Secure Data Collection in Wireless Sensor Networks Using Randomized Dispersive Routes

ABSTRACT
Compromised node and denial of service are two key attacks in wireless sensor networks (WSNs). In this paper, we study data delivery mechanisms that can with high pro a ility circumvent lack holes formed y these attacks. We argue that classic multipath routing approaches are vulnera le to such attacks, mainly due to their deterministic nature. So once the adversary ac!uires the routing algorithm, it can compute the same routes known to the source, hence, making all information sent over these routes vulnera le to its attacks. In this paper, we develop mechanisms that generate randomi"ed multipath routes.#nder our designs, the routes taken y the $shares% of different packets change over time. So even if the routing algorithm ecomes known to the adversary, the adversary still cannot pinpoint the routes traversed y each packet. &esides randomness, the generated routes are also highly dispersive and energy efficient, making them !uite capa le of circumventing lack holes. We analytically investigate the security and energy performance of the proposed schemes. We also formulate an optimi"ation pro lem to minimi"e the end'to'end energy consumption under given security constraints. ()tensive simulations are conducted to verify the validity of our mechanisms.

E isting S!stem" We argue that three security pro lems e)ist in the a ove counter'attack approach. *irst, this approach is no longer valid if the adversary can selectively compromise or +am nodes. ,his is ecause the route computation in the a ove multipath routing algorithms is deterministic in the sense that for a given topology and given source and destination nodes, the same set of routes are always computed y the routing algorithm. -s a result, once the routing algorithm ecomes known to the adversary (this can e done, e.g., through memory interrogation of the compromised node), the adversary can compute the set of routes for any given source and destination. ,hen, the adversary can pinpoint to one particular node in each route and compromise (or +am) these nodes. Such an attack can intercept all shares of the information,

rendering the a ove counter'attack approaches ineffective. Second, as pointed out in, actually very few node'dis+oint routes can e found when the node density is moderate and the source and destination nodes are several hops apart. *or e)ample, for a node degree of ., on average only two node'dis+oint routes can e found etween a source and a destination that are at least / hops apart. ,here is also 01 percent pro a ility that no node'dis+oint paths can e found etween the source and the destination. ,he lack of enough routes significantly undermines the security performance of this multipath approach. 2ast, ecause the set of routes is computed under certain constraints, the routes may not e spatially dispersive enough to circumvent a moderate'si"e lack hole. Disadvantages" ,he main challenge in our design is to generate highly dispersive random routes at low energy cost. The adversary can pinpoint to one particular node in each route and compromise (or jam) these nodes. Such an attack can intercept all shares of the information, rendering the above counter-attack approaches ineffective. These two attacks are generating block holes.

#roposed S!stem" In this paper, we propose a randomi"ed multipath routing algorithm that can overcome the a ove pro lems. In this algorithm, multiple paths are computed in a randomi"ed way each time an information packet needs to e sent, such that the set of routes taken y various shares of different packets keep changing over time. -s a result, a large num er of routes can e potentially generated for each source and destination. ,o intercept different packets, the adversary has to compromise or +am all possi le routes from the source to the destination, which is practically not possi le. &ecause routes are now randomly generated, they may no longer e node'dis+oint. 3owever, the algorithm ensures that the randomly generated routes are as dispersive as possi le, i.e., the routes are geographically separated as far as possi le such that they have high likelihood of not simultaneously passing through a lack hole. Considering the stringent constraint on energy consumption in WSNs, the main challenge in our design is to

generate highly dispersive random routes at low energy cost. -s e)plained later, such a challenge is not trivial. - naive algorithm of generating random routes, such as Wanderer scheme (a pure random'walk algorithm), only leads to long paths (containing many hops, and therefore, consuming lots of energy) without achieving good depressiveness. 4ue to security considerations, we also re!uire that the route computation e implemented in a distri uted way, such that the final route represents the aggregate decision of all the nodes participating in the route selection. -s a result, a small num er of colluding5compromised nodes cannot dominate the selection result. In addition, for efficiency purposes, we also re!uire that the randomi"ed route selection algorithm only incurs a small amount of communication overhead. Advantages" 6) - naive algorithm of generating random routes, such as Wanderer scheme (a pure random'walk algorithm), only leads to long paths (containing many hops, and therefore, consuming lots of energy) without achieving good depressiveness. 7) ,o intercept different packets, the adversary has to compromise or +am all possi le routes from the source to the destination, which is practically not possi le. 0) In this algorithm, multiple paths are computed in a randomi"ed way each time an information packet needs to e sent, such that the set of routes taken y various shares of different packets keep changing over time

Arc$itecture"

So%tware Re&uirements Speci%ication" So%tware Re&uirements" 8perating System ,echnology *ramework We ,echnologies I4( We Server 4ata ase Software=s 9 9 9 9 9 9 9 9 Windows )p , 2inu) :ava Struts 3tml, :avaScript, CSS ;y (clipse..1 ,omcat <.< 8racle :7S4>6.<, 8racle ?i

'ardware Re&uirements" System 3ard 4isk *loppy 4rive ;onitor ;ouse Dam >ey oard 9 9 9 9 9 9 9 @entium IA 7.B C3". .1 C&. 6.BB ; . 6B= Colour ;onitor. 8ptical ;ouse. <67 ; . 616 >ey oards.

(odules Description"
Single-Source Case Effect of the Optimization of N and M Multisource Case

Single)Source Case We first fi) the location of the source node at EF<1G 1H. In, we plot the packet interception pro a ility as a function of the ,,2 value (N) and the num er of shares (;) that each packet is roken into, respectively. ,he packet interception pro a ility calculated according to our asymptotic analytical model for @D@ is also plotted in the same figure for comparison. E%%ect o% t$e *ptimization o% N and ( we have formulated an optimi"ation pro lem for @D@, which finds the most energy' efficient parameter setting ENoG;oH among all feasi le com inations of N and ; that satisfy a given security re!uirement. 4ue to the asymptotic nature of the analytical model, the solution provided y our optimi"ation is only optimal for @D@ in an ideali"ed setting. In this section, we use the outcome of our optimi"ation to drive the simulation under @D@, 4D@, NDD@, and ;,D@, and then measure the resulting packet interception pro a ility and the end'to'end energy consumption. ,he results will help us optimi"ation. (ultisource Case We study the average packet interception pro a ility of the proposed algorithms when there are multiple source nodes that are sending packets simultaneously in the system. ,hese nodes are added to the simulation se!uentially, yielding the average packet interception pro a ility as a function of num er of source nodes. *or a given num er of source nodes, the average packet interception pro a ility is defined as the total num er of packets intercepted y the eavesdropper divided y the total num er of packets sent y various sources. ,his is in contrast to the worst'case interception pro a ility that could happen to any single source node. etter to understand the practical effect of our

Algorit$ms"
Distri+uted localization algorit$ms Randomized multipat$ routing algorit$ms Secure multipat$ routing algorit$ms