58

CHAPTER 3

LITERATURE REVIEW

3.1 SURVEY ON WIRELESS SENSOR NETWORK

SECURITY

Security is a common concern for any network system, but

security in Wireless sensor network is of a great importance to ensure its

application success. When sensor network is used for military purposes,

it is very important to keep the sensed information confidential and

authentic. The traditional network security schemes are not applicable

for WSN because sensor nodes are supplied with limited battery power

and they have small memory size and limited computational ability.

Most of the traditional techniques, however, are unsuitable in low power

devices such as WSNs. This is due largely to the fact that typical key

exchange techniques use asymmetric cryptography, also called public

key cryptography. In this case, it is necessary to maintain two

mathematically related keys, one of which is made public while the

other is kept private. This allows data to be encrypted with the public

key and decrypted only with the private key. The problem with

asymmetric cryptography, in a wireless sensor network, is that it is

59

typically too computationally intensive for the individual nodes in a

sensor network. This is true in the general case, so the WSN requires

lightweight security mechanisms.

Symmetric cryptography is therefore the typical choice for

applications that cannot afford the computational complexity of

asymmetric cryptography. Symmetric schemes utilize a single shared

key known only between the two communicating hosts. This shared key

is used for both encrypting and decrypting data. The traditional example

of symmetric cryptography is DES (Data Encryption Standard). The use

of DES, however, is declining due to the fact that it can be broken

relatively easily. In light of the shortcomings of DES, other symmetric

cryptography systems have been proposed including 3DES (Triple

DES), RC5, AES, and so on (Schneier.B 1996). One major shortcoming

of symmetric cryptography is the key exchange problem. The key

exchange problem derives from the fact that two communicating hosts

must somehow know the shared key before they can communicate

securely. How to distribute a shared key securely to communicating

hosts is a non-trivial problem since pre-distributing the keys is not

always feasible. For hosts with greater computational power than

WSNs, WEP and WPA are popular solutions. Michell.S and

Srinivasan.K. (2004) described these two protocols. The older standard,

Wired Equivalent Privacy (WEP) is a symmetric encryption scheme

wherein each frame is encrypted using an RC4 stream cipher. Each host

60

that communicates on the network must know the shared WEP key.

Unfortunately, WEP suffers from security problems (Walker.J ,2002),

making it all but useless for a secure solution. Wi-Fi protected access

(WPA) is the replacement for WEP. The latest version of WPA (WPA

2.0) uses the advanced encryption standard (AES), a much more secure

solution than DES, the encryption scheme AES replaces. AES does offer

robust encryption, but requires additional hardware (a coprocessor).

Unfortunately, both WEP and WPA are unsuitable for WSNs for two

major reasons. The first is that since they are symmetric cryptosystems,

they both require a shared key. The second is that both are too

computationally intensive for use in power and computationally

constrained devices.

The LEAP protocol described by Zhu et. al. (2003). They have

followed an different approach that utilizes multiple keying

mechanisms. Their observation is that no single security requirement

accurately suites all types of communication in a wireless sensor

network. Therefore, four different keys are used depending on whom

the sensor node is communicating with. Sensors are preloaded with an

initial key from which further keys can be established. As a security

precaution, the initial key can be deleted after its use in order to ensure

that a compromised sensor cannot add additional compromised nodes to

the network.

61

Chan. H and Perrig. A (2005) described a mechanism for

establishing a key between two sensor nodes that is based on the

common trust of a third node somewhere within the sensor network.

The nodes and their shared keys are spread over the network such that

for any two nodes A and B, there is a node C that shares a key with both

A and B. Therefore, the key establishment protocol between A and B

can be securely routed through C.

Perrig. A., et. al. (2002) proposed a key-chain distribution

system for their Tesla secure broadcast protocol. The basic idea of the

Tesla system is to achieve asymmetric cryptography by delaying the

disclosure of the symmetric keys. In this case a sender will broadcast a

message generated with a secret key. After a certain period of time, the

sender will disclose the secret key. The receiver is responsible for

buffering the packet until the secret key has been disclosed. After

disclosure the receiver can authenticate the packet, provided that the

packet was received before the key was disclosed. One limitation of

Tesla is that some initial information must be unicast to each sensor

node before authentication of broadcast messages can begin.

Liu. D and Ning. P, (2003) proposed an enhancement to the

Tesla system that uses broadcasting of the key chain commitments

rather than Tesla’s unicasting technique. They present a series of

schemes starting with a simple pre-determination of key chains and

62

finally settling on a multi-level key chain technique. The multi-level key

chain scheme uses pre-determination and broadcasting to achieve a

scalable key distribution technique that is designed to be resistant to

some types of wireless sensor network attacks.

Huang. Q., et. al. (2003) proposed a hybrid key establishment

scheme that makes use of the difference in computational and energy

constraints between a sensor node and the BS. They posit that an

individual sensor node possesses far less computational power and

energy than a BS. In light of this, they propose to place the major

cryptographic burden on the BS where the resources tend to be greater.

On the sensor side, symmetric-key operations are used in place of their

asymmetric alternatives. The sensor and the BS authenticate based on

elliptic curve cryptography. Elliptic curve cryptography is typically used

in sensors due to the fact that relatively small key lengths are required to

achieve a given level of security. Authors are also use certificates to

establish the legitimacy of a public key. The certificates are based on an

elliptic curve implicit certificate scheme. Such certificates are useful to

ensure both that the key belongs to a device and that the device is a

legitimate member of the sensor network. Each node obtains a

certificate before joining the network using an out-of-band interface.

Michell and Srinivasan (2004) described a State Based Key

Hop (SBKH) protocol designed to replace both WEP and WPA in

63

battery operated devices, including nodes in WSNs. The key to their

state based key hop protocol is that two communicating nodes share a

common knowledge of the RC4 state. In so doing, they are able to

initialize only when the base key changes. For two nodes to encrypt and

decrypt, they must share the same state, known as the RC4 state.

Further, a sequence counter is maintained between two communicating

nodes. This helps in the decryption process as the decrypting node uses

the sequence counter of a packet in order to discern which RC4 state is

needed to properly decrypt the packet.

Gura et. al. (2004) reported that both RSA and elliptic curve

cryptography are possible using 8-bit CPUs with ECC demonstrating a

performance advantage over RSA. Another advantage is that ECC’s 160

bit keys result in shorter messages during transmission compared the

1024 bit RSA keys. In particular, the authors demonstrated that the point

multiplication operations in ECC are an order of magnitude faster than

private-key operations within RSA and are comparable to the RSA

public-key operation.

Watro. R., et. al. (2004) showed that portions of the RSA

cryptosystem can be successfully applied to actual wireless sensors,

specifically the UC Berkeley MICA2 motes. In particular, they

implemented the public operations on the sensors themselves while

offloading the private operations to devices better suited for the larger

64

computational tasks. The TinyPK system described by Watro.R,

et.al.,(2004) is designed specifically to allow authentication and key

agreement between resource constrained sensors. The agreed upon keys

may then be used in conjunction with the existing cryptosystem. To do

this, they implement the Diffie-Hellman key exchange algorithm and

perform the public-key operations on the Berkeley motes.

Traditionally, multicasting and broadcasting techniques have

been used to reduce the communication and management overhead of

sending a single message to multiple receivers. In order to ensure that

only certain users receive the multicast or broadcast, encryption

techniques must be employed. In both a wired and wireless network this

is done using cryptography. The problem then is one of key

management. To handle this, several key management schemes have

been devised: centralized group key management protocols,

decentralized management protocols, and distributed management

protocols. In the case of the centralized group key management

protocols, a central authority is used to maintain the group.

Decentralized management protocols, however, divide the task of group

management amongst multiple nodes. Each node that is responsible for

part of the group management is responsible for a certain subset of the

nodes in the network. In the last case, distributed key management

protocols, there is no single key management authority. Therefore, the

entire group of nodes is responsible for key management. In order to

65

efficiently distribute keys, one well known technique is to use a logical

key tree. Such a technique falls into the centralized group key

management protocols. This technique has been extended to WSNs

(Pietro. R. D. et.al. 2003). While centralized solutions are often not

ideal, in the case of WSNs a centralized solution offers some utility.

Such a technique allows a more powerful base station to offload some of

the computations from the less powerful sensor nodes.

Pietro. R. D., et. al. (2003) described a directed diffusion based

multicast technique for use in WSNs that also takes advantage of a

logical key hierarchy. In a standard logical key hierarchy a central key

distribution center is responsible for disbursing the keys throughout the

network. The key distribution center, therefore, is the root of the key

hierarchy while individual nodes make up the leaves. The internal nodes

of the key hierarchy contain keys that are used in the re-keying process.

Directed diffusion is a data-centric, energy efficient dissemination

technique that has been designed for use in WSNs (Intanagonwiwat.C

et. al. 2000). In directed diffusion, a query is transformed into an interest

(due to the data-centric nature of the network). The interest is then

diffused throughout the network and the network begins collecting data

based on that interest. The dissemination technique also sets up certain

gradients designed to draw events toward the interest. Data collected as

a result of the interest can then be sent back along the reverse path of the

interest propagation . Using the above mentioned directed diffusion

66

technique (Di Pietro et. al. 2003) enhanced the logical key hierarchy to

create a directed diffusion based logical key hierarchy. The logical key

hierarchy technique provides mechanisms for nodes joining and leaving

groups where the key hierarchy is used to effectively re-key all nodes

within the leaving node’s hierarchy.

Kaya et. al. (2003) discussed the problem of multicast group

management. In this case, nodes are grouped based on locality and

attach to a security tree. However, their assumptions assume that nodes

within the mobile network are somewhat more powerful than a

traditional sensor in a wireless sensor network.

Lazos and Poovendran (2002) described a tree based key

distribution scheme. They suggest a routing-aware based tree where the

leaf nodes are assigned keys based on all relay nodes above them. They

argue that their technique, which takes advantage of routing

information, is more energy efficient than routing schemes that

arbitrarily arrange nodes into the routing tree. They propose a greedy

routing-aware key distribution algorithm. The authors use geographic

location information rather than routing information. In this case,

however, nodes are grouped into clusters with the observation that nodes

within a cluster will be able to reach one another with a single broadcast.

Using the cluster information, a key hierarchy is constructed.

67

Wireless sensors are designed to be widely distributed power

and computationally constrained networks, efficient routing protocols

must be used in order to maximize the battery life of each node. There

are a variety of routing protocols in use in WSNs, so it is not possible to

provide a single security protocol that will be able to secure each type of

routing protocol. In general, packet routing algorithms are used to

exchange messages with sensor nodes that are outside of a particular

radio range. This is as opposed to sensors that are within radio range

where packets can be transmitted using a single hop. In such single hop

networks security is still a concern, but is more accurately addressed

through secure broadcasting and multicasting. The first packet routing

algorithm is based on node identifiers similar to traditional routing. In

this case, each sensor is identified by an address and routing to/from the

sensor is based on the address. This is generally considered inefficient in

sensor networks, where nodes are expected to be addressed by their

location, rather than their identifier. As a consequence of the distaste of

routing based on node identifiers, geographic routing protocols have

been introduced. One common routing protocol, GPSR ( B. Karp et. al.

2000) allows nodes to send a packet to a region, rather than a particular

node. Such a routing protocol lends itself nicely to the concept of data-

centric networks.

Deng et. al. (2002) described an intrusion tolerant routing

protocol, INSENS, that is designed to limit the scope of an intruder’s

68

destruction and route despite network intrusion without having to

identify the intruder. The authors pointed that an intruder need not be an

actual intrusion on the sensor network, but rather might simply be a

node that is malfunctioning for no particularly malicious reason.

Identifying an actual intruder versus a malfunctioning node can be

extremely difficult, and for this reason the authors make no distinction

between the two. The first technique they describe to mitigate the

damage done by a potential intruder is to simply employ the use of

redundancy. In this case, as described previously under denial of

service, multiple identical messages are routed between a source and

destination. A message is sent once along several distinct paths with the

hope that at least one will arrive at the destination. The messages

arriving at the destination are authentic; an authentication scheme can be

employed to confirm the message’s integrity.

They also made use of an assumed asymmetry between base

stations and wireless sensor nodes. They assumed that the BSs are

somewhat less resource constrained than the individual sensor node.

For this reason, they suggested using the BS to compute routing tables

on behalf of the individual sensor nodes. This is done in three phases. In

the first phase, the BS broadcasts a request message to each neighbor

which is then propagated throughout the network. In the second phase,

the BS collects local connectivity information from each node. Finally,

the BS computes a series of forwarding tables for each node. There are

69

several possible attacks that can be made on the routing protocol during

each of the three stages described above. In the first phase, a node might

spoof the BS by sending a spurious request message. A malicious node

might also include a fake path(s) when forwarding the request message

to its neighbors. It may not even forward the request message at all. To

counter this, authors use a scheme similar to TESLA where one-way

key chains are used to identify a message originating from the BS.

Tanachaiwiwat, et. al. (2003) presents a novel technique named TRANS

(Trust Routing for Location Aware Sensor Networks). The TRANS

routing protocol is designed for use in data centric networks. It also

makes use of a loose-time synchronization asymmetric cryptographic

scheme to ensure message confidentiality.

In their implementation, TESLA is used to ensure message

authentication and confidentiality. Using TESLA, TRANS is able to

ensure that a message is sent along a path of trusted nodes while also

using location aware routing. The strategy is for the BS to broadcast an

encrypted message to all of its neighbors. Only those neighbors who are

trusted will possess the shared key necessary to decrypt the message.

The trusted neighbor(s) then adds its location (for the return trip),

encrypts the new message with its own shared key and forwards the

message to its neighbor closest to the destination. Once the message

reaches the destination, the recipient is able to authenticate the source

(BS) using the MAC that will correspond to the BS. To acknowledge or

70

reply to the message, the destination node can simply forward a return

message along the same trusted path from which the first message was

received.

As WSNs continue to grow in size, so does the amount of data

that the sensor networks are capable of sensing. However, due to the

computational constraints placed on individual sensor, a single sensor is

typically responsible for only a small part of the overall data. Because

of this, a query of the wireless sensor network is likely to return a great

deal of raw data, much of which is not of interest to the individual

performing the query. Thus, it is advantageous for the raw data to first

be processed so that more meaningful data can be gleaned from the

network. This is typically done using a series of aggregators (John et.

al. 2007). An aggregator is responsible for collecting the raw data from

a subset of nodes and processing/aggregating the raw data from the

nodes into more usable data. However, such a technique is particularly

vulnerable to attacks as a single node is used to aggregate multiple data.

Because of this, secure information aggregation techniques are needed

in WSNs where one or more nodes may be malicious.

Clustering techniques are discussed by Estrin. D et. al. (1999).

They developed a localized algorithm that uses the directed diffusion

technique to achieve a global perspective using only local nodes. In

their algorithm, nodes are assigned levels, with level 0 being the lowest

71

level. When a node transmits a message, the number of hops that the

message travels is proportional to the node’s level. A node can be

promoted and demoted. Using this technique, higher level nodes are

able to communicate across clusters, while their lower level siblings

cannot. This effectively enables localized cluster computation while the

higher level nodes can coordinate their cluster’s local information to

achieve a global solution (Estrin. D et. al. 1999). If an aggregation node

is itself compromised, then all of the data being delivered from the

sensor network to the BS may be forged. To detect this, Ye et. al.

(2004) described a statistical en-route filtering mechanism. It utilizes

multiple MACs along the path from the aggregator to the BS. Any

packet that fails any of the MAC tests will be disregarded.

3.2 SURVEY ON FUSION ASSURANCE MECHANISM

Data fusion first appeared in the literature in the 1960s, as

mathematical models for data manipulation. It was implemented in US

in the year 1970s in the fields of robotics and defense. In 1986 the US

Department of Defense established the Data Fusion Sub-Panel of the

Joint Directors of Laboratories (JDL) to address some of the main issues

in data fusion and chart the new field in an effort to unify the

terminology and procedures. Sensor fusion is the combining of sensory

data or data derived from sensory data from disparate sources such that

the resulting information is in some sense better than would be possible

72

when these sources were used individually. The present applications of

data fusion span a wide range of areas: maintenance engineering,

robotics, pattern recognition and radar tracking, mine detection and

other military applications, remote sensing, traffic control, aerospace

systems, law enforcement, medicine, finance, metrology and geo-

science. Since the applications of data fusion are disparate, it is

impossible to build a one-fits-all framework. Several generic platforms

are described in the literature. Sensor fusion applications are mostly in

the defense, security and safety areas.

Wen-Hwa Liao and siao-Hsien Wang (2008) described an

asynchronous MAC protocol (AMAC). In this paper to improve the

problem of energy wasting and time synchronization due to sleeping

schedule exchange under the PMAC basic protocol. They concluded

that AMAC has very good adaptation ability to the environmental

change. Under the wireless sensor network, the time asynchronous

operation mode is closer to the spirit of disperse computation. Not only

does it not require the consideration of the effect of time deviation to the

entire network operation, but also eliminates the execution of extra

synchronization mechanism for time synchronization. In the mean time,

there is more flexibility for the addition and removal of the sensors.

Satish. M et. al. (2009) described data aggregation is useful in

dealing with multi-value domain information, which often requires

73

approximate agreement decisions among nodes. In contrast to fully

connected networks, the research on data aggregation for partially

connected networks is very limited. Data aggregation is the ability to

provide global information for purposes of network management and

user services. The authors refer to data aggregation, or simply

aggregation, as a set of functions that provide components of a

distributed system access to global information. Depending on the

service type, data aggregation has been referred to by other names such

as ‘‘data fusion” in sensor networks, ‘‘approximate agreement”, and

‘‘consensus” in distributed systems literature.

Wen-Hwa Liao et. al. (2008) discussed the problem of

constructing data aggregation tree in a wireless sensor network for a

group of source nodes to send sensory data to a single sink node. The

ant colony system provides a natural and intrinsic way of exploring

search space in determining data aggregation. Their aggregation

approach helps to reduce the amount of information that needs to be

transmitted by performing data fusion at the aggregate points before

forwarding the data to the end user. They concluded that every ant will

explore all possible paths from the source node to the sink node. In order

to increase the probability of intersection of routing paths, our

mechanism extends the routing paths.

74

Enrique et. al. (2003) described the transport capacity of a data-

gathering wireless sensor network under different communication

organizations. The rapid advances in Micro-Electro Mechanical Systems

(MEMS) and wireless technologies have enabled the integration of

sensing, actuation, processing and wireless communication capabilities

into tiny sensor devices. They concluded that knowledge of the traffic

load cans double the achievable throughput of a network with multi-hop

communications. Using a hierarchical architecture and introducing extra

nodes as cluster heads can achieve the ultimate upper bound on

throughput capacity.

Ioannis et. al. (2008) discussed four characteristic mobility

patterns for the sink that they combined with different data collection

strategies. The main idea is that the sink is mobile, has significant and

easily replenish able energy reserves and moves inside the area the

sensor network is deployed.

Wen-Tsai Sung (2010) proposed a Back-Propagation Network

(BPN) for multi-sensors data fusion in a WSNs (WSNs) system with a

node-sink mobile network structure. Here they discussed the

classification and fusion approach in WSNs, which BPN based feature

extraction method is proposed. This method partitions the frequency

band in different resolution to distinguish the difference in low-

frequency band and reduces the feature dimensions greatly. The

75

extracted feature expresses stable classification rate for different moving

condition.

Monaco.U, et.al. (2006) described the foundations to develop algorithms

and techniques that minimize the data gathering latency and at the same

time balance the energy consumption among the nodes, so as to

maximize the network lifetime. The proposed models provide a deeper

insight into the problem of timely and energy efficient data gathering.

Useful guidelines for the design of efficient WSNs are derived and

discussed.

Mohamed Watfa et. al. (2009) discussed that an energy

efficient approach to query processing by implementing new

optimization techniques applied to in-network aggregation. They

providing a new distributed algorithm for query processing in WSNs

which is an optimized energy efficient distributed algorithm with respect

to all the sensor’s resource constraints. This approach is to provide

significant reductions in power consumption through reducing the

number of query related messages in the whole network. Low energy

consumption, and limited storage and memory usage are the three main

constraints which we focus on in our approach. The authors presents

their approach and evaluate it through several simulations to prove its

efficiency, competence and effectiveness.

76

Cristina Cano, et. al. (2008) described an efficient way of data

collection by grouping the sensors in aggregation zones, allowing the

aggregators to process the data generated (sensed) inside the aggregation

zone in order to minimize the amount of transmissions to the sink. They

provided a security mechanism based on hash chains to secure data

transmissions in networks with low ability sensors and without the

requirements of an instantaneous source authentication

Akyildiz I. F and Erich P. Stuntebeck (2006) introduced the

concept of a Wireless Underground Sensor Network (WUSN). WUSNs

can be used to monitor a variety of conditions, such as soil properties for

agricultural applications and toxic substances for environmental

monitoring. The concept of WUSNs is in which sensor devices are

deployed completely below ground. There are existing applications of

underground sensing, such as soil monitoring for agriculture. They

demonstrated the benefits of WUSNs over current sensing solutions

including: complete network concealment, ease of deployment, and

improved timeliness of data. Underground is a particularly difficult

environment for wireless communication which poses several research

challenges for WUSNs. They showed that low frequencies are able to

propagate with lower losses through the underground and that

frequencies used by traditional terrestrial WSNs are infeasible for this

environment.

77

Ismail et. al. (2005) reported the issues related to data

integration in WSNs with respect to heterogeneity, dynamicity, and

distribution at both the technology and application levels. They studied

the roles agents can perform to reduce network track overheads,

improve scalability and extensibility of wireless networks and increase

the stability and reliability of networks against hardware and software

failures. And they discussed a scenario of a uniform interface to data

collected from sensor nodes that will map sensor specific data to the

global information source based on a context exported by software

agents to the data integration system.

HirenKumar et. al. (2009) discussed a hierarchical energy

efficient communication protocol for such type of a wireless sensor

network namely wireless Sensor system for Hierarchical Information

gathering through Virtual triangular Areas (SHIVA). It proposed a

communication protocol for routing of data from ordinary sensor nodes

to the BS. A logical hierarchical organization of the sensor network is

considered. The proposed protocol speaks about how the logical

hierarchical topology is achieved in self organizing manner. The entire

protocol namely wireless Sensor system for Hierarchical Information

gathering through Virtual triangular Areas (SHIVA) and also rely on a

cluster head set to manage a cluster on contrary to the traditional

concept of one cluster head in a cluster. This also gives robustness to the

solution in the sense that if one cluster head looses connectivity to some

78

of the subordinate sensor nodes due to the mobile nature of the sensor

nodes as well as the BS then this cluster head can get connected to that

through another cluster head in the set. The solution also tries to balance

the load among the sensors by rotating the headship responsibility

among the eligible sensor nodes in a uniform manner. This also

contributes significantly in elongating the network lifetime. In the

proposed protocol the decision regarding the direct or indirect

communication between cluster head and the BS is made dynamically

based on the current status of the network topology. This saves

significant amount of energy to be expended for communication.

Lin SHEN and Xiangquan SHI (2008) presented a location

based LEACH clustering algorithm, which is an extension to the

LEACH routing algorithm. Armed with distributed and local network

based routing decision-making mechanism, this algorithm fully utilizes

the location information of network nodes in routing to reduce the

routing cost. Simulation results indicate that this algorithm can balance

nodes’ energy consumption and prolong the network’s life span. It also

has good stability and extensibility. They proposed a progressive

algorithm for the cluster head selection. Simulation results show that

their algorithm is much more efficient and can double the lifespan of a

wireless sensor network. Such results are obtained under additional

conditions, i.e., known location information and ability to adjust data

transmission power based on distance.

79

Ren P. Liu et. al. (2008) proposed an Efficient Reliable Data

Collection(eRDC) algorithm. The eRDC is designed for energy-

constraint WSNs to balance reliability and energy consumption. They

derived energy efficiencies of the proposed reliability schemes, and

evaluate their performances. These analyses provided a guideline to

determine the number of retransmissions for reliable data delivery.

Dynamic programming concept is used to find the optimal solution.

They presented a distributed eRDC implementation to dynamically

control the maximum number of retransmissions based on the guideline

provided. Discrete event simulations and field trials with wireless sensor

nodes confirmed their results.

Arun Kumar et. al. (2009) presented an efficient and scalable

framework called Reliable and Energy Efficient Framework (REEF) for

reliable data collection in WSNs. REEF employs a distributed scheme

which enables it to scale to large networks. It partitions the network in to

clusters where the node with highest residual energy in a neighborhood

becomes the cluster head. REEF forms a virtual backbone connecting

the cluster heads and the sink by selecting some nodes from each cluster

as gateway nodes. Sensor nodes report sensed data to their respective

cluster heads which use an outlier detection algorithm to detect faulty

data. REEF significantly cuts down on energy consumption by ensuring

that a large number of sensor nodes can go into a deep sleep mode, in

which the radio as well as CPU is switched off, for a major part of their

80

life time. Simulation results demonstrate that REEF uses as low as 50%

of the energy for the same accuracy when compared to a recently

proposed scheme based on passive listening.

Yang. Y et. al. (2006) proposed a Secure Hop-by-hop Data

Aggregation Protocol (SDAP) is proposed. The authors of SDAP are

motivated by the fact that, compared to low-level sensor nodes, more

trust is placed on the high-level nodes (i.e., nodes closer to the root)

during a normal hop-by-hop aggregation process in a tree topology.

Because aggregated data calculated by a high-level node represents the

data of a large number of low-level sensor nodes. If a compromised

node is closer to the BS, the false aggregated data produced by this

compromised node will have a larger impact on the final result

computed by the BS. Since all sensor nodes have simple hardware that

is prone to compromise, none of those low-cost sensor nodes should be

more trustable than others. Hence, SDAP aims to reduce the approach of

reducing the trust on high-level nodes by following the divide-and-

conquer principle. SDAP dynamically partitions the topology tree into

multiple logical groups (subtrees) of similar sizes using a probabilistic

approach. In this way, fewer nodes are located under a high-level sensor

node in a logical subtree resulting in reduced potential security threat by

a compromised high-level node.

81

Ozdemir. S (2005) improved the main idea of SELDA by

introducing functional reputation concept where each functional

reputation value is computed over sensor node actions with respect to

that function. Hence, security of data aggregation process is ensured by

selecting trusted data aggregators using aggregation functional

reputation and by weighting sensor data using sensing functional

reputation. The simulation results show that using functional reputation

is more effective than using general reputation when evaluating the

trustworthiness of a sensor node. In WSNs, a compromised sensor node

can inject false data during data forwarding and aggregation to forge the

integrity of aggregated data. It is highly desirable for sensor nodes to

detect and drop false data as soon as possible in order to avoid depleting

their limited resources such as battery power and bandwidth

(Çam.H et. al. 2007). Although several secure data aggregation

protocols (Przydatek. B., et. al. 2003, Mahimkar. A et. al. 2004, Du.W,

et. al. 2003) are able to detect the false data injected by sensor nodes,

false data injections by compromised data aggregators cannot be

detected by these methods. The reason is that data aggregation results in

data alterations and therefore a change in aggregated data due to false

data injection is extremely hard to detect. Such false data injections by

compromised data aggregators can easily result in false alarms that

waste the network’s resources and reduce the operational efficiency

(Çam.H et. al. 2007). Recently, some work has been reported on

82

detection false data injections during data aggregation so that the false

alarm ratio in the network is reduced (Sun. B et. al. 2007, Chand. N

et. al. 2007, Çam. H et. al. 2007).

Ozdemir. S et. al. (2007) argued that compromised nodes have

access to cryptographic keys that are used to secure the aggregation

process and therefore cryptographic primitives alone cannot provide a

sufficient enough solution to secure data aggregation problem. Based on

this observation, the authors propose a Secure and rELiable Data

Aggregation protocol, called SELDA which makes use of a web of trust.

The basic idea behind SELDA is that sensor nodes observe actions of

their neighboring nodes to develop trust levels (trustworthiness) for both

the environment and the neighboring nodes. Sensor nodes exchange

their trust levels with neighboring nodes to form a web of trust that

allows them to determine secure and reliable paths to data aggregators.

Moreover, to improve the reliability of the aggregated data, data

aggregators weigh sensor data they receive using the web of trust. One

important property of SELDA is that, due to the monitoring mechanisms

in use, it can detect if a data aggregator is under DoS attack. The

simulation results show that SELDA increases the reliability of the

aggregated data at the expense of a tolerable communication overhead.

Sun. B et. al. (2007) and Chand. N et. al. (2007) proposed a

secure data aggregation problem is addressed from intrusion detection

83

perspective. In the proposed scheme, an Extended Kalman Filter (EKF)

based mechanism to detect false injected data is proposed. Along with

the employment of EKF, the proposed mechanism monitors sensor

nodes to predict their future real in-network aggregated values. For

aggregated values, a normal range is determined to detect false data

injections. Using different aggregation functions (average, sum, max,

and min), the authors show how to obtain normal ranges theoretically.

Moreover, it is also shown that the proposed EKF issued to create

effective local detection mechanisms. The created local detection

approaches are able to differentiate between malicious events and

emergency events and therefore it can reduce the false alarm rate in the

network. Extensive simulations are performed to evaluate performance

of local detection mechanisms, including false positive rate and

detection rate, under different aggregation functions. Simulation results

demonstrate that the proposed techniques achieve desirable performance

to detect false injected data.

The work presented in (Çam. H et. al. 200) realizes the fact that

many existing false data detection techniques consider false data

injections during data forwarding only. The paper presents a data

aggregation and authentication protocol, called DAA, to integrate false

data detection with data aggregation and confidentiality. To support data

aggregation along with false data detection, a monitoring algorithm is

proposed. Using this monitoring algorithm, the monitoring nodes of

84

every data aggregator also conduct data aggregation and compute the

corresponding small-size message authentication codes for data

verification at their pair mates. To support confidential data

transmission, the sensor nodes between two consecutive data

aggregators verify the data integrity on the encrypted data rather than

the plain data. Each data packet is appended with two full-size message

authentication codes, each consisting of one small-size message

authentication codes. Performance analysis shows that DAA detects any

false data injected by the compromised nodes, and that the detected false

data are not forwarded beyond the next data aggregator on the path.

Sanli H. O. et. al. (2004) proposed a Secure Reference-Based

Data Aggregation (SRDA) protocol for cluster-based WSNs. Like

ESPDA, SRDA also realizes the fact that data aggregation protocols

should work in conjunction with the data communication security

protocols, and that any conflict between these protocols might create

loopholes in-network security such as violating data confidentiality. In

SRDA, raw data sensed by sensor nodes are compared with reference

data values and then only the difference data are transmitted. Reference

data is taken as the average value of a number of previous sensor

readings. The motivation behind SRDA is that it is critical to reduce the

number of bits in a transmission because radio communication is the

most energy-consuming activity in a sensor node. While data

aggregation reduces the number of packets, decreasing the size of the

85

transmitted packets will further improve the energy savings. In

conventional data aggregation algorithms, sensors transmit their raw

sensed data to the cluster heads. This wastes energy and bandwidth since

a certain range of the data may remain the same in each packet.

However, SRDA transmits the differential data rather than the raw

sensed data. That is, the raw data sensed by sensor nodes are compared

with reference data and then only the difference data are transmitted.

Przydatek B et. al. (2003), stated that random sampling

mechanisms and interactive proofs are used to check the correctness of

the aggregated data at the BS. The proposed protocol is called SIA. The

authors claim that, by constructing efficient random sampling

mechanisms and interactive proofs, it is possible for the user to verify

that the aggregated data provided by the aggregator is a good

approximation of the true value even when the aggregator and a fraction

of the sensor nodes are compromised. In particular, the authors present

efficient protocols for securely computing the median and the average of

the measurements, estimating of the network size, and finding the

minimum and maximum sensor reading. In the paper, the correctness of

data is checked by constructing a Merkle hash tree. In this construction,

all the collected data is placed at the leaves of the tree, and the

aggregator computes a binary hash tree starting from the leaf nodes:

each internal node in the hash tree is computed as the hash value of the

concatenation of the two child nodes. The root of the tree is called the

86

commitment of the collected data. The authors also assumed that each

sensor node has a unique identifier and shares a separate secret

cryptographic key with the BS and with the aggregator. These keys

enable data confidentiality, integrity and authentication.

SecureDAV protocol of Mahimkar A and Rappaport T. S,

(2004) is very similar to Przydatek. B et. al. (2003) except that elliptic

curve cryptography is used for encryption purposes. Moreover,

SecureDAV improves the data integrity vulnerability by signing the

aggregated data. SecureDAV is a clustered approach where all sensor

nodes within a cluster share a secret cluster key. Each sensor node is

able to generate a partial signature over the aggregated data. Each data

aggregator aggregates its cluster data and broadcasts the aggregated data

to its cluster. Each sensor node in the cluster compares its data with the

aggregated data broadcasted by the data aggregator. A sensor node

partially signs the aggregated data if and only if the difference between

its data and aggregated data is less than a threshold. Finally, the data

aggregator combines the partial signatures to form a full signature of the

aggregated data and sends it to the BS. SecureDAV provides data

confidentiality, data integrity, and source authentication. However, the

scheme incurs high communication overhead on data validation and

supports only the average aggregation function.

87

Wu. K et. al. (2007), explained that sensor nodes use the

cryptographic algorithms only when a cheating activity is detected.

Topological constraints are introduced to build a Secure Aggregation

Tree (SAT) that facilitates the monitoring of data aggregators. In SAT,

any child node is able to listen to the incoming data of its parent node.

When the aggregated data of a data aggregator are questionable, a

weighted voting scheme is employed to decide whether the data

aggregator is properly behaving or is cheating. If the data aggregator is a

misbehaving node, then SAT will be rebuilt locally so that the

misbehaving data aggregator is excluded from the aggregation tree.

Du.W et. al. (2003) proposed a witness based data aggregation

scheme for WSNs. The witness nodes of each data aggregator also

perform data aggregation and compute MACs of the aggregated data.

Witness nodes do not send their aggregated data to the BS. Instead, each

witness node sends its MAC of the aggregated data to the data

aggregator. The data aggregator collects and forwards the MACs to the

BS. Those MACs that are computed by the witness nodes are used at the

BS for verifying the correctness of the data aggregated by data

aggregators. This enhances the assurance of data aggregation. In order

to prove the validity of the aggregated data, each data aggregator has to

provide proofs from several witnesses. Because the data validation is

performed at the BS, the transmission of false data and MACs up to BS

affects adversely the utilization of sensor network resources. This

88

proposed protocol offers only integrity property to the data aggregation

security.

3.3 SURVEY ON REPORTING SCHEME

In WSNs, the measured critical data should reach the sensor

gateway as soon as possible. The WSNs architecture and the

corresponding energy-efficiency schemes should guarantee the

uninterrupted network connectivity while at the same time they should

minimize the energy consumption (Nikolaos A. et. al. 2009). S-MAC

is the most well-known distributed coarse-grain passive protocol,

proposed by (Heidemann. J et. al. 2002). It gives the possibility to

nodes to discover their neighbors and build sensor networks for

communication without being obliged to have master nodes. The major

energy consuming procedures of S-MAC are the following: periodic

listen and sleep, collision and overhearing avoidance and message

passing. The reduction of energy consumption is achieved by the

introduction of the following techniques: First, in order to avoid the

overhearing problem, neighboring nodes are synchronized to go to sleep

periodically. Therefore, they do not waste energy when a neighboring

node is transmitting to another node or by listening to an empty channel.

Secondly, the control packet overhead of the network is kept low

because synchronized neighboring nodes form virtual clusters to

synchronize their wake-up and sleep periods.

89

SPAN(B. Chen et. al. 2002.) is a coarse-grain conservation

scheme which utilizes a backbone to facilitate routing. SPAN is a

distributed, randomized algorithm where all nodes make local decisions

on whether to sleep, or to join a forwarding backbone as a coordinator.

Each node bases its decision on an estimation of how many of its

neighbors will benefit from it (the node) being awake and the amount of

energy available to it (the node).

Hoesel L. V., et. al. (2004) propose a cross-layer design that

forms a virtual backbone using a clustering algorithm. Most nodes in the

network remain in sleep mode to reduce energy consumption, but nodes

in the virtual backbone use S-MAC to retain connectivity for the entire

network. Their proposed scheduling scheme relies on conserving power

while keeping the end-to-end delay low, by using TDMA scheduling.

Trigoni et. al. (2004), proposed a methodology for trading

energy Vs latency in the context of sensor database systems. More

specifically, they propose a new protocol which schedules message

transmissions very carefully and in such a way so as to avoid collisions

at the MAC layer. The sensor nodes’ radios can be turned off most of

the time and they wake up only during very well defined time intervals.

It was shown how routing protocols can be optimized to interact in a

symbiotic way with the scheduling decisions, resulting in significant

energy savings, however, at the cost of higher latency.

90

Arumugam et. al.(2005) and Kulkarni et al. (2005) argued that

TDMA is desirable in WSNs for saving energy because TDMA allows a

sensor node to minimize idle listening. Moreover, TDMA has proved to

be applicable in converting existing distributed algorithms into a model

which is consistent with WSNs. They proposed a self-stabilizing,

deterministic algorithm for TDMA in WSNs where a sensor node is

aware only of its neighbors. They also discussed the optimizations in

order to improve bandwidth utilization and recovery from corrupted

slots. The authors focused mainly on the problem of energy-efficient

converge cast (source-to-sink communication) in sensor networks. This

problem identifies the energy- latency tradeoffs during converge cast.

They showed how TDMA can be effectively used to provide energy

efficient converge cast. Their solution allows the sensor nodes to save

energy when the network is idle and to switch to active mode whenever

the network detects an event.

Ergen et. al. (2005) proposed a TDMA scheduling algorithm

for sensor networks in order to determine the smallest length conflict-

free assignment of slots during which the packets generated at each node

reach their destination. More specifically, they showed that the

minimum-delay scheduling can always be found by using a simple

algorithm for routing schemes based on TDMA, when the network is

loop-free and has only one sink node. The results of their experimental

work show that a substantial reduction of energy and delay is possible.

91

Cui et. al. (2005) proposed a simple link scheduling algorithm

to find the minimum-delay schedule that provides the slot lengths for all

the links. Their next step is to combine the obtained results with their

previous work concerning an energy-optimal cross-layer design in order

to reduce to the minimum the delay of transferring a fixed number of

bits from the source nodes to the sink in energy limited manner.

Moreover, they studied the tradeoff between the total energy

consumption and delay.

Yang et. al. (2004) proposed the idea of using pipelined

wakeup signals in order to minimize the end to end delay. Existing

wakeup schemes encounter critical tradeoffs between energy savings

and wakeup latency; however, very little attention has been paid at the

reduction of the packet end-to-end delay while preserving, at the same

time, the energy saving ability. They argued that a long delay can be

harmful for large sensor networks. They actually proposed a wakeup

scheme for sensor networks that helps to achieve a balance between

energy savings and end-to-end delay. More specifically, their proposed

Pipelined Tone Wakeup (PTW) scheme uses a wakeup tone channel in

addition to the regular data channel.

Dhanaraj et. al. (2005) proposed a novel hop-ahead reservation

scheme in a dual frequency radio called latency minimized energy

efficient MAC (LEEM) protocol in order to minimize the latency in the

92

multi-hop path data transmission through the reservation of the next

hop’s channel a priori. Therefore, according to this protocol, in a

multihop sensor network, a packet can be forwarded to the next hop, as

soon as it is received by a sensor node, which helps to eliminate the

delay incurred for setting up the path.

Nikolaos. A et. al. (2009) proposed, a TDMA scheduling

scheme for energy efficiency is proposed in order to construct an

appropriate transmission schedule that achieves high levels of power

conservation and at the same time reduces the end-to-end transmission

time from the sensors to the gateway. Network connectivity is ensured

by scheduling TDMA based wakeup intervals, which are used for

propagating WakeUp messages, prior to data transmissions. The

appropriate scheduling of the WakeUp intervals allows the data packets

to be delayed by only one sleep interval for the end-to-end transmission

from the sensors to the appropriate gateway.

Ye. Q and L. Cheng (2007) proposed two protocols, called

TNT and PTNT, to address sink mobility problem. In TNT, each node

maintains a tracking counter and sets up a beacon timer. The mobile

sink broadcasts a beacon periodically to its neighboring nodes. If a

neighboring node receives the beacon, then increases its tracking

counter by 1 otherwise, decreases that by 1 when the beacon timer

expires. Therefore, the sensed data can be forwarded to the mobile sink

93

by using the sequence of the tracking counters. However, in this scheme,

inefficient paths could be incurred due to the special movement patterns

of the sink, thus result longer transmission delays.

Hwang S. F., et. al. (2008) proposed a weight function to

provide efficient data reporting in WSNs with mobile sinks. Sensor field

is divided into several grids and only one node is selected as a head in

each grid. For saving energy, some heads become active nodes to sense

and forward data in each round. The definition of a round is, the mobile

sink issues a query to request active nodes to sense and gather the

queried data, and the sink moves arbitrarily until it receive the gathered

data. In addition, all active nodes are classified into multiple levels. The

classified levels are utilized to construct the weights of active nodes,

according to the weight. When the active nodes receive a query from the

mobile sink, the queried information can be forwarded along the path

determined by the active nodes’ weights. When the mobile sink moves,

it only needs to locally broadcast an update packet to its neighboring

active nodes, and the classified levels are used to limit weight update

scope. However, this method cannot scale well to large sensor networks,

the main reason is that the location update scope becomes very large,

and the frequent location updates consume much energy.

Hyun et. al. (2009) described a novel Two-phase Data

Reporting (TDR) scheme that supports class-based QoS to sensor nodes

94

in different priority classes. In the first phase, time slots are divided into

separate data reporting round defined for each class, while in the second

phase, the sensor nodes in the same class are scheduled to particular

time slots depending on the given number of slots calculated in the first

phase. In TDR, sensor nodes compete with other nodes in the same class

only, while nodes in different classes have differentiated channel access

opportunity. TDR is performed in a single-hop cluster-based topology,

and a cluster head acts as a Node Assignment Manager (NAM). Sensor

nodes wake up for their scheduled time slots; otherwise, they go into

sleep mode to save energy. TDR supports both schedule- based and

contention-based channel access mechanisms and is scalable due to its

distributed nature.

Huai-Lei Fu et. al. (2010) proposed a region-based reporting

mechanism, namely Energy-Efficient Distributed-Control Reporting

(E2DCR) mechanism, for the MSNs. The Mobile Sensor Networks

(MSNs) have been widely deployed to provide a ubiquitous solution for

time-sensitive applications in a specific area with low deployment cost.

The monitoring area of an MSN can be divided into several Sensing

Regions (SRs). In an SR, the Mobile Sensor (MS) is responsible for

reporting the sensed data to the sink node. For the time-sensitive

applications on MSN, the time is divided into multiple Monitoring

Periods (MPs). During every MP, a sensing report transmission in an SR

is invalid if the sensing report is generated before the beginning of the

95

MP. During every MP, the E2DCR mechanism attempts to have only

one MS transmit the Sensing Report in an SR, and the other MSs in the

same SR can stay in the sleep mode for power saving. Simulation

experiments are conducted to investigate the performance of the

proposed mechanism. Our study shows that E2DCR can meet the delay

constraint of the time-sensitive applications with less power

consumption

Tashtarian . F, et. al. (2008) introduced an event driven data

reporting and routing algorithm for WSNs that offers a local timing

based data reporting scheme in a clustered network. When an event

occurs, the nodes that has discovered the event, are supposed to report it

to their respective cluster heads. All of these nodes would wait for a

specific time (based on its residual energy) to send the information.

However, only the one of the sensing nodes is going to send the data to

the cluster head. The most appropriate node is the one with more

residual energy and it will take its tour sooner to report the data. The

waiting time for each individual node is based on its residual energy and

its respective cluster head’s energy. A channel access management

based on CSMA is used for avoiding collision and multiple sending.

The performance of this algorithm is evaluated in the sense on network

lifetime and event detection reliability.

96

Ehssan Sakhaee et. al. (2009) proposed an energy-efficient self-

organizing global extremity reporting scheme for WSNs. The proposed

scheme assists applications of periodic reporting of extreme values

(such as maximum or minimum temperature/pressure) across a wireless

sensor field, back to the sink. Furthermore, an event-driven counterpart

is supplied for individual sensor nodes to supply their instantaneous

sensed values back to the sink, once queried. The targeted sensors

initially establish their relative distances to the sink in regards to number

of hops, whilst the Highest Hop count Nodes (HHNs) from the sink

identify themselves. The broadcast initiation of the HHNs has the ability

to penetrate all nodes within the network towards the sink, and hence

obtain the extreme value of the entire network in an efficient manner.

This is due to the relative position of these special nodes within the

network. Furthermore, the scheme does not require nodes to possess

location information of them selves or other nodes, avoiding the need

for the GPS or other location-aware methods. Simulation results show

the effectiveness of the proposed protocol in its target application. In

particular, the advantage of HHN-initiated broadcasting can be seen in

both uniformly and randomly distributed topology networks.

Zhen Yu et. al. (2010) proposed a dynamic en-route filtering

scheme that addresses both false report injection and DoS attacks in

WSNs. In their scheme, each node has a hash chain of authentication

keys used to endorse reports; meanwhile, a legitimate report should be

97

authenticated by a certain number of nodes. First, each node

disseminates its key to forwarding nodes. Then, after sending reports,

the sending nodes disclose their keys, allowing the forwarding nodes to

verify their reports. They design the Hill Climbing key dissemination

approach that ensures the nodes closer to data sources have stronger

filtering capacity. Moreover, they exploited the broadcast property of

wireless communication to defeat DoS attacks and adopt multipath

routing to deal with the topology changes of sensor networks.

3.4 SUMMARY

A key concern of our work is to ensure the fusion node send

the valid data to the BS as well as minimize sensor energy consumption.

The above authors suggested several methods for efficient and secured

data fusion. In the problem concern the hierarchical data fusion structure

is suitable because the load to be scatter in various level so we get

energy efficiency. Here the MAC based security mechanism is used

because MAC to be validated in both end receiver and sender. In the

proposed method, the witness nodes encrypt their own fusion results to

MACs with private keys shared with the BS.