Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
Chapter 4
Trusted neighbors based Secured
Routing Scheme in WSN using Agents
Secured routing in Wireless Sensor Network should focus on identifying the neighbors which
are free from various types of attacks. It becomes a challenging task to identify the neighbors
that are trustworthy since viruses, malwares, etc. make the nodes not only to pretend as if
they are trustworthy and free from any types of attacks but also create a feeling that they
are involved in avoiding all types of threats. In such a situation, traditional mechanisms of
security schemes may not be sufficient and thus we need intelligent schemes to overcome the
challenges. Software agent technology provides the promising secured routing mechanism
where in autonomous agents are involved in identifying all types of security threats and
secured routes in WSN’s with the help of neighbor nodes that are trustworthy and the
routes may be created using such neighbors.
In this chapter, we propose Agent based SEcured Routing using Trusted neighbors
(ASERT) in WSN. ASERT selects trustworthy neighbors and establishes secured routes
using software agents. ASERT relies on the trusted neighbors which are identified by agents
as discussed in chapter 3. Secured routes are established operates in following phases. (1)
Defining Safeguard Agency (SA) and Routing Agency (RA), both consisting of static and
mobile agents and knowledge base. (2) Identification of trustworthy neighbor nodes by SA
81
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 82
with trust model that consists of probability and Message Authentication Codes (MAC)
model. (3) Probability model estimates the trustworthy channel and trustworthy nodes
whereas MAC model ensures them. (4) MAC’s are dynamically computed by agents by
generating the keys with the help of Random Oracle Extractor (ROE). (5) RA establishes
secured routes from source to the sink node using agents. (6) Agents effectively identify
possible security threats on wireless channel and node. (7) An improvement in packet delivery
ratio, packet delivery latency, route maintenance overhead, memory overhead and energy
consumption is achieved in ASERT as compared to two protocls, namely, Bio-inspired Trust
and Reputation model in WSN (BTRM-WSN) using ant colony based approach and Ambient
Trust Sensor Routing (ATSR) that uses trust combined with location information for routing.
4.1 Related Works
Some of the related works are as follows. A compromised node locator for detecting and
locating compromised nodes is proposed in [63]. The scheme uses collision resilient hashing
mechanism known as incremental hashing to sign the incoming, outgoing and locally gen-
erated/dropped message sets. Hash values are then sent to the sink node for trusted node
comparisons. The authors explains procedure to securely collect these hash values and then
locate compromised nodes. The scheme can also be combined with existing en-route false
report ltering methods to achieve both early false report dropping and accurate compromised
nodes isolation.
The authors in [64] discuss prior security threat analysis of third generation mobile
network architectures for wireless mesh back-hauls. It proposes security model for the con-
sidered architecture and provides a list of the basic assumptions, security objectives, assets
to be protected by intelligent act of agents. On this basis, the potential security threats are
analyzed, discussed and then assessed for their corresponding risk factors.
A secure mechanism to accomplish a trusted relationship between sensors in the wireless
networks according to trusted computing group specifications is proposed in [65]. It describes
how the trusted platform is established followed by the description on trusted authentication
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 83
protocol that confirms only trusted nodes existed in the network. The authors also analysed
on the energy consumption for the trusted platform and the authentication protocol. Four
different ways to incorporate trust knowledge in location-based routing algorithms which
balance trust and location information is proposed in ATSR[66]. Routing solution used as
weighted routing cost function to perform trust and location-aware routing. It evaluated
delivery ratio in the existence of malicious nodes, packet latency and near optimal path
length using computer simulations under several conditions.
The authors in [67] propose a framework called UNMASK that mitigates attacks such
as wormholes, sybil attack and selective forwarding by detecting, diagnosing, and isolating
the malicious nodes. UNMASK uses the ability of a node to oversee its neighboring nodes
communication. It builds a secure routing protocol LSR(Lightweight secure routing pro-
tocol), that provides additional protection against malicious nodes by supporting multiple
node-disjoint paths on top of UNMASK. The authors in [68] propose a hierarchical trust
management protocol leveraging clustering to cope with a large number of heterogeneous
sensor nodes for scalability and re-congurability as well as to cope with selsh or malicious
sensor nodes for survivability and intrusion tolerance. The authors address the key design
issues of trust management including trust composition (what trust components are consid-
ered), trust aggregation (how information is aggregated for each trust component), and trust
formation (how trust is formed from individual trust components).
The authors in [69][70] propose TARF- a trust aware routing framework which secures
the multi-hop routing in WSNs against intruders exploiting the replay of routing information
by evaluating the trustworthiness of neighboring nodes. It identies such intruders that mis-
direct noticeable network trafc by their low trustworthiness and routes data through paths
circumventing those intruders to achieve satisfactory throughput. The authors in [71] pro-
pose LSRP- link state routing protocol based on trust by eliminating the malicious nodes
from the network. The protocol incorporates a trust computational model with direct and
indirect experiences based on traditional weighting approach of the QoS characteristics such
as packet forward, data rate, power consumption reliability. The trust management sys-
tem at the node computes trust table for network nodes using a threshold to find out the
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 84
benevolent nodes of the network then using link state routing finds all available paths by
eliminating the malicious nodes.
4.2 Our contributions
Agent based secured routing in WSN using trusted neighbors uses two agencies: safeguard
agency and routing agency. Safeguard agency identifies trustworthy neighbors and routing
agency establishes secured routes through trustworthy neighbors. Identification of trustwor-
thy neighbors has been discussed in chapter 3.
Our contributions in this work are as follows. (1) Defining routing scheme with the help
of trustworthy neighbors and routing database. (2) Employing agents to traverse through
trustworthy neighbors and establish secured routes to the sink node using various types
of databases maintained with the nodes. (3) Monitor secured routes by adapting route
maintenance mechanism for various link/node failures and security breaches. (4) Simulation
analysis for various parameters and performance comparison with BTRM-WSN and ATSR.
4.3 Secured routing using trusted neighbors
A sensor node willing to transmit the information to the sink node securely is required to do
so by finding the trusted neighbors through which the routes can be set up. It becomes im-
portant to identify the trusted neighbors since the neighbors may be compromised by various
types of attacks. The challenge is to find trustworthy neighbors. The fundamental require-
ment to identify trustworthy neighbors depends upon two components. (1) Trustworthiness
of a channel connecting the neighbors and (2) trustworthiness of a neighbor node itself. We
use trust model that comprises of probability model and MAC model to identify trustworthy
neighbors, through which secured routes are set up. These components are discussed in trust
model.
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 85
We use same probability model given in section 3.3.1 in chapter 3 with little modifi-
cation in MAC model to identify trusted neighbor nodes. The modification in MAC model
is in deriving keys k1 and k2 using Random Oracle Extractor instead of k-ERF generator.
The details of MAC model is discussed in this section.
4.3.1 MAC model
The cryptographic systems are designed to perform complicated encryption and hence the
message authentication becomes challenging in spite of various attacks from adversaries.
Many protocols are designed based on the assumption that the hosts posses a secret random
string known as key and it is conveniently taken for granted that the entire key is kept secret
from an adversary. There might be a possibility that an adversary may detect a part or
entire key which is called as key exposure problem and it has significant practical interests.
The primary message is encrypted with a key generated by ROE [72][73] and creating MAC
with the generated key.
The reason for using ROE for the key generation is that it provides highly randomness
in the generated key such that if any part of the key is known to the adversary, it is not
possible to recover the entire key. We introduce the mechanism of MAC generation using
ROE and describe how the scheme is implemented to identify the trusted neighbors in order
to maintain confidentiality, authentication and integrity. The ROE is used to generate
random keys. The model of the random oracle over the function f is given in Equation 4.1.
f : {0, 1}b → {0, 1}k (4.1)
which maps b dimension non-uniform input distribution to k dimension uniform output
distribution. The adversary may be allowed to search at up to t points, and possibly the
input distribution is made to depend on these t searches. This means that an extractor takes
a weakly random b-bit input with a uniform random seed and produces an k-bit output that
looks uniformly random up to t searches. The remaining unsearched (2b − t) values of f
are chosen randomly and they are independent of input space. In this process, unsearched
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 86
values are hidden from the adversary.
We use t searches comparatively lesser than 2b such that the large number of values
are hidden from the adversary. ROE algorithm can be realised in all the sensor nodes by
selecting the suitable values of b and t depending upon the application. It requires few lines
of the codes for its implementation.
The process of generating MAC using ROE is shown in Figure 4.1. Since the keys k1
and k2 generated from ROE are highly random within a very large distribution space, it is
almost impossible for an adversary to detect the keys and thus high level of security features
such as authentication, confidentiality and integrity are maintained in ASERT.
Message
+
Message+MAC
k1
+Transmitted message
k2
Random Oracle Extractor
Random Oracle Extractor
Figure 4.1: MAC generation to identify trusted neighbors
The MAC encrypted message is sent to the neighbors that are found to be trustworthy
by probability model. Re-computation of MAC on neighbor nodes ensures the trustworthi-
ness of the wireless channel and the sensor node thereby endorsing the trusted neighbors
identified by the probability model.
4.3.2 Secured route establishment
Secured routes are established through the trustworthy neighbors that are identified by the
trust model. A sensor node willing to establish secured routes to the sink node creates
Request Packets (RQ) and distributes RQ packets to all trustworthy neighbors. Every RQ
packet is modified as Route Reply packet (RR) by the sink node upon reaching the sink
node successfully. The components of RQ and RR packets are as follows.
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 87
• Node address: It is the address of the source node willing to establish routes to the
destination or sink node.
• Sink node address: It is the address of the sink node, where the data is to be delivered.
• Visited node address: It is the address of the neighbor node or intermediate node on
the path from source to sink node. Some of the visited nodes may become a part of
the route that is established.
• Hop Distance (HD) in meters: It is the distance between the node and its one hop
neighbor. (The distance between two nodes is obtained using the distance formula
with nodes coordinate values).
• Route Distance (RD) in meters: It is the distance between the source node and a
visited node. It helps in establishing shortest routes to the sink.
• Trusted neighbor flag (T): T=1, if the node is trustworthy, else T=0.
• Forwarding node flag (F): A trustworthy node is on the route if F=1, else F=0.
• Path Information (PI): Sequence of addresses of sensor nodes on the path from source
node to sink node. This field is appended with the address of every visited node.
• Route Establishment Flag (REF): For RQ packet, REF=1 and for RR packet REF=0.
• Sequence number (Seq-no): It is the number assigned for every RQ packet by the
source node.
Secured route establishment in WSN comprises of two phases: Request phase and
Reply phase. In request phase, RQ packets (REF=1) are routed from source node to the
sink node through trusted nodes by appending the address of every visited node in PI field.
In reply phase, shortest secured routes are established from source to sink node.
Every sensor node maintains routing and neighbor related information in its Routing
Data Base (RDB) and the routes are set up using the information in RDB. RDB gets updated
as and when the node processes RQ/RR packets during which RDB prunes the information
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 88
related to earlier neighbors and thereby RDB has only the optimum data to be stored. A
typical RDB maintained at a node is shown in Table 4.1 where a1, a2, a3, etc. represent the
sensor node addresses. The memory overhead due to RDB is well within the capability of
available sensor nodes in the market [74]. Simulation analysis given in Figure 4.6 in Section
4.6.4 shows that the average memory overhead at each node is less than 1500 bytes for
ASERT.
Table 4.1: Routing Data Base(RDB)Node address Neighbor node RD F T Pr(TN) Seq-no.
addressa1 a2 102 1 0 0.13 02
a3 210 0 1 0.65 05a4 64 0 1 0.43 13a5 176 0 0 0.05 21a6 198 1 1 0.87 03
The sequence of operations in request phase and reply phase are as follows. (1) Source
node creates RQ packet and sends them to their one hop neighbors. (2) The neighbor node
checks its trustworthiness, i.e., if Pr(TN) ≥ θ, then T is updated as T = 1, else T = 0. (3) If
T = 0, the packet is discarded. (4) If T = 1, go to step 5. (5) Append PI in RQ packet with
node address. (6) RQ packet is retransmitted to its neighbors. (7) If the Seq − no. in RQ
packet is same as the Seq−no. stored in RDB, then the packet is discarded as duplicate. (8)
Repeat steps 2 to 7 for all intermediate nodes. (9) If RQ packet reaches sink node, update
flag REF = 0 and create RR packet. (10) Sink node retransmits RR packet to the node
from where it received RQ packet (i.e., RR packet is sent to the node representing recent
address in PI field). (11) Duplicate RQ packets received later from same source node are
discarded. (12) The node receiving RR packet sets the flag F = 1 in its RDB to indicate
that it is a forwarding node and it is on the path from source to the sink node. The node
computes HD from previous/sink node and updates RD in RR packet to a new value as
RD = RD + HD (with initial value of RD = 0). (13) Repeat step 12 till RR packet reaches
source node.
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 89
After receiving the RR packet, the source node will have the complete route information
to the sink node. This route information is in the form of node addresses in PI field. Since
the routing scheme involves route set up only through trustworthy neighbors, secured routes
are ensured. The shortest route is established from source node to sink node since the sink
node creates RR packet for the first RQ packet received from same source node. Subsequent
RQ packets might have travelled through more number of hops as such packets have taken
longer time and they are discarded by the sink node. We use secured routing agency to
establish routes from source node to sink node through trustworthy neighbors.
4.4 Trusted neighbor based routing using agents
Software agents are used to establish secured routes from source node to sink node with the
help of trust model discussed in chapter 3 with MAC model with random oralce extractor
for key generator. Agent based SEcured Routing using Trusted neighbors (ASERT) is imple-
mented using Routing Agency shown in Figure 4.2. It comprises of two agencies: Safeguard
Agency (SA) and Routing Agency (RA) and a Knowledge Base (KB).
SA comprises of agents and a KB. Safeguard Manager Agent (SMA) is a static agent
that triggers mobile agent known as Trusted Neighbor Agent (TNA). SMA and TNA identify
trusted neighbors that are free from various types of attacks. RA comprises of a static agent
known as Route Manager Agent (RMA) and mobile agents known as Route Construction
Agent (RCA) and Route Sustenance Agent (RSA). RMA and RCA construct secured routes
from a source node to a sink node with the help of only trusted neighbors that are identified
by safeguard agency. Once the secured routes are constructed, it is equally important to
sustain the routes for the complete duration of data transfer. RMA and RSA perform the
task of route sustainability against security violations. KB consists of various information
used by the agents to identify trusted neighbors.
Trusted neighbors are identified in every node proactively, i.e., trusted neighbors are
updated regularly so that RA constructs the routes only with trusted neighbors thereby
avoiding possible security violations. Trusted neighbor based routing operates in two phases:
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 90
KB
Agency
RMA
Agency
SMA
Safeguard
Routing
RCA
RCA
RSA
RSA
TNA
TNA
Agent dispatches
Agent dispatches
Agent dispatches
Agent Arrives
Agent Arrives
Agent Arrives
Figure 4.2: Secured Routing Agency
(1) Identifying trusted neighbors using SA and (2) constructing secured routes using RA.
Since the code used to define agents very little compared to the benefits of using
agents, deploying agents in ASSERT does not lead to more energy consumption for both
computation and communication.
The functioning of safeguard agency to identify trusted nodes is discussed in chapter 3.
In this chapter, we provide a scheme of establishing secured routes and route maintenance
by RA using RMA, RCA and RSA.
As discussed in chapter 3, the purpose of finding trusted neighbors using the probability
model is that it identifies security violations of the channel and the sensor node thereby it
provides a means of first level security in finding trusted neighbors. The purpose of computing
the MAC and encrypting the message for a given data at both the nodes (sender node and
its neighbor node) and comparing them is to achieve authentication, confidentiality and
integrity. These security features that have been incorporated in ASERT are as follows.
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 91
(1) Authentication: Since the secret keys (k1 and k2) are known only to the sender and
its neighbor nodes, if the calculated MAC at sender matches with the MAC computed
at its neighbor, then neighbor is assured that the message is not altered. This is because
an adversary can only alter the message but not the MAC as the keys are not known
to the adversary. Thus, it is not possible for the adversary to alter the message. Thus,
authentication is achieved. (2) Confidentiality: The message concatenated with MAC at
the sender is encrypted using secret key k2 and the encrypted message is carried by TNA.
The neighbor node decrypts the encrypted message brought by TNA with the same key k2.
The result of decryption is to obtain the message concatenated with MAC. At both sender
and its neighbor node, same key k2 is used and as the key k2 remains secret throughout
the transmission, the information leakage is not possible thus providing the confidentiality
of data. (3) Integrity: Since the agent based scheme uses proper sequence numbers to keep
track of transmitted messages and the adversary cannot alter the sequence numbers, the
integrity of the data is achieved.
4.4.1 Secured routing using routing agency
The list of trustworthy neighbors are given to RMA in RA by SMA in SA. Thus, at any
given time, RMA in every node will have the list of trusted neighbors through which secured
routes can be set up. Whenever a node wishes to establish secured routes, the RMA of that
node triggers mobile agents RCA’s and these RCA’s carry RQ packet to all the trusted
neighbors. The functioning of RMA and RCA are as discussed in following section.
Functioning of routing agency
Routing Agency (comprising of RMA, RCA and RSA) is responsible for setting secured
routes in WSN for identified trusted neighbors. The sequence of operations performed by
RMA and RCA are discussed in this section.
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 92
• Routing Manager Agent(RMA): It is a static agent that gets activated whenever a
node is willing to set up secured routes to the destination. The functions of RMA
are as follows. (1) Obtain the list of trustworthy neighbors from SMA (this list is
stored by SMA in KB as [TN] as discussed in chapter 3). (2) Creates RCA and clones
number of RCA’s equal to the number of trusted neighbor nodes. (3) Create RQ
packet that are carried by RCA’s to neighbor nodes. (4) RMA of trusted intermediate
node receives RQ packet from RCA and adds its node address to PI field of RQ packet
and retransmits the RQ packet to other trusted neighbor nodes through RCA’s. (5)
RMA of trusted intermediate node discards the RQ packet received from same source
node second time since it is a duplicate packet. (6) RMA of sink node generates RR
packet by setting REF=0 in RQ packet. (7) RMA of sink node discards duplicate
RQ packets that are received after generating RQ packet. (8) RMA of intermediate
node receives RQ packet, sets F = 1 in its KB and retransmits it to the next address
in PI field of RR packet. (9) RMA of source node stores the information in PI field
as a route to the sink node.
• Routing Construction Agent(RCA): The functions of RCA are as follows. (1) Get
RQ packet from source node and carry RQ packet from source node RMA to its
trustworthy neighbor. (2) RCA that visits untrustworthy node kills itself. (3) RCA
carrying duplicate RQ packet kills itself. (4) Carry the RR from sink node to all the
nodes with addresses in PI field of RR packet till it reaches source node.
When an RCA is successfully reached to the source node, source node RMA will have
complete route information in terms of node addresses in the PI field of RR packet. Source
node RMA will use this path to transmit data to the sink node.
Even though ASERT is flooding based, since we deploy agents for identifying trustwor-
thy nodes to set up secured routes in WSN, most of the untrustworthy nodes are avoided by
the autonomous decisions of agents. The traffic related to such nodes has been eliminated
from the total traffic in the network. Thus, the energy conservation is better in ASERT as
compared to other mechanisms.
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 93
Route maintenance
Once the routes are set up, route maintenance phase starts. Maintenance of routes is required
to monitor the routes during data transmission.The routes may be broken due to link and/or
node failures or routes may be unavailable because of security violations. Even though,the
RA takes possible care in setting up secured routes, monitoring the routes during data
transfer against security breaches becomes significant. RA initiates route maintenance phase
once the routes are set up. For this purpose, RMA creates a mobile agent RSA which visits
every node on the path from source node to sink.
• Route Sustenance Agent(RSA):The functions of RSA are as follows. (1) Take path
information (PI) from source node RMA to sink node RMA by traversing through the
route established and bring back the status of the route to the source node. (2) Repeat
step 1 periodically. (3) If an intermediate node does not receive subsequent packets(due
to security violations and/or route/node failures), RMA of that node creates RSA and
dispatches with PI. (4) This new RSA takes the list of trusted neighbors from RMA.
(5) RSA visits one of the trusted neighbors (listed in [TN]) and sets up a link to
nearest node on the path from source to the sink node. (6) This link may consists of
some number of hops that makes local recovery of broken links. (7) Local recovery
may also be initiated by the RSA in case of security violations some of the cases such
as the node is taking more time to process the packet, wrong computations of MAC
and probability values, etc. (8) RSA may be dispatched by the source node RMA
to visit all the nodes on the route to the sink node and the RSA performs steps 4 to
7 for any link breaks or for any security violations. (9) The local recovery of broken
links/nodes performed in step 6 is communicated to source node. (10) RSA created
at any node performs local recovery operation and communicates the local patch-up
path information to source node and kills itself after the task. (11) If there are many
link/node failures, RMA of source node re-establishes new route to the sink. Thus,
RMA and RSA ensure the secured data transfer for entire session.
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 94
4.5 Simulation model
Agent based trusted neighbor selection scheme is simulated in various network scenarios to
assess the performance and effectiveness of the approach. Event driven simulation is used
in which the execution of various functions takes place at discrete events in a chronological
sequence. Simulation environment for the proposed work consists of four models: (1) Net-
work model, (2) Trust model, (3) Propagation model and (4) Traffic model. The models are
discussed below.
• Network model: A sensor network is generated in an area of l× b square meters. It
consists of N number of nodes that are assumed to be connected to a base station at
the boundary of a network.
• Trust Model: Trust model consists of Pr(TN) computed by agents which is used to
identify first level trusted neighbors based on the threshold θ.
• Propagation model: Free space propagation model is used with propagation constant
β. Transmission range of a node is r for one-hop distance.
• Traffic model: Constant bit rate model is used to transmit fixed size packets, Trpkts
with a transmission power Tx.power. Coverage area around each node has a band-
width, BWsingle−hop, shared among its neighbors.
4.5.1 Simulation procedure
The proposed scheme is simulated using the following simulation inputs. l = 1000 mtrs., b =
1000 mtrs., N =[50 to 500], Pr(TN)= 0 and 1, θ=[0.1-0.3], β=2.5, r = 350 mtrs., Trpkts =
multiples of 1000, BWsingle−hop = 250 Kbps, Tx.power=[2mW-4mW].
Simulation procedure involves following steps.
1. Generate sensor network environment: The nodes are randomly deployed in a fixed area
and the topology changes at regular intervals. Within certain interval, the performance
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 95
evaluation is carried out.
2. Agents visit the neighbor node and bring channel and node probability for their trust-
worthiness using probability model.
3. Agents ensure trustworthiness of channel and node using MAC model.
4. Compute performance parameters of the system: Performance parameters are assessed
and plotted with different variables.
The following performance parameters are assessed.
• Packet Delivery Ratio (PDR): PDR is the ratio of the number of packets received at
the sink node to the total number of packets sent by the source. The percentage PDR
is given in Equation 4.2.
PDR =Total number of packets received at sink node
Total number of packets sent by source node× 100 (4.2)
• Packet Delivery Latency (PDL): PDL is defined as the average time taken to establish
the routes and transmit the packets from source node to the sink node. PDL includes
the time required to identify the trustworthy neighbors and establish the routes.
• Route Maintenance Overhead: This overhead is due to the additional number of packets
required to monitor the routes for link/node failures.
• Memory Overhead: It is defined as the average amount of memory (in bytes) required
to store node KB, neighbor node KB and RDB in the sensor node’s memory involved
in routing .
• Energy Consumption: It is the average energy in joules consumed for transmission and
reception of packets for all the nodes in a network to establish secured routes using
trustworthy neighbors.
• Avearge Success Ratio (ASR): It is the average of Success Ratios (SR). SR for single
node in the network is defined as a ratio of number of trustworthy neighbor nodes
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 96
identified by agent based scheme to the actual number of trustworthy neighbor nodes.
SR at a node is given by the equation 4.3.
Success Ratio(SR) =Number of trustworthy neighbor nodes identified
Actual number of trustworthy neighbor nodes(4.3)
ASR is defined for certain number of randomly selected nodes in a network as given in
Equation 4.4.
Average Success Ratio(ASR) =
∑Kk SRk
K(4.4)
where K is the number of selected nodes for which trusted neighbors are identified.
• Agent Overhead: It is defined as the additional number of packets required to define the
agency and agent activities that are necessary to implement trusted neighbor selection
in WSN.
4.6 Results
The simulation is carried out on Pentium IV machine using ’C’ language. The analysis of
performance parameters are given in this section.
4.6.1 Analysis of Packet Delivery Ratio (PDR)
The PDR with increasing number of nodes is shown in Figure 4.3 for ASERT, BTRM-
WSN and ATSR with varying transmission power of 4mW and 2mW. PDR is more for
ASERT compared to other schemes because ASERT uses secured routes to transmit the
data packets. These routes are more stable and free from all types of security violations
since RMA and RCA set up routes using trustworthy neighbors. Moreover, ASERT uses
local recovery of failed links/nodes using RMA and RSA thereby reducing the packet drops.
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 97
BTRM-WSN uses unstable routes and since there is no proper security check for the routes
once established. Sometimes, ants may also use untrustworthy nodes to finalize the routes.
The pheromone levels become unstable as it dries out exponentially with time. If one wishes
to maintain the route stability using pheromone, it needs to be updated at regular intervals
and BTRM-WSN does not provide such time restrictions on updating the pheromone that
leads to reduced PDR. ATSR has better PDR that BTRM-WSN since the former considers
trust value and distance as deciding factors to set up the secured routes. Since there is a
switching between the trusted forwarding set (FS) and optimal path, wherein some of the
packets may be dropped resulting in lesser PDR than ASERT. For all three cases, PDR for
4mW is more compared to 2mW since higher transmission power leads to less number of
packet drops.
50
55
60
65
70
75
80
85
90
95
100 150 200 250 300 350 400 450 500
PD
R(%
)
Number of nodes
PDR(%) Vs. Number of nodes;
ASERT, Tx. power = 4mW ATSR, Tx. power = 4mW
BTRM−WSN, Tx. power = 4mWASERT, Tx. power = 2mW
ATSR, Tx. power = 2mWBTRM−WSN, Tx. power = 2mW
Figure 4.3: PDR Vs. Number of nodes
4.6.2 Analysis of Packet Delivery Latency(PDL)
Latency for ASERT, BTRM-WSN and ATSR with different values of probability threshold θ
is shown in 4.4. In ASERT, this latency includes time taken to apply trust model to identify
trusted neighbors using safeguard agency and establish secured routes through trustworthy
neighbors using routing agency. The latency increases with increase in number of nodes.
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 98
This increase in latency is due to the increased overhead of identifying trustworthy neigh-
bor nodes and establishing secured routes. Since the number of trustworthy neighbor nodes
increases with the increase in total number of nodes, there is increase in latency. Correspond-
ing latency in BTRM-WSN is substantially higher than ASERT because in BTRM-WSN,
multiple iterations are performed to select secured routes as there is no assurance that all
the ants launched by the client will return back in a single iteration to compare and select
the best path. As there are more number of trustworthy neighbors with lower value of θ, the
latency increases for large number of trusted nodes since more time is required to establish
the routes. Latency is higher for BTRM-WSN compared to ASERT for varying values of θ.
ATSR has to perform many computations to calculate the wights for distance and trust val-
ues to each node that requires more time to compute and thus, the delay is more compared
to ASERT and BTRM-WSN.
20
30
40
50
60
100 150 200 250 300 350 400 450 500
La
ten
cy(m
s)
Number of nodes
Latency(ms) Vs. Number of nodes;
ASERT, Theta = 0.2BTRM−WSN, Theta = 0.2
ASERT, Theta = 0.1BTRM−WSN, Theta = 0.1
ATSR, Theta = 0.2ATSR, Theta = 0.1
Figure 4.4: Latency Vs. Number of Nodes
4.6.3 Analysis of route maintenance overhead
Route maintenance overhead versus number of nodes with node transmission power for
ASERT, BTRM-WSN and ATSR is shown in Figure 4.5. Since the proposed ASERT mech-
anism implements local recovery of link/node failures using RMA and RSA, we observe less
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 99
overhead compared to BTRM-WSN that re-establishes the entire routes as ants are not ca-
pable of local recovery mechanism. Since ATSR has to establish all the routes afresh under
link/node failures and these routes have to consider both path optimality and trust, the
route maintenance overhead is higher comapared to ASERT and BTRM-WSN.
In all three schemes, we observe that the increase in node transmission power from
2mW to 4mW, the route maintenance overhead decreases since the route breaks are less
frequent for higher transmission power.
200
250
300
350
400
450
500
550
600
650
100 150 200 250 300 350 400 450 500
Ro
ute
ma
inta
ina
nce
ove
rhe
ad
(pa
cke
ts)
Number of nodes
Route maintainance overhead Vs. Number of nodes;
ASERT, Tx. power=2mWBTRM−WSN, Tx. power=2mW
ASERT, Tx. power=4mWBTRM−WSN, Tx. power=4mW
ATSR, Tx. power=4mWATSR, Tx. power=2mW
Figure 4.5: Route Maintainance Overhead Vs. Number of Nodes
4.6.4 Analysis of memory overhead
The average amount of memory required to be stored in all the nodes involved in routing
process is shown in Figure 4.6 for ASERT, BTRM-WSN and ATSR with simulation time.
In ASERT, this overhead is because of the memory required to store various databases
and agents on each trustworthy neighbor node thereby eliminating storage requirement of
untrusted nodes. Whereas, in BTRM-WSN, this overhead is very high because each node
stores m×ns pheromone values in its memory, where m is the number of services and ns are
its neighbors along with sensor identifications. This yields large memory overhead compared
to ASERT. In ATSR, all the nodes have to store trust values and distance values for multiple
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 100
paths and thus, the memory overhead is higher comapred to ASERT and BTRM-WSN. We
observe that the memory overhead for lesser number of nodes is less and it increases with
increase in the number of nodes in the network in all three cases. ASERT presents less
memory overhead compared to BTRM-WSN and ATSR because the later uses all the nodes
to establish and maintain the routes whereas ASERT establishes the routes only through
trustworthy nodes.
900
1000
1100
1200
1300
1400
1500
1600
1700
500 1000 1500 2000 2500 3000
Me
mo
ry o
verh
ea
d (
byt
es)
Simulation time
Memory overhead Vs. Simulation time(seconds);
ASERT, Number of nodes=200BTRM−WSN, Number of nodes=200
ATSR, Number of nodes=200ASERT, Number of nodes=400
BTRM−WSN, Number of nodes=400ATSR, Number of nodes=400
Figure 4.6: Memory Overhead Vs. Simulation time(seconds)
4.6.5 Analysis of energy consumption
Energy consumption in joules with increasing number of nodes is given in Figure 4.7 for
ASERT compared to BTRM-WSN and ATSR. We see that the energy consumption is less
for received packets (Rxpkts) than transmitted packets (Txpkts) for all the schemes. Since
the agents in ASERT do not return back if the visited node is found to be compromised (all
such agents die there itself), thereby it reduces the power consumption required to bring
the compromised node information back to the original node. In BTRM-WSN and ATSR,
the failed link/node information is brought back to the source node and hence there is more
energy consumption comapred to ASERT.
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 101
0
0.1
0.2
0.3
0.4
0.5
100 150 200 250 300 350 400 450 500
En
erg
y co
nsu
mp
tion
(J)
Number of Nodes
Energy consumption Vs. Number of Nodes
ASERT, RxpktsASERT, Trpkts
BTRM−WSN, RxpktsBTRM−WSN, Trpkts
ATSR, RxpktsATSR, Trpkts
Figure 4.7: Energy consumption Vs. Number of nodes
4.6.6 Analysis of Average Success Ratio (ASR)
10
20
30
40
50
60
70
80
90
100
50 100 150 200 250 300
Ave
rag
e S
ucc
ess
Ra
tio (
%)
Number of Nodes
Average Success Ratio Vs. Number of Nodes
Theta = 0.1Theta = 0.2
Figure 4.8: Average Success Ratio Vs. Number of nodes
ASR is assessed through simulation to find the effectiveness of ASERT with the varying
number of nodes as shown in Figure 4.8. ASR is necessary to identify trustworthy neighbors
using agents through which secured routes can be established. We find that there is an
increase in ASR with increase in the number of nodes for a given threshold. This is due
to the fact that there is a possibility that the number of neighbor nodes for a selected
node increases with increase in the total number of nodes in a network and thus there is a
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 102
10
20
30
40
50
60
70
80
90
100
50 100 150 200 250 300
Ave
rag
e S
ucc
ess
Ra
tio (
%)
Number of Nodes
Average Success Ratio Vs. Number of Nodes
K=8K=6
Figure 4.9: Average Success Ratio Vs. Number of nodes
possibility that trusted neighbor nodes identified by agents also increases.
The number of trustworthy neighbors identified with agents increases since the agents
use two stage mechanism to identify such neighbors; first stage being trusted neighbor identi-
fication by agents using probability model and the second stage being the use of MAC model
to ensure the trustworthiness of neighbor nodes. The number of nodes at which agents apply
trust model also increases with increase in number of nodes. We also observe that ASR is
higher for lower probability threshold value (θ) and it is less for higher θ. This illustrates
that agents are effective in capturing the trustworthy neighbors by using trust model and
autonomously taking decisions immediately to identify trusted channel and trusted node.
The behavior of ASR with varying number of nodes for different values of K is shown
in Figure 4.9. As in earlier case, here also ASR increases with increase in the number of
nodes. ASR is more for higher value of K is observed since agents may identify more number
of trustworthy neighbors as K increases. This is because, a neighbor node may be identified
as untrustworthy by one selected node, whereas due to increase in K, the same neighbor
node may proved to be trustworthy by another node. Thus, agents are effective in identifying
trustworthy nodes. For the obvious reasons, ASR increases with the increase in total number
of nodes in a network.
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 103
Nodes=200Nodes=100
10
20
30
40
50
60
70
80
90
100
5 6 7 8 9 10
Ave
rag
e S
ucc
ess
Ra
tio (
%)
K
Average Success Ratio Vs. K
Figure 4.10: Average Success Ratio Vs. Number of selected nodes (K)
Figure 4.10 shows the increase in ASR with increasing K and ASR is more for higher
number of nodes. This is because there is a possibility of more number of neighbors for any
given node and among them, the chance of having higher number of trustworthy neighbors is
more. BTRM-WSN does not consider trustworthy neighbors and the final route is selected
out of multiple routes established by ants using pheromone. It does not consider trusted
neighbor selection to establish secured routes and since ASERT defines ASR for trusted
neighbors, we have not compared ASR with BTRM-WSN. Since ATSR also does not use
agents, we have not compared it for computation of ASR.
4.6.7 Analysis of agent overhead
The additional number of control packets necessary to implement ASERT with number of
nodes is shown in Figure 4.11. We see that agent overhead increases with increase in the
number of nodes in the scenario since additional number of agents are required to identify
trusted neighbors by SA and the agents are required to establish secured routes by RA. It
is necessary to tolerate this overhead as ASERT is designed to provide secured and stable
routes using agents.
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 104
50
100
150
200
250
300
350
50 100 150 200 250 300
Nu
mb
er
of
Co
ntr
ol P
ack
ets
(b
yte
s)
Number of Nodes
Number of Control Packets(agents)Vs. Number of Nodes;
Agent Overhead
Figure 4.11: Agent Overhead
4.6.8 Benefits of using agents
Proposed ASERT offers flexibility, scalability, efficiency, adaptability, maintainability and
encapsulation of a protocol. We explain below how they are achieved by using the proposed
scheme. Flexibility: Agents are flexible to implement trusted node identification and thereby
establishing secured routes in WSN. For example, TNA’s generated by SMA clone themselves
to visit neighbor nodes and identify trustworthiness of visited nodes and RMA, RCA estab-
lish secured routes. The flexibility of route maintenance by RSA becomes significant since
autonomously it can initiate local route patch-up under link/node failures. Scalability: The
scheme may scale to larger networks since agents function in a distributed fashion thereby
it provides similar security level that of smaller network. Efficiency: Network efficiency is
improved since TNA and SMA agents take autonomous decisions in order to identify trust-
worthy neighbors. RMA, RCA and RSA enhance route establishment and route monitoring
efficiency. Adaptability: SMA, RMA, TNA, RCA and RSA adapt themselves to dynamic
behavior of the network nodes and correctly eliminate untrustworthy neighbor nodes to
establish and monitor secured routes for the duration of data transfer. Maintainability:
The components of new agents may be inherited in the components of old agents and thus
network maintainability improves with varying conditions. Encapsulation of a protocol: A
mobile agent can be coded to perform aggregated tasks such as identification of trustworthy
Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 105
neighbor nodes and setting up of secured routes. Thus, TNA, RCA and RSA encapsulate
the protocols that are customized based on functionality.
4.7 Summary
In this chapter, we proposed a novel idea of secured routing in WSN using trustworthy
neighbors with the help of agents through safeguard and routing agency. Safeguard agency
identifies all the trustworthy neighbors nodes as discussed in chapter 3. Routing agency
establishes routes through the trustworthy neighbors identified by safeguard agency. Sim-
ulation analysis of ASERT shows that there is an improvement in terms of packet delivery
ratio, packet delivery latency, route maintenance overhead, memory overhead and energy
consumption compared to BTRM-WSN that uses ant colony based secured route establish-
ment in WSN and ATSR that uses trust combined with location information for routing.
In the next chapter, we provide an integrated scheme of identifying fault-free and
trustworthy nodes and establishing secured routes through such nodes.