chapter 3 literature review - inflibnetshodhganga.inflibnet.ac.in/bitstream/10603/15209/8/08... ·...
TRANSCRIPT
58
CHAPTER 3
LITERATURE REVIEW
3.1 SURVEY ON WIRELESS SENSOR NETWORK
SECURITY
Security is a common concern for any network system, but
security in Wireless sensor network is of a great importance to ensure its
application success. When sensor network is used for military purposes,
it is very important to keep the sensed information confidential and
authentic. The traditional network security schemes are not applicable
for WSN because sensor nodes are supplied with limited battery power
and they have small memory size and limited computational ability.
Most of the traditional techniques, however, are unsuitable in low power
devices such as WSNs. This is due largely to the fact that typical key
exchange techniques use asymmetric cryptography, also called public
key cryptography. In this case, it is necessary to maintain two
mathematically related keys, one of which is made public while the
other is kept private. This allows data to be encrypted with the public
key and decrypted only with the private key. The problem with
asymmetric cryptography, in a wireless sensor network, is that it is
59
typically too computationally intensive for the individual nodes in a
sensor network. This is true in the general case, so the WSN requires
lightweight security mechanisms.
Symmetric cryptography is therefore the typical choice for
applications that cannot afford the computational complexity of
asymmetric cryptography. Symmetric schemes utilize a single shared
key known only between the two communicating hosts. This shared key
is used for both encrypting and decrypting data. The traditional example
of symmetric cryptography is DES (Data Encryption Standard). The use
of DES, however, is declining due to the fact that it can be broken
relatively easily. In light of the shortcomings of DES, other symmetric
cryptography systems have been proposed including 3DES (Triple
DES), RC5, AES, and so on (Schneier.B 1996). One major shortcoming
of symmetric cryptography is the key exchange problem. The key
exchange problem derives from the fact that two communicating hosts
must somehow know the shared key before they can communicate
securely. How to distribute a shared key securely to communicating
hosts is a non-trivial problem since pre-distributing the keys is not
always feasible. For hosts with greater computational power than
WSNs, WEP and WPA are popular solutions. Michell.S and
Srinivasan.K. (2004) described these two protocols. The older standard,
Wired Equivalent Privacy (WEP) is a symmetric encryption scheme
wherein each frame is encrypted using an RC4 stream cipher. Each host
60
that communicates on the network must know the shared WEP key.
Unfortunately, WEP suffers from security problems (Walker.J ,2002),
making it all but useless for a secure solution. Wi-Fi protected access
(WPA) is the replacement for WEP. The latest version of WPA (WPA
2.0) uses the advanced encryption standard (AES), a much more secure
solution than DES, the encryption scheme AES replaces. AES does offer
robust encryption, but requires additional hardware (a coprocessor).
Unfortunately, both WEP and WPA are unsuitable for WSNs for two
major reasons. The first is that since they are symmetric cryptosystems,
they both require a shared key. The second is that both are too
computationally intensive for use in power and computationally
constrained devices.
The LEAP protocol described by Zhu et. al. (2003). They have
followed an different approach that utilizes multiple keying
mechanisms. Their observation is that no single security requirement
accurately suites all types of communication in a wireless sensor
network. Therefore, four different keys are used depending on whom
the sensor node is communicating with. Sensors are preloaded with an
initial key from which further keys can be established. As a security
precaution, the initial key can be deleted after its use in order to ensure
that a compromised sensor cannot add additional compromised nodes to
the network.
61
Chan. H and Perrig. A (2005) described a mechanism for
establishing a key between two sensor nodes that is based on the
common trust of a third node somewhere within the sensor network.
The nodes and their shared keys are spread over the network such that
for any two nodes A and B, there is a node C that shares a key with both
A and B. Therefore, the key establishment protocol between A and B
can be securely routed through C.
Perrig. A., et. al. (2002) proposed a key-chain distribution
system for their Tesla secure broadcast protocol. The basic idea of the
Tesla system is to achieve asymmetric cryptography by delaying the
disclosure of the symmetric keys. In this case a sender will broadcast a
message generated with a secret key. After a certain period of time, the
sender will disclose the secret key. The receiver is responsible for
buffering the packet until the secret key has been disclosed. After
disclosure the receiver can authenticate the packet, provided that the
packet was received before the key was disclosed. One limitation of
Tesla is that some initial information must be unicast to each sensor
node before authentication of broadcast messages can begin.
Liu. D and Ning. P, (2003) proposed an enhancement to the
Tesla system that uses broadcasting of the key chain commitments
rather than Tesla’s unicasting technique. They present a series of
schemes starting with a simple pre-determination of key chains and
62
finally settling on a multi-level key chain technique. The multi-level key
chain scheme uses pre-determination and broadcasting to achieve a
scalable key distribution technique that is designed to be resistant to
some types of wireless sensor network attacks.
Huang. Q., et. al. (2003) proposed a hybrid key establishment
scheme that makes use of the difference in computational and energy
constraints between a sensor node and the BS. They posit that an
individual sensor node possesses far less computational power and
energy than a BS. In light of this, they propose to place the major
cryptographic burden on the BS where the resources tend to be greater.
On the sensor side, symmetric-key operations are used in place of their
asymmetric alternatives. The sensor and the BS authenticate based on
elliptic curve cryptography. Elliptic curve cryptography is typically used
in sensors due to the fact that relatively small key lengths are required to
achieve a given level of security. Authors are also use certificates to
establish the legitimacy of a public key. The certificates are based on an
elliptic curve implicit certificate scheme. Such certificates are useful to
ensure both that the key belongs to a device and that the device is a
legitimate member of the sensor network. Each node obtains a
certificate before joining the network using an out-of-band interface.
Michell and Srinivasan (2004) described a State Based Key
Hop (SBKH) protocol designed to replace both WEP and WPA in
63
battery operated devices, including nodes in WSNs. The key to their
state based key hop protocol is that two communicating nodes share a
common knowledge of the RC4 state. In so doing, they are able to
initialize only when the base key changes. For two nodes to encrypt and
decrypt, they must share the same state, known as the RC4 state.
Further, a sequence counter is maintained between two communicating
nodes. This helps in the decryption process as the decrypting node uses
the sequence counter of a packet in order to discern which RC4 state is
needed to properly decrypt the packet.
Gura et. al. (2004) reported that both RSA and elliptic curve
cryptography are possible using 8-bit CPUs with ECC demonstrating a
performance advantage over RSA. Another advantage is that ECC’s 160
bit keys result in shorter messages during transmission compared the
1024 bit RSA keys. In particular, the authors demonstrated that the point
multiplication operations in ECC are an order of magnitude faster than
private-key operations within RSA and are comparable to the RSA
public-key operation.
Watro. R., et. al. (2004) showed that portions of the RSA
cryptosystem can be successfully applied to actual wireless sensors,
specifically the UC Berkeley MICA2 motes. In particular, they
implemented the public operations on the sensors themselves while
offloading the private operations to devices better suited for the larger
64
computational tasks. The TinyPK system described by Watro.R,
et.al.,(2004) is designed specifically to allow authentication and key
agreement between resource constrained sensors. The agreed upon keys
may then be used in conjunction with the existing cryptosystem. To do
this, they implement the Diffie-Hellman key exchange algorithm and
perform the public-key operations on the Berkeley motes.
Traditionally, multicasting and broadcasting techniques have
been used to reduce the communication and management overhead of
sending a single message to multiple receivers. In order to ensure that
only certain users receive the multicast or broadcast, encryption
techniques must be employed. In both a wired and wireless network this
is done using cryptography. The problem then is one of key
management. To handle this, several key management schemes have
been devised: centralized group key management protocols,
decentralized management protocols, and distributed management
protocols. In the case of the centralized group key management
protocols, a central authority is used to maintain the group.
Decentralized management protocols, however, divide the task of group
management amongst multiple nodes. Each node that is responsible for
part of the group management is responsible for a certain subset of the
nodes in the network. In the last case, distributed key management
protocols, there is no single key management authority. Therefore, the
entire group of nodes is responsible for key management. In order to
65
efficiently distribute keys, one well known technique is to use a logical
key tree. Such a technique falls into the centralized group key
management protocols. This technique has been extended to WSNs
(Pietro. R. D. et.al. 2003). While centralized solutions are often not
ideal, in the case of WSNs a centralized solution offers some utility.
Such a technique allows a more powerful base station to offload some of
the computations from the less powerful sensor nodes.
Pietro. R. D., et. al. (2003) described a directed diffusion based
multicast technique for use in WSNs that also takes advantage of a
logical key hierarchy. In a standard logical key hierarchy a central key
distribution center is responsible for disbursing the keys throughout the
network. The key distribution center, therefore, is the root of the key
hierarchy while individual nodes make up the leaves. The internal nodes
of the key hierarchy contain keys that are used in the re-keying process.
Directed diffusion is a data-centric, energy efficient dissemination
technique that has been designed for use in WSNs (Intanagonwiwat.C
et. al. 2000). In directed diffusion, a query is transformed into an interest
(due to the data-centric nature of the network). The interest is then
diffused throughout the network and the network begins collecting data
based on that interest. The dissemination technique also sets up certain
gradients designed to draw events toward the interest. Data collected as
a result of the interest can then be sent back along the reverse path of the
interest propagation . Using the above mentioned directed diffusion
66
technique (Di Pietro et. al. 2003) enhanced the logical key hierarchy to
create a directed diffusion based logical key hierarchy. The logical key
hierarchy technique provides mechanisms for nodes joining and leaving
groups where the key hierarchy is used to effectively re-key all nodes
within the leaving node’s hierarchy.
Kaya et. al. (2003) discussed the problem of multicast group
management. In this case, nodes are grouped based on locality and
attach to a security tree. However, their assumptions assume that nodes
within the mobile network are somewhat more powerful than a
traditional sensor in a wireless sensor network.
Lazos and Poovendran (2002) described a tree based key
distribution scheme. They suggest a routing-aware based tree where the
leaf nodes are assigned keys based on all relay nodes above them. They
argue that their technique, which takes advantage of routing
information, is more energy efficient than routing schemes that
arbitrarily arrange nodes into the routing tree. They propose a greedy
routing-aware key distribution algorithm. The authors use geographic
location information rather than routing information. In this case,
however, nodes are grouped into clusters with the observation that nodes
within a cluster will be able to reach one another with a single broadcast.
Using the cluster information, a key hierarchy is constructed.
67
Wireless sensors are designed to be widely distributed power
and computationally constrained networks, efficient routing protocols
must be used in order to maximize the battery life of each node. There
are a variety of routing protocols in use in WSNs, so it is not possible to
provide a single security protocol that will be able to secure each type of
routing protocol. In general, packet routing algorithms are used to
exchange messages with sensor nodes that are outside of a particular
radio range. This is as opposed to sensors that are within radio range
where packets can be transmitted using a single hop. In such single hop
networks security is still a concern, but is more accurately addressed
through secure broadcasting and multicasting. The first packet routing
algorithm is based on node identifiers similar to traditional routing. In
this case, each sensor is identified by an address and routing to/from the
sensor is based on the address. This is generally considered inefficient in
sensor networks, where nodes are expected to be addressed by their
location, rather than their identifier. As a consequence of the distaste of
routing based on node identifiers, geographic routing protocols have
been introduced. One common routing protocol, GPSR ( B. Karp et. al.
2000) allows nodes to send a packet to a region, rather than a particular
node. Such a routing protocol lends itself nicely to the concept of data-
centric networks.
Deng et. al. (2002) described an intrusion tolerant routing
protocol, INSENS, that is designed to limit the scope of an intruder’s
68
destruction and route despite network intrusion without having to
identify the intruder. The authors pointed that an intruder need not be an
actual intrusion on the sensor network, but rather might simply be a
node that is malfunctioning for no particularly malicious reason.
Identifying an actual intruder versus a malfunctioning node can be
extremely difficult, and for this reason the authors make no distinction
between the two. The first technique they describe to mitigate the
damage done by a potential intruder is to simply employ the use of
redundancy. In this case, as described previously under denial of
service, multiple identical messages are routed between a source and
destination. A message is sent once along several distinct paths with the
hope that at least one will arrive at the destination. The messages
arriving at the destination are authentic; an authentication scheme can be
employed to confirm the message’s integrity.
They also made use of an assumed asymmetry between base
stations and wireless sensor nodes. They assumed that the BSs are
somewhat less resource constrained than the individual sensor node.
For this reason, they suggested using the BS to compute routing tables
on behalf of the individual sensor nodes. This is done in three phases. In
the first phase, the BS broadcasts a request message to each neighbor
which is then propagated throughout the network. In the second phase,
the BS collects local connectivity information from each node. Finally,
the BS computes a series of forwarding tables for each node. There are
69
several possible attacks that can be made on the routing protocol during
each of the three stages described above. In the first phase, a node might
spoof the BS by sending a spurious request message. A malicious node
might also include a fake path(s) when forwarding the request message
to its neighbors. It may not even forward the request message at all. To
counter this, authors use a scheme similar to TESLA where one-way
key chains are used to identify a message originating from the BS.
Tanachaiwiwat, et. al. (2003) presents a novel technique named TRANS
(Trust Routing for Location Aware Sensor Networks). The TRANS
routing protocol is designed for use in data centric networks. It also
makes use of a loose-time synchronization asymmetric cryptographic
scheme to ensure message confidentiality.
In their implementation, TESLA is used to ensure message
authentication and confidentiality. Using TESLA, TRANS is able to
ensure that a message is sent along a path of trusted nodes while also
using location aware routing. The strategy is for the BS to broadcast an
encrypted message to all of its neighbors. Only those neighbors who are
trusted will possess the shared key necessary to decrypt the message.
The trusted neighbor(s) then adds its location (for the return trip),
encrypts the new message with its own shared key and forwards the
message to its neighbor closest to the destination. Once the message
reaches the destination, the recipient is able to authenticate the source
(BS) using the MAC that will correspond to the BS. To acknowledge or
70
reply to the message, the destination node can simply forward a return
message along the same trusted path from which the first message was
received.
As WSNs continue to grow in size, so does the amount of data
that the sensor networks are capable of sensing. However, due to the
computational constraints placed on individual sensor, a single sensor is
typically responsible for only a small part of the overall data. Because
of this, a query of the wireless sensor network is likely to return a great
deal of raw data, much of which is not of interest to the individual
performing the query. Thus, it is advantageous for the raw data to first
be processed so that more meaningful data can be gleaned from the
network. This is typically done using a series of aggregators (John et.
al. 2007). An aggregator is responsible for collecting the raw data from
a subset of nodes and processing/aggregating the raw data from the
nodes into more usable data. However, such a technique is particularly
vulnerable to attacks as a single node is used to aggregate multiple data.
Because of this, secure information aggregation techniques are needed
in WSNs where one or more nodes may be malicious.
Clustering techniques are discussed by Estrin. D et. al. (1999).
They developed a localized algorithm that uses the directed diffusion
technique to achieve a global perspective using only local nodes. In
their algorithm, nodes are assigned levels, with level 0 being the lowest
71
level. When a node transmits a message, the number of hops that the
message travels is proportional to the node’s level. A node can be
promoted and demoted. Using this technique, higher level nodes are
able to communicate across clusters, while their lower level siblings
cannot. This effectively enables localized cluster computation while the
higher level nodes can coordinate their cluster’s local information to
achieve a global solution (Estrin. D et. al. 1999). If an aggregation node
is itself compromised, then all of the data being delivered from the
sensor network to the BS may be forged. To detect this, Ye et. al.
(2004) described a statistical en-route filtering mechanism. It utilizes
multiple MACs along the path from the aggregator to the BS. Any
packet that fails any of the MAC tests will be disregarded.
3.2 SURVEY ON FUSION ASSURANCE MECHANISM
Data fusion first appeared in the literature in the 1960s, as
mathematical models for data manipulation. It was implemented in US
in the year 1970s in the fields of robotics and defense. In 1986 the US
Department of Defense established the Data Fusion Sub-Panel of the
Joint Directors of Laboratories (JDL) to address some of the main issues
in data fusion and chart the new field in an effort to unify the
terminology and procedures. Sensor fusion is the combining of sensory
data or data derived from sensory data from disparate sources such that
the resulting information is in some sense better than would be possible
72
when these sources were used individually. The present applications of
data fusion span a wide range of areas: maintenance engineering,
robotics, pattern recognition and radar tracking, mine detection and
other military applications, remote sensing, traffic control, aerospace
systems, law enforcement, medicine, finance, metrology and geo-
science. Since the applications of data fusion are disparate, it is
impossible to build a one-fits-all framework. Several generic platforms
are described in the literature. Sensor fusion applications are mostly in
the defense, security and safety areas.
Wen-Hwa Liao and siao-Hsien Wang (2008) described an
asynchronous MAC protocol (AMAC). In this paper to improve the
problem of energy wasting and time synchronization due to sleeping
schedule exchange under the PMAC basic protocol. They concluded
that AMAC has very good adaptation ability to the environmental
change. Under the wireless sensor network, the time asynchronous
operation mode is closer to the spirit of disperse computation. Not only
does it not require the consideration of the effect of time deviation to the
entire network operation, but also eliminates the execution of extra
synchronization mechanism for time synchronization. In the mean time,
there is more flexibility for the addition and removal of the sensors.
Satish. M et. al. (2009) described data aggregation is useful in
dealing with multi-value domain information, which often requires
73
approximate agreement decisions among nodes. In contrast to fully
connected networks, the research on data aggregation for partially
connected networks is very limited. Data aggregation is the ability to
provide global information for purposes of network management and
user services. The authors refer to data aggregation, or simply
aggregation, as a set of functions that provide components of a
distributed system access to global information. Depending on the
service type, data aggregation has been referred to by other names such
as ‘‘data fusion” in sensor networks, ‘‘approximate agreement”, and
‘‘consensus” in distributed systems literature.
Wen-Hwa Liao et. al. (2008) discussed the problem of
constructing data aggregation tree in a wireless sensor network for a
group of source nodes to send sensory data to a single sink node. The
ant colony system provides a natural and intrinsic way of exploring
search space in determining data aggregation. Their aggregation
approach helps to reduce the amount of information that needs to be
transmitted by performing data fusion at the aggregate points before
forwarding the data to the end user. They concluded that every ant will
explore all possible paths from the source node to the sink node. In order
to increase the probability of intersection of routing paths, our
mechanism extends the routing paths.
74
Enrique et. al. (2003) described the transport capacity of a data-
gathering wireless sensor network under different communication
organizations. The rapid advances in Micro-Electro Mechanical Systems
(MEMS) and wireless technologies have enabled the integration of
sensing, actuation, processing and wireless communication capabilities
into tiny sensor devices. They concluded that knowledge of the traffic
load cans double the achievable throughput of a network with multi-hop
communications. Using a hierarchical architecture and introducing extra
nodes as cluster heads can achieve the ultimate upper bound on
throughput capacity.
Ioannis et. al. (2008) discussed four characteristic mobility
patterns for the sink that they combined with different data collection
strategies. The main idea is that the sink is mobile, has significant and
easily replenish able energy reserves and moves inside the area the
sensor network is deployed.
Wen-Tsai Sung (2010) proposed a Back-Propagation Network
(BPN) for multi-sensors data fusion in a WSNs (WSNs) system with a
node-sink mobile network structure. Here they discussed the
classification and fusion approach in WSNs, which BPN based feature
extraction method is proposed. This method partitions the frequency
band in different resolution to distinguish the difference in low-
frequency band and reduces the feature dimensions greatly. The
75
extracted feature expresses stable classification rate for different moving
condition.
Monaco.U, et.al. (2006) described the foundations to develop algorithms
and techniques that minimize the data gathering latency and at the same
time balance the energy consumption among the nodes, so as to
maximize the network lifetime. The proposed models provide a deeper
insight into the problem of timely and energy efficient data gathering.
Useful guidelines for the design of efficient WSNs are derived and
discussed.
Mohamed Watfa et. al. (2009) discussed that an energy
efficient approach to query processing by implementing new
optimization techniques applied to in-network aggregation. They
providing a new distributed algorithm for query processing in WSNs
which is an optimized energy efficient distributed algorithm with respect
to all the sensor’s resource constraints. This approach is to provide
significant reductions in power consumption through reducing the
number of query related messages in the whole network. Low energy
consumption, and limited storage and memory usage are the three main
constraints which we focus on in our approach. The authors presents
their approach and evaluate it through several simulations to prove its
efficiency, competence and effectiveness.
76
Cristina Cano, et. al. (2008) described an efficient way of data
collection by grouping the sensors in aggregation zones, allowing the
aggregators to process the data generated (sensed) inside the aggregation
zone in order to minimize the amount of transmissions to the sink. They
provided a security mechanism based on hash chains to secure data
transmissions in networks with low ability sensors and without the
requirements of an instantaneous source authentication
Akyildiz I. F and Erich P. Stuntebeck (2006) introduced the
concept of a Wireless Underground Sensor Network (WUSN). WUSNs
can be used to monitor a variety of conditions, such as soil properties for
agricultural applications and toxic substances for environmental
monitoring. The concept of WUSNs is in which sensor devices are
deployed completely below ground. There are existing applications of
underground sensing, such as soil monitoring for agriculture. They
demonstrated the benefits of WUSNs over current sensing solutions
including: complete network concealment, ease of deployment, and
improved timeliness of data. Underground is a particularly difficult
environment for wireless communication which poses several research
challenges for WUSNs. They showed that low frequencies are able to
propagate with lower losses through the underground and that
frequencies used by traditional terrestrial WSNs are infeasible for this
environment.
77
Ismail et. al. (2005) reported the issues related to data
integration in WSNs with respect to heterogeneity, dynamicity, and
distribution at both the technology and application levels. They studied
the roles agents can perform to reduce network track overheads,
improve scalability and extensibility of wireless networks and increase
the stability and reliability of networks against hardware and software
failures. And they discussed a scenario of a uniform interface to data
collected from sensor nodes that will map sensor specific data to the
global information source based on a context exported by software
agents to the data integration system.
HirenKumar et. al. (2009) discussed a hierarchical energy
efficient communication protocol for such type of a wireless sensor
network namely wireless Sensor system for Hierarchical Information
gathering through Virtual triangular Areas (SHIVA). It proposed a
communication protocol for routing of data from ordinary sensor nodes
to the BS. A logical hierarchical organization of the sensor network is
considered. The proposed protocol speaks about how the logical
hierarchical topology is achieved in self organizing manner. The entire
protocol namely wireless Sensor system for Hierarchical Information
gathering through Virtual triangular Areas (SHIVA) and also rely on a
cluster head set to manage a cluster on contrary to the traditional
concept of one cluster head in a cluster. This also gives robustness to the
solution in the sense that if one cluster head looses connectivity to some
78
of the subordinate sensor nodes due to the mobile nature of the sensor
nodes as well as the BS then this cluster head can get connected to that
through another cluster head in the set. The solution also tries to balance
the load among the sensors by rotating the headship responsibility
among the eligible sensor nodes in a uniform manner. This also
contributes significantly in elongating the network lifetime. In the
proposed protocol the decision regarding the direct or indirect
communication between cluster head and the BS is made dynamically
based on the current status of the network topology. This saves
significant amount of energy to be expended for communication.
Lin SHEN and Xiangquan SHI (2008) presented a location
based LEACH clustering algorithm, which is an extension to the
LEACH routing algorithm. Armed with distributed and local network
based routing decision-making mechanism, this algorithm fully utilizes
the location information of network nodes in routing to reduce the
routing cost. Simulation results indicate that this algorithm can balance
nodes’ energy consumption and prolong the network’s life span. It also
has good stability and extensibility. They proposed a progressive
algorithm for the cluster head selection. Simulation results show that
their algorithm is much more efficient and can double the lifespan of a
wireless sensor network. Such results are obtained under additional
conditions, i.e., known location information and ability to adjust data
transmission power based on distance.
79
Ren P. Liu et. al. (2008) proposed an Efficient Reliable Data
Collection(eRDC) algorithm. The eRDC is designed for energy-
constraint WSNs to balance reliability and energy consumption. They
derived energy efficiencies of the proposed reliability schemes, and
evaluate their performances. These analyses provided a guideline to
determine the number of retransmissions for reliable data delivery.
Dynamic programming concept is used to find the optimal solution.
They presented a distributed eRDC implementation to dynamically
control the maximum number of retransmissions based on the guideline
provided. Discrete event simulations and field trials with wireless sensor
nodes confirmed their results.
Arun Kumar et. al. (2009) presented an efficient and scalable
framework called Reliable and Energy Efficient Framework (REEF) for
reliable data collection in WSNs. REEF employs a distributed scheme
which enables it to scale to large networks. It partitions the network in to
clusters where the node with highest residual energy in a neighborhood
becomes the cluster head. REEF forms a virtual backbone connecting
the cluster heads and the sink by selecting some nodes from each cluster
as gateway nodes. Sensor nodes report sensed data to their respective
cluster heads which use an outlier detection algorithm to detect faulty
data. REEF significantly cuts down on energy consumption by ensuring
that a large number of sensor nodes can go into a deep sleep mode, in
which the radio as well as CPU is switched off, for a major part of their
80
life time. Simulation results demonstrate that REEF uses as low as 50%
of the energy for the same accuracy when compared to a recently
proposed scheme based on passive listening.
Yang. Y et. al. (2006) proposed a Secure Hop-by-hop Data
Aggregation Protocol (SDAP) is proposed. The authors of SDAP are
motivated by the fact that, compared to low-level sensor nodes, more
trust is placed on the high-level nodes (i.e., nodes closer to the root)
during a normal hop-by-hop aggregation process in a tree topology.
Because aggregated data calculated by a high-level node represents the
data of a large number of low-level sensor nodes. If a compromised
node is closer to the BS, the false aggregated data produced by this
compromised node will have a larger impact on the final result
computed by the BS. Since all sensor nodes have simple hardware that
is prone to compromise, none of those low-cost sensor nodes should be
more trustable than others. Hence, SDAP aims to reduce the approach of
reducing the trust on high-level nodes by following the divide-and-
conquer principle. SDAP dynamically partitions the topology tree into
multiple logical groups (subtrees) of similar sizes using a probabilistic
approach. In this way, fewer nodes are located under a high-level sensor
node in a logical subtree resulting in reduced potential security threat by
a compromised high-level node.
81
Ozdemir. S (2005) improved the main idea of SELDA by
introducing functional reputation concept where each functional
reputation value is computed over sensor node actions with respect to
that function. Hence, security of data aggregation process is ensured by
selecting trusted data aggregators using aggregation functional
reputation and by weighting sensor data using sensing functional
reputation. The simulation results show that using functional reputation
is more effective than using general reputation when evaluating the
trustworthiness of a sensor node. In WSNs, a compromised sensor node
can inject false data during data forwarding and aggregation to forge the
integrity of aggregated data. It is highly desirable for sensor nodes to
detect and drop false data as soon as possible in order to avoid depleting
their limited resources such as battery power and bandwidth
(Çam.H et. al. 2007). Although several secure data aggregation
protocols (Przydatek. B., et. al. 2003, Mahimkar. A et. al. 2004, Du.W,
et. al. 2003) are able to detect the false data injected by sensor nodes,
false data injections by compromised data aggregators cannot be
detected by these methods. The reason is that data aggregation results in
data alterations and therefore a change in aggregated data due to false
data injection is extremely hard to detect. Such false data injections by
compromised data aggregators can easily result in false alarms that
waste the network’s resources and reduce the operational efficiency
(Çam.H et. al. 2007). Recently, some work has been reported on
82
detection false data injections during data aggregation so that the false
alarm ratio in the network is reduced (Sun. B et. al. 2007, Chand. N
et. al. 2007, Çam. H et. al. 2007).
Ozdemir. S et. al. (2007) argued that compromised nodes have
access to cryptographic keys that are used to secure the aggregation
process and therefore cryptographic primitives alone cannot provide a
sufficient enough solution to secure data aggregation problem. Based on
this observation, the authors propose a Secure and rELiable Data
Aggregation protocol, called SELDA which makes use of a web of trust.
The basic idea behind SELDA is that sensor nodes observe actions of
their neighboring nodes to develop trust levels (trustworthiness) for both
the environment and the neighboring nodes. Sensor nodes exchange
their trust levels with neighboring nodes to form a web of trust that
allows them to determine secure and reliable paths to data aggregators.
Moreover, to improve the reliability of the aggregated data, data
aggregators weigh sensor data they receive using the web of trust. One
important property of SELDA is that, due to the monitoring mechanisms
in use, it can detect if a data aggregator is under DoS attack. The
simulation results show that SELDA increases the reliability of the
aggregated data at the expense of a tolerable communication overhead.
Sun. B et. al. (2007) and Chand. N et. al. (2007) proposed a
secure data aggregation problem is addressed from intrusion detection
83
perspective. In the proposed scheme, an Extended Kalman Filter (EKF)
based mechanism to detect false injected data is proposed. Along with
the employment of EKF, the proposed mechanism monitors sensor
nodes to predict their future real in-network aggregated values. For
aggregated values, a normal range is determined to detect false data
injections. Using different aggregation functions (average, sum, max,
and min), the authors show how to obtain normal ranges theoretically.
Moreover, it is also shown that the proposed EKF issued to create
effective local detection mechanisms. The created local detection
approaches are able to differentiate between malicious events and
emergency events and therefore it can reduce the false alarm rate in the
network. Extensive simulations are performed to evaluate performance
of local detection mechanisms, including false positive rate and
detection rate, under different aggregation functions. Simulation results
demonstrate that the proposed techniques achieve desirable performance
to detect false injected data.
The work presented in (Çam. H et. al. 200) realizes the fact that
many existing false data detection techniques consider false data
injections during data forwarding only. The paper presents a data
aggregation and authentication protocol, called DAA, to integrate false
data detection with data aggregation and confidentiality. To support data
aggregation along with false data detection, a monitoring algorithm is
proposed. Using this monitoring algorithm, the monitoring nodes of
84
every data aggregator also conduct data aggregation and compute the
corresponding small-size message authentication codes for data
verification at their pair mates. To support confidential data
transmission, the sensor nodes between two consecutive data
aggregators verify the data integrity on the encrypted data rather than
the plain data. Each data packet is appended with two full-size message
authentication codes, each consisting of one small-size message
authentication codes. Performance analysis shows that DAA detects any
false data injected by the compromised nodes, and that the detected false
data are not forwarded beyond the next data aggregator on the path.
Sanli H. O. et. al. (2004) proposed a Secure Reference-Based
Data Aggregation (SRDA) protocol for cluster-based WSNs. Like
ESPDA, SRDA also realizes the fact that data aggregation protocols
should work in conjunction with the data communication security
protocols, and that any conflict between these protocols might create
loopholes in-network security such as violating data confidentiality. In
SRDA, raw data sensed by sensor nodes are compared with reference
data values and then only the difference data are transmitted. Reference
data is taken as the average value of a number of previous sensor
readings. The motivation behind SRDA is that it is critical to reduce the
number of bits in a transmission because radio communication is the
most energy-consuming activity in a sensor node. While data
aggregation reduces the number of packets, decreasing the size of the
85
transmitted packets will further improve the energy savings. In
conventional data aggregation algorithms, sensors transmit their raw
sensed data to the cluster heads. This wastes energy and bandwidth since
a certain range of the data may remain the same in each packet.
However, SRDA transmits the differential data rather than the raw
sensed data. That is, the raw data sensed by sensor nodes are compared
with reference data and then only the difference data are transmitted.
Przydatek B et. al. (2003), stated that random sampling
mechanisms and interactive proofs are used to check the correctness of
the aggregated data at the BS. The proposed protocol is called SIA. The
authors claim that, by constructing efficient random sampling
mechanisms and interactive proofs, it is possible for the user to verify
that the aggregated data provided by the aggregator is a good
approximation of the true value even when the aggregator and a fraction
of the sensor nodes are compromised. In particular, the authors present
efficient protocols for securely computing the median and the average of
the measurements, estimating of the network size, and finding the
minimum and maximum sensor reading. In the paper, the correctness of
data is checked by constructing a Merkle hash tree. In this construction,
all the collected data is placed at the leaves of the tree, and the
aggregator computes a binary hash tree starting from the leaf nodes:
each internal node in the hash tree is computed as the hash value of the
concatenation of the two child nodes. The root of the tree is called the
86
commitment of the collected data. The authors also assumed that each
sensor node has a unique identifier and shares a separate secret
cryptographic key with the BS and with the aggregator. These keys
enable data confidentiality, integrity and authentication.
SecureDAV protocol of Mahimkar A and Rappaport T. S,
(2004) is very similar to Przydatek. B et. al. (2003) except that elliptic
curve cryptography is used for encryption purposes. Moreover,
SecureDAV improves the data integrity vulnerability by signing the
aggregated data. SecureDAV is a clustered approach where all sensor
nodes within a cluster share a secret cluster key. Each sensor node is
able to generate a partial signature over the aggregated data. Each data
aggregator aggregates its cluster data and broadcasts the aggregated data
to its cluster. Each sensor node in the cluster compares its data with the
aggregated data broadcasted by the data aggregator. A sensor node
partially signs the aggregated data if and only if the difference between
its data and aggregated data is less than a threshold. Finally, the data
aggregator combines the partial signatures to form a full signature of the
aggregated data and sends it to the BS. SecureDAV provides data
confidentiality, data integrity, and source authentication. However, the
scheme incurs high communication overhead on data validation and
supports only the average aggregation function.
87
Wu. K et. al. (2007), explained that sensor nodes use the
cryptographic algorithms only when a cheating activity is detected.
Topological constraints are introduced to build a Secure Aggregation
Tree (SAT) that facilitates the monitoring of data aggregators. In SAT,
any child node is able to listen to the incoming data of its parent node.
When the aggregated data of a data aggregator are questionable, a
weighted voting scheme is employed to decide whether the data
aggregator is properly behaving or is cheating. If the data aggregator is a
misbehaving node, then SAT will be rebuilt locally so that the
misbehaving data aggregator is excluded from the aggregation tree.
Du.W et. al. (2003) proposed a witness based data aggregation
scheme for WSNs. The witness nodes of each data aggregator also
perform data aggregation and compute MACs of the aggregated data.
Witness nodes do not send their aggregated data to the BS. Instead, each
witness node sends its MAC of the aggregated data to the data
aggregator. The data aggregator collects and forwards the MACs to the
BS. Those MACs that are computed by the witness nodes are used at the
BS for verifying the correctness of the data aggregated by data
aggregators. This enhances the assurance of data aggregation. In order
to prove the validity of the aggregated data, each data aggregator has to
provide proofs from several witnesses. Because the data validation is
performed at the BS, the transmission of false data and MACs up to BS
affects adversely the utilization of sensor network resources. This
88
proposed protocol offers only integrity property to the data aggregation
security.
3.3 SURVEY ON REPORTING SCHEME
In WSNs, the measured critical data should reach the sensor
gateway as soon as possible. The WSNs architecture and the
corresponding energy-efficiency schemes should guarantee the
uninterrupted network connectivity while at the same time they should
minimize the energy consumption (Nikolaos A. et. al. 2009). S-MAC
is the most well-known distributed coarse-grain passive protocol,
proposed by (Heidemann. J et. al. 2002). It gives the possibility to
nodes to discover their neighbors and build sensor networks for
communication without being obliged to have master nodes. The major
energy consuming procedures of S-MAC are the following: periodic
listen and sleep, collision and overhearing avoidance and message
passing. The reduction of energy consumption is achieved by the
introduction of the following techniques: First, in order to avoid the
overhearing problem, neighboring nodes are synchronized to go to sleep
periodically. Therefore, they do not waste energy when a neighboring
node is transmitting to another node or by listening to an empty channel.
Secondly, the control packet overhead of the network is kept low
because synchronized neighboring nodes form virtual clusters to
synchronize their wake-up and sleep periods.
89
SPAN(B. Chen et. al. 2002.) is a coarse-grain conservation
scheme which utilizes a backbone to facilitate routing. SPAN is a
distributed, randomized algorithm where all nodes make local decisions
on whether to sleep, or to join a forwarding backbone as a coordinator.
Each node bases its decision on an estimation of how many of its
neighbors will benefit from it (the node) being awake and the amount of
energy available to it (the node).
Hoesel L. V., et. al. (2004) propose a cross-layer design that
forms a virtual backbone using a clustering algorithm. Most nodes in the
network remain in sleep mode to reduce energy consumption, but nodes
in the virtual backbone use S-MAC to retain connectivity for the entire
network. Their proposed scheduling scheme relies on conserving power
while keeping the end-to-end delay low, by using TDMA scheduling.
Trigoni et. al. (2004), proposed a methodology for trading
energy Vs latency in the context of sensor database systems. More
specifically, they propose a new protocol which schedules message
transmissions very carefully and in such a way so as to avoid collisions
at the MAC layer. The sensor nodes’ radios can be turned off most of
the time and they wake up only during very well defined time intervals.
It was shown how routing protocols can be optimized to interact in a
symbiotic way with the scheduling decisions, resulting in significant
energy savings, however, at the cost of higher latency.
90
Arumugam et. al.(2005) and Kulkarni et al. (2005) argued that
TDMA is desirable in WSNs for saving energy because TDMA allows a
sensor node to minimize idle listening. Moreover, TDMA has proved to
be applicable in converting existing distributed algorithms into a model
which is consistent with WSNs. They proposed a self-stabilizing,
deterministic algorithm for TDMA in WSNs where a sensor node is
aware only of its neighbors. They also discussed the optimizations in
order to improve bandwidth utilization and recovery from corrupted
slots. The authors focused mainly on the problem of energy-efficient
converge cast (source-to-sink communication) in sensor networks. This
problem identifies the energy- latency tradeoffs during converge cast.
They showed how TDMA can be effectively used to provide energy
efficient converge cast. Their solution allows the sensor nodes to save
energy when the network is idle and to switch to active mode whenever
the network detects an event.
Ergen et. al. (2005) proposed a TDMA scheduling algorithm
for sensor networks in order to determine the smallest length conflict-
free assignment of slots during which the packets generated at each node
reach their destination. More specifically, they showed that the
minimum-delay scheduling can always be found by using a simple
algorithm for routing schemes based on TDMA, when the network is
loop-free and has only one sink node. The results of their experimental
work show that a substantial reduction of energy and delay is possible.
91
Cui et. al. (2005) proposed a simple link scheduling algorithm
to find the minimum-delay schedule that provides the slot lengths for all
the links. Their next step is to combine the obtained results with their
previous work concerning an energy-optimal cross-layer design in order
to reduce to the minimum the delay of transferring a fixed number of
bits from the source nodes to the sink in energy limited manner.
Moreover, they studied the tradeoff between the total energy
consumption and delay.
Yang et. al. (2004) proposed the idea of using pipelined
wakeup signals in order to minimize the end to end delay. Existing
wakeup schemes encounter critical tradeoffs between energy savings
and wakeup latency; however, very little attention has been paid at the
reduction of the packet end-to-end delay while preserving, at the same
time, the energy saving ability. They argued that a long delay can be
harmful for large sensor networks. They actually proposed a wakeup
scheme for sensor networks that helps to achieve a balance between
energy savings and end-to-end delay. More specifically, their proposed
Pipelined Tone Wakeup (PTW) scheme uses a wakeup tone channel in
addition to the regular data channel.
Dhanaraj et. al. (2005) proposed a novel hop-ahead reservation
scheme in a dual frequency radio called latency minimized energy
efficient MAC (LEEM) protocol in order to minimize the latency in the
92
multi-hop path data transmission through the reservation of the next
hop’s channel a priori. Therefore, according to this protocol, in a
multihop sensor network, a packet can be forwarded to the next hop, as
soon as it is received by a sensor node, which helps to eliminate the
delay incurred for setting up the path.
Nikolaos. A et. al. (2009) proposed, a TDMA scheduling
scheme for energy efficiency is proposed in order to construct an
appropriate transmission schedule that achieves high levels of power
conservation and at the same time reduces the end-to-end transmission
time from the sensors to the gateway. Network connectivity is ensured
by scheduling TDMA based wakeup intervals, which are used for
propagating WakeUp messages, prior to data transmissions. The
appropriate scheduling of the WakeUp intervals allows the data packets
to be delayed by only one sleep interval for the end-to-end transmission
from the sensors to the appropriate gateway.
Ye. Q and L. Cheng (2007) proposed two protocols, called
TNT and PTNT, to address sink mobility problem. In TNT, each node
maintains a tracking counter and sets up a beacon timer. The mobile
sink broadcasts a beacon periodically to its neighboring nodes. If a
neighboring node receives the beacon, then increases its tracking
counter by 1 otherwise, decreases that by 1 when the beacon timer
expires. Therefore, the sensed data can be forwarded to the mobile sink
93
by using the sequence of the tracking counters. However, in this scheme,
inefficient paths could be incurred due to the special movement patterns
of the sink, thus result longer transmission delays.
Hwang S. F., et. al. (2008) proposed a weight function to
provide efficient data reporting in WSNs with mobile sinks. Sensor field
is divided into several grids and only one node is selected as a head in
each grid. For saving energy, some heads become active nodes to sense
and forward data in each round. The definition of a round is, the mobile
sink issues a query to request active nodes to sense and gather the
queried data, and the sink moves arbitrarily until it receive the gathered
data. In addition, all active nodes are classified into multiple levels. The
classified levels are utilized to construct the weights of active nodes,
according to the weight. When the active nodes receive a query from the
mobile sink, the queried information can be forwarded along the path
determined by the active nodes’ weights. When the mobile sink moves,
it only needs to locally broadcast an update packet to its neighboring
active nodes, and the classified levels are used to limit weight update
scope. However, this method cannot scale well to large sensor networks,
the main reason is that the location update scope becomes very large,
and the frequent location updates consume much energy.
Hyun et. al. (2009) described a novel Two-phase Data
Reporting (TDR) scheme that supports class-based QoS to sensor nodes
94
in different priority classes. In the first phase, time slots are divided into
separate data reporting round defined for each class, while in the second
phase, the sensor nodes in the same class are scheduled to particular
time slots depending on the given number of slots calculated in the first
phase. In TDR, sensor nodes compete with other nodes in the same class
only, while nodes in different classes have differentiated channel access
opportunity. TDR is performed in a single-hop cluster-based topology,
and a cluster head acts as a Node Assignment Manager (NAM). Sensor
nodes wake up for their scheduled time slots; otherwise, they go into
sleep mode to save energy. TDR supports both schedule- based and
contention-based channel access mechanisms and is scalable due to its
distributed nature.
Huai-Lei Fu et. al. (2010) proposed a region-based reporting
mechanism, namely Energy-Efficient Distributed-Control Reporting
(E2DCR) mechanism, for the MSNs. The Mobile Sensor Networks
(MSNs) have been widely deployed to provide a ubiquitous solution for
time-sensitive applications in a specific area with low deployment cost.
The monitoring area of an MSN can be divided into several Sensing
Regions (SRs). In an SR, the Mobile Sensor (MS) is responsible for
reporting the sensed data to the sink node. For the time-sensitive
applications on MSN, the time is divided into multiple Monitoring
Periods (MPs). During every MP, a sensing report transmission in an SR
is invalid if the sensing report is generated before the beginning of the
95
MP. During every MP, the E2DCR mechanism attempts to have only
one MS transmit the Sensing Report in an SR, and the other MSs in the
same SR can stay in the sleep mode for power saving. Simulation
experiments are conducted to investigate the performance of the
proposed mechanism. Our study shows that E2DCR can meet the delay
constraint of the time-sensitive applications with less power
consumption
Tashtarian . F, et. al. (2008) introduced an event driven data
reporting and routing algorithm for WSNs that offers a local timing
based data reporting scheme in a clustered network. When an event
occurs, the nodes that has discovered the event, are supposed to report it
to their respective cluster heads. All of these nodes would wait for a
specific time (based on its residual energy) to send the information.
However, only the one of the sensing nodes is going to send the data to
the cluster head. The most appropriate node is the one with more
residual energy and it will take its tour sooner to report the data. The
waiting time for each individual node is based on its residual energy and
its respective cluster head’s energy. A channel access management
based on CSMA is used for avoiding collision and multiple sending.
The performance of this algorithm is evaluated in the sense on network
lifetime and event detection reliability.
96
Ehssan Sakhaee et. al. (2009) proposed an energy-efficient self-
organizing global extremity reporting scheme for WSNs. The proposed
scheme assists applications of periodic reporting of extreme values
(such as maximum or minimum temperature/pressure) across a wireless
sensor field, back to the sink. Furthermore, an event-driven counterpart
is supplied for individual sensor nodes to supply their instantaneous
sensed values back to the sink, once queried. The targeted sensors
initially establish their relative distances to the sink in regards to number
of hops, whilst the Highest Hop count Nodes (HHNs) from the sink
identify themselves. The broadcast initiation of the HHNs has the ability
to penetrate all nodes within the network towards the sink, and hence
obtain the extreme value of the entire network in an efficient manner.
This is due to the relative position of these special nodes within the
network. Furthermore, the scheme does not require nodes to possess
location information of them selves or other nodes, avoiding the need
for the GPS or other location-aware methods. Simulation results show
the effectiveness of the proposed protocol in its target application. In
particular, the advantage of HHN-initiated broadcasting can be seen in
both uniformly and randomly distributed topology networks.
Zhen Yu et. al. (2010) proposed a dynamic en-route filtering
scheme that addresses both false report injection and DoS attacks in
WSNs. In their scheme, each node has a hash chain of authentication
keys used to endorse reports; meanwhile, a legitimate report should be
97
authenticated by a certain number of nodes. First, each node
disseminates its key to forwarding nodes. Then, after sending reports,
the sending nodes disclose their keys, allowing the forwarding nodes to
verify their reports. They design the Hill Climbing key dissemination
approach that ensures the nodes closer to data sources have stronger
filtering capacity. Moreover, they exploited the broadcast property of
wireless communication to defeat DoS attacks and adopt multipath
routing to deal with the topology changes of sensor networks.
3.4 SUMMARY
A key concern of our work is to ensure the fusion node send
the valid data to the BS as well as minimize sensor energy consumption.
The above authors suggested several methods for efficient and secured
data fusion. In the problem concern the hierarchical data fusion structure
is suitable because the load to be scatter in various level so we get
energy efficiency. Here the MAC based security mechanism is used
because MAC to be validated in both end receiver and sender. In the
proposed method, the witness nodes encrypt their own fusion results to
MACs with private keys shared with the BS.