1 / 46

Two Tier Secure Routing Protocol for Heterogeneous Sensor Networks

IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS, VOL. 6, NO. 9, SEPTEMBER 2007. Two Tier Secure Routing Protocol for Heterogeneous Sensor Networks. Xiaojiang Du, Member, IEEE, Mohsen Guizani, Senior Member, IEEE, Yang Xiao, Senior Member, IEEE, and Hsiao-Hwa Chen, Senior Member, IEEE.

alexis
Download Presentation

Two Tier Secure Routing Protocol for Heterogeneous Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS, VOL. 6, NO. 9, SEPTEMBER 2007 Two Tier Secure Routing Protocol for Heterogeneous Sensor Networks Xiaojiang Du, Member, IEEE, Mohsen Guizani, Senior Member, IEEE, Yang Xiao, Senior Member, IEEE, and Hsiao-Hwa Chen, Senior Member, IEEE Advisor: Yeong-Sung, Lin Presented by Yen-Yi, Hsu

  2. Outline Authors Introduction The HSN Model Two-Tier Secure Routing Security Analysis Evaluation Performance

  3. Outline Authors Introduction The HSN Model Two-Tier Secure Routing Security Analysis Evaluation Performance

  4. AUTHORS • Xiaojiang (James) Du (M’03) • an assistant professor in the Department of Computer Science, North Dakota State University. • Dr. Du received his B.E.degree from Tsinghua University, Beijing, China in 1996, and his M.S. and Ph.D. degrees from University of Maryland, College Park in 2002 and 2003, respectively, all in electrical engineering. • His research interests are heterogeneous wireless sensor networks, security, wireless networks, computer networks, and network and systems management. • Dr. Du is an Associate Editor of Wiley Wireless Communication and Mobile Computing, and the InterScience International Journal of Sensor Networks.

  5. AUTHORS • Mohsen Guizani (SM’99) • is currently a full professor and chair of the Computer Science Department at Western Michigan University. • He has authored or co-authored over 180 technical papers in major international journals and conferences. • His research interests include computer networks, design and analysis of computer systems, wireless communications, and optical networking. • He currently serves on the editorial boards of many national and international journals. • He is the founder and Editor- In-Chief of Wiley Wireless Communications and the Mobile Computing Journal.

  6. AUTHORS • Yang Xiao (SM’04) • is currently with the Dept. of Computer Science at The Univ. of Alabama. • Dr. Xiao was a voting member of the IEEE 802.11 Working Group from 2001 to 2004. • He currently serves as Editor-in-Chief for the International Journal of Security and Networks (IJSN), the International Journal of Sensor Networks (IJSNet), and the International Journal of Telemedicine and Applications (IJTA). • His research areas are wireless networks, mobile computing, network security, and telemedicine. • He has published more than 200 papers in major journals (more than 50 in various IEEE Journals/magazines), refereed conference proceedings, and contributed book chapters related to these research areas.

  7. AUTHORS • Hsiao-Hwa Chen (SM’00) • is a full professor in the Department of Engineering Science, National Cheng Kung University, Taiwan • was the founding director of the Institute of Communications Engineering, National Sun Yat-Sen University, Taiwan. • He has authored or co-authored over 200 technical papers in major international journals and conferences, and six books in the areas of communications. • He has served as symposium co-chair of major international conferences, including IEEE VTC, ICC, Globecom, WCNC, etc. • He served or is serving as an Editor and/or Guest Editor of many international journals. • He is an Adjunct Professor of Zhejiang University, and Shanghai Jiao Tung University, China.

  8. Outline Authors Introduction The HSN Model Two-Tier Secure Routing Security Analysis Evaluation Performance

  9. INTRODUCTION • Routing is an essential operation in sensor networks. • Wireless sensor networks have many applications, such as military, homeland security, environment, and so on. • Most existing routing protocols considered routing protocols and security issues separately. • It’s nontrivial to fix the problem that routing protocol can be made secure by incorporating security mechanisms after the design has completed.

  10. INTRODUCTION • Most existing work considers homogeneous sensor network. • homogeneous-all nodes are modeled to have the same capabilities, computation, reliability, etc. • A homogeneous ad hoc network has poor fundamental limits and performance. • More and more recently deployed sensor networks follow heterogeneous design. • HSNs can significantly improve performance.

  11. Outline Authors Introduction The HSN Model Two-Tier Secure Routing Security Analysis Evaluation Performance

  12. THE HSN MODEL • The HSN model consists of two physically different types of nodes: • Low-end sensors(L-sensors) • Large number • High-end sensors(H-sensors) • Small number • more powerful • Provide many advantages • Base Station(BS)

  13. THE HSN MODEL • Assume that both L-sensors and H-sensors are uniformly and randomly distributed in the field • Let H-sensors serve as cluster heads, and all H-sensors forma backbone. • Designed an efficient androbust cluster formationscheme for HSNs

  14. THE HSN MODEL • Reference • X. Du and F. Lin, “Maintaining differentiated coverage in heterogeneoussensor networks,” EURASIP J. Wireless Commun. Networking, no. 4, pp.565–572, Oct. 2005. • Distributing H-sensors and L-sensors at the same time. • By adding H-sensors into an existing homogeneous sensor networks. • Both H-sensor and L-sensor know their location information

  15. THE HSN MODEL • Cluster formation in HSN • All H-sensors broadcast Hello messages with maximum transmission power to nearby L-sensors with a random delay • With enough number of H-sensors uniformly and randomly distributed • Most L-sensors can receive Hello messages from multiple H-sensors. • Most H-sensors can receive Hello messages from neighbor H-sensors. • Each L-sensor also records backup cluster head.

  16. THE HSN MODEL • If an L-sensor does not hear any Hello message • The node will broadcast an Explore message • Neighbor L-sensor will response with an Ack after a random delay • If it overhears an Ack response from another neighbor, the L-sensor will not send Ack. reduces the number of messages and the consumed energy • Each L-sensor will select the closest H-sensor as the cluster head

  17. THE HSN MODEL • Assumptions of HSNs: • L-sensors are NOT equipped with temper-resistant hardware. • Each L-sensor(H-sensor) is static and aware of it’s own location. • H-sensor are quipped with temper-resistant hardware. • The BS is well protected and trustable.

  18. Outline Authors Introduction The HSN Model Two-Tier Secure Routing Security Analysis Evaluation Performance

  19. TWO TIER SECURE ROUTING • A routing protocol should be robust to sensor failures and be able to find new paths when nodes fail. • Security requirement adds new challenges to routing. • the BS, H-sensors and L-sensors form hierarchical network architecture. • Two-Tier Secure Routing (TTSR) protocol architecture consists of two parts: • Secure routing within a cluster(among L-sensor) • Secure routing across clusters(among H-sensor)

  20. TWO TIER SECURE ROUTING • A. Secure Intra-Cluster Routing • Two-way handshake can avoid the unidirectional link problem u v

  21. TWO TIER SECURE ROUTING • Let all L-sensors in a cluster form a tree rooted at the cluster Head. • To minimize the energy consumption: • complete data fusion→MST • i.e., two k-bit packets com in, and one k-bit packet goes out after data fusion. • no data fusion within the cluster→SPT • partial fusion→ NP-Complete problem • If data from nearby sensors are highly correlated, then an MST can be adopted to approximate the least energy consumption case. • Centralized algorithm can be used to construct an MST, so does SPT.

  22. TWO TIER SECURE ROUTING • L-sensor are small, unreliable devices • It may fail over time • Robust and self-healing routing protocols are critical for routing among L-sensors. each L-sensor may record two or more parent node • Following secure data forwarding scheme is used by L-sensor. • u → v: packet_ID + {Data}Ku,v + MAC(Ku,v, ∗) • L-sensor is responsible to guarantee the delivery • u will re-transmit the packet if u doe not get an ack • The process continues until the packet reaches the cluster head H.

  23. TWO TIER SECURE ROUTING • B. Secure Inter-Cluster Routing • After cluster formation, each cluster head exchanges location information with neighbor cluster heads • During route discovery, H-sensor draws a straight line L between itself and the BS • C0, C1, ...,Ck, which arereferred to as Relay Cells

  24. TWO TIER SECURE ROUTING • A secure data forwarding scheme similar to the one above • H-sensor are more reliable nodes than L-sensor. • Self-healing scheme for H-sensor failures. • Use a detoured path to avoid the failure cell.

  25. Outline Authors Introduction The HSN Model Two-Tier Secure Routing Security Analysis Evaluation Performance

  26. SECURITY ANALYSIS • Due to the limited storage in L-sensor all cryptographic primitives use a single block cipher for code reuse. Ex:RC5 • Security Configuration • Data Authentication and Data Integrity • By MAC • Data Confidentiality By symmetric encryption

  27. SECURITY ANALYSIS • TTSR can defend against various attacks on sensor network routing • Sybil Attack • Wormhole and Sink-hole Attacks • Selective Forwarding Attack • Hello Flood Attack

  28. SECURITY ANALYSIS • Sybil attack • The Sybil attack can significantly reduce the effectiveness of fault-tolerant schemes • Sybil attacks also pose a significant threat to geographic routing protocols • by authentication

  29. SECURITY ANALYSIS • Sinkhole attacks • the adversary’s goal is to lure nearly all the traffic from a particular area through a compromised node • sinkhole attacks can enable many other attacks • an advertisement for an extremely high quality route to a base station • One motivation for mounting a sinkhole attack is that it makes selective forwarding trivial.

  30. SECURITY ANALYSIS • Wormholes attack • The simplest instanceof this attack is a single node situated between two othernodes forwarding messages between the two of them • wormhole attacks more commonly involve two distantmalicious nodes colluding to understate their distance fromeach other • Wormhole and Sink-hole Attacks adversary is not able to route in TTSR

  31. SECURITY ANALYSIS • Selective forwarding • a malicious node selectivelydrops sensitive packets • Selective forwarding attacksare typically most effective when the attacking nodesare explicitly included on the path of a data flow • especially when theyare used in combination with other attacks such as wormholeand sinkhole attacks • by Packet_ID

  32. SECURITY ANALYSIS • HELLO flooding attack • Many protocols require nodes to broadcast HELLO packets to announce themselves to their neighbors, and a node receiving such a packet may assume that it is within (normal) radio range of the senderThis assumption may be false • by two-way handshake

  33. Outline Authors Introduction The HSN Model Two-Tier Secure Routing Security Analysis Evaluation Performance

  34. EVALUATION OF ROUTING PERFORMANCE • Compare with Directed Diffusion (DD) • No attack placed on the sensor network • 1 BS, 300 L-sensors random distributed in a 300x300 m2 area • For TTSR, additional 20 H-sensors • Network divided in to equal-sized cells. • Side length of a cell is set as r/2 • No data fusion is performed  SPT is used

  35. Direct Diffusion • Reference • C. Intanagonwiwat, R. Govindan, and D. Estrin, “Directed diffusion: A scalable and robust communication paradigm for sensor networks,” in Proc. ACM MOBICOM, Aug. 2000 • DD consists of several elements • data messages:data is named using attribute-value pairs • Interests:The named task description constitutes an interest • Gradients:is directionstate created in each node that receives an interest • Reinforcements:The sensor network reinforces one or a small number of these paths

  36. Direct Diffusion

  37. Direct Diffusion • Naming • A task description is called an interest • Select a naming scheme is the first step in designing DD for the network type = wheeled vehicle // detect vehicle location interval = 10 ms // send events every 20 ms duration = 10 s // for the next 10 s rect = [-100; 100; 200; 400] // from sensors within rectangle.

  38. Direct Diffusion • Interest and Gradient • 1) Interest Propagation: • the sink periodically broadcasts an interest message to each of its neighbors • this initial interest may be thought of as exploratory • The interest entry also containsseveralgradient fields • local interaction:To its neighbors, thisinterest appears to originate from the sending node

  39. Direct Diffusion • 2) Gradient Establishment: • every pair of neighboring nodes establishes a gradienttoward each other. This is a crucial consequence of local interactions.

  40. Direct Diffusion • C. Reinforcement • Sink re-sends the original interest message but with a smaller interval(higher data rate) • it is triggered by receiving one new event • can result in more thanone path being reinforcednegatively reinforce

  41. EVALUATION OF ROUTING PERFORMANCE • A. Routing Performance under Different Node Densities 1.Both TTSR and DD increase as density increase. 1.Both TTSR and DD increase as density increase. 1.Same pair of source-destination in TTSR uses fewer hops of transmissions than that in DD. 2.More power is dissipated for overhearing in TTSR 2.In TTSR, more candidates to relay packets 3.In DD, more and more nodes are involved in disseminating “interest” and “gradient” 3.In DD, more sensor to forward packets 4.From the same L-sensor to the BS, TTSR requires fewer hops 5.H-sensor have higher data rate

  42. EVALUATION OF ROUTING PERFORMANCE • B. Routing Performance for Different Source-BS Distances 1.For any distance, the delivery ratio of TTSR is higher than DD, TTSR utilize H-sensor and has less hop count than DD 1.In DD, more nodes participate in routing as the distance increase 2.In TTSR, only L-sensors increases, while the number of H-sensors remains the same.

  43. EVALUATION OF ROUTING PERFORMANCE • C. Routing Performance for Different Node Failure Probabilities 1.Fewer sensors in the route in TTSR that those in DD. 2.H-sensor are less likely to fail. 1.In TTSR, node failures that cause re-transmission in TTSR. 2.The energy consumption of DD decrease when p increase

  44. EVALUATION OF ROUTING PERFORMANCE • In summary • TTSR has a higher delivery ratio, a smaller end-to-end delay and lower energy consumption than Directed Diffusioneven DD dose not run any security primitives • TTSR achieves better performance by utilizing powerful H-sensors

  45. CONCLUSION • In this paper: • A novel secure routing protocol(TTSR) for HSNs. • TTSR consist of secure intra- and inter-cluster routing scheme • TTSR can defend against several sophisticated routing attacks • TTSR has a greater performance than a popular non-secure routing protocol-Directed Diffusion.

  46. Thank You !

More Related