50
EFFICIENT CLONE NODE DETECTION AND
ELIMINATION IN WIRELESS SENSOR NETWORKS
V.Lincy Shobika PG research scholar Department of Computer Science
S.N.R Sons College,CBE-06 [email protected]
Dr.N.Sumathi Associate Professor Department of Computer Science
S.N.R Sons College,CBE-06 [email protected]
ABSTRACT
In the Wireless sensor networks are vulnerable to the node clone, and several protocols have been proposed to detect this attack. So sensor networks are required too strong assumptions to be practical for large-scale, deployed sensor networks. We use two novel node clone detection protocols with different tradeoffs on network conditions and performance. The first one is based on a distributed hash table (DHT) in which Chord algorithm is used to detect the cloned node, every node is assigned with the key, before transmits the data nodes has to give its key which would be verified by the witness node. If same key is given by another Node then the witness node identifies the duplicated Node. The second one is based on the Distributed Detection Protocol which is same as Distributed Hash Table (DHT), but it is easy and cheaper implementation. Every node only needs to know the neighbor-list containing all neighbor IDs and its locations. In the proposed work, we are implementing RDE protocol, by location based nodes identification, where every region/location will have a group leader. The leader will generate a random number with time stamp to the available nodes in that location. Witness nodes verify the random number and time stamp to detect the duplicated node. The user messages are also encrypted for security purpose.
Keywords
DHT, Cloned Nodes, adversary’s, Wireless Networks.
1. INTRODUCTION
A wireless sensor network is a collection of
nodes organized into a cooperative network. Each node
consists of processing capability may contain multiple
types of memory, have a Radio Frequency transceiver
have a power source, and accommodate various sensors
and actuators. Nodes communicate wirelessly and often
self-organize after being deployed in an ad hoc fashion.
Systems of 1000s nodes are anticipated; such systems
can revolutionize the way we live and work. Currently,
wireless sensor networks are beginning to be deployed
at an accelerated pace. It is not unreasonable to expect
that in 10-15 years that the world will be covered with
wireless sensor networks with access to them via the
Internet. This new technology is exciting with unlimited
potential for numerous application areas including
military, transportation, entertainment, crisis
management, environmental, medical, homeland
defense, and smart spaces.
Wireless sensor networks gained a great deal
of attention in the past decade due to their wide range of
application areas and formidable design challenges.
Wireless sensor networks consist of hundreds and
thousands of low-cost, resource-constrained, distributed
sensor nodes, which usually scatter in the surveillance
area randomly, working without attendance. The
operation environment is hostile, security mechanisms
against adversaries should be taken into consideration.
Among many physical attacks to sensor networks, the
duplicate node is a serious and dangerous one. Because
of production expense limitation, nodes are generally
51
an adversary can capture a few nodes, extract code andal secret credentials, and use those materials to clone
many nodes out of off-the-shelf sensor hardware. Those
duplicated nodes that seem legitimate can freely join the
sensor network and then significantly enlarge the
adversary’s capacities to manipulate the network
maliciously. For example, those victim nodes occupy
strategic positions and cooperatively corrupt the
collected information. A large number of duplicated
nodes under command, the adversary may even gain
control of the whole network. Furthermore, the node
duplication will exacerbate most of inside attacks
against sensor networks. In this paper, we present two
novel, practical duplication detection protocols with
different tradeoffs on network conditions and
performance.
2. RELATED WORKS
The basic challenge for any distributed
protocol for detecting node replicas is to minimize
communication and per node memory costs while
ensuring that the adversary cannot defeat the protocol.
A protocol that deterministically maps a node’s ID to a
unique witness node would minimize communication
costs and memory requirements per node, but would not
offer much security because the adversary would need
to compromise just a single witness node in order to be
able to introduce a replica without detection.
Unfortunately, sensor nodes typically employ
low-cost commodity hardware components unprotected
by the type of physical shielding that could preclude
access to a sensor’s memory, processing, sensing and
communication components. Cost considerations make
it impractical to use shielding that could detect pressure,
voltage, and temperature changes that an adversary
might use to access a sensor’s internal state. Deploying
unshielded sensor nodes in hostile environments
enables an adversary to capture, replicate, and insert
duplicated nodes at chosen network locations with little
effort. Thus, if the adversary compromises even a single
node, she can replicate it indefinitely, spreading her
influence throughout the network. If left undetected,
node replication leaves any network vulnerable to a
large class of insidious attacks. Using replicated nodes,
the adversary can subvert data aggregation protocols by
injecting false data or suppressing legitimate data.
Further, blame for abnormal behavior can now be
spread across the replicas, reducing the likelihood that
any one node exceeds the detection threshold. Even
more insidiously, node replicas placed at judiciously
chosen locations can revoke legitimate nodes and
disconnect the network by triggering correct execution
of node-revocation protocols that rely on threshold
voting schemes. Previous approaches for detecting node
replication typically rely on centralized monitoring,
since localized voting systems cannot detect distributed
replication.
A. Sensor Network Environments
A sensor network typically consists of
hundreds, or even thousands, of small, low-cost nodes
distributed over a wide area. The nodes are expected to
function in an unsupervised fashion even if new nodes
are added, or old nodes disappear. While some
networks include a central location for data collection,
many operate in an entirely distributed manner,
allowing the operators to retrieve aggregated data from
any of the nodes in the network. Furthermore, data
collection may only occur at irregular intervals. For
example, many military applications strive to avoid any
centralized and fixed points of failure. Instead, data is
collected by mobile units that access the sensor network
at unpredictable locations and utilize the first sensor
node they encounter as a conduit for the information
accumulated by the network. Since these networks often
operate in an unsupervised fashion for long periods of
52
soon after it occurs. If we wait until the next datacollection cycle, the adversary has time to use its
presence in the network to corrupt data, decommission
legitimate nodes, or otherwise subvert the network’s
intended purpose.
Thus far, protocols for detecting node replication
have relied on a trusted base station to provide global
detection. For the sake of completeness, we also discuss
the use of localized voting mechanisms. We consider
these protocols in the abstract; for specific examples of
previous protocols. Until now, it was generally believed
that these two alternatives exhausted the space of
possibilities. This paper expands the design space to
offer new alternatives with strong security and
efficiency characteristics.
B. Centralized Detection
The most straightforward detection scheme
requires each node to send a list of its neighbors and
their claimed locations to the base station. The base
station can then examine every neighbor list to look for
replicated nodes. If it discovers one or more replicas, it
can revoke the replicated nodes by flooding the network
with an authenticated revocation message.
C. Local Detection
To avoid relying on a central base station, we could
instead rely on a node’s neighbors to perform
replication detection. Using a voting mechanism, the
neighbors can reach a consensus on the legitimacy of a
given node. Unfortunately, while achieving detection in
a distributed fashion, this method fails to detect
distributed node replication in disjoint neighborhoods
within the network. As long as the replicated nodes are
at least two hops away from each other, a purely local
approach cannot succeed.
3. PROPOSED WORK
We use two novels in node clone detection and
elimination protocols with different tradeoffs on
network conditions and performance. The first one is
based on a distributed hash table (DHT) which is
implemented by Chord algorithm; every node is
assigned with the unique key before it transmits the data
it has to give its key which would be verified by the
witness node. If same key is given by another Node
then the witness node identifies the cloned Node. The
second one is based on the Distributed Detection
Protocol which is same as DHT, but it is easy and
cheaper implementation. Here every node only needs to
know the neighbor-list containing all neighbor IDs and
its locations. So that can detect node clone with high
security level and holds strong resistance against
adversary’s attacks.
The straightforward node-to-network
broadcasting is a quite practical way to distributively
detect the node clone, in which every node collects all
of its neighbor’s identities along with their locations
and broadcasts to the network. The main problem in this
approach is its extremely high communication
overhead.
Key-based caching and checking system is
constructed to catch cloned nodes.
To detect and eliminate the Clone Attacks in
Wireless Sensor Networks.
Cloning detection ensures that the number of
attack edges is independent of the number of Cloning
identities and is limited by the number of trust relation
pairs between malicious users and honest users. Cloning
detection observes that if malicious users create too
many Cloning identities.
Trusted central authority
Limited by the number of trust relation pairs
53
Fig.1.Clone node detection
Fig.2.Clone node elimination
A. DHT-BASED DETECTION PROTOCOL
The principle of our first distributed detection
protocol is to make use of the DHT mechanism to form
a decentralized caching and checking system that can
effectively detect cloned nodes. Essentially, DHT
enables sensor nodes to distributively construct an
overlay network upon a physical sensor network and
provides an efficient key-based routing within the
overlay network. A message associated with a key will
be transmitted through the overlay network to reach a
destination node that is solely determined by the key;
the source node does not need to specify or know which
node a message’s destination is the DHT key-based
routing takes care of transportation details by the
message’s key. Messages with a same key will be
stored in one destination node. Those facts build the
foundation for our first detection protocol. Fig.1.Shows
detected clone node in WSNs. Fig.2 shows the
eliminated clone node in WSNs.
As a beginning of a round of DHT-based clone
detection, the initiator broadcasts the action message
including a random seed. Then, every observer
constructs a claiming message for each neighbor node,
which is referred to as an examinee of the observer and
the message, and sends the message with probability
independently. The introduction of the claiming
probability is intended to reduce the communication
overwork in case of a high-node-degree network. In the
protocol, a message’s DHT key that determines its
routing and destination is the hash value of
concatenation of the seed and the examinee ID. By
means of the DHT mechanism, a claiming message will
eventually be transmitted to a deterministic destination
node, which will cache the ID-location pair and check
for duplicate node detection, acting as an inspector. In
addition, some intermediate nodes also behave as
inspectors to improve resilience against the adversary in
an efficient way.
CHORD
There are several different types of DHT
proposals to implement the DHT protocol, such as
CAN, Chord, and Pastry. Chord is widely used, and we
choose Chord as a DHT implementation to demonstrate
our protocol. However, our protocol can easily migrate
to build upon Pastry and present similar security and
performance results.
The technical core of Chord is to form a
massive virtual ring in which every node is located at
one point, owning a segment of the periphery. To
achieve pseudo-randomness on output, a hash function
is used to map an arbitrary input into a -bit space, which
54
Chord coordinate upon joining the network. Practicallyfor our protocol, a node’s Chord point’s coordinate is
the hash value of the node’s MAC address. Nodes
divide the ring into segments by their Chord points.
Likewise, the key of a record is the result of the hash
function. Every node is responsible for one segment
that ends at the node’s Chord point, and all records
whose keys fall into that segment will be transmitted to
and stored in that node.
CONCLUSION
Sensor nodes lack tamper-resistant hardware
and are subject to the node duplication attack. In this
proposed work we present two distributed detection
protocols: One is based on a distributed hash table,
which forms a Chord network and provides the
key-based routing, and checking facilities for duplicated
node detection, and the other uses probabilistic directed
technique to achieve efficient communication overhead
for satisfactory detection probability. The randomly
directed exploration presents outstanding
communication performance and minimal storage
consumption for dense sensor networks. Moreover, the
proposed approach, the probability of detecting node
duplication is much higher than that achieved in
previous distributed protocols. However this protocol
detects and eliminates the clone node efficiently than
the previous proposed protocols.
REFERENCES
[1] B. Parno, A. Perrig, and V. Gligor, “Distributed
detection of node replication attacks in sensor
networks,” in Proc. IEEE Symp. Security Privacy,
2005, pp. 49–63.
[2] B. Zhu, V. G. K. Addada, S. Setia, S. Jajodia, and S.
Roy, “Efficient distributed detection of node
replication attacks in sensor networks,” in Proc.
23rd ACSAC, 2007, pp. 257–267.
[3] H. Balakrishnan, M. F. Kaashoek, D. Karger, R.
Morris, and I. Stoica, “Looking up data in P2P
systems,” Commun. ACM, vol. 46, no. 2, pp. 43–48,
2003.
[4] H. Choi, S. Zhu, and T. F. La Porta, “SET:
Detecting node clones in sensor networks,” in Proc.
3rd SecureComm, 2007, pp. 341–350.
[5] L. Eschenauer and V. D. Gligor, “A
key-management scheme for distributed sensor
networks,” in Proc. 9th ACM Conf. Comput.
Commun. Security, Washington, DC, 2002, pp. 41–
47.
[6] M. Conti, R. D. Pietro, L. V. Mancini, and A. Mei,
“A randomized, efficient, and distributed protocol
for the detection of node replication attacks
inwireless sensor networks,” in Proc. 8thACMMobiHoc,Montreal, QC, Canada, 2007, pp.
80–89.
[7] R. Brooks, P. Y. Govindaraju, M. Pirretti, N.
Vijaykrishnan, and M. T. Kandemir, “On the
detection of clones in sensor networks using random
key predistribution,” IEEE Trans. Syst.s, Man,
Cybern. C, Appl. Rev., vol. 37, no. 6, pp. 1246–
1258, Nov. 2007.
[8] S. Zhu, S. Setia, and S. Jajodia, “LEAP: Efficient
security mechanisms for large-scale distributed
sensor networks,” in Proc. 10th ACM CCS,
Washington, DC, 2003, pp. 62–72.
[9] Y. Zhang,W. Liu,W. Lou, andY. Fang,
“Location-based compromisetolerant security mechanisms for
wireless sensor networks,” IEEE J. Sel. Areas
