Chapter 4 Trusted neighbors based Secured Routing Scheme ...shodhganga.inflibnet.ac.in/bitstream/10603/49296/10/10_chapter 4.pdflength using computer simulations under several conditions

Chapter 4

Trusted neighbors based Secured

Routing Scheme in WSN using Agents

Secured routing in Wireless Sensor Network should focus on identifying the neighbors which

are free from various types of attacks. It becomes a challenging task to identify the neighbors

that are trustworthy since viruses, malwares, etc. make the nodes not only to pretend as if

they are trustworthy and free from any types of attacks but also create a feeling that they

are involved in avoiding all types of threats. In such a situation, traditional mechanisms of

security schemes may not be sufficient and thus we need intelligent schemes to overcome the

challenges. Software agent technology provides the promising secured routing mechanism

where in autonomous agents are involved in identifying all types of security threats and

secured routes in WSN’s with the help of neighbor nodes that are trustworthy and the

routes may be created using such neighbors.

In this chapter, we propose Agent based SEcured Routing using Trusted neighbors

(ASERT) in WSN. ASERT selects trustworthy neighbors and establishes secured routes

using software agents. ASERT relies on the trusted neighbors which are identified by agents

as discussed in chapter 3. Secured routes are established operates in following phases. (1)

Defining Safeguard Agency (SA) and Routing Agency (RA), both consisting of static and

mobile agents and knowledge base. (2) Identification of trustworthy neighbor nodes by SA

81

Chapter 4. Trusted neighbors based Secured Routing Scheme in WSN using Agents 82

with trust model that consists of probability and Message Authentication Codes (MAC)

model. (3) Probability model estimates the trustworthy channel and trustworthy nodes

whereas MAC model ensures them. (4) MAC’s are dynamically computed by agents by

generating the keys with the help of Random Oracle Extractor (ROE). (5) RA establishes

secured routes from source to the sink node using agents. (6) Agents effectively identify

possible security threats on wireless channel and node. (7) An improvement in packet delivery

ratio, packet delivery latency, route maintenance overhead, memory overhead and energy

consumption is achieved in ASERT as compared to two protocls, namely, Bio-inspired Trust

and Reputation model in WSN (BTRM-WSN) using ant colony based approach and Ambient

Trust Sensor Routing (ATSR) that uses trust combined with location information for routing.

4.1 Related Works

Some of the related works are as follows. A compromised node locator for detecting and

locating compromised nodes is proposed in [63]. The scheme uses collision resilient hashing

mechanism known as incremental hashing to sign the incoming, outgoing and locally gen-

erated/dropped message sets. Hash values are then sent to the sink node for trusted node

comparisons. The authors explains procedure to securely collect these hash values and then

locate compromised nodes. The scheme can also be combined with existing en-route false

report ltering methods to achieve both early false report dropping and accurate compromised

nodes isolation.

The authors in [64] discuss prior security threat analysis of third generation mobile

network architectures for wireless mesh back-hauls. It proposes security model for the con-

sidered architecture and provides a list of the basic assumptions, security objectives, assets

to be protected by intelligent act of agents. On this basis, the potential security threats are

analyzed, discussed and then assessed for their corresponding risk factors.

A secure mechanism to accomplish a trusted relationship between sensors in the wireless

networks according to trusted computing group specifications is proposed in [65]. It describes

how the trusted platform is established followed by the description on trusted authentication


protocol that confirms only trusted nodes existed in the network. The authors also analysed

on the energy consumption for the trusted platform and the authentication protocol. Four

different ways to incorporate trust knowledge in location-based routing algorithms which

balance trust and location information is proposed in ATSR[66]. Routing solution used as

weighted routing cost function to perform trust and location-aware routing. It evaluated

delivery ratio in the existence of malicious nodes, packet latency and near optimal path

length using computer simulations under several conditions.

The authors in [67] propose a framework called UNMASK that mitigates attacks such

as wormholes, sybil attack and selective forwarding by detecting, diagnosing, and isolating

the malicious nodes. UNMASK uses the ability of a node to oversee its neighboring nodes

communication. It builds a secure routing protocol LSR(Lightweight secure routing pro-

tocol), that provides additional protection against malicious nodes by supporting multiple

node-disjoint paths on top of UNMASK. The authors in [68] propose a hierarchical trust

management protocol leveraging clustering to cope with a large number of heterogeneous

sensor nodes for scalability and re-congurability as well as to cope with selsh or malicious

sensor nodes for survivability and intrusion tolerance. The authors address the key design

issues of trust management including trust composition (what trust components are consid-

ered), trust aggregation (how information is aggregated for each trust component), and trust

formation (how trust is formed from individual trust components).

The authors in [69][70] propose TARF- a trust aware routing framework which secures

the multi-hop routing in WSNs against intruders exploiting the replay of routing information

by evaluating the trustworthiness of neighboring nodes. It identies such intruders that mis-

direct noticeable network trafc by their low trustworthiness and routes data through paths

circumventing those intruders to achieve satisfactory throughput. The authors in [71] pro-

pose LSRP- link state routing protocol based on trust by eliminating the malicious nodes

from the network. The protocol incorporates a trust computational model with direct and

indirect experiences based on traditional weighting approach of the QoS characteristics such

as packet forward, data rate, power consumption reliability. The trust management sys-

tem at the node computes trust table for network nodes using a threshold to find out the


benevolent nodes of the network then using link state routing finds all available paths by

eliminating the malicious nodes.

4.2 Our contributions

Agent based secured routing in WSN using trusted neighbors uses two agencies: safeguard

agency and routing agency. Safeguard agency identifies trustworthy neighbors and routing

agency establishes secured routes through trustworthy neighbors. Identification of trustwor-

thy neighbors has been discussed in chapter 3.

Our contributions in this work are as follows. (1) Defining routing scheme with the help

of trustworthy neighbors and routing database. (2) Employing agents to traverse through

trustworthy neighbors and establish secured routes to the sink node using various types

of databases maintained with the nodes. (3) Monitor secured routes by adapting route

maintenance mechanism for various link/node failures and security breaches. (4) Simulation

analysis for various parameters and performance comparison with BTRM-WSN and ATSR.

4.3 Secured routing using trusted neighbors

A sensor node willing to transmit the information to the sink node securely is required to do

so by finding the trusted neighbors through which the routes can be set up. It becomes im-

portant to identify the trusted neighbors since the neighbors may be compromised by various

types of attacks. The challenge is to find trustworthy neighbors. The fundamental require-

ment to identify trustworthy neighbors depends upon two components. (1) Trustworthiness

of a channel connecting the neighbors and (2) trustworthiness of a neighbor node itself. We

use trust model that comprises of probability model and MAC model to identify trustworthy

neighbors, through which secured routes are set up. These components are discussed in trust

model.


We use same probability model given in section 3.3.1 in chapter 3 with little modifi-

cation in MAC model to identify trusted neighbor nodes. The modification in MAC model

is in deriving keys k1 and k2 using Random Oracle Extractor instead of k-ERF generator.

The details of MAC model is discussed in this section.

4.3.1 MAC model

The cryptographic systems are designed to perform complicated encryption and hence the

message authentication becomes challenging in spite of various attacks from adversaries.

Many protocols are designed based on the assumption that the hosts posses a secret random

string known as key and it is conveniently taken for granted that the entire key is kept secret

from an adversary. There might be a possibility that an adversary may detect a part or

entire key which is called as key exposure problem and it has significant practical interests.

The primary message is encrypted with a key generated by ROE [72][73] and creating MAC

with the generated key.

The reason for using ROE for the key generation is that it provides highly randomness

in the generated key such that if any part of the key is known to the adversary, it is not

possible to recover the entire key. We introduce the mechanism of MAC generation using

ROE and describe how the scheme is implemented to identify the trusted neighbors in order

to maintain confidentiality, authentication and integrity. The ROE is used to generate

random keys. The model of the random oracle over the function f is given in Equation 4.1.

f : {0, 1}b → {0, 1}k (4.1)

which maps b dimension non-uniform input distribution to k dimension uniform output

distribution. The adversary may be allowed to search at up to t points, and possibly the

input distribution is made to depend on these t searches. This means that an extractor takes

a weakly random b-bit input with a uniform random seed and produces an k-bit output that

looks uniformly random up to t searches. The remaining unsearched (2b − t) values of f

are chosen randomly and they are independent of input space. In this process, unsearched


values are hidden from the adversary.

We use t searches comparatively lesser than 2b such that the large number of values

are hidden from the adversary. ROE algorithm can be realised in all the sensor nodes by

selecting the suitable values of b and t depending upon the application. It requires few lines

of the codes for its implementation.

The process of generating MAC using ROE is shown in Figure 4.1. Since the keys k1

and k2 generated from ROE are highly random within a very large distribution space, it is

almost impossible for an adversary to detect the keys and thus high level of security features

such as authentication, confidentiality and integrity are maintained in ASERT.

Message

+

Message+MAC

k1

+Transmitted message

k2

Random Oracle Extractor

Random Oracle Extractor

Figure 4.1: MAC generation to identify trusted neighbors

The MAC encrypted message is sent to the neighbors that are found to be trustworthy

by probability model. Re-computation of MAC on neighbor nodes ensures the trustworthi-

ness of the wireless channel and the sensor node thereby endorsing the trusted neighbors

identified by the probability model.

4.3.2 Secured route establishment

Secured routes are established through the trustworthy neighbors that are identified by the

trust model. A sensor node willing to establish secured routes to the sink node creates

Request Packets (RQ) and distributes RQ packets to all trustworthy neighbors. Every RQ

packet is modified as Route Reply packet (RR) by the sink node upon reaching the sink

node successfully. The components of RQ and RR packets are as follows.


• Node address: It is the address of the source node willing to establish routes to the

destination or sink node.

• Sink node address: It is the address of the sink node, where the data is to be delivered.

• Visited node address: It is the address of the neighbor node or intermediate node on

the path from source to sink node. Some of the visited nodes may become a part of

the route that is established.

• Hop Distance (HD) in meters: It is the distance between the node and its one hop

neighbor. (The distance between two nodes is obtained using the distance formula

with nodes coordinate values).

• Route Distance (RD) in meters: It is the distance between the source node and a

visited node. It helps in establishing shortest routes to the sink.

• Trusted neighbor flag (T): T=1, if the node is trustworthy, else T=0.

• Forwarding node flag (F): A trustworthy node is on the route if F=1, else F=0.

• Path Information (PI): Sequence of addresses of sensor nodes on the path from source

node to sink node. This field is appended with the address of every visited node.

• Route Establishment Flag (REF): For RQ packet, REF=1 and for RR packet REF=0.

• Sequence number (Seq-no): It is the number assigned for every RQ packet by the

source node.

Secured route establishment in WSN comprises of two phases: Request phase and

Reply phase. In request phase, RQ packets (REF=1) are routed from source node to the

sink node through trusted nodes by appending the address of every visited node in PI field.

In reply phase, shortest secured routes are established from source to sink node.

Every sensor node maintains routing and neighbor related information in its Routing

Data Base (RDB) and the routes are set up using the information in RDB. RDB gets updated

as and when the node processes RQ/RR packets during which RDB prunes the information


related to earlier neighbors and thereby RDB has only the optimum data to be stored. A

typical RDB maintained at a node is shown in Table 4.1 where a1, a2, a3, etc. represent the

sensor node addresses. The memory overhead due to RDB is well within the capability of

available sensor nodes in the market [74]. Simulation analysis given in Figure 4.6 in Section

4.6.4 shows that the average memory overhead at each node is less than 1500 bytes for

ASERT.

Table 4.1: Routing Data Base(RDB)Node address Neighbor node RD F T Pr(TN) Seq-no.

addressa1 a2 102 1 0 0.13 02

a3 210 0 1 0.65 05a4 64 0 1 0.43 13a5 176 0 0 0.05 21a6 198 1 1 0.87 03

The sequence of operations in request phase and reply phase are as follows. (1) Source

node creates RQ packet and sends them to their one hop neighbors. (2) The neighbor node

checks its trustworthiness, i.e., if Pr(TN) ≥ θ, then T is updated as T = 1, else T = 0. (3) If

T = 0, the packet is discarded. (4) If T = 1, go to step 5. (5) Append PI in RQ packet with

node address. (6) RQ packet is retransmitted to its neighbors. (7) If the Seq − no. in RQ

packet is same as the Seq−no. stored in RDB, then the packet is discarded as duplicate. (8)

Repeat steps 2 to 7 for all intermediate nodes. (9) If RQ packet reaches sink node, update

flag REF = 0 and create RR packet. (10) Sink node retransmits RR packet to the node

from where it received RQ packet (i.e., RR packet is sent to the node representing recent

address in PI field). (11) Duplicate RQ packets received later from same source node are

discarded. (12) The node receiving RR packet sets the flag F = 1 in its RDB to indicate

that it is a forwarding node and it is on the path from source to the sink node. The node

computes HD from previous/sink node and updates RD in RR packet to a new value as

RD = RD + HD (with initial value of RD = 0). (13) Repeat step 12 till RR packet reaches

source node.


After receiving the RR packet, the source node will have the complete route information

to the sink node. This route information is in the form of node addresses in PI field. Since

the routing scheme involves route set up only through trustworthy neighbors, secured routes

are ensured. The shortest route is established from source node to sink node since the sink

node creates RR packet for the first RQ packet received from same source node. Subsequent

RQ packets might have travelled through more number of hops as such packets have taken

longer time and they are discarded by the sink node. We use secured routing agency to

establish routes from source node to sink node through trustworthy neighbors.

4.4 Trusted neighbor based routing using agents

Software agents are used to establish secured routes from source node to sink node with the

help of trust model discussed in chapter 3 with MAC model with random oralce extractor

for key generator. Agent based SEcured Routing using Trusted neighbors (ASERT) is imple-

mented using Routing Agency shown in Figure 4.2. It comprises of two agencies: Safeguard

Agency (SA) and Routing Agency (RA) and a Knowledge Base (KB).

SA comprises of agents and a KB. Safeguard Manager Agent (SMA) is a static agent

that triggers mobile agent known as Trusted Neighbor Agent (TNA). SMA and TNA identify

trusted neighbors that are free from various types of attacks. RA comprises of a static agent

known as Route Manager Agent (RMA) and mobile agents known as Route Construction

Agent (RCA) and Route Sustenance Agent (RSA). RMA and RCA construct secured routes

from a source node to a sink node with the help of only trusted neighbors that are identified

by safeguard agency. Once the secured routes are constructed, it is equally important to

sustain the routes for the complete duration of data transfer. RMA and RSA perform the

task of route sustainability against security violations. KB consists of various information

used by the agents to identify trusted neighbors.

Trusted neighbors are identified in every node proactively, i.e., trusted neighbors are

updated regularly so that RA constructs the routes only with trusted neighbors thereby

avoiding possible security violations. Trusted neighbor based routing operates in two phases:


KB

Agency

RMA

Agency

SMA

Safeguard

Routing

RCA

RCA

RSA

RSA

TNA

TNA

Agent dispatches

Agent dispatches

Agent dispatches

Agent Arrives

Agent Arrives

Agent Arrives

Figure 4.2: Secured Routing Agency

(1) Identifying trusted neighbors using SA and (2) constructing secured routes using RA.

Since the code used to define agents very little compared to the benefits of using

agents, deploying agents in ASSERT does not lead to more energy consumption for both

computation and communication.

The functioning of safeguard agency to identify trusted nodes is discussed in chapter 3.

In this chapter, we provide a scheme of establishing secured routes and route maintenance

by RA using RMA, RCA and RSA.

As discussed in chapter 3, the purpose of finding trusted neighbors using the probability

model is that it identifies security violations of the channel and the sensor node thereby it

provides a means of first level security in finding trusted neighbors. The purpose of computing

the MAC and encrypting the message for a given data at both the nodes (sender node and

its neighbor node) and comparing them is to achieve authentication, confidentiality and

integrity. These security features that have been incorporated in ASERT are as follows.


(1) Authentication: Since the secret keys (k1 and k2) are known only to the sender and

its neighbor nodes, if the calculated MAC at sender matches with the MAC computed

at its neighbor, then neighbor is assured that the message is not altered. This is because

an adversary can only alter the message but not the MAC as the keys are not known

to the adversary. Thus, it is not possible for the adversary to alter the message. Thus,

authentication is achieved. (2) Confidentiality: The message concatenated with MAC at

the sender is encrypted using secret key k2 and the encrypted message is carried by TNA.

The neighbor node decrypts the encrypted message brought by TNA with the same key k2.

The result of decryption is to obtain the message concatenated with MAC. At both sender

and its neighbor node, same key k2 is used and as the key k2 remains secret throughout

the transmission, the information leakage is not possible thus providing the confidentiality

of data. (3) Integrity: Since the agent based scheme uses proper sequence numbers to keep

track of transmitted messages and the adversary cannot alter the sequence numbers, the

integrity of the data is achieved.

4.4.1 Secured routing using routing agency

The list of trustworthy neighbors are given to RMA in RA by SMA in SA. Thus, at any

given time, RMA in every node will have the list of trusted neighbors through which secured

routes can be set up. Whenever a node wishes to establish secured routes, the RMA of that

node triggers mobile agents RCA’s and these RCA’s carry RQ packet to all the trusted

neighbors. The functioning of RMA and RCA are as discussed in following section.

Functioning of routing agency

Routing Agency (comprising of RMA, RCA and RSA) is responsible for setting secured

routes in WSN for identified trusted neighbors. The sequence of operations performed by

RMA and RCA are discussed in this section.


• Routing Manager Agent(RMA): It is a static agent that gets activated whenever a

node is willing to set up secured routes to the destination. The functions of RMA

are as follows. (1) Obtain the list of trustworthy neighbors from SMA (this list is

stored by SMA in KB as [TN] as discussed in chapter 3). (2) Creates RCA and clones

number of RCA’s equal to the number of trusted neighbor nodes. (3) Create RQ

packet that are carried by RCA’s to neighbor nodes. (4) RMA of trusted intermediate

node receives RQ packet from RCA and adds its node address to PI field of RQ packet

and retransmits the RQ packet to other trusted neighbor nodes through RCA’s. (5)

RMA of trusted intermediate node discards the RQ packet received from same source

node second time since it is a duplicate packet. (6) RMA of sink node generates RR

packet by setting REF=0 in RQ packet. (7) RMA of sink node discards duplicate

RQ packets that are received after generating RQ packet. (8) RMA of intermediate

node receives RQ packet, sets F = 1 in its KB and retransmits it to the next address

in PI field of RR packet. (9) RMA of source node stores the information in PI field

as a route to the sink node.

• Routing Construction Agent(RCA): The functions of RCA are as follows. (1) Get

RQ packet from source node and carry RQ packet from source node RMA to its

trustworthy neighbor. (2) RCA that visits untrustworthy node kills itself. (3) RCA

carrying duplicate RQ packet kills itself. (4) Carry the RR from sink node to all the

nodes with addresses in PI field of RR packet till it reaches source node.

When an RCA is successfully reached to the source node, source node RMA will have

complete route information in terms of node addresses in the PI field of RR packet. Source

node RMA will use this path to transmit data to the sink node.

Even though ASERT is flooding based, since we deploy agents for identifying trustwor-

thy nodes to set up secured routes in WSN, most of the untrustworthy nodes are avoided by

the autonomous decisions of agents. The traffic related to such nodes has been eliminated

from the total traffic in the network. Thus, the energy conservation is better in ASERT as

compared to other mechanisms.


Route maintenance

Once the routes are set up, route maintenance phase starts. Maintenance of routes is required

to monitor the routes during data transmission.The routes may be broken due to link and/or

node failures or routes may be unavailable because of security violations. Even though,the

RA takes possible care in setting up secured routes, monitoring the routes during data

transfer against security breaches becomes significant. RA initiates route maintenance phase

once the routes are set up. For this purpose, RMA creates a mobile agent RSA which visits

every node on the path from source node to sink.

• Route Sustenance Agent(RSA):The functions of RSA are as follows. (1) Take path

information (PI) from source node RMA to sink node RMA by traversing through the

route established and bring back the status of the route to the source node. (2) Repeat

step 1 periodically. (3) If an intermediate node does not receive subsequent packets(due

to security violations and/or route/node failures), RMA of that node creates RSA and

dispatches with PI. (4) This new RSA takes the list of trusted neighbors from RMA.

(5) RSA visits one of the trusted neighbors (listed in [TN]) and sets up a link to

nearest node on the path from source to the sink node. (6) This link may consists of

some number of hops that makes local recovery of broken links. (7) Local recovery

may also be initiated by the RSA in case of security violations some of the cases such

as the node is taking more time to process the packet, wrong computations of MAC

and probability values, etc. (8) RSA may be dispatched by the source node RMA

to visit all the nodes on the route to the sink node and the RSA performs steps 4 to

7 for any link breaks or for any security violations. (9) The local recovery of broken

links/nodes performed in step 6 is communicated to source node. (10) RSA created

at any node performs local recovery operation and communicates the local patch-up

path information to source node and kills itself after the task. (11) If there are many

link/node failures, RMA of source node re-establishes new route to the sink. Thus,

RMA and RSA ensure the secured data transfer for entire session.


4.5 Simulation model

Agent based trusted neighbor selection scheme is simulated in various network scenarios to

assess the performance and effectiveness of the approach. Event driven simulation is used

in which the execution of various functions takes place at discrete events in a chronological

sequence. Simulation environment for the proposed work consists of four models: (1) Net-

work model, (2) Trust model, (3) Propagation model and (4) Traffic model. The models are

discussed below.

• Network model: A sensor network is generated in an area of l× b square meters. It

consists of N number of nodes that are assumed to be connected to a base station at

the boundary of a network.

• Trust Model: Trust model consists of Pr(TN) computed by agents which is used to

identify first level trusted neighbors based on the threshold θ.

• Propagation model: Free space propagation model is used with propagation constant

β. Transmission range of a node is r for one-hop distance.

• Traffic model: Constant bit rate model is used to transmit fixed size packets, Trpkts

with a transmission power Tx.power. Coverage area around each node has a band-

width, BWsingle−hop, shared among its neighbors.

4.5.1 Simulation procedure

The proposed scheme is simulated using the following simulation inputs. l = 1000 mtrs., b =

1000 mtrs., N =[50 to 500], Pr(TN)= 0 and 1, θ=[0.1-0.3], β=2.5, r = 350 mtrs., Trpkts =

multiples of 1000, BWsingle−hop = 250 Kbps, Tx.power=[2mW-4mW].

Simulation procedure involves following steps.

1. Generate sensor network environment: The nodes are randomly deployed in a fixed area

and the topology changes at regular intervals. Within certain interval, the performance


evaluation is carried out.

2. Agents visit the neighbor node and bring channel and node probability for their trust-

worthiness using probability model.

3. Agents ensure trustworthiness of channel and node using MAC model.

4. Compute performance parameters of the system: Performance parameters are assessed

and plotted with different variables.

The following performance parameters are assessed.

• Packet Delivery Ratio (PDR): PDR is the ratio of the number of packets received at

the sink node to the total number of packets sent by the source. The percentage PDR

is given in Equation 4.2.

PDR =Total number of packets received at sink node

Total number of packets sent by source node× 100 (4.2)

• Packet Delivery Latency (PDL): PDL is defined as the average time taken to establish

the routes and transmit the packets from source node to the sink node. PDL includes

the time required to identify the trustworthy neighbors and establish the routes.

• Route Maintenance Overhead: This overhead is due to the additional number of packets

required to monitor the routes for link/node failures.

• Memory Overhead: It is defined as the average amount of memory (in bytes) required

to store node KB, neighbor node KB and RDB in the sensor node’s memory involved

in routing .

• Energy Consumption: It is the average energy in joules consumed for transmission and

reception of packets for all the nodes in a network to establish secured routes using

trustworthy neighbors.

• Avearge Success Ratio (ASR): It is the average of Success Ratios (SR). SR for single

node in the network is defined as a ratio of number of trustworthy neighbor nodes


identified by agent based scheme to the actual number of trustworthy neighbor nodes.

SR at a node is given by the equation 4.3.

Success Ratio(SR) =Number of trustworthy neighbor nodes identified

Actual number of trustworthy neighbor nodes(4.3)

ASR is defined for certain number of randomly selected nodes in a network as given in

Equation 4.4.

Average Success Ratio(ASR) =

∑Kk SRk

K(4.4)

where K is the number of selected nodes for which trusted neighbors are identified.

• Agent Overhead: It is defined as the additional number of packets required to define the

agency and agent activities that are necessary to implement trusted neighbor selection

in WSN.

4.6 Results

The simulation is carried out on Pentium IV machine using ’C’ language. The analysis of

performance parameters are given in this section.

4.6.1 Analysis of Packet Delivery Ratio (PDR)

The PDR with increasing number of nodes is shown in Figure 4.3 for ASERT, BTRM-

WSN and ATSR with varying transmission power of 4mW and 2mW. PDR is more for

ASERT compared to other schemes because ASERT uses secured routes to transmit the

data packets. These routes are more stable and free from all types of security violations

since RMA and RCA set up routes using trustworthy neighbors. Moreover, ASERT uses

local recovery of failed links/nodes using RMA and RSA thereby reducing the packet drops.


BTRM-WSN uses unstable routes and since there is no proper security check for the routes

once established. Sometimes, ants may also use untrustworthy nodes to finalize the routes.

The pheromone levels become unstable as it dries out exponentially with time. If one wishes

to maintain the route stability using pheromone, it needs to be updated at regular intervals

and BTRM-WSN does not provide such time restrictions on updating the pheromone that

leads to reduced PDR. ATSR has better PDR that BTRM-WSN since the former considers

trust value and distance as deciding factors to set up the secured routes. Since there is a

switching between the trusted forwarding set (FS) and optimal path, wherein some of the

packets may be dropped resulting in lesser PDR than ASERT. For all three cases, PDR for

4mW is more compared to 2mW since higher transmission power leads to less number of

packet drops.

50

55

60

65

70

75

80

85

90

95

100 150 200 250 300 350 400 450 500

PD

R(%

)

Number of nodes

PDR(%) Vs. Number of nodes;

ASERT, Tx. power = 4mW ATSR, Tx. power = 4mW

BTRM−WSN, Tx. power = 4mWASERT, Tx. power = 2mW

ATSR, Tx. power = 2mWBTRM−WSN, Tx. power = 2mW

Figure 4.3: PDR Vs. Number of nodes

4.6.2 Analysis of Packet Delivery Latency(PDL)

Latency for ASERT, BTRM-WSN and ATSR with different values of probability threshold θ

is shown in 4.4. In ASERT, this latency includes time taken to apply trust model to identify

trusted neighbors using safeguard agency and establish secured routes through trustworthy

neighbors using routing agency. The latency increases with increase in number of nodes.


This increase in latency is due to the increased overhead of identifying trustworthy neigh-

bor nodes and establishing secured routes. Since the number of trustworthy neighbor nodes

increases with the increase in total number of nodes, there is increase in latency. Correspond-

ing latency in BTRM-WSN is substantially higher than ASERT because in BTRM-WSN,

multiple iterations are performed to select secured routes as there is no assurance that all

the ants launched by the client will return back in a single iteration to compare and select

the best path. As there are more number of trustworthy neighbors with lower value of θ, the

latency increases for large number of trusted nodes since more time is required to establish

the routes. Latency is higher for BTRM-WSN compared to ASERT for varying values of θ.

ATSR has to perform many computations to calculate the wights for distance and trust val-

ues to each node that requires more time to compute and thus, the delay is more compared

to ASERT and BTRM-WSN.

20

30

40

50

60

100 150 200 250 300 350 400 450 500

La

ten

cy(m

s)

Number of nodes

Latency(ms) Vs. Number of nodes;

ASERT, Theta = 0.2BTRM−WSN, Theta = 0.2

ASERT, Theta = 0.1BTRM−WSN, Theta = 0.1

ATSR, Theta = 0.2ATSR, Theta = 0.1

Figure 4.4: Latency Vs. Number of Nodes

4.6.3 Analysis of route maintenance overhead

Route maintenance overhead versus number of nodes with node transmission power for

ASERT, BTRM-WSN and ATSR is shown in Figure 4.5. Since the proposed ASERT mech-

anism implements local recovery of link/node failures using RMA and RSA, we observe less


overhead compared to BTRM-WSN that re-establishes the entire routes as ants are not ca-

pable of local recovery mechanism. Since ATSR has to establish all the routes afresh under

link/node failures and these routes have to consider both path optimality and trust, the

route maintenance overhead is higher comapared to ASERT and BTRM-WSN.

In all three schemes, we observe that the increase in node transmission power from

2mW to 4mW, the route maintenance overhead decreases since the route breaks are less

frequent for higher transmission power.

200

250

300

350

400

450

500

550

600

650

100 150 200 250 300 350 400 450 500

Ro

ute

ma

inta

ina

nce

ove

rhe

ad

(pa

cke

ts)

Number of nodes

Route maintainance overhead Vs. Number of nodes;

ASERT, Tx. power=2mWBTRM−WSN, Tx. power=2mW

ASERT, Tx. power=4mWBTRM−WSN, Tx. power=4mW

ATSR, Tx. power=4mWATSR, Tx. power=2mW

Figure 4.5: Route Maintainance Overhead Vs. Number of Nodes

4.6.4 Analysis of memory overhead

The average amount of memory required to be stored in all the nodes involved in routing

process is shown in Figure 4.6 for ASERT, BTRM-WSN and ATSR with simulation time.

In ASERT, this overhead is because of the memory required to store various databases

and agents on each trustworthy neighbor node thereby eliminating storage requirement of

untrusted nodes. Whereas, in BTRM-WSN, this overhead is very high because each node

stores m×ns pheromone values in its memory, where m is the number of services and ns are

its neighbors along with sensor identifications. This yields large memory overhead compared

to ASERT. In ATSR, all the nodes have to store trust values and distance values for multiple


paths and thus, the memory overhead is higher comapred to ASERT and BTRM-WSN. We

observe that the memory overhead for lesser number of nodes is less and it increases with

increase in the number of nodes in the network in all three cases. ASERT presents less

memory overhead compared to BTRM-WSN and ATSR because the later uses all the nodes

to establish and maintain the routes whereas ASERT establishes the routes only through

trustworthy nodes.

900

1000

1100

1200

1300

1400

1500

1600

1700

500 1000 1500 2000 2500 3000

Me

mo

ry o

verh

ea

d (

byt

es)

Simulation time

Memory overhead Vs. Simulation time(seconds);

ASERT, Number of nodes=200BTRM−WSN, Number of nodes=200

ATSR, Number of nodes=200ASERT, Number of nodes=400

BTRM−WSN, Number of nodes=400ATSR, Number of nodes=400

Figure 4.6: Memory Overhead Vs. Simulation time(seconds)

4.6.5 Analysis of energy consumption

Energy consumption in joules with increasing number of nodes is given in Figure 4.7 for

ASERT compared to BTRM-WSN and ATSR. We see that the energy consumption is less

for received packets (Rxpkts) than transmitted packets (Txpkts) for all the schemes. Since

the agents in ASERT do not return back if the visited node is found to be compromised (all

such agents die there itself), thereby it reduces the power consumption required to bring

the compromised node information back to the original node. In BTRM-WSN and ATSR,

the failed link/node information is brought back to the source node and hence there is more

energy consumption comapred to ASERT.


0

0.1

0.2

0.3

0.4

0.5

100 150 200 250 300 350 400 450 500

En

erg

y co

nsu

mp

tion

(J)

Number of Nodes

Energy consumption Vs. Number of Nodes

ASERT, RxpktsASERT, Trpkts

BTRM−WSN, RxpktsBTRM−WSN, Trpkts

ATSR, RxpktsATSR, Trpkts

Figure 4.7: Energy consumption Vs. Number of nodes

4.6.6 Analysis of Average Success Ratio (ASR)

10

20

30

40

50

60

70

80

90

100

50 100 150 200 250 300

Ave

rag

e S

ucc

ess

Ra

tio (

%)

Number of Nodes

Average Success Ratio Vs. Number of Nodes

Theta = 0.1Theta = 0.2

Figure 4.8: Average Success Ratio Vs. Number of nodes

ASR is assessed through simulation to find the effectiveness of ASERT with the varying

number of nodes as shown in Figure 4.8. ASR is necessary to identify trustworthy neighbors

using agents through which secured routes can be established. We find that there is an

increase in ASR with increase in the number of nodes for a given threshold. This is due

to the fact that there is a possibility that the number of neighbor nodes for a selected

node increases with increase in the total number of nodes in a network and thus there is a


10

20

30

40

50

60

70

80

90

100

50 100 150 200 250 300

Ave

rag

e S

ucc

ess

Ra

tio (

%)

Number of Nodes

Average Success Ratio Vs. Number of Nodes

K=8K=6

Figure 4.9: Average Success Ratio Vs. Number of nodes

possibility that trusted neighbor nodes identified by agents also increases.

The number of trustworthy neighbors identified with agents increases since the agents

use two stage mechanism to identify such neighbors; first stage being trusted neighbor identi-

fication by agents using probability model and the second stage being the use of MAC model

to ensure the trustworthiness of neighbor nodes. The number of nodes at which agents apply

trust model also increases with increase in number of nodes. We also observe that ASR is

higher for lower probability threshold value (θ) and it is less for higher θ. This illustrates

that agents are effective in capturing the trustworthy neighbors by using trust model and

autonomously taking decisions immediately to identify trusted channel and trusted node.

The behavior of ASR with varying number of nodes for different values of K is shown

in Figure 4.9. As in earlier case, here also ASR increases with increase in the number of

nodes. ASR is more for higher value of K is observed since agents may identify more number

of trustworthy neighbors as K increases. This is because, a neighbor node may be identified

as untrustworthy by one selected node, whereas due to increase in K, the same neighbor

node may proved to be trustworthy by another node. Thus, agents are effective in identifying

trustworthy nodes. For the obvious reasons, ASR increases with the increase in total number

of nodes in a network.


Nodes=200Nodes=100

10

20

30

40

50

60

70

80

90

100

5 6 7 8 9 10

Ave

rag

e S

ucc

ess

Ra

tio (

%)

K

Average Success Ratio Vs. K

Figure 4.10: Average Success Ratio Vs. Number of selected nodes (K)

Figure 4.10 shows the increase in ASR with increasing K and ASR is more for higher

number of nodes. This is because there is a possibility of more number of neighbors for any

given node and among them, the chance of having higher number of trustworthy neighbors is

more. BTRM-WSN does not consider trustworthy neighbors and the final route is selected

out of multiple routes established by ants using pheromone. It does not consider trusted

neighbor selection to establish secured routes and since ASERT defines ASR for trusted

neighbors, we have not compared ASR with BTRM-WSN. Since ATSR also does not use

agents, we have not compared it for computation of ASR.

4.6.7 Analysis of agent overhead

The additional number of control packets necessary to implement ASERT with number of

nodes is shown in Figure 4.11. We see that agent overhead increases with increase in the

number of nodes in the scenario since additional number of agents are required to identify

trusted neighbors by SA and the agents are required to establish secured routes by RA. It

is necessary to tolerate this overhead as ASERT is designed to provide secured and stable

routes using agents.


50

100

150

200

250

300

350

50 100 150 200 250 300

Nu

mb

er

of

Co

ntr

ol P

ack

ets

(b

yte

s)

Number of Nodes

Number of Control Packets(agents)Vs. Number of Nodes;

Agent Overhead

Figure 4.11: Agent Overhead

4.6.8 Benefits of using agents

Proposed ASERT offers flexibility, scalability, efficiency, adaptability, maintainability and

encapsulation of a protocol. We explain below how they are achieved by using the proposed

scheme. Flexibility: Agents are flexible to implement trusted node identification and thereby

establishing secured routes in WSN. For example, TNA’s generated by SMA clone themselves

to visit neighbor nodes and identify trustworthiness of visited nodes and RMA, RCA estab-

lish secured routes. The flexibility of route maintenance by RSA becomes significant since

autonomously it can initiate local route patch-up under link/node failures. Scalability: The

scheme may scale to larger networks since agents function in a distributed fashion thereby

it provides similar security level that of smaller network. Efficiency: Network efficiency is

improved since TNA and SMA agents take autonomous decisions in order to identify trust-

worthy neighbors. RMA, RCA and RSA enhance route establishment and route monitoring

efficiency. Adaptability: SMA, RMA, TNA, RCA and RSA adapt themselves to dynamic

behavior of the network nodes and correctly eliminate untrustworthy neighbor nodes to

establish and monitor secured routes for the duration of data transfer. Maintainability:

The components of new agents may be inherited in the components of old agents and thus

network maintainability improves with varying conditions. Encapsulation of a protocol: A

mobile agent can be coded to perform aggregated tasks such as identification of trustworthy


neighbor nodes and setting up of secured routes. Thus, TNA, RCA and RSA encapsulate

the protocols that are customized based on functionality.

4.7 Summary

In this chapter, we proposed a novel idea of secured routing in WSN using trustworthy

neighbors with the help of agents through safeguard and routing agency. Safeguard agency

identifies all the trustworthy neighbors nodes as discussed in chapter 3. Routing agency

establishes routes through the trustworthy neighbors identified by safeguard agency. Sim-

ulation analysis of ASERT shows that there is an improvement in terms of packet delivery

ratio, packet delivery latency, route maintenance overhead, memory overhead and energy

consumption compared to BTRM-WSN that uses ant colony based secured route establish-

ment in WSN and ATSR that uses trust combined with location information for routing.

In the next chapter, we provide an integrated scheme of identifying fault-free and

trustworthy nodes and establishing secured routes through such nodes.

Documents

Chapter 4 Trusted neighbors based Secured Routing Scheme ...shodhganga.inflibnet.ac.in/bitstream/10603/49296/10/10_chapter 4.pdflength using computer simulations under several conditions