INTERNATIONAL CONFERENCE ON DEVELOPMENTS IN ENGINEERING RESEARCH, ICDER - 2014
SECURE DATA DISSEMINATION BASED ON MERKLE HASH TREE FOR WIRELESS SENSOR NETWORKS Udatha Hariprasad 1, K Riyazuddin 2 M.Tech Student 1, Asst. Professor2 Department Of Electronics & Communication Engineering Annamacharya Institute Of Technology And Sciences, Rajampet udathahariprasad@gmail.com1, riyazoo2002@yahoo.co.in2
Abstract— Wireless
sensor communities (WSNs) are generally widely applicable in supervising and command of natural environment parameters. It might possibly be necessary to disseminate facts through instant links once they are deployed in order to adjust setup parameters associated with sensors or maybe distribute management commands and also queries to sensors. Several approaches are proposed just lately for facts discovery and also dissemination inside WSNs. Nevertheless, they all consentrate on how to be sure reliability and also usually forget about security vulnerabilities. This document identifies the actual security vulnerabilities inside data breakthrough and dissemination when used in WSNs. This sort of vulnerabilities allow an attacker to revise a circle with unwelcome values, erase critical specifics, or launch denial-of-service (DoS) episodes. To deal with these vulnerabilities, this document presents the design, implementation, and evaluation of your secure, lightweight, and DoS-resistant facts discovery and also dissemination standard protocol named Se-Drip for WSNs.. Keywords— Network Security, Mobile, Wireless Networks.
I. INTRODUCTION Inside multi-hop Instant sensor sites (WSNs) happen to be attracting great curiosity about many applications linked to monitoring in addition to control associated with environmental as well as physical circumstances, such as industry monitoring and military operations. After a WSN will be deployed inside field, it can be necessary in order to update the particular installed applications or stashed parameters inside sensor nodes. This is achieved simply by dissemination services which ensure new applications or parameter values for being propagated during the entire WSN making sure that all nodes use a consistent duplicate. Normally, a brand new program is on the order associated with kilobytes though a parameter is simply few bytes extended. Due to such a vast imbalance between their sizes, the look considerations in their dissemination protocols will vary.
addition to configuration details. Recently, several files discovery in addition to dissemination protocols happen to be proposed. And this includes, Drip, DIP in addition to DHV are renowned and included in Tiny OS distributions. However, to the best of our knowledge, just about all existing files discovery in addition to dissemination protocols only target reliable files transmission, but provide no security procedure. Certainly, this is really a critical issue which should be addressed. In any other case, adversaries might, for example, distribute viral or phony data in order to cripple a new WSN deployed inside battlefield. In this kind of proposed system we initial investigate the particular security difficulties in files discovery in addition to dissemination process of WSNs and explain that the possible lack of authentication on the disseminated files introduces a new vulnerability for the update associated with arbitrary files in WSNs. We then create a secure, light and portable, and Denial-of-Assistance (DoS)-resistant files discovery in addition to dissemination protocol named Se-Drip for WSNs, that is a secure extension of Spill. To gain DoS-attack resilience and permit immediate verification of just about any received packets, Se-Drip is based on a signed Merkle hash sapling. This way the bottom station of your WSN must sign only the root of this kind of tree. Furthermore, Se-Drip can easily tolerate the particular compromise associated with some sensor nodes. For boosting the stability and effectiveness, some extra mechanisms such as message unique puzzle tactic are incorporated in the design associated with SeDrip. Most of us also implement the recommended protocol inside networks associated with MicaZ in addition to TelosB motes, respectively. Experimental benefits demonstrate their high efficiency in practice. To the best of our knowledge, that is also the 1st implemented secure data breakthrough and dissemination protocol for WSNs.
II. PREVIOUS WORK Among these protocols, Deluge is included in the Tiny OS distributions. However, since the design of Deluge did not take security into consideration, there have been several extensions to Deluge to provide security protection for code Code dissemination (also known as data dissemination dissemination. Among them, Seluge enjoys both strong as well as reprogramming) protocols are created to correctly security and high efficiency. However, all these code distribute extended messages in to a network, empowering dissemination protocols are based on the centralized approach complete system reprogramming. On the other hand, data which assumes the existence of a base station and only the base breakthrough and dissemination protocols are used to deliver station has the authority to reprogram sensor nodes. As shown short emails, such as several two-byte configuration parameters, in Figure below, when the base station wants to disseminate a in just a WSN. Common makes use of this type of protocols new code image, it broadcasts the signed code image and each incorporate injecting little programs, commands, queries, in sensor node only accepts code images signed by it.
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT 82
www.iaetsd.in
INTERNATIONAL CONFERENCE ON DEVELOPMENTS IN ENGINEERING RESEARCH, ICDER - 2014 Unfortunately, there are WSNs having no base station at all. Examples of such networks include a military WSN in a battlefield to monitor enemy activity (e.g., troop movements), a WSN deployed along an international border to monitor weapons smuggling or human trafficking, and a WSN situated in a remote area of a national park monitoring illegal activities (e.g., firearm discharge, illicit crop cultivation). Having a base station in these WSNs introduces a single point of failure and a very attractive attack target. Obviously, the centralized approach is not applicable to such WSNs. Trust Model The network owner delegates his/her code dissemination privilege to the network users who are willing to register. We assume the special modules (e.g., authentication module for each new program image proposed in this paper, the user access log module) reside in the boot loader section of the program flash on each sensor node which cannot be overwritten by anyone except the network owner. To achieve this goal, some existing approaches can be employed such as hardware-based approaches (e.g., security chips) and software based approaches (e.g., program code analysis). Threat Model We assume that an adversary can launch both outsider and insider attacks. In outsider attacks, the adversary does not control any valid nodes in the WSN. The adversary may eavesdrop, copy or replay the transmitted messages in the WSN. He/she may also inject false messages or forge nonexisting links in the network by launching a wormhole attack.With insider attacks, the adversary can compromise some users (or sensor nodes) and then inject forged code dissemination packets, or exploit specific weakness of the secure protocol architecture.[1] Experience with wireless sensor network deployments across application domains has shown that sensor node tasks typically change over time, for instance, to vary sensed parameters, node duty cycles, or support debugging. Such reprogramming is accomplished through wireless communication using reprogrammable devices. The goal of network reprogramming is to not only reprogram individual sensors but to also ensure that all network sensors agree on the task to be performed. Network reprogramming is typically implemented on top of data dissemination protocols. For reprogramming, the data can be configuration parameters, code capsules, or binary images. We will refer to this data as a code item. A node must detect if there is a different code item in the network, identify if it is newer, and update its code with minimal reprogramming cost, in terms of convergence speed and energy.
containing the same information as it has. When a difference is detected, the node resets the period to the lowest preset interval. Trickle scales well with the number of nodes and has successfully reduced the number of messages in the network. Bit-level identification: Previous CCMPs have transmitted the complete version number for a code item. We observe that it may not always be necessary to do so. We treat the version number as a bit array, with the versions of all the code items representing a two dimensional bit array. DHV uses bit slicing to quickly zero in on the out of date code segment, resulting in fewer bits transmitted in the network. Statelessness: Keeping state in the network, particularly with mobility, is not scalable. DHV messages do not contain any state and usually small in size. Preference of a large message over multiple small messages: To reduce energy consumption, it is better to transmit as much information possible in a single maximum length message rather than transmit multiple small messages. Sensor nodes turn off the radio when they are idle to conserve energy. Radio start-up and turn-off times (300 microseconds) are much longer than the time used to transmit one byte (30 microseconds). A long packet may affect the collision rate and packet loss. However, that effect only becomes noticeable under bursty data traffic conditions. [3] This idea seems quite attractive at first. However, it has several shortcomings. This work points to these shortcomings and proposes methods to overcome them. Our description is based mostly on TESLA, although the improvements apply to the other schemes as well. We sketch some of these points: 1. In TESLA the receiver has to buffer packets, until the sender discloses the corresponding key, and until the receiver authenticates the packets. This may delay delivering the information to the application, may cause storage problems, and also generates vulnerability to denial-of-service (DoS) attacks on the receiver (by flooding it with bogus packets). We propose a method that allows receivers to authenticate most packets immediately upon arrival, thus reducing the need for buffering at the receiver side and in particular reduces the susceptibility to this type of DoS attacks. This improvement comes at the price of one extra hash per packet, plus some buffering at the sender side. We believe that buffering at the sender side is often more reasonable and acceptable than buffering at the receiver side. In particular, it is not susceptible to this type of DoS attacks. We also propose other methods to alleviate this type of DoS attacks. These methods work even when the receiver buffers packets as in TESLA.
Early attempts tried to adapt epidemic algorithms to disseminate code updates during specific reprogramming periods. But there is no way for new nodes to discover past updates. If a node is not updated during the reprogramming period, it will never get updated. To discover if a node needs an update, a natural approach is to query or advertise its information periodically.
2. When operating in an environment with heterogenous network delay times for different receivers, TESLA authenticates each packet using multiple keys, where the different keys have different disclosure delay times. This results in larger overhead, both in processing time and in bandwidth. We propose a method for achieving the same functionality (i.e., different receivers can authenticate the packets at different delays) with a more moderate increase in the overhead per packet.
The network as a whole may transmit an excessive and unnecessary number of query and advertisement messages. To address this problem, Levis et al developed the Trickle protocol to allow nodes to suppress unnecessary transmissions. In Trickle, a node periodically broadcasts its versions but politely keeps quiet and increases the period if it hears several messages
3. In TESLA the sender needs to perform authenticated time synchronization individually with each receiver. This may not scale well, especially in cases where many receivers wish to join the multicast group and synchronize with the sender at the same time. This is so, since each synchronization involves a costly public-key operation. We propose a method that uses
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT 83
www.iaetsd.in
INTERNATIONAL CONFERENCE ON DEVELOPMENTS IN ENGINEERING RESEARCH, ICDER - 2014 only a single public-key operation per time-unit, regardless of the number of time synchronizations performed during this time unit. This reduces the cost of synchronizing with a receiver to practically the cost of setting up a simple, unauthenticated connection. We also explore time synchronization issues in greater depth and describe direct and indirect time synchronization. For the former method, the receiver synchronizes its time directly with the sender, in the latter method both the sender and receiver synchronize their time with a time synchronization server. For both cases, we give a detailed analysis on how to choose the key disclosure delay, a crucial parameter for TESLA. TESLA assumes that all members have joined the group and have synchronized with the sender before any transmission starts. In reality, receivers may wish to join after the transmission has started; furthermore, receivers may wish to receive the transmission immediately, and perform the time synchronization only later. We propose methods that enable both functionalities. That is, our methods allow a receiver to join in “on the fly” to an ongoing session; they also allow receivers to synchronize at a later time and authenticate packets only then. [4]
disseminated in each round, so the time required to complete one round of dissemination should be very short. As a result, each sensor node would not experience any ambiguity in determining which round number is the latest even if there is a wrap around in a round number. B. Packet Pre-processing Phase After system initialization, if the base station wants to disseminate n data items: di = {round, keyi, versioni, datai}, i = 1, 2, . . ., n, it uses the Merkle hash tree method to construct the packets of the respective data as follows. Merkle hash tree is a tree of hashes, where the leaves in the tree are hashes of the authentic packets Pi, i = 1, 2, . . ., n. Here the hash function is calculated over packet header and data item di(= {round, keyi, versioni, datai}). Nodes further up in the tree are the hashes of their respective children. More exactly, the base station computes ei = H(Pi)(i = 1, 2, 3, 4), and builds a binary tree by computing internal nodes from adjacent children nodes. Each internal node of the tree is the hash value of the two children nodes. Subsequently, the base station constructs n packets based on this Merkle hash tree. For packet Pi, it consists of the packet header, the data item di and the values in its authentication path (i.e., the siblings of the nodes in the path from Pi to the root) in the Merkle hash tree.
III. PROPOSED SYSTEM A. Initialization Compared with the traditional approaches, elliptic curve cryptography (ECC) is a better approach to public-key cryptography in terms of key size, computational efficiency, and communication efficiency. However, while ECC is feasible on resource-limited sensor motes, heavily involving ECCbased authentication is still not practical. SeDrip combines ECC public key algorithm and Merkle hash tree to avoid frequent public key operations and achieve strong robustness against various malicious attacks. Also, SeDrip inherits robustness to packet loss from underlying Trickle algorithm, because Trickle uses periodic retransmissions to ensure eventual delivery of the message to every node in the network.
C. Packet Verification Phase Upon receiving a packet (from any one-hop neighboring node or the base station), each sensor node, say Si, first checks the key field of the packet: If this is a signature packet P0, node Si runs the following operations: If this is a new round (i.e., the round included in this packet is newer than that of its stored < round, root >), node Si uses the public key PK of the base station to run an ECDSA verify operation to authenticate the received signature packet. If this verification passes, node Si accepts the root of the Merkle hash tree and then updates its stored < round, root > by the corresponding values in packet P0; otherwise, node Si simply drops the signature packet P0. If node Si has recently heard an identical signature packet (i.e., the round included in this packet is same as that of its stored < round, root >), it increases the broadcast interval of this packet through the Trickle algorithm, thereby limiting energy costs when a network is consistent.
SeDrip consists of three phases: system initialization, packet pre-processing, and packet verification. The system initialization phase is carried out before network deployment. In this phase, the base station creates its public and private keys, If this is an old round (i.e., the round included in this packet and loads the public parameters on each sensor node. Then, is older than that of its stored < round, root >. That is, the before disseminating data, the base station executes the packet signature packet distributed by its one-hop neighboring node is preprocessing phase in which packets and their corresponding old), node Si broadcasts its stored signature packet. Merkle hash tree are constructed from data items. Finally, in the packet verification phase, a node verifies each received IV. RESULTS packet. If the result is positive, it updates the data according to the received packet. The concept of this paper is implemented and different In SeDrip, we extend the 3-tuple (key, version, data) of Drip results are shown below, the proposed paper is implemented in into a 4-tuple (round, key, version, data) to represent a data NS 2.34 on a Linux Fedora 10. The propose paper’s concepts item, where round refers to which round of data dissemination shows efficient results and has been efficiently tested on this data item belongs to (the higher the round, the newer the different Datasets. The below figures shows the real time data dissemination), and the other three elements bear the same results compared. meaning as existing protocols. Same as the Drip implementation, key and version are 2 bytes and 4 bytes long, respectively. For the round field, it can be just as short as 4 bits because we can allow a wrap around in the number space to take place. This is possible based on two characteristics of the dissemination process. First, the configuration of a WSN is not expected to change frequently and hence the dissemination rate would be low. Second, only a small amount of data is
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT 84
www.iaetsd.in
INTERNATIONAL CONFERENCE ON DEVELOPMENTS IN ENGINEERING RESEARCH, ICDER - 2014 Fig. 1 Packet Delivery Fraction Vs Pause Time
Fig. 6 Routing Overhead Vs Pause Time
V. CONCLUSION
Fig. 2 Packet Delivery Fraction Vs Pause Time
In this paper, we have now identified the particular security vulnerabilities throughout data breakthrough and dissemination of WSNs. We and then developed a lightweight method named Se-Drip to allow efficient authentication on the disseminated information items by enjoying efficient Merkle woods algorithm. Se-Drip was designed to work from the computation, ram and electricity limits of inexpensive sensor motes. In addition to analyzing the particular security of SeDrip, this paper has reported the particular evaluation link between Se-Drip in the experimental multilevel of resource limited sensor nodes, which demonstrate that Se-Drip can be efficient as well as feasible used. REFERENCES [1] D. He, C. Chen, S. Chan, and J. Bu, “DiCode: DoS-resistant and distributed code dissemination in wireless sensor networks,” IEEE Trans. Wireless Commun., vol. 11, no. 5, pp. 1946–1956, May 2012.
Fig. 3 Average End to End Delay Vs Pause Time
[2] K. Lin and P. Levis, “Data discovery and dissemination with DIP,” in Proc. 2008 ACM/IEEE IPSN, pp. 433–444. [3] T. Dang, N. Bulusu, W. Feng, and S. Park, “DHV: a code consistency maintenance protocol for multi-hop wireless sensor networks,” in Proc. 2009 EWSN, pp. 327–342. [4] A. Perrig, R. Canetti, D. Song, and J. Tygar, “Effcient and secure source authentication for multicast,” in Proc. 2001 NDSS, pp. 35–46.
Fig. 4 Average End to End Delay Vs Pause Time
[5] P. Levis, N. Patel, D. Culler, and S. Shenker, “Trickle: a self-regulating algorithm for code maintenance and propagation in wireless sensor networks,” in Proc. 2004 NSDI, pp. 15–28. [6] S. Hyun, P. Ning, A. Liu, and W. Du, “Seluge: secure and DoSresistant code dissemination in wireless sensor networks,” in Proc. 2008 ACM/IEEE IPSN, pp. 445–456. [7] A. Liu and P. Ning, “TinyECC: a configurable library for elliptic curve cryptography in wireless sensor networks,” in Proc. 2008 ACM/IEEE IPSN, pp. 245–256.
Fig. 5 Routing Overhead Vs Pause Time
[8] J. Lee, K. Kapitanova, and S. Son, “The price of security in wireless sensor networks,” Comput. Netw., vol. 54, no. 17, pp. 2967–2978, Dec. 2010..
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT 85
www.iaetsd.in