Abstract-With a widespread growth in the potential applications of Wireless Sensor Networks, the need for reliable security mechanisms for them has increased manifold. In unattended wireless sensor networks (UWSNs), sensed data are stored locally or at designated nodes and further accessed by authorized collectors on demand. The data are not instantly forwarded to a central sink upon sensing, thereby saving communication energy for transmission. This paper proposes a scheme to secure data aggregation that relies on multilevel routing. Our paradigm includes three phases: encryption, routing and aggregation. We encrypt the data with AES algorithm and send the cipher text to the aggregator, to avoid any adversary to eavesdrop on the content. Multi-level routing is implemented to optimize the interaction between the two layers and to reduce the end-to-end packet delay so as to match the requirements of the small wireless sensors in the network. In contrast to conventional schemes, our proposed scheme provides security and privacy, and duplicate instances of original readings will be aggregated into a single packet. Simulation results demonstrate that our scheme is superior in terms of data confidentiality and availability.
Keywords- WSN, encrypted aggregation, secure routing
Introduction
Wireless Sensor Networks
A Wireless Sensor Network (WSN) consists of spatially distributed autonomous sensors to cooperatively monitor physical or environmental conditions, such as temperature, sound, vibration, pressure, motion or pollutants.
A sensor network normally constitutes a wireless ad-hoc network that is each sensor supports a multi-hop routing algorithm where nodes function as forwarders, relaying data packets to a base station.
Unlike traditional wireless devices, wireless sensor nodes do not need to communicate directly with the nearest high-power control tower or base station, but only with their local peers. Instead, of relying on a pre-deployed infrastructure, each individual sensor or actuator becomes part of the overall infrastructure. Peer-to-peer networking protocols provide a mesh-like interconnect to shuttle data between the thousands of tiny embedded devices in a multi-hop fashion. Fig 1 depicts the basic sensor architecture. The flexible mesh architectures envisioned dynamically adapt to support introduction of new nodes or expand to cover a larger geographic region. Additionally, the system can automatically adapt to compensate for node failures.
Security in WSN
The resource-starved nature of sensor networks poses great challenges for security. However, in many applications the security aspects are as important as performance and low energy consumption.
1) Security challenges:
The broadcast nature of the wireless communication renders a WSN susceptible to link attacks ranging from passive eavesdropping to message replay and message distortion
The network deployment in hostile environments (e.g. battlefield, forest) with relatively poor physical protection
The limitations in energy, computational power and memory of the tiny sensors
The extremely large number of interacting devices in a sensor network
The dynamic nature of WSN (frequent changes in both its topology and its membership)
Fig 1: Basic sensor network architecture.
Routing in WSN
Wireless sensor networks are formed by small devices communicating over wireless links without using a fixed networked infrastructure. Because of limited transmission range, communication between any two devices requires collaborating intermediate forwarding network nodes, i.e. devices act as routers and end systems at the same time. Communication between any two nodes may be trivially based on simply flooding the entire network. However, more elaborate routing algorithms are essential for the applicability of such wireless networks, since energy has to be conserved in low powered devices and wireless communication always leads to increased energy consumption.
The first routing algorithms for wireless networks followed the traditional approach of topology-based routing, i.e. forwarding decisions are based on information about currently available links between network nodes. Early proposals are based on proactive routing strategies maintaining routing information about all available paths even when these paths are never used. Proactive routing does not scale well in dynamically changing network topologies, thus, reactive methods maintaining only these routes which are currently in use have been investigated further on.
Data Aggregation in WSN
Data aggregation is an important primitive in wireless sensor networks (WSN). Data aggregation is a process that collects data from different sources and expresses the data, based on specific variables, in a summarized format. By eliminating redundant or unnecessary information from transmitted data streams, data aggregation can drastically improve the communication efficiency of a sensor network. This is especially desirable in resource-constrained networks, such as WSN, where it has been shown that radio energy dominates total energy expenditure on a sensor.
A significant risk of data aggregation however is that a node that is captured by an adversary can report arbitrary values as its aggregation result, thereby corrupting not only its own measurements but also that of all the nodes in its entire aggregation sub-tree. As a consequence, an adversary who captures nodes selectively and strategically can corrupt the entire network aggregation process, while incurring minimal cost and effort. This is called the aggregation integrity problem.
RELATED WORK
A thorough Literature Review of the available papers is done and some of the papers are listed along with the context in which the idea of the paper was studied for the inception of this project.
Cryptography
Cryptography is the basic encryption method used in implementing security. Cryptographic methods used in WSNs should meet the constraints of sensor nodes and be evaluated before choosing. It is feasible to apply public key cryptography to WSNs by choosing appropriate algorithms, parameters, etc., private key operations in asymmetric cryptography schemes are still too expensive in terms of computation and energy cost for sensor nodes, and still need further studies. In this section, we focus on cryptography evaluations and cryptography architectures
1) Cryptography Evaluations: To evaluate the computational overhead, Ganesan, et al. in [11] chose RC4, IDEA, RC5, MD5 and SHA1. RC4 is shown to outperform RC5 for the Motes Atmega platform contrary to the choice of RC5 for the Motes project [5], where a model was derived to allow the interpolation of performance for other architectures. Law et al. [21] compare several and conclude that Rijndael is the suitable cipher when considering security and energy efficiency for sensor networks, and MISTY1 is a good selection when considering storage and energy efficiency.
2) Cryptography Architectures: Malan, et al. [5] proposes the first known implementation of elliptic curve cryptography for sensor networks based on the 8-bit, 7.3828-MHz MICA2 mote. Security architecture proposed by Schmidt, et al. in [16] includes three different interacting phases: a pair wise key agreement to provide authentication and the initial key exchange, the establishment of sending clusters to extend pair wise communication to broadcast inside the communication range, and encrypted and authenticated communication of sensor data.
Secure Routing
WSNs use multi-hop routing and wireless communication to transfer data, thus incur more routing attacks. There are a lot of approaches to ease routing security. In this section, we review existing secure routing approaches.
1) Secure Routing Protocols for Ad Hoc Networks: Some secure AODV algorithms [1] that may be adapted in WSNs have some effects on defending against external attacks because they suggest secure routing information. An on-demand routing protocol for ad hoc to provide resilience to Byzantine failures, proposed by Awerbuch, et al. can be separated into three successive phases: route discovery with fault avoidance by using flooding and cryptographic primitives, and link weight management by multiplicatively increasing the malicious link weight. Their protocol avoids malicious links in the routing paths because the system uses an on-demand route discovery protocol that finds a least weight path to the destination.
2) Multi-Path Routing: Some approaches use multi-path routing and neighbour collaboration techniques, such as [8]. Multi-path routing, location disguise, and relocation methods can be used to protect base stations [8]. In the environment where the network only has a small number of compromised nodes, Multi-path schemes provide more reliable routing, though they introduce more communication overheads. However, in the environment where the network has a large number of compromised nodes, if the compromised can modify the routing data, system may involve more security issues.
3) Reputation Based Schemes: Reputation based schemes normally need neighbour nodes corporation to control the credit, reputation, etc. Routing paths will path the nodes with good reputation. A probabilistic routing algorithm, ARRIVE, is proposed by Karlof, et al. in [3] to defend link failures, patterned node failures, and malicious or misbehaving nodes without resorting to periodic flooding of the network. They are based on reputation or corporate decision, etc., and they can prevent routing paths from passing some nodes that have less reliability factors or the reputations are bad.
4) Broadcast Authentication: μTESLA proposed by Perrig, et al. in [20] is an authenticated broadcast protocol for the SPINS. It divides time into intervals of equal duration and assigns each time slot a corresponding key. During that time, the receiver can use the disclosure key to authenticate the packet stored in its buffer. All of operations in SPINS need the network to keep time synchronization between nodes, thus the base station makes the latter susceptible to attack and has more traffic nearer the base station.
5) Secure Routing Defense Against Attacks: PRSA (path redundancy based security algorithm) [15] uses alternative routing paths for each data transmission call to overcome the sensor network attack. To defend against node compromise, An, et al. in [4] present a route recovery scheme called Route Recovery by One-Hop Broadcast (RROB) that removes compromised nodes from the current route and reconstructs the route without depending on central mediation. RROB reconstructs the new path based on the current path and bypass the compromised nodes in the current path.
Data Aggregation
Fang-Jing Wu and Yu-Chee Tseng[10] defined a data aggregation algorithm that focuses on less strict set of interference neighbours as the set of communication nodes is limited and the transmission directions are toward the sink. But how to schedule multiple tasks at the same time in an efficient way was not discussed.
A secure and fault-tolerant data collection scheme[20] with EBS group key management mechanism, termed as CRINet, was proposed. In CRINet, the encrypted data reports sent from the source group are relayed to the BS by a 3-way routing approach, for increasing data delivery rate and thus enhancing the fault-tolerant capability. But this increases the communication overhead.
Mohanty, Sarma, Panigrahi, Satapathy investigated different possible attacks on the cluster base data gathering protocol and tried to give a symmetric key based security solution[12] to it. This security solution either eliminated or localized the attacks only within a smaller region.
Hyeopgeon, Kyounghwa,Yongtae analysed the performance of AES encryption algorithm in the symmetric key encryption on ATmega644p in 8-bit microcontroller [7]. In the application scenario, they measured the encryption and decryption operation time by the plaintext size. As a result, scale of the sensor networks grows, the delay has been doubled. And energy consumption has also increased accordingly. Performance analysis under plaintext size and hop count were not taken into account.
Bista, Jo, Chang proposed a new and efficient scheme for secure data aggregation where an environment generated sensitive data. Their scheme made use of additive property of complex numbers where sensed data were first converted into a complex number form before being transmitted towards the query server [13]. Thus, their scheme could protect the trend of private data of a sensor node from being known by its neighbouring nodes, including data aggregators, in a WSN, but they could not show the correctness of their analytical models.
Ozdemir, Cam presented the novel security protocol DAA to integrate data aggregation, confidentiality, and false data detection [18]. The performance analysis indicated that the computational and communication overhead of DAA was not substantial, thereby making the implementation of DAA feasible. Enabling every sensor node to be capable of both aggregating and forwarding data in order to improve network security and efficiency was not implemented.
Wu, Tseng considered a data collection scenario in WSNs which had less strict constraints on interference. They then proposed an efficient scheduling and verified it via simulations [6]. Their scheme could only handle one data collection task and not schedule multiple tasks at the same time in an efficient way.
SYSTEM DESIGN
Flaws in the Existing Methodologies
The existing techniques suffer from at least one of the major problems listed below:
No secrecy and privacy.
Encryption techniques are sometimes not implemented.
Redundant data exist.
Key management is not flexible.
XOR operations are performed for data aggregation.
Network is vulnerable to adversaries and hence attacks like Known-plaintext attack, Chosen-plaintext attack, and Man-in-the-middle attacks.
Hence security factor is not high.
Proposed Work
Our objective is to develop a system that performs data aggregation in wireless sensor networks focusing on security and routing to increase the efficiency and reduce the overhead. To solve the above described problems, our paper centres around a solution that constitutes of three phases. This approach integrates data aggregation technique with efficient randomized multi-path routing algorithm and cryptographic technique to ensure privacy, secrecy and less overhead. The three phases include:
Phase 1 - Encryption: Security must be ensured over the data sent via the network to preserve secrecy. Thus, we encrypt the data with efficient algorithm and send the cipher text to the aggregator, to avoid any adversary to eavesdrop on the content.
Phase 2 - Routing: It is apparent that, cipher texts can be broken down by the adversaries using cryptanalysis. Hence the process of routing plays an equal role in the process of security.
Phase 3 - Data Aggregation: The aggregators collect data from a subset of the network, aggregate the data using a suitable aggregation function and then transmit the aggregated result to an upper aggregator or to the querier who generates the query [Fig. 2]. To reduce the transmission overhead, we concentrate on discarding the redundant data (i.e. forwarding only one copy of the data) and we provide algorithms to accomplish this purpose.
Fig 2: Data aggregation in clustered WSN.
Architecture
The layered architecture is illustrated in Fig. 3. The wireless sensors in the network are used to record some information. This data has to be forwarded it to the requesting node in the network in case of a query. Every packet of data goes through three phases as shown in the architecture [Fig. 4].
Fig 3: Layered Architecture
The encryption phase is where the data is scrambled and is made unreadable to the adversary nodes in the network. An efficient key distribution technique is used in prior while the setup of the network topology. Using the private and public keys and encryption technique, the data is converted into a cipher text. In the next phase, the outing phase, the cipher text is split up into a number of shares using an appropriate algorithm. Then, multiple routes from the sensors to the aggregator are computed according to randomized multi-path routing algorithm. In this algorithm, multiple paths are computed in a randomized way each time an information packet needs to be sent, such that the set of routes taken by various shares of different packets keep changing over time. As a result, a large number of routes can be potentially generated for each source and destination. To intercept different packets, the adversary has to compromise or jam all possible routes from the source to the destination, which is practically not possible.
S1
Encryption
Randomized Routing
Database or Querier
Aggregator
S2
Encryption
Randomized Routing
Fig 4: Procedural Architecture
Finally, in the data aggregation phase, both secrecy and privacy are maintained. It provides a pair-wise method to identify if two readings are identical. The cipher text is not decrypted at the aggregator. Instead it uses verification keys to ensure authentication and then compares the pattern of a pair of data. Only one copy of the redundant data is forwarded. The receiver at the other end uses his private and public keys to decrypt the message and hence the secure transmission is achieved.
IMPLEMENTATION
Phase I: Encryption
The system needs to be protected against adversaries who may eavesdrop or tamper with the message being passed around in the wireless sensor network. This is achieved by encrypting the message prior to sending it to the destination nodes.
AES is a block cipher, symmetric key algorithm. It has an initial round and 10, 12 or 14 standard rounds. The encryption process starts arranging the block in a matrix form termed State. The Rijndael algorithm is a symmetric key cipher implementing a substitution-permutation network.
The 4 major steps in this process are Substitute Bytes, Shift Rows, Mix Columns and Add Round Key.
Phase II: Routing
A conventional cryptography-based security method cannot alone provide satisfactory solutions to attacks by intruders. This is because, by definition, once a node is compromised, the adversary can always acquire the encryption/decryption keys of that node, and thus can intercept any information passed through it. Likewise, an adversary can always perform DOS attacks (e.g., jamming) even if it does not have any knowledge of the underlying cryptosystem.
One remedial solution to these attacks is to exploit the network's routing functionality. We simulated the nodes in OMNeT++ environment with VC++ codes. Every node is split into several layers as shown in Fig 5.
Fig 5: Layered architecture of each node
The application layer generates the messages and takes care of the debugging. Sensor stores the data in a table. Data Management does the required aggregation. Localization layer passes the messages to the neighbouring layers. MAC layer reduces the end-to-end packet delay during transmission and also reduces the collisions by putting the data in a queue. Before sending the data to the network, we encrypt using the AES technique mentioned above.
Routing layer implements the randomized routing technique. This layer has the required routing information. At layer 0, when a sensor node wants to send a packet to the aggregator, it first breaks the packet into M shares, according to a (T, M)-threshold secret sharing algorithm. Each share is then transmitted to some randomly selected neighbour. That neighbour will continue to relay the share it has received to other randomly selected neighbours, and so on. In each share, there is a TTL field, whose initial value is set by the source node to control the total number of random relays. After each relay, the TTL field is reduced by 1. When the TTL value reaches 0, the last node to receive this share begins to route it toward the aggregator using min-hop routing. Once the aggregator collects at least T shares, it can reconstruct the original packet. No information can be recovered from less than T shares. It then checks for the redundancy of the data before forwarding it to the sink.
Phase III: Aggregation
The aggregator performs its functionality in the data management layer. We used basic XOR function to perform the aggregation. When the aggregator receives the encrypted data from two or more nodes, it XORs the data received from the nodes by pairing them in twos.
a=E(m1) E(m2)
If the output of XOR is obtained as 0, it implies that the data from this pair of nodes are the same and only one copy of the data is forwarded to the sink. Otherwise it compares it with the next paired node and repeats the process exhaustively. Once all the nodes are compared, the non-redundant data are forwarded to the sink, which decrypts the messages to understand the data.
Simulation Results
Fig 6 shows the screenshot of the system taken into consideration, upon which the above described procedure was implemented. The system consists of a network with 50nodes and aggregator.
Fig 6: Screenshot
The performance analysis graph (fig. 7) shows us that randomized multilevel routing performs better at higher network load levels when compared to mere shortest path routing.
Fig 7: Performance analysis graph
CONCLUSION AND FUTURE WORK
The overview of the research work carried out in the field of wireless sensor networks is described above and we have listed out the pros and cons of each concept involved.
The problem domain has been analysed well and a clear outline of the solution has been developed. This paper performs the combination of encryption, routing and a basic aggregation technique in wireless sensor networks. From the implementation perspective, various encryption algorithms have been studied and AES algorithm was implemented; for routing, randomized and multilevel routing are implemented to provide security and efficiency; XOR is used for aggregation, whch eliminated the redundancy.
This system uses a lot of communication overhead because of the spitting a packet into shares and overhead is high at each node because of multiple levels. Also, a more efficient data aggregation technique must be designed which ensures equivalent privacy. The system can be further developed to work on a large set of nodes.
