malicious code or adversaries who have
stolen the key material, code, and data from legitimate
nodes, and who then use one or more laptop-class devices
to attack the network.

D. Communication Modality

For wireless communication among sensor nodes, a num-
ber of communication modalities can be used such as ra-
dio, diffuse light, laser, inductive and capacitive coupling,
or even sound. Perhaps the most common modality is
radio waves, since these do not require a free line of sight,
and communication over medium ranges can be imple-
mented with relatively low power consumption and rela-
tively small antennas (a few centimeters in the common
sub-GHz frequency bands). Using light beams for com-
munication requires a free line of sight and may interfere
with ambient light and daylight, but allows for much
smaller and more energy efficient transceivers compared
to radio communication. Smart Dust [12], for example,
uses laser beams for communication. Inductive and ca-
pacitive coupling only works over small distances, but
may be used to power a sensor node. Most passive Radio
Frequency Identification (RFID) systems use inductive
coupling, for example. Sound or ultrasound is typically
used for communication under water or to measure dis-
tances based on time-of-flight measurements. Sometimes,
multiple modalities are used by a single sensor network
system. The communication modality used obviously
influences the design of medium access protocols and
communication protocols, but also affects other proper-
ties that are relevant to the application.

E. Infrastructure

The various communication modalities can be used in
different ways to construct an actual communication
network. Two common forms are so-called infrastructure-
based networks on the one hand and ad hoc networks on
the other hand. In infrastructure-based networks, sensor
nodes can only directly communicate with so-called base
station devices. Communication between sensor nodes is
5

relayed via the base station. If there are multiple base sta-
tions, these have to be able to communicate with each
other. The number of base stations depends on the com-
munication range and the area covered by the sensor
nodes. Mobile phone networks and Smart Dust [12] are
examples of this type of network. In ad hoc networks,
nodes can directly communicate with each other without
an infrastructure. Nodes may act as routers, forwarding
messages over multiple hops on behalf of other nodes.
Since the deployment of an infrastructure is a costly pro-
cess, and the installation of an infrastructure may often
not be feasible, ad hoc networks are preferred for many
applications. However, if an infrastructure is already
available anyway (such as the GSM network), it might
also be used for certain sensor network applications.
Combinations of ad hoc networks and infrastructure
based networks are sometimes used, where clusters of
sensor nodes are interconnected by a wide area infra-
structure based network. Note that the above arguments
not only apply to communication, but also to other infra-
structures, such as localization or time synchronization
(e.g., GPS satellites).

F. Connectivity
The communication ranges and physical locations of in-
dividual sensor nodes define the connectivity of a net-
work. If there is always a network connection (possibly
over multiple hops) between any two nodes, the network
is said to be connected. Connectivity is intermittent if the
network may be occasionally partitioned. If nodes are
isolated most of the time and enter the communication
range of other nodes only occasionally, we say that com-
munication is sporadic. Note that despite the existence of
partitions, messages may be transported across partitions
by mobile nodes. Connectivity mainly influences the de-
sign of communication protocols and methods of data
gathering.

G. Network Size

The number of nodes participating in a sensor network is
mainly determined by requirements relating to network
connectivity and coverage, and by the size of the area of
interest. The network size may vary from a few nodes to
thousands of sensor nodes or even more. The network
size determines the scalability requirements with regard
to protocols and algorithms.

H. Life Time

Depending on the application, the required lifetime of a
sensor network may range from some hours to several
years. The necessary lifetime has a high impact on the
required degree of energy efficiency and robustness of the
nodes.
I. Other QoS Requirements

Depending on the application, a sensor network must
support certain quality-of-service aspects such as real-
time constraints (e.g., a physical event must be reported
within a certain period of time), robustness (i.e., the net-
work should remain operational even if certain well-
defined failures occur), tamper-resistance (i.e., the net-
work should remain operational even when subject to
deliberate attacks), eavesdropping-resistance (i.e., exter-
nal entities cannot eavesdrop on data traffic), unobtru-
siveness or stealth (i.e., the presence of the network must
be hard to detect). These requirements may impact on
other dimensions of the design space such as coverage
and resources.
5 ATTACKS ON SENSOR NETWORK
Many sensor network routing protocols are quite simple,
and for this reason are sometimes even more susceptible
to attacks against general ad-hoc routing protocols. The
main attacks available to an adversary are to create a
black hole, pose as multiple identities (Sybil attack), or
disrupt the routing protocol through denial of service
attacks. We describe specific mechanisms for performing
these attacks in the next sections.
A. Black Hole / Selective Forwarding Attack

Within the local neighborhood, the easiest way for an
attacker to create a black hole is to manage to always be
selected by neighbors as the next hop, whether this is
proper, or not. In the CTS rushing attack, an attacker ex-
ploits the cooperative nature of next-hop selection. When
an Open RTS (ORTS) message is received, neighbors set
timers proportional to their desirability as forwarding
candidates. The attacker disregards this mechanism and
always replies immediately with a CT, volunteering to
forward the packet. Once selected as the next relay, the
attacker may modify, totally drop (black hole attack) or
selectively forward the DATA message. This attack is
very effective, easy to perform, and requires moderate
power consumption, as it is completely reactive. When
attacker A overhears an ORTS message, it sends a CTS
message, whether it is in the forwarding area or not. Oth-
er nodes overhear the CTS from the attacker and abort the
protocol. Unsuspecting ORTS senders in the neighbor-
hood of the attacker always choose to send their messages
into the black hole created by A as shown in Figure 3.



Figure 3. CTS Rushing Attack by A against S.

6

B. Sybil Attack

In a Sybil attack, an attacker illegitimately claims to be
multiple nodes by sending messages with different iden-
tities and locations. Its additional identities are virtual
Sybil nodes. Without cryptographic authentication, a re-
ceiver of a message cannot determine the true identity of
its originator, and does not know how many of the
claimed identities are truly unique. Our foundational
routing protocol IGF is vulnerable to Sybil attack because
it does not maintain any neighborhood state with which
to validate the identities.

Identity and Location: A Sybil node can either
fabricate a new identity , or steal an identity from
a legitimate node [13]. In our experiments, an at-
tacker creates several Sybil nodes surrounding its
true location and assigns each either a random or
fixed location.

Communication: We assume Sybil nodes can
communicate directly with legitimate nodes in
the following way. When a legitimate node sends
a message to a Sybil node, the attacker overhears
the message. Likewise, messages sent from Sybil
nodes are actually from the attacker, but with the
proper identity enclosed.

Communication with a Sybil node is illustrated in Figure
4. After receiving an ORTS message, the attacker sends
CTS addressed from one of the Sybil nodes. Once the
Sybil node is selected as the next relay, the attacker over-
hears and acknowledges the DATA. It can then drop,
tamper, or forward the DATA in a black hole or selective
forwarding attack.




Figure 4. Node A performs a Sybil attack against S.

C. Denial of Service Attack

The goal of this type of attack is to deny service to the
nearby nodes in a manner that is less intrusive and costly
than jamming. The attacker partially executes the IGF
protocol to cause nearby nodes to waste energy transmit-
ting messages, waste time waiting on completion of the
protocol, or prematurely abort the protocol. We describe
two specific attacks which cause denial of service by re-
cording and replaying legitimate messages. In an ORTS
replay attack, a node captures an overheard ORTS mes-
sage and subsequently replays it repeatedly. Each time it
is replayed, neighbors of the attacker respond with CTS
messages and wait for data exchange. The wireless chan-
nel cannot be used in this local neighborhood for legiti-
mate traffic during the CTS collection window. In a CTS
replay attack, the old CTS message falsely causes other
eligible receivers in IGF to abort the protocol (cancel their
CTS response timers). The ORTS sender selects an unsus-
pecting or absent node (the originator of the captured
CTS) as the next hop. The sender transmits the DATA,
wasting energy and channel capacity, and then must retry
or drop the DATA message when no acknowledgement is
forthcoming. A captured ACK could be replayed by the
attacker as well, causing the sender to believe the trans-
mission was successful. This attack is less costly to the
attacker than an ORTS replay because it is reactive: the
protocol is only disrupted when a neighbor actually tries
to send a message.
6 SECURE ROUTING PROTOCOL
Because We propose a novel secure routing protocol
family, called Secure Routing Protocol which keeps the
advantages of dynamic binding in IGF, yet provides effec-
tive defenses against the attacks discussed above. The
protocols provide tradeoffs between security and state
maintenance, and configurability that can be adapted at
runtime as shown in Figure 5.

Figure 5. Algorithm of next-hop selection for message from current
node S to ultimate destination D.

The configurability of the protocol family gives a signifi-
cant advantage over other more static routing protocols.
Some provide no security, while others provide strong
guarantees but at the cost of more assumptions, computa-
7

tion, and communication. These higher costs must be
borne even when no attacks are occurring. Protocols can
be selected and configured for the security requirements
of a particular deployment. Network planners can select
among three classes of security solutions, grouped by the
amount of state they keep no state at all, locally generated
state, and pair wise shared state within the neighborhood.
This choice is currently static, but in the future it will be
dynamically adjustable.

7 CONCLUSION
Secure routing is vital to the acceptance and use of sensor
networks for many applications. We have presented a secure
routing protocol family for wireless sensor networks that
builds atop the inherently attack-containing, dynamic bind-
ing. Rather than maintain routing tables, it chooses the next
hop dynamically and none deterministically. This contains
the effect of compromise to a local neighborhood, increases
robustness to node mobility and failure, and spreads energy
drain more evenly across neighbors. We leave it as an open
problem to design a sensor network routing protocol that
satisfies our proposed security goals.
REFERENCES
[1] I. F. Akyildiz, W. Su, Y. Sankarasubramaniam and E. Cayirci,
Wireless Sensor Networks: a Survey, Computer Networks, Vol-
ume 38, N. 4, March 2002.
[2] G. Anastasi, M. Conti, M. Di Francesco, Reliable and Energy-
efficient Data Collection in Sensor Networks with Data Mules: an In-
tegrated Performance Evaluation, Proc. of the 13th IEEE Symposi-
um on Computers and Communications (ISCC 2008), Marrakech,
Morocco, July 6-9, 2008.
[3] Y.-C. Hu, A. Perrig, and D. B. Johnson, W ormhole detection in
wireless ad hoc networks, Department of Computer Science, Rice
University, Tech. Rep. TR01-384, June 2002.
[4] J. R. Douceur, The Sybil Attack, in 1st International Workshop on
Peer-to-Peer Systems (IPTPS 02), March 2002.
[5] J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler, and K. Pister, Sys-
tem architecture directions for networked sensors, in Proceedings of
ACM ASPLOS IX, November 2000.
[6] L. Eschenauer and V. D. Gligor. A key-management scheme for
distributed sensor networks. In 9th ACM Conference on Computer
and Communications Security, pages 41-47, Nov. 2002.
[7] H. Chan, A. Perrig, and D. Song. Random key predistribution
schemes for sensor networks. In IEEE Symposium on Research in Se-
curity and Privacy, pages 197-213, May 2003.
[8] K. Sanzgiri, B. Dahill, B. N. Levine, C. Shields, and E. M. Belding-
Royer. A secure routing protocol for ad hoc networks. In Proceedings
of the IEEE International Conference on Network Protocols(ICNP),
Nov. 2002
[9] C. Karlof and D. Wagner. Secure routing in wireless sensor networks:
Attacks and countermeasures. In First IEEE International Workshop
on Sensor Network Protocols and Applications, pages 1-15, May
2003.
[10] A. D. Wood and J. A. Stankovic. Denial of service in sensor networks.
IEEE Computer, 35(10):54-62, Oct. 2002.
[11] Newsome, E. Shi, D. Song, and A. Perrig. The Sybil attack in sensor
networks: analysis & defenses. In Proc. of 3rd IEEE/ACM Infor-
mation Processing in Sensor Networks (IPSN'04), pages 259-268, Apr.
2004.
[12] J. M. Kahn, R. H. Katz, and K. S. J. Pister. Emerging Challenges: Mo-
bile Networking for Smart Dust. Journal of Communications and
Networks, 2(3):188196, September 2000.
[13] C. Karlof and D. Wagner. Secure routing in wireless sensor networks:
Attacks and countermeasures. In First IEEE International Workshop
on Sensor Network Protocols and Applications, pages 1-15, May
2003.
[14] Y . Xu, J. Heidemann, and D. Estrin, Energy conservation by adap-
tive clustering for ad-hoc networks, in Poster Session of MobiHoc ,
2002.
[15] D. Estrin, R. Govindan, J. Heidemann, and S. Kumar, Next century
challenges: Scalable coordination in sensor networks, in 5th annual
ACM/IEEE International Conference on Mobile Computing and
Networking, 1999, pp. 263270.
[16] F . Y e, S. Lu, and L. Zhang, GRAdient broadcast: A robust, long-live
large sensor network, University of California at Los Angeles Com-
puter Science Department, Tech. Rep., 2001.


Asif Ikbal Mondal received B. Tech in Information Technology and
M.Tech degrees in and Computer Science &
Engineering from West Bengal University of
Technology, West Bengal, India in the year
2011 and 2013 respectively. He is working
towards his PhD degree. His research interest
includes wireless sensor networks.


Bijoy Kumar Mandal is, currently, associated with Computer Sci-
ence and Engineering Department, Faculty
of Engineering and Technology, NSHM
Knowledge Campus Durgapur, as an As-
sistant Professor. He is pursuing Ph.D.
(Computer Science and Engineering) in
NIT, Durgapur. He published 10 Research
papers in international Journals and Confer-
ences.



Subhrajyoti Mandal received B. Tech. and M.Tech degrees in
Computer Science & Engineering,
from West Bengal University of
Technology, West Bengal, India in
the year 2009 and 2011 respectively.
He is working towards his Ph. D.
degree and registered at National
Institute of Technology, Durgapur,
and West Bengal in the year 2012.
His research interest includes non
linear optics, soft computing, Wire-
less Sensor Network. Presently, he
is working as an Assistant Professor in Dumkal Institute of Engineer-
ing and Technology, West Bengal. He has 12 research papers in
international repute


Dr. Arindam Biswas was born in West Bengal, India in 1984. He
received M-Tech degree in Radio Phys-
ics and Electronics from University of
Calcutta, India in 2010 and PhD from NIT
Durgapur in 2013.Currently he is an As-
sociate professor of Hooghly Engineering
and Technology College for Department
of Electronics and Communication Engi-
neering, West Bengal, India. His re-
search interest is carrier transport in low
dimensional system and electronic de-
vices and non-linier optical communica-
tion, Wireless Sensor Neworks. He has
near about 50 research paper of international repute. He is reviewer
of different international journal including reputed publishing house.

Dr Anup Kumar Bhattacharjee re-
ceived his BE in Electronics and Tele-
communication Engineering from BE
College Shibpur, Howrah in 1983. He
received his ME TelE and Ph.D. from
Jadavpur University, Kolkata in 1985
and 1989 respectively. Presently he is
attached with Electronics and Commu-
nication Engineering Department, in
National Insititute of Technology, Dur-
8

gapur, and West Bengal, India as a Professor. His area of research
is in Microstrip Antenna, Embedded System, and Mobile Communi-
cations etc.