Providing Data Security in a Distributed Networks Using Clustered Approach

Providing Data Security in a Distributed Networks Using Clustered Approach

Aswadhati Sirisha¹, B. Siva Jyothi ², Sandhya Krishna P³

1Assistant Professor, Department of Computer Science & Applications, Vignan’s Institute of Information Technology (A), Visakhapatnam, AP, India.

2Assistant Professor, Department of Computer Science &Engineering, ANITS Engineering College, Visakhapatnam, AP, India.

3Assistant Professor, Department of Information Technology, Vignan Nirula Institute of Technology and Science for Women, Peda Palakaluru Road, Guntur, Andhra Pradesh 522009.

Abstract

Nowadays, the use of path identifiers (PIDs) is growing in the field of networks in order to transfer data from one region to another region. It is a known fact that PIDs act as inter-domain routing objects for providing best path between two different objects for sending their data under a dedicated path. These are used to avoid faulty/failure nodes created by the attackers inside the network. Tillnow the PIDs are static in nature and hence it is very easy for the attackers to create any attack on a fixed pre-defined path. Hence in this proposed thesis we try to design and implement a novel dynamic PID (ND-PID) framework that is not at all implemented in any delay tolerant networks. In ND-PID, the PID of an inter-domain path connecting two domains is kept secret and changes dynamically, so there is no chance for any attacker to identify which path the data is travelling and he can’t able to convert any nodes into faulty/failure state. Here we try to cluster the set of intermediate nodes into individual clusters and form a cluster head (CH) for each and every individual cluster. This CH will try to monitor the failure nodes and try to give alternate node for data transmission.

Keywords: Path Identifiers, Inter-Domain Routing Objects, Cluster Head, Attackers.

__________________________________________________________________________________________

1. INTRODUCTION

Nowadays, security occupies a very important role in all domains but still a lot of users try to access the contents illegally and they want to misuse the content during transmission. There are several ways of creating attacks either active attack or passive attack which is clearly shown in figure 1. Active attacks are those which are created based on an intruder and the content will be damaged or modified or lost during the transmission from a selected source node to valid destination. These attacks create physical damage for the data which is been transferred and some of the active attacks are Fabrication, Message Replay, Message Modification and Denial of Service. But Passive attacks come under a threat model which willn’t damage the original content but just creates some attack while transmission.

One among the passive attack is interception attack which will try to read the message content and also try to create traffic inside the network [1].These attacks will try to loss the data which is been send from one region to another region under a dedicated path.

Fig -1: Architecture of Several Attacks in the Network Domain

From the figure 1, we can clearly find out that attacks are of two types: Active Attacks and Passive Attacks. The attack which is been attempted by an intruder and in turn misuse the content or damage the content physically from its original content is known as physical attack[1]. In this physical attack the data will not be transferred from valid source to valid destination, even some times with an attacked content [2]. On the other side if an attack occurs just in order to make delay during data transfer, without changing the original content is known as non-physical attacks. In this category the data will not be changed or damaged but just the data will be sending or received to and from the source and destination with some delay. Generally identifying the non- physical attack is very difficult for the network admin as the hacker can create delay either from source node or destination node or at router level. Hence it is very crucial task for the network admin to identify the non- physical attacker [3].

Fig -2: Denotes the Architecture of an Distributed Wireless Sensor Networks

In this proposed thesis we try to identify the non-physical attackers who try to create some attacks like DOS Attack(Denial of Service),Passive IP-Attack and Impression Attack. In order to identify this attacker we need to construct a Cluster Head(CH) for every individual cluster of nodes available in the router.The distributed network divides clusters each having a coordinator (cluster head) responsible for gathering the data from the nodes and sending it to the sink (base station), which is clearly shown in Fig 2.Along with these there will be one ideal cluster head which has the highest residual energy, for identifying the failure node and inform to the router in order to construct a new path from that attacked node[4].

2. LITERATURE WORK

[5] Abolfazl Akbari1 , Arash Dana(2011), have published an article in which the authors made an attempt to divide the network into various categories like normal ,inactivenodes. Where they splitted the network for fault avoidance during the communication. In order to achieve the fault avoidance , they proposed a fault recovery corrupted node and self-healing is necessary. In this proposed thesis they got an idea to maintain a cluster structure in the network which helps a lot in the energy drained situation. This is proposed in order to identify the best node at the time of data communication and they evaluated and compare this proposed method against primitive method and we demonstrate that this model is better optimization than other method such as Venkataraman, in energy consumption rate.

[6] Mohammed Bakhtawar Ahmed (2018), have published an article in which the authors made an attempt to show that their proposed network is having more importance than other networks. One of the most important challenge in the current network is fault and they want to achieve this by taking consideration of five key characteristics like scalability, privacy, reliability, re-configuration androbust medium. Here in this paper they try to provide a scalability function and compare the various fault tolerance techniques.In this proposed thesis ,he try to findout the fault tolerance on different nodes having different power and computational constraints.

Finally in order to achieve the QoS through these protocols, he studied that a protocol need to be developed to provide fault tolerance, eventreporting and energy efficiency retention.

[7] Xiaohan Lai, XiaoyuJi, Xinyan Zhou, and Longdao Chen (2018), have published an article in which the authors made an attempt to investigate the problem of energy consumption in wireless sensor networks. As we know that in a WSN, the sensor nodes are deployed mainly in very rough environment where the conditions frequentlychanges in poor link quality and node communication failure.There will be a huge delay for data transfer in these types of networks. Also they concentrated mainly on the life time of sensor nodes are supplied with limited energy .In this thesis they proposed a novel and simple routing metric, predicted remaining deliveries (PRD), combining parameters, including the residual energy, link quality, end-to-end delay, and distance together to achieve better network performance.

[8] A. Krishnamoorthy and V. Vijayarajan have published an article in which the authors made an attempt to investigate the problem of how to enhance the lifetime of a network for efficient resource management in a WSN.In this thesis they mainly concentrated on the importance of information collection and also the applications of wsn.Almost all the applications require information as main source for processing the data and

generate the result.They proposed a new protocol like EEER protocol for solving the present limitations in WSN. This proposed algorithm improved the network life time as well as throughput time is greatly reduced.

3. PROPOSED DYNAMIC PATH IDENTIFIERS USING CLUSTERED APPROACH IN A WIRELESS SENSOR NETWORKS

In this section we mainly try to demonstrate the proposed method DPID using clustered approach in a wsn for transferring data in a secure manner and reduce the time complexity. Now let us discuss about this proposed approach in detail as follows:

Preliminary Information

For any data transfer from valid source to destination node, we need a network contain a set of nodes and edges with a graph representation like

G= (V, E)

Where ‘G’ is represented as a graph with a set of vertices ‘V’ and a set of edges ‘E’ between a pair of nodes like (u, v) such that nodes u and v can exchange messages between each other.

Here in this proposed approach we try to assume that inter-node communication is done in dynamic way and the path for sending data from valid source to destination node is also formed in a dynamic manner.

Normally an edge (u, v) in a graph is said to be incident on both the u and v nodes in the network. Neighbour nodes are one which are connected directly with an edge to that exact node. Sometimes there may be some attacks that occur inside the network during data transfer which greatly affects the packet delivery ratio. If any attack is occurred within the network the data cannot be send to the valid destination node within the time period and hence it takes a lot of time for sending the data in a next alternate path. Hence we try to create an dynamic approach in which if any attacker try to create an attack within the network the data can be send to next available best node and alternatively to the destination node. Here if we want to choose the best node ,we try to apply clustering technique for the current wsn, where a sensor node is randomly choose as cluster head (CH) based on its energy and bandwidth. This CH node will try to check the individual nodes status within its cluster and choose a best node for sending the packets to the next cluster.

Advantages of Dynamic Path Identifier (DPID)

There are many advantages of using the DPID in a wireless sensor networks.They are as follows:

1. This DPID approach greatly provides a solution for avoiding Distributed denial-of-service (DDoS) attacks .

2. As the path is chosen dynamically there is a utmost security for the data packets which are send from that dynamic path.

3. This DPID is having dynamic nature so there is no scope of data loss if any doS attacks occur during transmission.

4. The proposed DPID approach can achieve high level of accuracy in sending the packets to the

destination node [9].

5. It is efficient and practical method for packet delivery.

Fig 3.Denotes the Proposed Architecture of DPID Approach in order to identify the Attacker node From the above figure 3, we can clearly able to identify the architecture flow of our proposed D-PID approach in order to eliminate the faulty nodes inside the distributed networks.Basically the sensor node contains the following attributes in its header. They are as follows:

1) The node ID,

2) An Acknowledgement of the last seen packet flow.

The first attribute defines the node Identity in terms of Node_name, Port Number, IPAddress and so on.

Initially when we try to create a topology with a set of nodes ,all these attributes are mainly taken into consideration for identifying the node status.

Next the Ack plays a vital role for the packets to get an acknowledgement for each and every packet which is transferred from one node to another node.Here if any packet doesn’t transmit the ACK for the next

available packet node,then we can identify that packet is lost in that node region and we try to examine which node is attacked and in which area the packet is lost.If the same node sends continuous ACK for its next available nodes,then we can identify that all the packets are transferring properly and there is no data loss or node failure inside the network.

In general, a node ni creates a vertex vi for every jth packet it generates/forwards. The vertex ID_vidi is generated as follows:

Here in the above equation vertex is generated based on the fields like pSeqi is the knowledge of ni(i.e.

Data transfer Update) about the sequence number of the previous packet in the flow.

Here the termni is defined as the updates of the data transfer for the packet by inserting vidi into the iBF.

4. INTEGRATION OF CLUSTERING METHOD IN A WSN

Here in this section we try to integrate the current approach with clustering technique for choosing the best node as cluster head and send the data in that specified path. For any sensor the transceiver unit plays a main role in power consuming and this is identified by the no of bits handled by the transmitter. So in order to reduce the energy attacks, we need to select a proper cluster head from the set of nodes is best in limiting the data energy.

Algorithm

Input:

Node_Distance , Number of Bits transmitted per sec, InitialNode_Energy Output:

Ability to choose a sensor as Cluster Head(CH) Begin:

Try to divide the network into cluster manner.

Find the Energy of each and every individual node in the cluster.

Calculate the Average energy of all nodes inside the Cluster ifthe current CH energy > average energy

Proceed to be a CH

else

claim re-selection();

Try to find out the energy of all node nodes and observe every individual node energy with corresponding average cluster energy.

Also try to compute the distance between sink node and residual energy and find the waiting time of the sink node.

Select the maximum node which has highest energy and announce that node as Cluster Head for the all nodes inside the cluster.

End

5. RESULTS

In this section we try to implement the proposed concept on JAVA Platform Using Socket Programming.The front end of the application is designed with AWT and Swings and back end of the application we use My-SQL database server for maintaining the routing table information.We tested the application on single PC connected local server and also tested the same application on Multi Personal Computers which are connected through LAN.Finally we tested with several types of input data and proved that this approach is best in identifying the energy attack during data transfer and provide a best path in sending the data in very less time.

1) Source Window

The source node is one which has the facility to browse a valid text file as input and try to assign signature for this data and also he has the facility to assign group signature for the corresponding data nodes.Once the signatures are assigned then the data can be send to the destination nodes via router.

2) Throughput Delay Graph

In this window we can identify the throughput delay which is occurred for each and every individual file transfer.

3) Time Delay Graph

This window clearly shows the delay time for each and every document to be transferred from valid source to destination node. Here X-Axis indicates the document name and y-axis indicates the delay in milli seconds.

6. CONCLUSION

In this paper, we design and implemented anD-PID using clustered approach, a framework that dynamically changes path identifiers (PIDs) of inter-domain paths in order to identify thefailure nodes which are present inside the network during data communication. In DPID, there is a concept like cluster approach in

which a group of nodes are termed as one cluster. There is a term like cluster head (CH) in which this will be automatically choose by the cluster manager. This CH will be choosing based on the high energy and bandwidth so that the data loss and delay time can be reduced. In order to show the performance of our proposed approach, we used socket programming language along with java network package to verify the effectiveness of the application in terms of cost and delay time. Our experimental results clearly tells that our approach is best in providing security for the data in a wsn.

7.REFERENCES

[1] I. Foster, J. Vockler, M. Wilde, and Y. Zhao, “Chimera: A Virtual Data System for Representing, Querying, and Automating Data Derivation,” Proc. Conf. Scientific and Statistical Database Management,pp. 37-46, 2002.

[2] R. Guo, G. R. Chang, R. D. Hou, Y. H. Qin, B. J. Sun, A. Liu, Y. Jia and D. Peng,“Research on Counter Bandwidth Depletion DDoS Attacks Based on Genetic Algorithm.

[3] Fed CIRC, “Defense Tactics for Distributed Denial of Service Attacks,” Federal ComputerIncident Response Center, Washington DC, 2000.

[4]F. Koushanfar, M. Potkonjak, and A. Angiovanni-Vincentell, “Fault tolerance techniques for wireless ad hoc sensornetworks", Sensors 2002, Proceedings of IEEE, pp. 1491-1496, 2002.

[5] AbolfazlAkbari1 ,Arash Dana,” Fault Detection and Recovery in Wireless Sensor Network Using Clustering”, International Journal of Wireless & Mobile Networks (IJWMN) Vol. 3, No. 1, February 2011 [6] Mohammed Bakhtawar Ahmed,” Techniques for Fault Detection in Wireless Sensor Networks”,

www.ijesi.org ||Volume 7 Issue 12 Ver. III || Dec 2018 || PP 65-71.

[7] Xiaohan Lai, XiaoyuJi, Xinyan Zhou, and Longdao Chen,” Energy Efficient Link-Delay Aware Routing in Wireless Sensor Networks”IEEE Nov 2017.

[8] A. Krishnamoorthy and V. Vijayarajan,” A NOVEL AND ENERGY EFFICIENCY APPROACH FORENHANCING THE LIFESPAN OF CLUSTER USING MOBILESINK”, International Journal of Advanced Science and TechnologyVol. 28, No. 13, (2019), pp. 290-296.

[9] H.-J. Kim, R. B. Chitti and J. S. Song, “Handling Malicious Flooding Attacks through Enhancement of Packet Processing Technique in Mobile Ad Hoc Networks,” Journal of Information Processing Systems, Vol. 7, No. 1, 2011, pp. 137-150.

[10] "The Philosophy of Anonymous"Radicalphilosophy.com. 2010-12-17. Retrieved 2013-09-

[11] H. Lim, Y. Moon, and E. Bertino, “Provenance-Based Trustworthiness Assessment in Sensor Networks,”

Proc. Seventh Int’l Workshop Data Management for Sensor Networks, pp. 2-7, 2010.