International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No.

6 ISSN: 1837-7823

Securing Wireless Sensor Networks using Concealed Data Aggregation, Secret Sharing and Randomized Dispersive Routes
G.Ravi 1,M.Mohamed Surputheen2, Dr.R.Srinivasan 3 Research Scholar, Dr. M.G.R Educational and Research Institute University, Chennai - 600 095, India. Research Scholar, Dr. M.G.R Educational and Research Institute University, Chennai - 600 095, India. Dean Research and PG Studies, RNS Institute of Technology, Bangalore 560 061 India
1 3 2 1

ravi_govindaraman@yahoo.com, 2 msurfudeen@gmail.com, 3 rsv38@yahoo.co.in Abstract

Due to the unmanned nature of Wireless Sensor Networks, security becomes a key criterion when it comes to networks dealing with confidential data. Compromised node, Denial of Service (DoS) [2] attacks and BlackHoles/Sink-Holes [4] are the three key types of attacks in Sensor Networks. Classic routing algorithms use deterministic multipath routing schemes, where a predefined path exits between any two nodes. Once if the adversary acquires the routing algorithm it is possible to compute the route, making all information sent over these routes vulnerable to its attacks. Our approach involves the use of a dispersive randomized routing combined with secret sharing scheme that circumvents the black-holes formed due to these attacks. Since energy efficiency is of paramount importance in a Wireless Sensor Network, we employ a data aggregation scheme that reduces that need to transfer huge amounts of data to the base stations. Also we apply Privacy Homomorphism based encryption scheme to secure the data during the aggregation process. Simulations show that our approach is much more effective in terms of security and energy efficiency compared to their deterministic counterparts. Keywords: Wireless Sensor Network, Randomized Routing, Concealed Data Aggregation, Secret Sharing, Dispersive Routes

1. Introduction 1.1 Wireless Sensor Networks (WSN)

A Wireless Sensor Network consists of spatially distributed autonomous sensors to monitor physical or environmental conditions, such as temperature, sound, vibration, pressure, motion or pollutants and to cooperatively pass their data through the network to a main location. The more modern networks are bidirectional, also enabling control of sensor activity. The development of wireless sensor networks was motivated by military applications such as battlefield surveillance; today such networks are used in many industrial and consumer applications, such as industrial process monitoring and control, machine health monitoring, and so on. Energy is the scarcest resource of WSN nodes, and it determines the lifetime of WSNs. WSNs are meant to be deployed in large numbers in various environments, including remote and hostile regions, where ad-hoc communications are a key component.

International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823

For this reason, algorithms and protocols need to address the following issues: 1. 2. 3. Lifetime maximization Robustness and fault tolerance Self-configuration

1.2 Motivations
Of the various possible security threats encountered by a WSN, we are interested in Compromised Node (CN), Denial of Service (DoS) and Black-holes or Sink-holes attacks. Compromised Node: Compromised Node can lead to eavesdropping or leakage of legitimate information or manipulation of legitimate information to mislead the base stations. Denial of service: Denial of Service [2] is actually the unintentional failure of a system due to which it becomes unable to provide service to its users. DoS attack tries to exhaust the network resources by sending huge amount unnecessary data to the system due to which it becomes unable to provide service to its legitimate users. There are two variants of this attack: DoS and Distributed DoS (DDoS).

Black-hole/Sink-hole Attack [4]: In this attack, a malicious node acts as a black-hole to attract all the traffic in the sensor network. Then it says to the target nodes that it contains the high quality or shortest path to the base station. Once the malicious device has been able to insert itself between the communicating nodes (for example, sink and sensor node), it is able to do anything with the packets passing between them. These two attacks are similar in the sense that they both generate black holes: areas within which the adversary can either passively intercept or actively block information delivery. Due to the unattended nature of WSNs, adversaries can easily produce such black holes. Severe CN and DOS attacks can disrupt normal data delivery between sensor nodes and the sink, or even partition the topology. A conventional cryptography-based security method cannot alone provide satisfactory solutions to these problems. This is because, by definition, once a node is compromised, the adversary can always acquire the encryption/decryption keys of that node, and thus can intercept any information passed through it. Likewise, an adversary can always perform DOS attacks even if it does not have any knowledge of the underlying cryptosystem.

2. Problem Definition
The classic multipath routing approaches that are being used are vulnerable to attacks, mainly due to their deterministic nature. When using deterministic Routing, the attacker if gains access to a compromised node, can compromise the entire network because he can compute the routes based on obtained routing algorithm.

2.1 Randomized Dispersive Routing

To solve this, a mechanism that generates randomized multipath routes was formulated [1]. Under this scheme, the routes taken by the packets change over time. So even if the routing algorithm becomes known to the adversary, the adversary still cannot pinpoint the routes traversed by each packet. Besides randomness, the generated routes are also highly dispersive and energy efficient, making them quite capable of circumventing black holes.

International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823

Figure 1: Implication of route dispersiveness on bypassing the black hole [1]. (a) Routes of higher dispersiveness. (b) Routes of lower dispersiveness.

2.2 Secret Sharing

Here the packet is broken into M shares (i.e., components of a packet that carry partial information) using a (T, M) threshold secret sharing mechanism such as the Shamirs algorithm [6]. The original information can be recovered from a combination of at least T shares, but no information can be guessed from less than T shares. This approach of secret sharing cannot be effective for both Compromised nodes and DoS attacks because, if (T, M) secret sharing allows us to evade Compromised nodes i.e., only when the attacker has T shares he can get the information, the same applies to sink where T shares are required to rebuild the information. But it is enough for the attacker to block (M-T+1) shares which will be small, resulting in a DoS attack, where we cannot rebuild the information. Secret sharing increases the amount of data that must be transferred from a node to the sink. This in turn affects energy efficiency, bandwidth and also processing capacity of the network. Also no data aggregation technique is used in this approach and every node transmits its data to the sink. Therefore the amount of data transferred is huge and there could be redundant data or even noise in the data that reaches the sink which affects the decision making process. Data Aggregation[7] or Fusion results in reduced amount of data to be sent over the network, resulting in energy efficiency and filtration of noise along with better understanding of the data to aid the decision making process. Data Fusion or aggregation helps to Reduce volume of transferred data Reduce battery consumption and extending networks lifetime Better understanding of ongoing process in the environment in order to take optimal decision improving the responsiveness of the WSN

2.3 Concealed Data Aggregation

Data is not encrypted in this approach [1] because it is assumed that Dispersive routing and secret sharing alone is sufficient to secure the information. This could not be applied to sensor networks where the information bits are extremely confidential and valuable. In the method proposed by Dirk et al [2], a method for Concealed Data Aggregation (CDA) has been demonstrated. This method conceals sensed data end-to-end, still providing efficient

International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823

and flexible in-network data aggregation. A particular class of encryption transformations has been applied and techniques for computing the aggregation functions average and movement detection has been discussed. The routing approach used here [2] is susceptible to attack. Though the data is encrypted, Denial of Service is possible and also they could not avoid Sink-Holes or Black-Holes, which will attract traffic and thus compromise the quality of sensed data and also its availability.

3. Our Approach
We follow a three stage process towards secure data sharing. 1. 2.
3.

Concealed Data Aggregation using Privacy Homomorphism based encryption at each node. Secret Sharing to share the information based on the (T, M) approach at the aggregator nodes. Routing the secret shares based on Non-Repetitive Random Propagation (NRRP) algorithm to the sink or base station circumventing black-holes.

3.1 Concealed Data Aggregation

End to end data aggregation provided by the CDA approach helps in securing data by encrypting it based on Privacy Homomorphism (PH) approach. PH encryption is a form of encryption where a specific algebraic operation performed on the plaintext is equivalent to another (possibly different) algebraic operation performed on the cipher text. Privacy Homomorphism allows for end-to-end encryption between the sensors and the sink node and simultaneously enables aggregators to apply aggregation functions directly over cipher texts. This has the advantage of eliminating the need for intermediate aggregators to carry out decryption and encryption operations as well as storing sensitive data (Keys).

Figure 2: Aggregation- No of Packets Transmitted and Actual No of Packets

Usually a single network wide key is used for encryption. Under such circumstances, the use of a single key for the whole network is probably the only possibility to guarantee a high routing flexibility. Here, the corruption of one node means that the attacker can subsequently eavesdrop on all the network traffic. In the work at hand, we use a keying model that we call topology-aware group keying [2]. This keying model still enables the use of end-to-end encryption with CDA and, at the same time, ensures that the corruption of a single node only affects a limited part of the WSN. Even the corruption of multiple nodes from the same region will most probably only has a limited effect. Compromise of multiple nodes in such cases results in a black-hole which could be circumvented using NRRP scheme

International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823

Figure 3: Aggregation: No of Packets and Time Taken

3.2 Secret Sharing Approach

Secret sharing refers to method for distributing a secret amongst a group of participants, each of whom is allocated a share of the secret. The secret can be reconstructed only when a sufficient number of shares are combined together; individual shares are of no use on their own. More formally, in a secret sharing scheme involves one dealer and n players. The dealer gives a secret to the players, but only when specific conditions are fulfilled. The dealer accomplishes this by giving each player a share in such a way that any group of t (for threshold) or more players can together reconstruct the secret but no group of fewer than t players can. Such a system is called a (t, n)-threshold scheme (sometimes it is written as an (n, t)-threshold scheme).

Figure 4: Secret Sharing- No of Nodes Compromised and No of Shares

International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823

When a sensor node wants to send a packet to the sink, it first breaks the packet into M shares, according to a (T, M) -threshold secret sharing algorithm. Each share is then transmitted to some randomly selected neighbour. That neighbour will continue to relay the share it has received to other randomly selected neighbours, and so on. In each share, there is a TTL field, whose initial value is set by the source node to control the total number of random relays. After each relay, the TTL field is reduced by 1. When the TTL value reaches 0, the last node to receive this share begins to route it toward the sink using min-hop routing. Once the sink collects at least T shares, it can reconstruct the original packet. No information can be recovered from less than T shares.

3.3 Dispersive Randomized Routing

We explore the potential of random dispersion for information delivery in WSNs. We use NRRP [1] NonRepetitive Random Propagation scheme, which records all traversed nodes to avoid traversing them again in the future. NRRP adds a node-in-route (NIR) field to the header of each share. Initially, this field is empty. Starting from the source node, whenever a node propagates the share to the next hop, the id of the upstream node is appended to the NIR field. Nodes included in NIR are excluded from the random pick at the next hop. This Non-repetitive propagation guarantees that the share will be relayed to a different node in each step of random propagation, leading to better propagation efficiency.

Experimental Results
A wireless sensor network is simulated and traffic is configured using the NS2 (Network Simulator 2). Analysis of the network shows that the current system shows an increased immunity towards attacks, further reducing the load on the network. Data from the nodes are directly passed to the aggregator nodes, which combines the presented data to a single data and then divides it into several packets, hence the actual data that passes through the network before and after aggregation remains the same, but with increased tolerance towards attacks. The comparison depicted in Figure 2 shows the difference between normal approaches and our approach. Further packet transmission takes lesser time and hence energy efficient (Figure 3) when compared to normal approaches since lesser number of packets are transmitted in the network. Figure 4 represents the effectiveness of the secret sharing approach employed in our approach. Lesser number of packets and low transmission time means a highly energy efficient transmission.

4. Conclusion
By using the Concealed Data Aggregation, Secret Sharing and Dispersive Randomized Routing methods the packet interception probability can be easily reduced by the proposed algorithms. Also in our approach we have reduced the energy consumption by using data aggregation that reduces the amount of packets transferred from the nodes to the sink. Though the secret sharing mechanism increases the amount of data transferred from the aggregator node to sink, by optimizing the M value of (T, M) approach to be equal to the number of nodes from which data is aggregated we can overcome this overhead. Thus our approach remains secure and at the same time energy efficient compared to the classic deterministic routing approaches.

5. References
[1] Tao Shu, Marwan Krunz, and Sisi Liu, (2010) Secure Data Collection in Wireless Sensor Networks Using Randomized Dispersive Routes, IEEE transactions on mobile computing, vol. 9, no. 7. [2] Dirk Westhoff, Joao Girao, and Mithun Acharya, (2006), Concealed Data Aggregation for Reverse Multicast Traffic in Sensor Networks: Encryption, Key Distribution, and Routing Adaptation, IEEE transactions on mobile computing, vol. 5, no. 10.

International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823

[3] A.D. Wood and J.A. Stankovic, (2002), Denial of Service in Sensor Networks, Computer, vol. 35, no. 10, pp. 54-62. [4] I.F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, (200),A Survey on Sensor Networks, IEEE Comm. Magazine, vol. 40, no. 8, pp. 102-114. [5] Rka Limbek, Pter Sziklai, Privacy homomorphisms. [6] D.R. Stinson, (200), Cryptography, Theory and Practice, CRC Press. [7] Eduardo F. Nakamura, Antonio A. F. Loureiro And Alejandro C. Frery, Information Fusion for Wireless Sensor Networks: Methods, Models, and Classifications.

10