Virtual Energy Based Secure and Mean Path Length Based ... · Aditi Koul, Rohit Vaid CSE...

© 2013, IJARCSSE All Rights Reserved Page | 1106

Volume 3, Issue 6, June 2013 ISSN: 2277 128X

International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com

Virtual Energy Based Secure and Mean Path Length Based

Energy Efficient Framework (VEMPL) for WSN Aditi Koul, Rohit Vaid

CSE Department, M.M University, Haryana

Haryana, India

Abstract— Designing a secure and energy efficient wireless sensor network is a confronting problem as the sensors

are resource limited devices. Moreover it also becomes important to ensure that the false data injected into the

network by malicious node is not perceived as accurate data to maintain the authenticity and integrity of network. In

this paper we have proposed Virtual Energy based secure and Mean Path Length based Energy Efficient Framework

(VEMPL) for Wireless Sensor Networks. The proposed framework uses a light weight encoding scheme that is based

on simple logical operations. Virtual energy is provided to each sensor before the deployment of network. This energy

is used as a symmetric key to encrypt or decrypt a packet. The key changes dynamically as a function that is applied to

the virtual energy left in the node. Thus, one key is used to encode the first packet send by a node in the network and

different key is used every time for the other packets send by the node in the network. Every packet is forwarded from

a source node to the sink node via intermediate nodes. The intermediate nodes along the path to the sink node validate

the authenticity and integrity of the incoming packets. Proposed framework reduces power consumption by using an

optimal mean path length to send a packet. Simulation result proves that the proposed scheme successfully eliminates

and drops the malicious data from the network. The proposed security framework performs better than other

comparable energy savings schemes.

Keywords— WSNs, WSN security, virtual energy, energy based keying, dynamic keying.

I. INTRODUCTION

Wireless sensor networks collect sensitive information and the technology is used in a variety of application scenarios

that include environmental, military, and commercial enterprises [1]. Securing sensor networks poses unique challenges

to protocol builders because these wireless devices are deployed in large numbers, usually in unattended environments,

and are severely limited in their capabilities and resources (e.g., power, computational capacity, and memory)[2].

Protocols should be resilient against false data injected into the network by malicious nodes otherwise the consequences

for propagating false data or redundant data are expensive, depleting limited network resources and wasting response

efforts. The sensors deployed in these hostile environments that give rise to security threats or attacks. The adversary can

physically capture and get the information contained in the sensor node, eavesdrop and inject new messages, modify the

message. Hence there must be a mechanism for the secure key establishment and power efficient communication for the

secure node to node data transmission.

II. LITERATURE SURVEY

Ma's work [3] applies the same filtering concept at the sink and utilizes packets with multiple MACs appended and

analyzed the resilience and overhead of the sink filtering scheme. Hyun and Kim proposed the energy efficient security

method which uses relative coordinate instead of physical coordinate to reduce the energy consumption [4]. Location

information description with relative coordinate makes the caught data meaningless and can protect the data without

using cryptography methods. In [5], Zhu and et al. use static pair-wise keys and two MACs appended to the sensor

reports for filtering of injected false data and address both the insider and outsider threats. However, the common

downside of all these schemes is that they are complicated for resource-constrained sensors and they either utilize many

keys or they transmit many messages in the network, which increases the energy consumption of WSNs. The most

significant observation with all of these works is that a realistic energy analysis of the protocols was not presented. Lastly,

the concept of dynamic energy-based encoding and filtering was introduced by H. Hou and et al. in the DEEF [6] Dynamic Energy-based Encoding and Filtering framework to detect the injection of false data into a sensor network.

DEEF requires that each sensed event report be encoded using a simple encoding scheme based on a keyed hash. The key

to the hashing function dynamically changes as a function of the transient energy of the sensor, thus requiring no need for

re-keying. Selcuk Uluagac et al. [7] designed an energy efficient Virtual Energy-Based Encryption and Keying (VEBEK)

scheme for WSNs that significantly reduces the number of transmissions needed for rekeying to avoid stale keys. In

addition to the goal of saving energy, minimal transmission is imperative for some military applications of WSNs where

an adversary could be monitoring the wireless spectrum. VEBEK is a secure communication framework where sensed

data is encoded using a scheme based on a permutation code generated via the encryption mechanism. A one-time

dynamic key is employed for one packet only and different keys are used for the successive packets of the stream.

http://www.ijarcsse.com/

Koul et al., International Journal of Advanced Research in Computer Science and Software Engineering 3(6),

June - 2013, pp. 1106-1113


III. PROBLEM STATEMENT The goal would be to create a secure system that can ensure safety of the data using light weight encryption methods

and still use the available energy and resources without much overhead. This paper introduces virtual energy based

secure and mean path length based energy efficient framework (VEMPL) for wireless sensor networks that significantly

reduces the number of transmissions needed for rekeying to avoid stale keys and also reduces power consumption using

an optimal mean path length.

Fig 1: Random Deployment of Nodes Fig 2: Nodes with path to base station

The sensor nodes are assumed to be deployed randomly over the sensor field of 100 x 100 m. The density of the nodes

scattered over the field is uneven and vary from location to location in to the network. Figure 1 shows a randomly

deployed network with one hundred sensor nodes. Every node has a shortest path to base station which is shown with the

help of a Figure 2. In Figure 3 the varying node density along the path to base station is shown.

Fig 3: Varying Node Density along path Fig 4: Malicious node attacking

The notion behind using the VEMPL scheme is to find the optimal number of nodes that should be present in the path

between the source nodes to the sink as depicted in Figure 2. It is very much clear from the assumption that there lies

heterogeneity of the number of nodes scattered over the sensor field. Likewise, the density of nodes surrounding other

nodes is also uneven in the network. The circles in Figure 3 show that the density along the path to the base station varies

from location to location in the network. Figure 4 has shown the event area when there is an attack by malicious node 15

and 40.The event is detected by node 2 taken as a source node which forwards the data and the dynamically generated

key for secure transmission to forward nodes 95 ,72 and 55 and ultimately to the base station. Thus, due to the security

framework they are unable to insert false data into the network.

A. Data Structure

Every node in the sensor field will store one or more records for each of its neighbouring sensor nodes. For each arbitrary node being watched, a stored list contains the following state information such as Ecurr (current/actual energy level), Eali

(Staying alive energy), Eper (Perceived Energy Level) and IV (stored until after first decode). The array of stored list of

node is shown in the Figure 5.


June - 2013, pp. 1106-1113


Fig 5: Data structure used by every node Fig 6: Action performed by each Sensor

B. Sensor Responsibility

The sensor node has to generate the key based on energy of the node, encrypt the data with the key using LWES

scheme, decode the data and also drop the malicious packet if any. This is shown in Figure 6.

IV. SYSEM MODEL FOR VEMPL

The subunits of our proposed model for VEMPL is shown in Figure 7 include keying unit, crypto module, forward unit

and receiving unit. The first unit keying unit is used to generate the dynamic key with the help of a virtual key that is

stored in the memory of every node before the network deployment. The second unit crypto module is used to encrypt the packet with the help of a dynamic key that is generated by keying unit. The third module is used to forward the

encoded packet to the node that is next hope in the path to base station. The last receiving unit is used by the node that

receives the packet to check the authenticity and integrity of the message by first decrypting the message and then re-

encrypt the message to forward it to the destination (sink node).

Fig 7: Security Framework for VEMPL

V. Security Framework For Vempl

The dynamic view of the VEMPL system is shown with the help of a Figure 8. VEMPL is an idea of designing the

energy efficient and secure communication framework. It provides a technique to verify data and drop false packets from

the malicious node and thus maintaining the security of the network. Here the data is encoded using light weight

encryption mechanism that dynamically changes on the basis of virtual energy left in the node. The node energy based

keying process involves the creation of dynamic keys which is different for every packet send by a node in the network. Thus the scheme reduces the exchange extra control messages to establish the dynamic keys. The intermediate nodes

along the path to the sink are able to verify the authenticity and integrity of the incoming packets. Virtual energy based

secure and mean path length based energy efficient framework (VEMPL) for wireless sensor networks) has been largely

inspired by DEEF [6]. However, VEMPL is better than DEEF in several ways. VEMPL utilizes virtual energy in place of

actual battery levels to create dynamic keys which is more reasonable because the real battery levels as in case of earlier

schemes like DEEF [6] may fluctuate and the differences in battery levels across nodes may encourage synchronization

problems, which can cause packet drops. These problems have been addressed in VEMPL.


June - 2013, pp. 1106-1113


Fig 8: System Model of VEMPL

A) Generate Dynamic key This dynamic key generation process is primarily handled by the source module. When an event is detected by a source

node, the next step is for the report to be secured. For this we are using a keying scheme. The current value of the nodes

virtual energy (Ecurr) is used as the key to the key generation function F. The Ecurr value is taken as the master key as it is

the first key used after sensor deployment. During the initial deployment, each node in the network will have the same

energy level Eini, therefore, the initial key, K1, is a function of the initial node energy value i.e master key and the packet

size and then subsequent key Ki is generated by Ki-1 key and the master key. The algorithm 1 to generate the dynamic key

is given as follows:

Algorithm 1: GenerateDynamicKey(master key, packet size, counter)

BEGIN

STEP 1: i counter STEP 2: if i=1 then

Ki F (master key, packet size)

else

Ki F (master key, Ki-1)

End of STEP 2

return Ki

END

B. Node Energy

Each node goes through several functional states that include node-stay-alive, packet reception, transmission, encoding,

and decoding. As each of this action occurs, the energy in a node gets depleted giving the new node energy value every

time. The source node uses the local node energy value and an Initial Vector (or previous key value if not the first

transmission) to construct the next key.

Fig 9: Virtual Energy as a symmetric key

Each node after performing some action computes and updates the constantly changing value of its energy. Since a node

will be either forwarding data of some node or injecting its own data into the network, the set of actions and their

associated energies for VEMPL includes packet receiving energy (ERe), packet transmission energy (ETr), packet encoding energy (Een), packet decoding energy (Ede) and the energy required to keep a node alive in the idle state (Eali)

when it is performing no action.


June - 2013, pp. 1106-1113


C. Forwarding the Key to Cryptographic Unit The source module fetches the current value of the node energy from the source module. The generated dynamic key is

forwarded to the next Module called Crypto Module as shown in Figure 7. The key is used into the cryptographic unit to

generate a permuted code to encoding the packet. The local virtual energy value is updated and stored for use with the

transmission of the next report.

D. Cryptographic Unit

Due to the resource constraints WSNs, traditional encryption algorithms requiring expensive resources are not suitable to

use in WSNs. The cryptographic unit in VEMPL uses a light weight encoding scheme (LWES). Due to dynamic nature

of the keys it becomes difficult for an attacker to break this encoding scheme. A data packet in VEMPL consists of node

identifier bits, node type bits and nodes data bits. Each node sends packet that contains these bits to its next hop as shown

in Figure 10.

Fig 10: Packet Format in VNMPL

The nodes identifier (NID), node type (NT), and the sensed data (ND) are transmitted in a pseudorandom fashion

according to the result of LWES scheme. The LWES takes the key and the packet as inputs and produces the result as a

permuted code (PMC) which hides the nodes ID inside the permuted packet. The format of our final packet to be

transmitted becomes PMC=<{MSG}KEY> where {MSG}KEY constitutes encoding MSG with dynamic key to generate the permuted packet. When the next node along the path to the sink receives the packet, it generates the local permutation

code to decode the packet. Thus, instead of the traditional approach of sending the ID with the message [7], like

<ID,{MSG}KEY> as in Figure 12, we only prefer sending {MSG}KEY along with the information to be sent as there is no

purpose of sending NID in plain text format shown in Figure 13.

Fig 11: Fields of nodes Fig 12: Traditional Approach Fig 13: Proposed Approach

In traditional approach [8], the notion of sending ID with packet increase the size as well as the risk of tampering because

when the intruder attacks a node, it can very easily forge the packet with that ID that is present in the watch list of that

node thus violating the integrity principle where as the proposed approach hides the NID within the PMC. This will save

bandwidth on an already resource-constrained network, thus increasing the network lifetime. If the size of NID is 6 bit

and 2 bits are used to represent NT and 4 byte as a ND bits. Total 40 bits are produces as a PMC in the proposed

mechanism whereas 47 bits are generated as a PMC in the traditional approach. So the size of the packet reduces as 7 bits

in the proposed scheme than traditional scheme. If the number of packets increased in the network then scenario is given

in Table 1. Figure 14 analyzes the number of packets and quantity of data sent in bits for both traditional and proposed

approach.

Table 1. Traditional Vs Proposed Approach

Number of packets Quantity of data in bits

Traditional Proposed

1 47 40

2 94 80

3 141 120

4 188 160

10 470 400

50 2350 2000

100 4700 4000

1000 47000 40000

N 47*N 40*N


June - 2013, pp. 1106-1113


Fig 14: Traditional Vs Proposed approach Fig 15: Resulting key „h‟ with possible operations

The code can be mapped to a set of actions that are to be taken in the encryption process. The actions can include Order of Parameters, Order of bits in each parameter, Rotation Operation and Interleave Operation. The permutation code is

generated using the operations such as order of parameters, order of bits in each parameter, circular left and right shifts

and interleaving. The computed code in Figure 13 is used to encode the <NID|NT|ND> message. For example, if a node

computed the following key{1010110011}, the string in Figure 10 becomes string in Figure 16 before it is transmitted.

Fig 16: Bit String after permutation

The advantage of using this encoding scheme is that there is no hash code or message digest to transmit and the packet

size does not grow.

VII. SIMULATION AND RESULTS A) Related Parameters and Notations The related parameters and notations used for performing simulations in Mat lab are mentioned in Table 2 and Table 3.

Table 2. Related Parameters Used

Table 3: Notations Used

ETr Transmission Energy Edy Dynamic Energy

ERe Receiving Energy Esen Sensing Energy

Ecomp Computation Energy Eali Staying Alive Energy

Een Encoding Energy Evir Virtual Cost

Ede Decoding Energy Ekde Key Discovery Energy

Efor Forwarding Energy Esnode Source Node Energy

E[nh] Expected no. of hops E[ne] Expected no. of

neighbours

r No. of watched nodes M key establishment msgs

N No. of nodes Edp Dropping Probability

L Packet Size Eper Perceived Energy

Packet Size 32 Een 15.5µJ

Area 100 x100

m Esen 36µJ

ETr 65 µJ Eali 18.6µJ

ERe 50µJ N 100

Ede 15.5µJ R (0...60)


June - 2013, pp. 1106-1113


B) Energy Consumption of DEEF, VEBEK AND VEMPL In this sub-section we look at the associated costs to transmit valid data in DEEF, VEBEK-I, VEBEK-II and VEMPL. In

operational modes, there is a single cost (Esnode) to stay-alive, sense the event, encode the packet, and transmit the packet

(Eali , Esen, Een, ETr ) at the source sensor. Thus,

Trensenalisnode EEEEE ... (1)

Also, there is a recurring forwarding cost (Efor) to take the packet through the network depending on the number of hops.

In VEBEK-I, this cost is:

aliTrendefor EEEEEE Re ... (2)

This cost is for all of the intermediate nodes since all of the nodes perform the same operations. Hence, the average cost

to transmit a packet in VEBEK-I using E[nh] is:

)*][( forsnodeIfor EnhEEE ... (3)

On the other hand, in VEBEK-II the cost of Efor-II consists of EforW and EforNW for variable fractions of the forwarding nodes depending on the number of nodes each node chose to watch, where EforW = Efor and EforNW = ERe+ ETr+ Eali.

Hence, the average cost to transmit a packet using VEBEK-II is

)*][()*][( forNWforWsnodeIIfor EnhNWEEnhwEEE ... (4)

Where E[nhW] and E[nhNW] represent the expected number of nodes along the path who are watchers and non-watcher

nodes, respectively. The values for these expectations can be computed given the total expected number of hops with

E[nh] from equation (2), where E[nh] = E[nhW] + E[nhNW]. Hence,

][*][ nhEN

rnhWE ... (5)

][*][ nhEN

rNnhNWE

... (6)

Simulation results have been calculated using the above equations. In all the Figures, the x-axis represents the number of

malicious nodes while the y-axis is the energy consumption. Different values for the number of watched nodes (r) were

analyzed for all the schemes. We have evaluated VEMPL scheme to find the optimal number of nodes having r stored list

of records that should be in the path between the source node to the sink as the sensor nodes are deployed randomly over

the sensor field and the density of the nodes scattered over the field is uneven and vary from location to location in a

sensor field using our improved algorithm 2.

Fig 17: Energy Consumption of VEBEK Fig 18: Energy Cost Comparison of and VEMPL

VEMPL, VEBEK and DEEF

The above Figure 17 shows Energy consumption of VEMPL after first calculating the average number of nodes in path

to base station and then forwarding the encoded packet along that path meeting our goal of security as well as low energy

consumption. Comparison of VEMPL with other Schemes is shown in Figure 18.

VII. CONCLUSIONS

Security in communication is very costly but important for any type of network. It becomes important to minimize the

energy consumption and secure our data while exchanging between one two nodes along the path in unsecure channel. To address these concerns the model presented a Virtual Node Energy and Mean Path Length based Framework that can

be configured to provide optimal performance in variety of networks. Simulation results in Mat lab prove that VEMPL‟s

energy performance is much closer to that of its former schemes. VEMPL‟s framework performs comparably better than

other schemes in the literature with an overall 60-99 percent improvement in energy savings as opposed to enlarging the

packet by appending message authentication codes (MACs).

REFERENCES

[1] Akyildiz,IanF.,WeilianSu,Yogesh Sankarasubramaniam, and Erdal Cayirci. "Wireless sensor networks: a survey."

Computer networks .vol.38, no. 4, pp. 393-422, 2002.


June - 2013, pp. 1106-1113


[2] Ye, Fan, Haiyun Luo, Songwu Lu, and Lixia Zhang. "Statistical en-route filtering of injected false data in sensor networks." In INFOCOM 2004. Twenty-third AnnualJoint Conference of the IEEE Computer and Communications

Societies, vol. 4, pp. 2446-2457. IEEE, 2004.

[3] M. Ma, “Resilience of sink filtering scheme in wireless sensor networks,” Elsevier Comput. Commun., vol. 30, no. 1,

pp. 55-65, 2006.

[4] Hyun, Jaemyung, and Sungsoo Kim. "Low energy consumption security method for protecting information of

wireless sensor network." In Advanced Web and Network Technologies, and Applications, pp. 397-404. Springer

Berlin Heidelberg, 2006.

[5] Zhu, Sencun, Sanjeev Setia, Sushil Jajodia, and Peng Ning. "An interleaved hop-by-hop authentication scheme for

filtering of injected false data in sensor networks." In Security and Privacy, 2004. Proceedings. 2004 IEEE

Symposium on, pp. 259-271. IEEE, 2004.

[6] Hou, Hailong, Cherita Corbett, Yingshu Li, and Raheem Beyah. "Dynamic energy-based encoding and filtering in sensor networks." In Military Communications Conference, 2007. MILCOM 2007. IEEE, pp. 1-10. IEEE, 2007.

[7] Uluagac, Arif Selcuk, Raheem A. Beyah, Yingshu Li, and John A. Copeland. "VEBEK: Virtual energy-based

encryption and keying for wireless sensor networks." Mobile Computing, IEEE Transactions, vol. 9, no. 7, pp. 994-

1007, July 2010.

[8] Ngo, Huy Hoang, Xianping Wu, Phu Dung Le, Campbell Wilson, and Balasubramaniam Srinivasan. "Dynamic key

cryptography and applications." International Journal of Network Security, vol.10, no. 3,pp. 161-174.2009.

Virtual Energy Based Secure and Mean Path Length Based ... · Aditi Koul, Rohit Vaid CSE...

Documents

Transcript of Virtual Energy Based Secure and Mean Path Length Based ... · Aditi Koul, Rohit Vaid CSE...