Professional Documents
Culture Documents
Abstract—Wireless sensor networks are used in many header when its energy reaches a low level to guarantee the
applications in military, ecological, health, and other areas. These reliability of data delivery. Additionally, SERA proposes a key
applications often include the monitoring of sensitive information management and secure communication scheme to protect
making the security issue one of the most important aspects to from different attacks.
consider in this field. However, most of protocols optimize for the
limited capabilities of sensor nodes and the application specific The rest of the paper is organized as follows. Section 2
nature of the networks, but they are vulnerable to serious briefly discusses on some existing routing protocols as well as
security attacks. In this paper, a Secure Energy and Reliability their vulnerabilities and shortcomings. Later in section 3,
Aware data gathering protocol (SERA) is proposed, which terminology, assumptions, and general description of the
provides energy efficiency and data delivery reliability as well as proposed solution are described. In section 4, details of the
a security scheme giving protection against the most common proposed algorithm are explained. Next, section 5 presents the
network layer attacks such as spoofed, altered, or replayed security analysis of the approach against attacks in the sensor
routing information, selective forwarding, sinkhole attacks, Sybil network routing, followed by section 6 which shows the
attacks, wormhole attacks, HELLO flood attacks, and performance evaluation. Finally, section 7 concludes the paper.
acknowledgment spoofing attacks.
A. Previous Work
I. INTRODUCTION
Research on the sensor network routing has been carried
Recently, wireless sensor networks have been widely used out for nearly a decade. Heinzelman et al. introduce a
in applications such as habitat monitoring [1], indoor sensor clustering algorithm called LEACH [5][6]. In LEACH, sensors
network [2], battlefield surveillance [3], and health monitoring are organized into clusters with a cluster head node in each
[4]. A number of routing protocols have been proposed for cluster which aggregates information from its members and
sensor networks such as LEACH [5][6], Direct Diffusion [7], transmits information to the base station. However, LEACH
TEEN [8], APTEEN [9], PEGASIS [10], Rumor Routing [11], has a number of shortcomings. LEACH assumes every node
EECS [12], and EMRA [13]. However, these works optimize can directly reach the base station which is not feasible in
for the limited capabilities of sensor nodes and the application large-scale sensor networks; it is also vulnerable from several
specific nature of the networks, but do not consider security. attacks [14]. Other one-hop protocols such as EECS [12] have
Therefore, these approaches are very vulnerable from many the same limitations of LEACH. Other multi-hop protocols
attacks such as spoofed, altered, or replayed routing such as [7], [8], [9], [10], [11], and [13] optimize for the
information [14], selective forwarding [14], sinkhole attacks limited capabilities of nodes and the application specific nature
[14], Sybil attacks [15], wormhole attacks [16][17], HELLO of the networks, but they are vulnerable to serious security
flood attacks [14], and acknowledgment spoofing attacks [14]. attacks. Unlike the wired counterparts, sensor networks do not
In this paper, a Secure Energy and Reliability Aware data require any physical contact for communication, and hence, an
gathering protocol (SERA) is proposed. In the proposed adversary with a simple radio receiver/transmitter can easily
solution, the network area is partitioned into a virtual grid with eavesdrop conversations or modify/inject packets, making
identical cells based on Geographical Adaptive Fidelity (GAF) them vulnerable to many attacks such as spoofed, altered, or
[18] which maintains one node called coordinator (called cell replayed routing information, selective forwarding, sinkhole
header in SERA) to participate in network communication attacks, Sybil attacks, wormhole attacks, HELLO flood attacks,
while the other equivalent nodes falls into sleeping mode to and acknowledgment spoofing attacks.
save energy. However, GAF causes loss of data packets while Because of this security issue, some works have taken into
coordinator switches from one state to another or until new account of security such as SPINS [19] and SCODE [20].
coordinator node is selected after energy depletion of previous SPINS proposes two security building blocks called Sensor
coordinator node; it additionally does not provides any security Network Encryption Protocol (SNEP) and μTESLA. SNEP
solution. For this reason, in SERA the state change of cell provides two-party data authentication, data confidentiality,
headers are limited and a support node is added to each cell
0x4||IDx||CIDx||E(0x4||IDx||CIDx||RN2,BKCIDx*)
x ⎯⎯⎯→
intracell
* : 0x0||IDx||CIDx||E(0x0||IDx||CIDx||RN1,CKx)
Every neighbor cell’s cell header y receiving the message,
Each receptor node y of the cell verifies the validity of the after verifying the validity of the message by
message by decrypting the encrypted part of the message with D(0x4||IDx||CIDx||RN2, BKCIDxCIDy) and comparing with the
the CKy, and comparing these values with the values sent in values sent in plaintext responds with a PARENT_ADV (0x5)
plaintext. After verification, received RN1 is increased by 1 message (base stations also responds to the PARENT_HELLO
and sent back to the node x using a CELL_ADV (0x1) message).
message:
y ⎯⎯⎯
intercell
→x :
y ⎯⎯⎯
intracell
→x : 0x5||IDy||CIDy||CIDx||E(0x5||IDy||CIDy||CIDx||NNCy||HOPSy||
0x1||IDy||CIDy||IDx||E(0x1||IDy||CIDy||IDx||RN1+1,CKy) MNNACy||RN2+1,PKCIDyCIDx)
The node x verifies the validity of y by comparing the one It is important to clarify that cell headers of cells that still
greater than the generated RN1 with the RN1+1 received in has no connection to the base station and children cells of the
E(0x1||IDy||CIDy||IDx||RN1+1,CKy). This message exchange requesting cell do not respond to the PARENT_HELLO
allows to nodes discover securely their intracell neighbor message. This means that in the first cycle only the base
nodes. The bidirectional verification of HELLO messages is stations will respond to the message.
performed to avoid HELLO flood attacks.
Cell header x gathers all PARENT_ADV messages and
If there is already a cell header ch in the cell (this happens calculates the Total Weight WT of each neighbor cell using the
when cell discovery process is executed by new nodes added data received in the PARENT_ADV message. WT strikes a
to the network), ch responds to the CELL_HELLO message balance between cell lifetime, delay, energy-efficient
with a CH_ADV (0x2) message: transmission, reliability of the link to the base station based on
four attributes, namely, number of nodes of the cell, number of
ch ⎯⎯ ⎯→ x :
intracell
hops to the base station, transmission range, and minimal
0x2||IDch||CIDch||IDx||E(0x2||IDch||CIDch||IDx||RN1+1,CKch) number of nodes in ancestor cells. The WT of the i-est among n
received PARENT_ADV messages is calculated using (1),
and the node x verifies the validity of the message by where α, β, γ, and δ are non-negative values and α+β+γ+δ=1,
decrypting the encrypted payload and comparing the and their values are dependant to the application, e.g., if delay
decrypted values with the values sent in plaintext and the is not important and if data aggregation is executed in each hop
generated RN1, and after verification, it changes to sleep state. β could be 0.
4) Cell Header Selection
After discovering intracell neighbor nodes, each node WTi=α W1i +β W2i +γ W3i +δ W4i (1)
initializes a timer Tinitial with a random value. The random
value can be generated in function to the ID of the node to The W1i, W2i, W3i, and W4i of (1) are partial weight values
avoid race conditions among nodes. When the Tinitial of a node of the i-est PARENT_ADV message and they represent the
x fires, this sends a CH_SEL (0x3) message to the rest of level of influence of predefined aspects. W1 represents the
nodes in the same cell: node concentration ratio in relation to the other possible parent
cells, and the W1 of the i-est among n received
x ⎯⎯⎯→
intracell
*: PARENT_ADV messages is calculated using (2), where NNCi
0x3||SEQ||IDx||CIDx||MAC(0x3||SEQ||IDx||CIDx, CKx) is the NNC value contained in the i-est PARENT_ADV
message and NNCMAX=MAX(PARENT_ADV1(NNC),…,
and x becomes cell header ch, and changes to parent_search
(PARENT_ADVn(NNC)).
state. Each node y of CIDx cell receiving the CH_SEL
message verifies the validity of the message, by verifying the
SEQ value and generating the MAC(0x3||SEQ||IDx||CIDx,CKy)
NNCi cell with the highest WT to be its parent sending a
W 1i = (2)
N N C M AX PARENT_REQ (0x6) message as follows.
1 if PARENT_ADV comes from adjacent cell ½ Figure 6. SERA’s data gathering path when α=1
° ° (4)
W3i = ® 5 ¾
° if PARENT_ADV comes from diagonal cell °
¯ 8 ¿
MNNAC i (5)
W4i =
MNNAC MAX
0x6||IDx||CIDx||CIDz||E(0x6||IDx||CIDx||CIDz||RN3, 0x8||SEQ||IDx||CIDu||PCIDu||E(SEQ||IDx||DATA,IKx)||
PKCIDxCIDz) MAC(0x8||SEQ||IDx||CIDu||PCIDu||E(SEQ||IDx||DATA,IKx),
PKCIDuPCIDu)
The node z, verifies the validity of the message comparing
the decrypted values with the values sent in plaintext. After The previous format of DATA message provides a secure
verification, z replies with a PARENT_REP (0x7) message: point-to-point communication between nodes and base station,
but it does not allow data aggregation. Thus it is used when
z ⎯ intercell
⎯ ⎯→ x : such feature is not required. However, aggregation is used in
0x7||IDz||CIDz||CIDx||E(0x7||IDz||CIDz||CDx||RN3+1, many applications to save energy. Therefore, an additional
PKCIDzCIDx) DATA format which allows data aggregation is proposed:
The cell header x verifies the validity of the message, and 0x8||SEQ||IDsender||CIDsender||PCIDsender||E(0x8||SEQ||IDsender||
after verification, PCIDx is set with CIDz, HOPSx is set with CIDsender||PCIDsender||DATA,PKCIDsenderPCIDsender)
HOPSz+1, and MNNACx is set with MIN(NNCz,MNNACz).
Once the link with the parent cell is established, the node x In this format, the data is encrypted using the pair-wise key
changes to active state, and it is ready to transmit data to the shared with the parent cell PKCIDsenderPCIDsender allowing cell
base station. header of the parent cell to decrypt and aggregate the received
data with its own data. The following example illustrates this
PARENT_REQ and PARENT_REP messages encrypted mechanism. When a node x sends a DATA packet to the cell
with pair-wise keys works as an authentication scheme for a header u of its parent cell:
secure path establishment process protecting from attacks such
as sink hole and wormhole attacks. x ⎯ intercell
⎯ ⎯→ u :
0x8||SEQ||IDx||CIDx||CIDu||E(0x8||SEQ||IDx||CIDx||CIDu||
D. Data Gathering Phase DATA,PKCIDxCIDu)
1) Data Transmission the cell header u decrypts the DATA and aggregates with
Once connected to a parent cell, cell headers are ready to its data and sends a new message to the next parent cell
collect and send information to the base station. Each cell header.
header in active state sends DATA (0x8) message to its parent
cell using the following format:
u ⎯⎯ ⎯→ nextCellHeader :
intercell
0x8||SEQ||IDu||CIDu||PCIDu||E(0x8||SEQ||IDu||CIDu||PCIDu||
0x8||SEQ||IDorigin||CIDsender||PCIDsender||E(SEQ||IDorigin|| DATAx⊕DATAu, PKCIDuPCIDu)
DATA,IKorigin)||MAC(0x8||SEQ||IDorigin||CIDsender||PCIDsender||
E(SEQ||IDorigin||DATA,IKorigin), PKCIDsenderPCIDsender) 2) Cell Header Verification and Support
where IDorigin is the identification of the node which create the To increase the reliability of data delivery to the base
DATA message, while CIDsender and PCIDsender are the cell station, each cell must guarantee the availability of a cell
identification and parent cell identification of the node that is header. Two actions are taken in SERA to reach this goal: 1)
sending/forwarding the DATA message. The sensed active cell header only changes to parent_search state only to
information DATA is concatenated with SEQ and IDorigin, and discover a new path, and 2) when cell header’s residual energy
the result is encrypted using the individual key IKorigin to reaches lower level than LET a support node is activated. This
maintain confidentiality from rest of nodes. In each hop, the support node will take the cell header functionality when the
MAC of the message is verified and re-calculated using the cell header almost depletes its energy.
pair-wise key shared between the current cell and its parent Each node v in sleep state wakes up after Tsleep time and
cell (PKCIDsenderPCIDsender). Once the base station receives de changes to verify state. Once in verify state, the node v sends a
DATA message, it decrypts the E(SEQ||IDorigin||DATA,IKorigin) VERIFY (0x9) message to the cell header x of same cell as
and gets SEQ, IDorgin and DATA, and compares SEQ and follows.
IDorigin with values sent in plaintext to verify the validity and
integrity of the message. The following example illustrates v ⎯ intracell
⎯ ⎯→ x :0x9||IDv||CIDv||E(0x9||IDv||CIDv||RN4, CKv)
with more details the DATA message forwarding process. The cell header x verifies the validity of the message and
When a cell header x sends a DATA (0x8) packet to the cell responds to the VERIFY message with a VERIFY_REP (0xA)
header u of the parent cell, the node x sends: message:
x ⎯ intercell
⎯ ⎯→ u : x ⎯ intracell
⎯ ⎯→ v :
0x8||SEQ||IDx||CIDx||PCIDx||E(SEQ||IDx||DATA,IKx)|| 0xA||IDx||CIDx||IDv||E(0xA||IDx||CIDx||IDv||Bit||RN4+1, CKx)
MAC(0x8||SEQ||IDx|||CIDx||PCIDx||E(SEQ||IDx||DATA,IKx),
PKCIDxCIDu) The receiving node v verifies the validity of the message,
and checks the Bit value. If Bit is equal to 1, it means that the
and the node u forwards the message to the next parent cell as x’s residual energy is lower than LET and there is still no
follows:
support state node in the cell. Therefore, if v receives Bit=1, it than CET, it sends a LAST_PARENT (0xD) message to the
changes to support state, but, if v receives Bit=0, it returns to children cells.
sleep state. If the cell header requires a support node, the cell
header x also sends a PARENT_UPDATE (0xB) message to x ⎯⎯ ⎯→ * :
intercell
All nodes in verify state receiving a valid CHANGE_CH Selective forwarding: this attack is avoided by using a
recognize that another node has been chosen as cell header sequence number SEQ to uniquely identify each data packet.
and changes to sleep state. If a compromised node selectively drops packets, that will be
detected by nodes of parent cells.
Some validations are taken to give more resistance against
cell header failures (see Fig. 5): Sinkhole and wormhole attacks: the parent cell search
algorithm makes that the data is only sent to parent cell.
- Each support state node starts a timer Tsupport and each Therefore, the adversary cannot attract traffic to a particular
time any message is received from the cell header of same cell point. To create a sinkhole or wormhole attack, the attacker
(it could be a BEACON) resets Tsupport. If no action of cell must respond to PARENT_HELLO messages with
header is detected in Tsupport time, Tsupport is fired changing PARENT_ADV message containing optimal values for a high
support state node to active state, and informs to the rest of rank WT. However, this attack is not feasible because the
nodes of the same cell that a new cell header has been attacker must first decrypt the PARENT_HELLO message to
selected. obtain the RN2 to respond with a valid message, and as the
- Each node in verify state after sending the VERIFY attacker does not know the broadcast key BK cannot decrypt
message starts a timer Tverify. Tverify is stopped if reply of this the message. Therefore, sink hole or wormhole attacks are not
message is received, but, if no reply is received from cell feasible.
header in Tverify time, Tverify is fired changing the verify state Sybil attacks: authenticated neighbor discovery using
node to parent_search state, and informs to the rest of nodes encrypted random nonces make not possible to use faked IDs.
of the same cell that a new cell header has been selected. Therefore, a node cannot pretend to be another node.
E. Path Maintenance Phase HELLO flood attacks: the proposed protocol uses two
HELLO messages: CELL_HELLO and PARENT_HELLO. In
When a cell header x is the last alive node of the cell (it is both cases, they are encrypted and contain random nonces.
easily known because it has not received any message from This means that receptor nodes have to decrypt the message
verify state nodes) and its residual energy reaches lower level using secret keys to reply hello messages, which is not
possible to be performed by the adversary. Therefore, SERA is this is normal because of the delay of data packets until
strong against HELLO flood attacks. arriving to the base station. Fig. 11 shows the average data
packet loss ratio, indicating 15.79% and 17.79% for
Acknowledgement spoofing: every acknowledgement
GAF/AODV and SCODE, whereas SERA only loss 0.97% of
messages such as PARENT_REP and CELL_ADV uses
its data packets.
message authentication using CK or PKs. Therefore, the
adversary who does not have these keys cannot spoof these
kinds of messages.
VI. SIMULATION
SERA was implemented using C# to evaluate its
performance and it was compared with GAF/AODV, and
SCODE. The simulation parameters are similar to [5][30] and
they are listed in Table II.
ACKNOWLEDGMENT
Sang Guun Yoo likes to take this opportunity to thank
Overseas Korean Foundation (OKF) for its scholarship support.
He had the privilege to be the recipient of this award from 2007
to 2010.