virtual energy based secure and mean path length based ... · aditi koul, rohit vaid cse...
TRANSCRIPT
© 2013, IJARCSSE All Rights Reserved Page | 1106
Volume 3, Issue 6, June 2013 ISSN: 2277 128X
International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com
Virtual Energy Based Secure and Mean Path Length Based
Energy Efficient Framework (VEMPL) for WSN Aditi Koul, Rohit Vaid
CSE Department, M.M University, Haryana
Haryana, India
Abstract— Designing a secure and energy efficient wireless sensor network is a confronting problem as the sensors
are resource limited devices. Moreover it also becomes important to ensure that the false data injected into the
network by malicious node is not perceived as accurate data to maintain the authenticity and integrity of network. In
this paper we have proposed Virtual Energy based secure and Mean Path Length based Energy Efficient Framework
(VEMPL) for Wireless Sensor Networks. The proposed framework uses a light weight encoding scheme that is based
on simple logical operations. Virtual energy is provided to each sensor before the deployment of network. This energy
is used as a symmetric key to encrypt or decrypt a packet. The key changes dynamically as a function that is applied to
the virtual energy left in the node. Thus, one key is used to encode the first packet send by a node in the network and
different key is used every time for the other packets send by the node in the network. Every packet is forwarded from
a source node to the sink node via intermediate nodes. The intermediate nodes along the path to the sink node validate
the authenticity and integrity of the incoming packets. Proposed framework reduces power consumption by using an
optimal mean path length to send a packet. Simulation result proves that the proposed scheme successfully eliminates
and drops the malicious data from the network. The proposed security framework performs better than other
comparable energy savings schemes.
Keywords— WSNs, WSN security, virtual energy, energy based keying, dynamic keying.
I. INTRODUCTION
Wireless sensor networks collect sensitive information and the technology is used in a variety of application scenarios
that include environmental, military, and commercial enterprises [1]. Securing sensor networks poses unique challenges
to protocol builders because these wireless devices are deployed in large numbers, usually in unattended environments,
and are severely limited in their capabilities and resources (e.g., power, computational capacity, and memory)[2].
Protocols should be resilient against false data injected into the network by malicious nodes otherwise the consequences
for propagating false data or redundant data are expensive, depleting limited network resources and wasting response
efforts. The sensors deployed in these hostile environments that give rise to security threats or attacks. The adversary can
physically capture and get the information contained in the sensor node, eavesdrop and inject new messages, modify the
message. Hence there must be a mechanism for the secure key establishment and power efficient communication for the
secure node to node data transmission.
II. LITERATURE SURVEY
Ma's work [3] applies the same filtering concept at the sink and utilizes packets with multiple MACs appended and
analyzed the resilience and overhead of the sink filtering scheme. Hyun and Kim proposed the energy efficient security
method which uses relative coordinate instead of physical coordinate to reduce the energy consumption [4]. Location
information description with relative coordinate makes the caught data meaningless and can protect the data without
using cryptography methods. In [5], Zhu and et al. use static pair-wise keys and two MACs appended to the sensor
reports for filtering of injected false data and address both the insider and outsider threats. However, the common
downside of all these schemes is that they are complicated for resource-constrained sensors and they either utilize many
keys or they transmit many messages in the network, which increases the energy consumption of WSNs. The most
significant observation with all of these works is that a realistic energy analysis of the protocols was not presented. Lastly,
the concept of dynamic energy-based encoding and filtering was introduced by H. Hou and et al. in the DEEF [6] Dynamic Energy-based Encoding and Filtering framework to detect the injection of false data into a sensor network.
DEEF requires that each sensed event report be encoded using a simple encoding scheme based on a keyed hash. The key
to the hashing function dynamically changes as a function of the transient energy of the sensor, thus requiring no need for
re-keying. Selcuk Uluagac et al. [7] designed an energy efficient Virtual Energy-Based Encryption and Keying (VEBEK)
scheme for WSNs that significantly reduces the number of transmissions needed for rekeying to avoid stale keys. In
addition to the goal of saving energy, minimal transmission is imperative for some military applications of WSNs where
an adversary could be monitoring the wireless spectrum. VEBEK is a secure communication framework where sensed
data is encoded using a scheme based on a permutation code generated via the encryption mechanism. A one-time
dynamic key is employed for one packet only and different keys are used for the successive packets of the stream.
Koul et al., International Journal of Advanced Research in Computer Science and Software Engineering 3(6),
June - 2013, pp. 1106-1113
© 2013, IJARCSSE All Rights Reserved Page | 1107
III. PROBLEM STATEMENT The goal would be to create a secure system that can ensure safety of the data using light weight encryption methods
and still use the available energy and resources without much overhead. This paper introduces virtual energy based
secure and mean path length based energy efficient framework (VEMPL) for wireless sensor networks that significantly
reduces the number of transmissions needed for rekeying to avoid stale keys and also reduces power consumption using
an optimal mean path length.
Fig 1: Random Deployment of Nodes Fig 2: Nodes with path to base station
The sensor nodes are assumed to be deployed randomly over the sensor field of 100 x 100 m. The density of the nodes
scattered over the field is uneven and vary from location to location in to the network. Figure 1 shows a randomly
deployed network with one hundred sensor nodes. Every node has a shortest path to base station which is shown with the
help of a Figure 2. In Figure 3 the varying node density along the path to base station is shown.
Fig 3: Varying Node Density along path Fig 4: Malicious node attacking
The notion behind using the VEMPL scheme is to find the optimal number of nodes that should be present in the path
between the source nodes to the sink as depicted in Figure 2. It is very much clear from the assumption that there lies
heterogeneity of the number of nodes scattered over the sensor field. Likewise, the density of nodes surrounding other
nodes is also uneven in the network. The circles in Figure 3 show that the density along the path to the base station varies
from location to location in the network. Figure 4 has shown the event area when there is an attack by malicious node 15
and 40.The event is detected by node 2 taken as a source node which forwards the data and the dynamically generated
key for secure transmission to forward nodes 95 ,72 and 55 and ultimately to the base station. Thus, due to the security
framework they are unable to insert false data into the network.
A. Data Structure
Every node in the sensor field will store one or more records for each of its neighbouring sensor nodes. For each arbitrary node being watched, a stored list contains the following state information such as Ecurr (current/actual energy level), Eali
(Staying alive energy), Eper (Perceived Energy Level) and IV (stored until after first decode). The array of stored list of
node is shown in the Figure 5.
Koul et al., International Journal of Advanced Research in Computer Science and Software Engineering 3(6),
June - 2013, pp. 1106-1113
© 2013, IJARCSSE All Rights Reserved Page | 1108
Fig 5: Data structure used by every node Fig 6: Action performed by each Sensor
B. Sensor Responsibility
The sensor node has to generate the key based on energy of the node, encrypt the data with the key using LWES
scheme, decode the data and also drop the malicious packet if any. This is shown in Figure 6.
IV. SYSEM MODEL FOR VEMPL
The subunits of our proposed model for VEMPL is shown in Figure 7 include keying unit, crypto module, forward unit
and receiving unit. The first unit keying unit is used to generate the dynamic key with the help of a virtual key that is
stored in the memory of every node before the network deployment. The second unit crypto module is used to encrypt the packet with the help of a dynamic key that is generated by keying unit. The third module is used to forward the
encoded packet to the node that is next hope in the path to base station. The last receiving unit is used by the node that
receives the packet to check the authenticity and integrity of the message by first decrypting the message and then re-
encrypt the message to forward it to the destination (sink node).
Fig 7: Security Framework for VEMPL
V. Security Framework For Vempl
The dynamic view of the VEMPL system is shown with the help of a Figure 8. VEMPL is an idea of designing the
energy efficient and secure communication framework. It provides a technique to verify data and drop false packets from
the malicious node and thus maintaining the security of the network. Here the data is encoded using light weight
encryption mechanism that dynamically changes on the basis of virtual energy left in the node. The node energy based
keying process involves the creation of dynamic keys which is different for every packet send by a node in the network. Thus the scheme reduces the exchange extra control messages to establish the dynamic keys. The intermediate nodes
along the path to the sink are able to verify the authenticity and integrity of the incoming packets. Virtual energy based
secure and mean path length based energy efficient framework (VEMPL) for wireless sensor networks) has been largely
inspired by DEEF [6]. However, VEMPL is better than DEEF in several ways. VEMPL utilizes virtual energy in place of
actual battery levels to create dynamic keys which is more reasonable because the real battery levels as in case of earlier
schemes like DEEF [6] may fluctuate and the differences in battery levels across nodes may encourage synchronization
problems, which can cause packet drops. These problems have been addressed in VEMPL.
Koul et al., International Journal of Advanced Research in Computer Science and Software Engineering 3(6),
June - 2013, pp. 1106-1113
© 2013, IJARCSSE All Rights Reserved Page | 1109
Fig 8: System Model of VEMPL
A) Generate Dynamic key This dynamic key generation process is primarily handled by the source module. When an event is detected by a source
node, the next step is for the report to be secured. For this we are using a keying scheme. The current value of the nodes
virtual energy (Ecurr) is used as the key to the key generation function F. The Ecurr value is taken as the master key as it is
the first key used after sensor deployment. During the initial deployment, each node in the network will have the same
energy level Eini, therefore, the initial key, K1, is a function of the initial node energy value i.e master key and the packet
size and then subsequent key Ki is generated by Ki-1 key and the master key. The algorithm 1 to generate the dynamic key
is given as follows:
Algorithm 1: GenerateDynamicKey(master key, packet size, counter)
BEGIN
STEP 1: i counter STEP 2: if i=1 then
Ki F (master key, packet size)
else
Ki F (master key, Ki-1)
End of STEP 2
return Ki
END
B. Node Energy
Each node goes through several functional states that include node-stay-alive, packet reception, transmission, encoding,
and decoding. As each of this action occurs, the energy in a node gets depleted giving the new node energy value every
time. The source node uses the local node energy value and an Initial Vector (or previous key value if not the first
transmission) to construct the next key.
Fig 9: Virtual Energy as a symmetric key
Each node after performing some action computes and updates the constantly changing value of its energy. Since a node
will be either forwarding data of some node or injecting its own data into the network, the set of actions and their
associated energies for VEMPL includes packet receiving energy (ERe), packet transmission energy (ETr), packet encoding energy (Een), packet decoding energy (Ede) and the energy required to keep a node alive in the idle state (Eali)
when it is performing no action.
Koul et al., International Journal of Advanced Research in Computer Science and Software Engineering 3(6),
June - 2013, pp. 1106-1113
© 2013, IJARCSSE All Rights Reserved Page | 1110
C. Forwarding the Key to Cryptographic Unit The source module fetches the current value of the node energy from the source module. The generated dynamic key is
forwarded to the next Module called Crypto Module as shown in Figure 7. The key is used into the cryptographic unit to
generate a permuted code to encoding the packet. The local virtual energy value is updated and stored for use with the
transmission of the next report.
D. Cryptographic Unit
Due to the resource constraints WSNs, traditional encryption algorithms requiring expensive resources are not suitable to
use in WSNs. The cryptographic unit in VEMPL uses a light weight encoding scheme (LWES). Due to dynamic nature
of the keys it becomes difficult for an attacker to break this encoding scheme. A data packet in VEMPL consists of node
identifier bits, node type bits and nodes data bits. Each node sends packet that contains these bits to its next hop as shown
in Figure 10.
Fig 10: Packet Format in VNMPL
The nodes identifier (NID), node type (NT), and the sensed data (ND) are transmitted in a pseudorandom fashion
according to the result of LWES scheme. The LWES takes the key and the packet as inputs and produces the result as a
permuted code (PMC) which hides the nodes ID inside the permuted packet. The format of our final packet to be
transmitted becomes PMC=<{MSG}KEY> where {MSG}KEY constitutes encoding MSG with dynamic key to generate the permuted packet. When the next node along the path to the sink receives the packet, it generates the local permutation
code to decode the packet. Thus, instead of the traditional approach of sending the ID with the message [7], like
<ID,{MSG}KEY> as in Figure 12, we only prefer sending {MSG}KEY along with the information to be sent as there is no
purpose of sending NID in plain text format shown in Figure 13.
Fig 11: Fields of nodes Fig 12: Traditional Approach Fig 13: Proposed Approach
In traditional approach [8], the notion of sending ID with packet increase the size as well as the risk of tampering because
when the intruder attacks a node, it can very easily forge the packet with that ID that is present in the watch list of that
node thus violating the integrity principle where as the proposed approach hides the NID within the PMC. This will save
bandwidth on an already resource-constrained network, thus increasing the network lifetime. If the size of NID is 6 bit
and 2 bits are used to represent NT and 4 byte as a ND bits. Total 40 bits are produces as a PMC in the proposed
mechanism whereas 47 bits are generated as a PMC in the traditional approach. So the size of the packet reduces as 7 bits
in the proposed scheme than traditional scheme. If the number of packets increased in the network then scenario is given
in Table 1. Figure 14 analyzes the number of packets and quantity of data sent in bits for both traditional and proposed
approach.
Table 1. Traditional Vs Proposed Approach
Number of packets Quantity of data in bits
Traditional Proposed
1 47 40
2 94 80
3 141 120
4 188 160
10 470 400
50 2350 2000
100 4700 4000
1000 47000 40000
N 47*N 40*N
Koul et al., International Journal of Advanced Research in Computer Science and Software Engineering 3(6),
June - 2013, pp. 1106-1113
© 2013, IJARCSSE All Rights Reserved Page | 1111
Fig 14: Traditional Vs Proposed approach Fig 15: Resulting key „h‟ with possible operations
The code can be mapped to a set of actions that are to be taken in the encryption process. The actions can include Order of Parameters, Order of bits in each parameter, Rotation Operation and Interleave Operation. The permutation code is
generated using the operations such as order of parameters, order of bits in each parameter, circular left and right shifts
and interleaving. The computed code in Figure 13 is used to encode the <NID|NT|ND> message. For example, if a node
computed the following key{1010110011}, the string in Figure 10 becomes string in Figure 16 before it is transmitted.
Fig 16: Bit String after permutation
The advantage of using this encoding scheme is that there is no hash code or message digest to transmit and the packet
size does not grow.
VII. SIMULATION AND RESULTS A) Related Parameters and Notations The related parameters and notations used for performing simulations in Mat lab are mentioned in Table 2 and Table 3.
Table 2. Related Parameters Used
Table 3: Notations Used
ETr Transmission Energy Edy Dynamic Energy
ERe Receiving Energy Esen Sensing Energy
Ecomp Computation Energy Eali Staying Alive Energy
Een Encoding Energy Evir Virtual Cost
Ede Decoding Energy Ekde Key Discovery Energy
Efor Forwarding Energy Esnode Source Node Energy
E[nh] Expected no. of hops E[ne] Expected no. of
neighbours
r No. of watched nodes M key establishment msgs
N No. of nodes Edp Dropping Probability
L Packet Size Eper Perceived Energy
Packet Size 32 Een 15.5µJ
Area 100 x100
m Esen 36µJ
ETr 65 µJ Eali 18.6µJ
ERe 50µJ N 100
Ede 15.5µJ R (0...60)
Koul et al., International Journal of Advanced Research in Computer Science and Software Engineering 3(6),
June - 2013, pp. 1106-1113
© 2013, IJARCSSE All Rights Reserved Page | 1112
B) Energy Consumption of DEEF, VEBEK AND VEMPL In this sub-section we look at the associated costs to transmit valid data in DEEF, VEBEK-I, VEBEK-II and VEMPL. In
operational modes, there is a single cost (Esnode) to stay-alive, sense the event, encode the packet, and transmit the packet
(Eali , Esen, Een, ETr ) at the source sensor. Thus,
Trensenalisnode EEEEE ... (1)
Also, there is a recurring forwarding cost (Efor) to take the packet through the network depending on the number of hops.
In VEBEK-I, this cost is:
aliTrendefor EEEEEE Re ... (2)
This cost is for all of the intermediate nodes since all of the nodes perform the same operations. Hence, the average cost
to transmit a packet in VEBEK-I using E[nh] is:
)*][( forsnodeIfor EnhEEE ... (3)
On the other hand, in VEBEK-II the cost of Efor-II consists of EforW and EforNW for variable fractions of the forwarding nodes depending on the number of nodes each node chose to watch, where EforW = Efor and EforNW = ERe+ ETr+ Eali.
Hence, the average cost to transmit a packet using VEBEK-II is
)*][()*][( forNWforWsnodeIIfor EnhNWEEnhwEEE ... (4)
Where E[nhW] and E[nhNW] represent the expected number of nodes along the path who are watchers and non-watcher
nodes, respectively. The values for these expectations can be computed given the total expected number of hops with
E[nh] from equation (2), where E[nh] = E[nhW] + E[nhNW]. Hence,
][*][ nhEN
rnhWE ... (5)
][*][ nhEN
rNnhNWE
... (6)
Simulation results have been calculated using the above equations. In all the Figures, the x-axis represents the number of
malicious nodes while the y-axis is the energy consumption. Different values for the number of watched nodes (r) were
analyzed for all the schemes. We have evaluated VEMPL scheme to find the optimal number of nodes having r stored list
of records that should be in the path between the source node to the sink as the sensor nodes are deployed randomly over
the sensor field and the density of the nodes scattered over the field is uneven and vary from location to location in a
sensor field using our improved algorithm 2.
Fig 17: Energy Consumption of VEBEK Fig 18: Energy Cost Comparison of and VEMPL
VEMPL, VEBEK and DEEF
The above Figure 17 shows Energy consumption of VEMPL after first calculating the average number of nodes in path
to base station and then forwarding the encoded packet along that path meeting our goal of security as well as low energy
consumption. Comparison of VEMPL with other Schemes is shown in Figure 18.
VII. CONCLUSIONS
Security in communication is very costly but important for any type of network. It becomes important to minimize the
energy consumption and secure our data while exchanging between one two nodes along the path in unsecure channel. To address these concerns the model presented a Virtual Node Energy and Mean Path Length based Framework that can
be configured to provide optimal performance in variety of networks. Simulation results in Mat lab prove that VEMPL‟s
energy performance is much closer to that of its former schemes. VEMPL‟s framework performs comparably better than
other schemes in the literature with an overall 60-99 percent improvement in energy savings as opposed to enlarging the
packet by appending message authentication codes (MACs).
REFERENCES
[1] Akyildiz,IanF.,WeilianSu,Yogesh Sankarasubramaniam, and Erdal Cayirci. "Wireless sensor networks: a survey."
Computer networks .vol.38, no. 4, pp. 393-422, 2002.
Koul et al., International Journal of Advanced Research in Computer Science and Software Engineering 3(6),
June - 2013, pp. 1106-1113
© 2013, IJARCSSE All Rights Reserved Page | 1113
[2] Ye, Fan, Haiyun Luo, Songwu Lu, and Lixia Zhang. "Statistical en-route filtering of injected false data in sensor networks." In INFOCOM 2004. Twenty-third AnnualJoint Conference of the IEEE Computer and Communications
Societies, vol. 4, pp. 2446-2457. IEEE, 2004.
[3] M. Ma, “Resilience of sink filtering scheme in wireless sensor networks,” Elsevier Comput. Commun., vol. 30, no. 1,
pp. 55-65, 2006.
[4] Hyun, Jaemyung, and Sungsoo Kim. "Low energy consumption security method for protecting information of
wireless sensor network." In Advanced Web and Network Technologies, and Applications, pp. 397-404. Springer
Berlin Heidelberg, 2006.
[5] Zhu, Sencun, Sanjeev Setia, Sushil Jajodia, and Peng Ning. "An interleaved hop-by-hop authentication scheme for
filtering of injected false data in sensor networks." In Security and Privacy, 2004. Proceedings. 2004 IEEE
Symposium on, pp. 259-271. IEEE, 2004.
[6] Hou, Hailong, Cherita Corbett, Yingshu Li, and Raheem Beyah. "Dynamic energy-based encoding and filtering in sensor networks." In Military Communications Conference, 2007. MILCOM 2007. IEEE, pp. 1-10. IEEE, 2007.
[7] Uluagac, Arif Selcuk, Raheem A. Beyah, Yingshu Li, and John A. Copeland. "VEBEK: Virtual energy-based
encryption and keying for wireless sensor networks." Mobile Computing, IEEE Transactions, vol. 9, no. 7, pp. 994-
1007, July 2010.
[8] Ngo, Huy Hoang, Xianping Wu, Phu Dung Le, Campbell Wilson, and Balasubramaniam Srinivasan. "Dynamic key
cryptography and applications." International Journal of Network Security, vol.10, no. 3,pp. 161-174.2009.