International Journal of VLSI and Signal Processing Applications, Vol.

1, Issue 1 (48- 61),ISSN 2231-3133

A SURVEY ON THE STATE OF THE ART OF SECURE AND OPTIMAL ROUTING ISSUES IN WIRELESS SENSOR NETWORKS
Jagbir Dhillon, Prasad K.P, Krishan Kumar jagbirdhillon@yahoo.co.in Abstract
A large number of researchers are involved in making Wireless sensor network (WSN) more secure, robust and highly functional. Our target is to analyze current security challenges and highlight symmetry key management to achieve security goals in WSN. This paper gives an overview of the current state of the solutions on key issues such as secure routing, prevention of denial of key management services. We also present few secure methods to achieve security in WSN. WSN introduces security problems, threats, risks and other type of attacks like internal and external attacks. This technology has a lot of potential in the areas of military, health, environmental monitoring etc. The first challenges of security in sensor network lie in the conflicting interest between minimizing resource consumption and maximizing security. Secondly the capabilities and constraints of sensor node hardware will influence the type of security mechanisms that can be hosted on a sensor node platform. Attacks on a WSN can target at any node. Damages can include leaking secret information, interfering messages and impersonating nodes Keywords : Sensor Nodes, WSN, Routing easy deployment of the sensor nodes make it possible to deploy them in a large number in an area to be investigated. Interestingly, unlike other networks in which performance diminishes with increase in size, WSN performs better with increased number of nodes. In addition, without any increase in complexity additional nodes can be added. In a mesh network there can be innumerable communication paths to reach destination using node to node hoping. Owing to all these considerable advantages, application domain of WSNs varies from environmental monitoring, to health care applications, military operation, to transportation, to security applications, to weather forecasting, to real time tracking. The functional architecture of sensor nodes consists of four units which are sensor, CPU, radio and power. Among these four units, three units are responsible for accomplishing a task while power unit supplies energy to the overall operation. The function of sensing unit is to measure physical conditions of the environment like temperature, humidity and pressure, the processing unit is mainly responsible for processing the data (signals) while communication unit transmit data from the sensor unit to the user through the base station (BS). These tiny sensor nodes are scattered throughout the investigation area to acquire information from the environment, process it and then transfers it to the base station. WSNs have a resource constrained nature with respect to energy, computational capabilities and memory resources. Unfortunately despite these constrained resources we have the same expectation from the WSNs as that from the traditional computer networks.

I. Introduction
Wireless communication endowed with numerous advantages over traditional wired network and enables to develop small, low-cost, low power and multi-functional sensing devices. These small sensing devices have the capabilities of sensing, computation, self organizing and communication known as sensors. These sensors can be grouped together using mesh networking protocols to form a network communicating wirelessly using radio frequency channel. The collection of these homogenous or heterogeneous sensor nodes called wireless sensor network (WSN). The ability of low cost, small size and

II . Wireless Sensor Network

The basic units of WSN are nodes (sometimes called motes). These nodes are equipped with communication unit, mostly the radio transceiver, processing unit, battery and sensors. Every sensor node has capabilities of sensing,

48

International Journal of VLSI and Signal Processing Applications, Vol. 1, Issue 1 (48- 61),ISSN 2231-3133 processing and communicating data to the required destination Due to the size and expected costs of the nodes, they are constrained in processing power and energy. The number of nodes deployed in WSN can vary from tens to tens of thousands depending on the particular application [38]. The base stations have more resources and capabilities than the nodes. They act as gateways between the sensor network and other networks like Internet apart from coordinating the nodes. In most common application scheme, the nodes collect measured data and send them to the base stations, which forward them to the consumer. the environment, collect data and convert it to fundamental data (current or voltage etc) before sending it for further processing. It converts the analogue data (sensed data from an environment) to digital data and then sends it to the microcontroller for further processing. There are different categories of sensors which are available and can be used depending on the nature of the intended operation. A typical wireless sensor node is a micro-electronic node with less than 0.5 Ah and 1.2 V power source. Sensors size and their energy consumptions are the key factors to be considered in selection of sensors.[3] B. Memory Unit This unit of sensor node is used to store both the data and program code. In order to store data packets from neighbouring (other) nodes flash memory or Electrically Erasable Programmable Read Only Memory (EEPRM) is normally used. And to store the program code, Read Only Memory (ROM) is used. C. Power Unit For computation and data transmission, the corresponding units in sensor node need power (energy). A node consist a power unit responsible to deliver power to all its units. The basic power consumption at node is due to computation and transmission where transmission is the most expensive activity at sensor node in terms of power consumption. Mostly, sensor nodes are battery operated but it can also scavenge energy from the environment through solar cells. D. Processing Unit Sensor node has a microcontroller which consist a processing unit, memory, converters (analogue to digital, ATD) timer and Universal Asynchronous Receive and Transmit (UART) interfaces to do the processing tasks. This unit is responsible for data acquisition, processing incoming and outgoing information, implementing and adjusting routing information considering the performance conditions of the transmission.[6] Communication Unit Sensor nodes use radio frequencies and this task is managed by radio units in sensor nodes that use electromagnetic spectrum to convey the information to their destinations. Usually each

FIG. 1 Sensor Network [38] A. Sensing Unit Sensors play an important role in sensor networks by creating a connection between physical world and computation world. Sensor is a hardware device used to measure the change in physical condition of an area of interest and produce response to that change. Sensors sense

International Journal of VLSI and Signal Processing Applications, Vol. 1, Issue 1 (48- 61),ISSN 2231-3133 sensor node transfers the data to other node or sinks directly or via multi hop routing. for WSN communication support unicast (oneto-one), multicast (one-to-many) and reversemulticast (many-to-one) in the following ways.[1] i) Node-to-Node In a multihop communication data needs to be passed by intermediate nodes in order to reach to destination. Node to node communications is used to pass data from one node to other till the destination. Generally, this type of communication is not required in WSN communication. ii) Node-to-Base Station When sensors node wants to send responses back to base station, this communication pattern is used. This is a reverse-multi path communication which means that more than one node can communicate to base station directly or indirectly. This communication pattern can also be unicast if there are multiple base stations or there is a special node (group leader), who is responsible to gather sensed information and transmit it to base station. iii) Base Station-to-Node This type of communication is required when base station wants to request data from nodes. Typically, the mode for communication is multicast (one-to-many) which means any sensor node having the requested date can respond to the base station. This pattern of communication can also be multicast or unicast if the identification of nodes is unique by their IDs or locations etc.[8] The challenges in the hierarchy of WSN:Detecting the relevant quantities, monitoring and collecting the data, assessing and evaluating the information, formulating meaningful user displays, and performing decision-making and alarm functions are enormous. The information needed by smart environments is provided by Distributed Wireless Sensor Networks, which are responsible for sensing as well as for the first stages of the processing hierarchy. The importance of sensor networks is highlighted by the number of recent funding initiatives, including the DARPA program, military programs, and NSF Program Announcements. The figure shows the complexity of wireless sensor networks, which generally consist of a

Base Station (Sink) The sink (some time cluster head) is an interface between the external (management center) world and computational world (sensor network). It is normally a resourceful node having computational capabilities and energy supply. There can be single or multiple base stations in a network. Practically, the use of multiple base stations decreases network delay and performs better using robust data gathering. Base station in a network can also be stationary or dynamic. The dynamic base stations can influence the routing protocols greatly because of its changing position which will be not clear to all the nodes in a network. Beside mobility of base stations there are other characteristics of base stations like coverage, presence and number of nodes poses routing challenges for routing protocols. The base station is connected with some actuator which triggers the alarm for human intervention in case of an event of interest.[6] Communication Model Although sensor nodes are identical devices but their characteristics varies with the network structures. Sensor deployment, coverage, transmission power, computation, reporting, addressing and communication pattern greatly affects the routing protocol operation both at nodes and at base stations. Routing protocol used

International Journal of VLSI and Signal Processing Applications, Vol. 1, Issue 1 (48- 61),ISSN 2231-3133 data acquisition network and a data distribution network, monitored and controlled by a management center. The plethora of available technologies makes even the selection of components difficult, let alone the design of a consistent, reliable, robust overall system.[2] The study of wireless sensor networks is challenging in that it requires an enormous breadth of knowledge from an enormous variety of disciplines. we outline communication networks, wireless sensor networks and smart sensors, physical transduction principles, commercially available wireless sensor systems, self-organization, signal processing and decisionmaking, and finally some concepts for home automation. Hardware characteristics Sensor nodes are small, low-cost and battery supplied devices. Therefore the concept of WSNs is quite challenging. There are two main constraints, the low processing power of the nodes and the capacity of their batteries. The former constraint directly determines the algorithms we can use. For example, we cannot use asymmetric cryptography or maintain large routing tables. Since the priority in the development is to minimize cost, size and power consumption, there is only a small chance of a significant improvement of computational power and memory in the near future. The later constraint influences the properties of used algorithms indirectly. Capacity of the batteries is essential for the nodes lifetime. Often it is impossible or not intended to be possible to change batteries. Therefore the lifetime and usability of the network depends on their capacity and on the consumption of the nodes. Initial research into wireless sensor networks was mainly motivated by military applications, with DARPA continuing to fund a number of prominent research projects (e.g., Smart Dust, NEST) that are commonly regarded as the cradle of sensor-network research. [3] Need for Security in WSN WSNs are becoming increasingly popular for military and industry use. Because of this we cannot accept security through obscurity thus we need concrete protection against intruders.

III. Security issues in WSN

Several factors make WSN susceptible to security threats. Those factors include i) use of wireless medium ii) limited processing power, memory and power resources and iii) physical exposure of the nodes to the natural adversaries and the ad-hock infrastructure. We studied several possible threats to WSN and we use adaptive holistic approach to investigate the use of cryptography to provide level of security against the identified attacks. Security Issues and Goals:A. Data Confidentiality Confidentiality means keeping information secret from unauthorized parties. A sensor network should not leak sensor readings to neighboring networks. In many applications (e.g. key distribution) nodes communicate highly sensitive data. The standard approach for keeping sensitive data secret is to encrypt the data with a secret key that only intended receivers possess, hence achieving confidentiality. Since public-key cryptography is too expensive to be used in the resource constrained sensor networks, most of the proposed protocols use symmetric key encryption methods. The creators of TinySec argue that cipher block chaining (CBC) is the most appropriate encryption scheme for sensor networks. They found RC5 and Skipjack to be most appropriate for software implementation on embedded microcontrollers. The default block cipher in TinySec is Skipjack. SPINS uses RC6 as its cipher.[9,11,14,19,28,29,35] B. Data Authenticity In a sensor network, an adversary can easily inject messages, so the receiver needs to make sure that the data used in any decision-making process originates from the correct source. Data authentication prevents unauthorized parties from participating in the network and legitimate nodes should be able to detect messages from unauthorized nodes and reject them. In the two-party communication case, data authentication can be achieved through a purely symmetric mechanism: The sender and the receiver share a secret key to compute a message authentication code (MAC) of all communicated data. When a message with a correct MAC arrives, the receiver knows that it must have been

International Journal of VLSI and Signal Processing Applications, Vol. 1, Issue 1 (48- 61),ISSN 2231-3133 sent by the sender. However, authentication for broadcast messages requires stronger trust assumptions on the network nodes. C. Data Integrity Data integrity ensures the receiver that the received data is not altered in transit by an adversary. Note that Data Authentication can provide Data Integrity also. D. Data Freshness might send malicious routing information to other nodes.

Denial of service (DOS) refers to an adversary attempt to disrupt, subvert, destroy or diminish a network capacity to perform its expected functions. Hardware failure, software bugs, resource exhaustion, environmental conditions or any complicated interaction between these factors can cause a DOS [50].

IV. Security mechanisms

Data freshness implies that the data is recent, and it ensures that an adversary has not replayed old messages. A common defense (used by SNEP is to include a monotonically increasing counter with every message and reject messages with old counter values. The authors have identified two types of freshness: weak freshness, which provides partial message ordering, but carries no delay information, and strong freshness, which provides a total order on a request-response pair, and allows for delay estimation. Weak freshness is required by sensor measurements, while strong freshness is useful for time synchronization within the network.[38] E. Robustness and Survivability The sensor network should be robust against various security attacks, and if an attack succeeds, its impact should be minimized. The compromise of a single node should not break the security of the entire network. 3 Challenges The first challenge is the trade off between resource consumption and security. A damaged node can lead to leaking of secret information, message interference, and replication of data. Potential attacks in WSN also include replayed routing information, Selective forwarding, sink hole attacks, Sybil attacks, warm hole attacks and hello flood attacks etc.[38,39,47]. The external attacks include injecting routing information and distorting routing information, replaying old routing information. These attackers can successfully partition a network which causes retransmission and ineffective routing. By using cryptographic schemes such as encryption and digital signature can defend against the external attackers.[34,35]. The internal attacks occur due to compromised nodes which can also generate valid signature and Security mechanisms require the use of some kind of cryptographic keys that need to be shared between the communicating parties. The elements of key management are given as [49] Initialize system users within a domain Generate distribute and install keying material. Control the use of keying material. Update, and destroy keying material. Store, backup and recover keying material. Neighbored discovery End to end path key establishment

V. Some other attacks in WSN

A. Outsider attacks The majority of outsider attacks against sensor network routing protocols can be prevented by simple link layer encryption and authentication using a globally shared key. The Sybil attack is no longer relevant because nodes are unwilling to accept even a single identity of the adversary. The majority of selective forwarding and sinkhole attacks are not possible because the adversary is prevented from joining the topology. Link layer acknowledgements can now be authenticated. Major classes of attacks not countered by link layer encryption and authentication mechanisms are wormhole attacks and HELLO flood attacks. [4,14,16,27] B. The Sybil attack An insider cannot be prevented from participating in the network, but she should only be able to do so using the identities of the nodes

International Journal of VLSI and Signal Processing Applications, Vol. 1, Issue 1 (48- 61),ISSN 2231-3133 she has compromised. Using a globally shared key allows an insider to masquerade as any (possibly even nonexistent) node. Identities must be verified. In the traditional setting, this might be done using public key cryptography, but generating and verifying digital signatures is beyond the capabilities of sensor nodes. One solution is to have every node share a unique symmetric key with a trusted base station. Two nodes can then use a Needham-Schroeder like protocol to verify each others identity and establish a shared key. A pair of neighboring nodes can use the resulting key to implement an authenticated, encrypted link between them. when a node is compromised, it is restricted to (meaningfully) communicating only with its verified neighbors.[32,33] C. HELLO flood attacks (BIDIRECTIONAL VERIFICATION) Many protocols require nodes to broadcast HELLO packets to announce themselves to their neighbors, and a node receiving such a packet may assume that it is within (normal) radio range of the sender. Willing to receive REQ messages from this set of neighbor nodes, then REQ messages from an adversary transmitted with larger power will be ignored. Thus, the damage from a HELLO flood attack can be restricted within a small range. To defend against attack, each request (REQ) message forwarded by a node is encrypted with a key. As we have shown from the tree protocol that any two sensor nodes share some common secrets, the new encryption key is generated on-the-fly (i.e. during communication). In this way, any nodes reachable neighbors can decrypt and verify the REQ message while the attacker will not know the key and will be prevented from launching the attack. We show that the new key combined with the echo-back mechanism can well protect this attack. D. Wormhole and sinkhole attacks We consider a sensor network that consists of a base station (BS) and a collection of geographically distributed sensor nodes, each denoted by a unique identifier IDv. The sensor nodes continuously collect and send the sensed application data to the base station by forwarding packets hop-by-hop. As mentioned earlier, this commonly used many-to-one. Communication pattern is vulnerable to sinkhole attacks. In a sinkhole attack, an intruder usually attracts network traffic by advertising itself as having the shortest path to the base station. For example, as shown in Figure A, an intruder using a wirelessenabled laptop will have much higher computation and communication power than a normal sensor node, and it could have a highquality single-hop link to the base station (BS). It can then advertise imitated routing messages about the high quality route, thus spoofing the surrounding nodes to create a sinkhole (SH). A sinkhole can also be performed using a wormhole which creates a metaphorical sinkhole with the intruder being at the center. We assume the sensor nodes are either good or malicious.[30] The center of a sinkhole attack is a malicious node compromised by the intruder. Note that, even if there is only one compromised node providing a high quality route to the base station, it can affect many surrounding sensors. Furthermore, this intruder may also cooperate with some other malicious nodes in the network to interfere detection algorithms. In an extreme case, all the malicious nodes are colluding with the intruder. They may collaboratively cheat the base station by claiming a good node as the intruder and thus hide the real one. Wormhole and sinkhole attacks are very difficult to defend against, especially when the two are used in combination.[31,41]

Fig 3. Two examples of sinkhole attack in WSN.[31] (a) Using artificial high quality route (b) Using a Wormhole

International Journal of VLSI and Signal Processing Applications, Vol. 1, Issue 1 (48- 61),ISSN 2231-3133 Wormholes are hard to detect because they use a private, out-of-band channel invisible to the underlying sensor network. Sinkholes are difficult to defend against in protocols that use advertised information such as remaining energy or an estimate of end-to-end reliability to construct a routing topology because this information is hard to verify. A technique for detecting wormhole attacks is presented but it requires extremely tight time synchronization and is thus infeasible for most sensor networks.[15] E. Selective forwarding Even in protocols completely resistant to sinkholes, wormholes, and the Sybil attack, a compromised node has a significant probability of including itself on a data flow to launch a selective forwarding attack if it is strategically located near the source or a base station. Multipath routing can be used to counter these types of selective forwarding attacks. Messages routed over paths whose nodes are completely disjoint are completely protected against selective forwarding attacks involving at most Compromised nodes and still offer some probabilistic protection when over n nodes are compromised. F. Authenticated broadcast and flooding Since base stations are trustworthy, adversaries must not be able to spoof broadcast or flooded messages from any base station. This requires some level of asymmetry: since every node in the network can potentially be compromised, no node should be able to spoof messages from a base station, yet every node should be able to verify them. Authenticated broadcast is also useful for localized node interactions. Many protocols require nodes to broadcast HELLO messages to their neighbors. These messages should be authenticated and impossible to spoof. Proposals for authenticated broadcast intended for use in a more conventional setting either use digital signatures and/or have packet overhead that well exceed the length of typical sensor network packet. TESLA is a protocol for efficient, authenticated broadcast and flooding that uses only symmetric key cryptography and requires minimal packet overhead. TESLA achieves the asymmetry necessary for authenticated broadcast and flooding by using delayed key disclosure and one-way key chains constructed with a publicly computable cryptographically secure hash function. But key management is an unsolved problem in WSN.[25] There are many new routing protocol proposed for ad-hoc networks some of them can be used in WSN. Among those routing the Ad-hoc on demand distance vector (AODV) protocol and the Dynamic source routing (DSR) protocol have recorded very good performance. Unfortunately security issues arise with these protocols because security features are not built in.[24]

VI. Secure routing in WSN

There are many new routing protocols proposed for ad hoc networks and some of them can be used in WSN. Among those routing protocols, the Ad hoc Ondemand Distance Vector (AODV) protocol and the Dynamic Source Routing (DSR) protocol have recorded very good performance . Unfortunately security issues arise with these protocols, because security features are not designed built-in. We can further formulate the secure WSN routing problem as follows: Denote A,B as principals, such as communicating nodes; and KAB and KBA denote the secret MAC keys shared between A and B (one key for each direction of communication). MAC KAB(M) denotes the computation of the message authentication code (MAC) of message M with the MAC key KAB. We need to solve the following problems for secure WSN routing protocols: (1) An authentication mechanism with low computation and communication overhead is needed to prevent an attacker from performing a Denial-of-Service (DoS) attack by flooding nodes with malicious messages, overwhelming them with the cost of verifying authentication. For instance, for point-to-point authentication of a message, we may use a message authentication code (MAC) and a shared key between the two parties . Secure Route Discovery. Assume that the initiator. (2).Route Discovery for target B, and that they share the secret keys KAB and KBA, respectively, for message authentication in each direction. Route Discovery mechanism should enable the target to verify the authenticity of the Route Requestor; It also needs to authenticate data in route request messages and route reply messages through the using of KAB and KBA. Malicious nodes may be avoided during Route Discovery. (3) Route

International Journal of VLSI and Signal Processing Applications, Vol. 1, Issue 1 (48- 61),ISSN 2231-3133 Maintenance. A node forwarding a packet to the next hop along the source route returns a route error message to the original sender of the packet if it is unable to deliver the packet to the next hop after a limited number of retransmission attempts. It is a big issue to secure those route error messages and prevent unauthorized nodes from sending those messages.[9,11,29] A. Defending from Routing Misbehavior We need a means of determining whether intermediate nodes are in fact forwarding packets that they have been requested to forward. For example, watchdog and path rater to solve this problem by identifying the attacking node and avoiding them in the routes used. B. Defending from Flooding attack An active attacker can attempt to degrade the performance of DSR or other on-demand routing protocols by repeatedly . An attacker sends packets, which the routing protocol floods throughout the network. To protect the routing protocols from a flood of Route Request packets, we need a mechanism that enables nodes to instantly authenticate. Routing techniques in wireless sensor networks are influenced by two factors. First, it has to deal with hardware and resource constraints. The routing algorithm has to be energy aware, thus minimize the control information flows and communication. Routing table maintenance is limited by memory capacity. Second, the nature of sensor network applications defines traffic patterns, which are different from the traditional ones. C. SNEP A. Negotiation based protocols Confidentiality, Authentication, Integrity, and Freshness. SNEP uses encryption to achieve confidentiality and message authentication code (MAC) to achieve two-party authentication and data integrity. Even if it sees multiple encryptions of the same plaintext. The basic technique to achieve this is randomization:Before encrypting the message with a chaining encryption function (i.e. DESCBC), the sender precedes the message with a random bit string (also called the Initialization Vector). The communicating parties share the counter and increment it after each block. SNEP offers the following properties: Semantic security: Since the counter value is incremented after each These protocols, called the SPIN (Sensor Protocols for Information via Negotiation) protocols aim at disseminating information among all the sensor nodes by using information descriptors for negotiation prior to transmission of the data. These information descriptors are called meta-data and are used to eliminate the transmission of redundant data in the network.[39] ADV When a SPIN node has some new data, it sends an ADV message to its neighbors containing meta-data(data descriptor) message, the same message is encrypted differently each time. The counter value is long enough that it never repeats within the lifetime of the node. correctly, a receiver can be assured that the message originated from the claimed sender. D. Replay protection The counter value in the MAC prevents replaying old messages. Note that if the counter were not present in the MAC, an adversary could easily replay messages. Since a receiving node is assured that the MAC key is known only by the base station, the receiving node is assured that no adversary could have altered the packet in transit. The node stores the packet in a buffer. At the time of key disclosure, the base station broadcasts the verification key to all receivers. When a node receives the disclosed key, it can easily verify the correctness of the key (which we explain below). If the key is correct, the node can now use it to authenticate the packet stored in its buffer.[13]

VII. Routing protocols

Conventional routing protocols have several limitations when being used in sensor networks due to the energy constrained nature of these networks. These protocols essentially follow the flooding technique in which a node stores the data item it receives and then sends copies of the data item to all its neighbors. There are two main deficiencies to this approach.If a node is a common neighbor to nodes holding the same data item, then it will get multiple copies of the same data item. Therefore, the protocol wastes resources sending the data item and receiving it.

International Journal of VLSI and Signal Processing Applications, Vol. 1, Issue 1 (48- 61),ISSN 2231-3133

When a SPIN node wished to receive some data, it sends an REQ message
REQ DATA These are actual data messages with a meta-data header. The following protocols make up the SPIN family of protocols. SPIN-PP This protocol has been designed to perform optimally for point-to-point communication. In this sort of communication, two nodes can have exclusive communication with each other without any interference from the other nodes. In such a network, the cost of communication for one node to communicate with n nodes is n times more expensive than communicating with one node. This protocol is a simple 3-way handshake protocol in which energy is not considered to be a constraint. SPIN-EC In this protocol, the sensor nodes communicate using the same 3-way handshake protocol as in SPIN-PP but there is a energyconservation heuristic added to it. A node will participate actively in the protocol only if it is above a certain energy threshold and believes it can complete all the other stages of the protocol. If a node receives an advertisement , it will not send out an REQ message if it does not have enough energy to transmit an REQ message and receive the corresponding DATA message. SPIN-BC This protocol was designed for broadcast networks in which the nodes use a single shared channel to communicate. When a node sends out a message, it is received by all the other nodes within a certain range of the sender. In this protocol, a node which has received an ADV message does not immediately respond with an REQ message. It has to wait for a certain time before sending out the REQ message. When a node other than the advertising node receives the REQ message, it cancels its own request so that there are no redundant requests for the same message. When the advertising node receives an REQ message, it sends the data message only once because it is a broadcast network even though it might have got multiple requests for the same message.[40] SPIN-RL This protocol makes two changes to the above SPIN-BC protocol. Each node keeps track of all the advertisements it hears and the nodes it hears them from. If it does not receive

any requested data within a certain period of time, it sends out the request again. Next, the nodes have a limit on the frequency with which they resend the data messages. After sending out a data message, a node will wait for a certain.[46] B. Directed Diffusion This is another data dissemination protocol in which the data generated by the nodes is named by attribute value pairs. This is a destinationinitiated reactive routing technique in which routes are established when requested. A sensing task or interest is propagated throughout the network for named data by a node and data which matches this interest is then sent towards this node. One important feature of the data diffusion paradigm is that the propagation of data and its aggregation at intermediate nodes on the way to the request originating node are determined by the messages which are exchanged between neighboring nodes within some distance (localized interactions).[42,51] C. Energy Aware Routing In this scheme, Rahul Shah et al.[22] proposed using sub-optimal paths occasionally to increase the lifetime of the network substantially. This protocol is also a destination initiated reactive protocol like Directed Diffusion with the difference being that instead of maintaining one optimal path, a set of good paths are maintained and chosen by means of a probability which depends on how low the energy consumption of each path is. Thus any single path does not get its energy depleted because different paths are chosen at different times. This ensures the graceful degradation of the network in lowenergy networks because energy is burnt more equally in all nodes.[28]This protocol has three phases:Set up :The connection is initiated through localized flooding which is done to discover all the routes between the source and the destination and their costs thus building up the routing tables. The high-cost paths are discarded and the others are added to the forwarding table in which the neighboring nodes are chosen inversely proportional to their cost. Data Communication: Data is sent from source to the destination using one of neighbors in the forwarding table with probability of the node being chosen being the the the the

International Journal of VLSI and Signal Processing Applications, Vol. 1, Issue 1 (48- 61),ISSN 2231-3133 same as the probability of its being chosen in the forwarding table. In this way, the intermediate nodes forward the packet to a probabilistically chosen neighbor and this is continued till the packet reaches the destination node. Route maintenance: Localized flooding is performed from the destination to the source now and then to keep the paths alive.[8] D. Rumor Routing This routing protocol looks at routing queries to the nodes which have observed a particular event. It looks at creating paths leading to each event so that a query which is generated can be routed randomly till it finds the event path instead of flooding it across the network. The rumor routing algorithm uses a set of long-lived agents which create paths that are directed towards the events they encounter. Whenever an agent crosses path with a path leading to an event that it has not encountered, it adapts its behavior thus creating a path state which leads to both the events. When the agents come across shorter paths, they optimize the paths in the network by updating the routing tables to reflect the more efficient path. Each node maintains a list of its neighbors and an events table. When it encounters an event it adds it to its events table and might generate an agent in a probabilistic fashion. E. Multipath Routing The resilience of a protocol is measured by the likelihood that an alternate path is available between a source and a sink when the optimal path fails. The solution proposed by Deepak Ganesan et al.[13] looks at increasing the resilience of a sensor network while ,keeping the maintenance overhead required for doing this, low. Maintenance overhead is the energy required to maintain the alternate paths by sending periodic messages. They propose a multipath scheme in which the paths are only partially disjointed.[2,5,20] should also allocate bandwidth fairly to the infrastructure of all nodes in the network.[43] In sensor networks, the primary objective is to sample the residing environment for information and send it to a higher processing infrastructure (base station) after processing it.

IX. A Clean-Slate Approach

Parno et al. [PLGP06] have decided to design a completely novel routing protocol with security and efficiency as the main goals. Their protocol trade on the combination of prevention, detection/recovery and resiliency. Furthermore, it provides node-to-node routing scheme. Unlike the majority of algorithms for sensor networks, this one exploits public key cryptography. There is a single trusted authority NA and each node is preloaded with its public key PNA and is able to verify the signature. Authors argue, that verification of signature can be very efficient and performed even by a node. Each node has also unique ID and a certificate (ID)SNA signed by the trusted authority.[44] Countermeasure: Link-layer encryption and authentication, multipath routing, identity verification, bidirectional link verification, and authenticated broadcast can protect sensor network against outsiders, bogus routing information, Sybil attacks, HELLO floods, and acknowledgement spoofing, and it is feasible to augment existing protocols with these mechanisms. Sinkhole attacks and wormholes pose significant challenges to secure routing protocol design, and it is unlikely there exists effective countermeasures against these attacks that can be applied after the design of a protocol has completed. It is crucial to design routing protocols in which these attacks are meaningless or ineffective. Geographic routing protocols are one class of protocols that holds promise.

X. Conclusion
In this review, we adapted the framework to scrutinize different secure routing protocols for wireless sensor networks. It was observed that all suffered from different attacks and it is difficult to claim that one performed better than other. Hence, it is worthwhile to consider a few things before choosing one. WSNs are applicationspecific in nature. The above finding reinforces the same idea. When choosing a secure routing protocol, it is more on the requirements of the

VIII. Media Access Control in Sensor Networks

Media Access Control in sensor networks is very different than in the traditional networks because of its constraints on computational ability, storage and energy resources. Therefore media access control should be energy efficient and

International Journal of VLSI and Signal Processing Applications, Vol. 1, Issue 1 (48- 61),ISSN 2231-3133 application and the environment in which it will be deployed that need to be taken into account. One protocol can suit you better than the other simply because your requirements are different. secure routing is vital to the acceptance and use of sensor networks for many applications, but we have demonstrated that currently proposed routing protocols for these networks are insecure. We leave it as an open problem to design a sensor network routing protocol that satisfies our proposed security goals. Link layer encryption and authentication mechanisms may be a reasonable first approximation for defense against mote-class outsiders, but cryptography is not enough to defend against laptop-class adversaries and insiders, careful protocol design is needed as well or there should be modification in secure routing protocol. There are some key management schemes that can be used for securing WSN, even these schemes are proposed for Ad-hoc networks and extending these schemes in WSN to achieve security goals but We will design Optimal routing algorithm by doing some modification in routing protocol to keep security in mind. networks, Selected Areas in Communications, IEEE Journal on, Volume: 28 Issue:7, 23 August 2010. 5. Starobinski, D.; Xiao, W.; Department of Electrical and Computer Engineering, Boston University, Boston, Asymptotically Optimal Data Dissemination in Multichannel Wireless Sensor Networks: Single Radios Suffice, Networking, IEEE/ACM Transactions on, Volume: 18 Issue:3, 14 June 2010 6. Distributed target tracking using signal strength measurements by a wireless sensor network, Selected Areas in Communications, IEEE Journal on, Volume: 28 Issue:7, 23 August 2010 7. Distributed target tracking using signal strength measurements by a wireless sensor network, Selected Areas in Communications, IEEE Journal, Volume: 28 Issue:7, Volume: 28 Issue:7 8. Ozdemir, S.; Cam, H.; Computer Engineering Department, Gazi University, Ankara, TURKEY , Integration of False Data Detection With Data Aggregation and Confidential Transmission in Wireless Sensor Networks, Networking, IEEE/ACM Transactions on, Volume: 18 Issue:3, 14 June 2010. 9. Luo, J.; Hubaux, J.-P.; School of Computer Engineering, Nanyang Technological University, Singapore, Joint Sink Mobility and Routing to Maximize the Lifetime of Wireless Sensor Networks: The Case of Constrained Mobility, Networking, IEEE/ACM Transactions on, Volume: 18 Issue:3, Date of Current Version: 14 June 2010 10. Yingpei Zeng; Jiannong Cao; Shigeng Zhang; Shanqing Guo; Li Xie; State Key Lab. for Novel Software Technol., Nanjing Univ., Nanjing, China, Random-walk based approach to detect clone attacks in wireless sensor networks, Selected Areas in Communications, IEEE Journal on, Volume: 28 Issue:5, 27 May 2010 11. Okorafor, U.N.; Kundur, D.; Texas Instrum., Inc., Dallas, TX, USA , Security-aware routing and localization for a directional mission critical network, Selected Areas in Communications, IEEE Journal , Volume: 28 Issue:5, 27 May 2010. 12. Yun, Z.; Bai, X.; Xuan, D.; Lai, T. H.; Jia, W.; Department of Mathematics, Suzhou University, Suzhou, PRC , Optimal Deployment Patterns for Full Coverage and -Connectivity Wireless Sensor Networks, Networking, IEEE/ACM Transactions on, Volume: 18 Issue:3, 14 June 2010

References
1. Misra, S.; Rohith Mohan, S.V.; Choudhuri, R.; A probabilistic approach to minimize the conjunctive costs of node replacement and performance loss in the management of wireless sensor networks, Network and Service Management, IEEE Transactions on, Vol. 7 Issue:2, 24 May 2010. 2. Kalis, A.; Kanatas, A.G.; Efthymoglou, G.P, A co-operative beamforming solution for eliminating multi-hop communications in wireless sensor networks, Selected Areas in Communications, IEEE Journal on, Volume 28 Issue:7, 23. August 2010 3. Ramachandran, K.; Sikdar, B.; Dept. of Electr., Comput., & Syst. Eng., Rensselaer Polytech. Inst., Troy, NY, USA , A population based approach to model the lifetime and energy distribution in battery constrained wireless sensor networks, Selected Areas in Communications, IEEE Journal on, Volume: 28 Issue:4, 22 April 2010. 4. Papadimitratos, P.; Jun Luo; Hubaux, J.-P.; School of Computer and Communication Sciences, EPFL (Swiss Federal Institute of Technology in Lausanne), CH-1015, Lausanne, Switzerland , A randomized countermeasure against parasitic adversaries in wireless sensor

International Journal of VLSI and Signal Processing Applications, Vol. 1, Issue 1 (48- 61),ISSN 2231-3133 13. DIMPLE JUNEJA , SANDHYA BANSAL, GURPREET KAUR, NEHA ARORA, Design and Implementation of EAR Algorithm for Detecting Routing Attacks in WSN, International Journal of Engineering Science and Technology, Vol. 2(6), 2010, 1677-1683. 14. Kalpana Sharma1, M.K. Ghose1, DeepakKumar1,Raja PeeyushKumarSingh1, Vikas Kumar Pandey11CSE, Sikkim Manipal Institute of Technology, A Comparative Study of Various Security Approaches Used in Wireless Sensor Networks, International Journal of Advanced Science and Technology, Vol. 17, April, 2010. 15. Yan Wu; Fahmy, S.; Shroff, N.B.; Dept. of Comput. Sci., Purdue Univ., West Lafayette, IN, USA ,Optimal Sleep/Wake Scheduling for Time-Synchronized Sensor Networks With QoS Guarantees, Networking, IEEE/ACM Transactions on, Volume: 17 Issue:5, 13 October 2009. 16. Abdelraouf Ouadjaout_, Yacine Challal, Noureddine Lasla, Miloud Bagaa_ _University of Science and Technology Houari Boumediene, LSI labAlgiers, Algeria, SEIF: Secure and Efficient Intrusion-Fault tolerant routing protocol for wireless sensor networks, "IEEE International Conference on Availability, Reliability and Security Spain, hal-00390450, version 1 - 2 Jun 2009. 17. A. Ali1, N. Fisal Faculty of Electrical Engineering,University Technology Malaysia, 81310 Johor Bahru, Johor Darul Tazim, Malaysia, Security Enhancement for Real-time Routing Protocol in Wireless Sensor Networks, Authorized licensed use limited to: Guangdong Univ of Tech. Downloaded on January 11, 200 18. Saleem, K.; Fisal, N.; Fac. of Electr. Eng., Univ. Teknol. Malaysia, Skudai , Bio-inspired self-organized secure autonomous routing protocol for WSN, RF and Microwave Conference, 2008. RFM 2008. IEEE, 28 April 2009 19.Wu Bo; Li La-yuan; Sch. of Comput. Sci. & Technol., Wuhan Univ. of Technol., Wuhan, China , Secure Routing Algorithm Based on Power-Efficient for Wireless Sensor Networks, Circuits, Communications and Systems, 2009. PACCS '09. Pacific-Asia Conference on , 04 September 2009 20. Shah-Mansouri, V.; Mohsenian-Rad, A.-H.; Wong, V.W.S.; Dept. of Electr. & Comput. Eng., Univ. of British Columbia, Vancouver, BC , Lexicographically Optimal Routing for Wireless Sensor Networks With Multiple Sinks, Vehicular Technology, IEEE Transactions on, Volume: 58 Issue:3, 17 March 2009. 21. Hou, Y.T.; Yi Shi; Sherali, H.D.; Virginia Polytech. Inst. & State Univ., Bradley , Rate Allocation and Network Lifetime Problems for Wireless Sensor Networks, Networking, IEEE/ACM Transactions on, Volume: 16 Issue:2, 08 April 2008. 22.Ail, A.; Rashid, R.A.; Arriffian, S.H.F.; Fisal, N.; Optimal forwarding probability for real-time routing in wireless sensor network, Telecommunications and Malaysia International Conference on Communications, 2007. ICTMICC 2007. IEEE International Conference, 08 February 2008. 23.Weiqiang Xu; Jiming Chen; Yan Zhang; Yang Xiao; Youxian Sun; Coll. of Inf. & Electron., Zhejiang Sci-Tech Univ., Hangzhou , Optimal Rate Routing in Wireless Sensor Networks with Guaranteed Lifetime, Global Telecommunications Conference, 2008. IEEE GLOBECOM 2008. IEEE, 08 December 2008. 24.Karnik, A.; Kumar, A.; Gen. Motors India Sci. Lab, Bangalore ,Distributed Optimal Self-Organization in Ad Hoc Wireless Sensor Networks, Networking, IEEE/ACM Transactions on, Volume: 15 Issue:5, 15 October 2007. 25.Camtepe, S.A.; Yener, B.; Comput. Sci. Dept., Rensselaer Polytech. Inst., Troy, NY , Combinatorial Design of Key Distribution Mechanisms for Wireless Sensor Networks, Networking, IEEE/ACM Transactions on, Volume: 15 Issue:2, 16 April 2007 26 Tarique Haider and Mariam Yusuf , A Fuzzy Approach to Energy Optimized Routing for Wireless Sensor Networks, The International Arab Journal of Information Technology, Vol. 6, No. 2, April 2009. 27.Hung-Min Sun, National Tsing Hua University, Taiwan Shih-Pu Hsu, National Tsing Hua University, Taiwan Chien-Ming Chen, National Tsing Hua University, Taiwan, Mobile Jamming Attack and its Countermeasure in Wireless Sensor Networks, http://doi.ieeecomputersociety.org/10.1109/AIN AW.2007.255 28. Nidal Nasser and Yunfeng Chena Department of Computing and Information Science, University of Guelph, Guelph, Ont., Canada N1G 2W1, SEEM: Secure and energy-efficient multipath routing

International Journal of VLSI and Signal Processing Applications, Vol. 1, Issue 1 (48- 61),ISSN 2231-3133 protocol for wireless sensor networks, 3 May 2007. 29A.Senthilkumar and Dr.C.Chandrasekar1Assistant .Professor, Department of MCA,Sengunthar Engineering College, Tiruchengode - 637205, Tamilnadu, India., 2Associate Professor, Department of Computer Science,Periyar University, Salem 636011, Tamilnadu, India, SECURE ROUTING IN WIRELESS SENSOR NETWORKS: ROUTING PROTOCOLS., International Journal on Computer Science and Engineering, Vol. 02, No. 04, 2010, 1266-1270. 30 Alexander Becher, zinaida benenson and maximillian dornseif Deptt. Of computer science ,Germany, Springer verlag berlin heidelberg , tampering woth motes: Real world physical attacks on wireless sensor network,pp104-118,2006 31. Y.-C. Hu, A. Perrig, and D. B. Johnson, Wormhole detection in wireless ad hoc networks, Department of Computer Science, Rice University. 32. J. R. Douceur, The Sybil Attack, in 1st International Workshop on Peer-to-Peer Systems (IPTPS 02). 33. J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler, and K. Pister, System architecture directions for networked sensors. 34. L. Zhou and Z. Haas, Securing ad hoc networks, IEEE Network Magazine, vol. 13, no. 6, November/December 1999. 35. F. Stajano and R. J. Anderson, The resurrecting duckling: Security issues for ad-hoc wireless networks. 36. J. Fraden. A hand book of modern sensor: Physic, design, and application. 37. F.L. Lewis, wireless sensor network, Technologies Protocols and Application. 38. C. Karlof and D.Wagner. Secure routing in wireless sensor networks: Attacks and countermeasures. 39. A. Perrig, R. Szewczyk, Victor Wen, D. Culler, and J. D. Tygar. SPINS: Security protocols for sensor networks. 40. J. Douceur. The sybil attack., ACP, 2007 41. Y.-C. Hu, A. Perrig, and D. B. Johnson. Wormhole detection in wireless ad hoc networks. 42. Intanagonwiwat, R. Govindan, D. Estrin, J. Heidemann, and F. Silva. Directed diffusion for wireless sensor networking. 43.W.R. Heinzelman, A. Chandrakasan, and H. Balakrishnan. Energy-efficient communication protocol for wireless microsensor networks. 44.Hari Balakrishnan Robert Morris Benjie Chen, Kyle Jamieson. Tesla: An energy efficient coordination algorithm for topology maintenance in ad hoc wireless 45. D.J. Cook and S.K. Das, John Wiley, New York, 2004, on wireless sensor networks 46. drian Perrig, Robert Szewczyk, J. D. Tygar, Victor Wen, and David E. Culler. Spins: security protocols for sensor networks.Wirel. Netw., vol. 8, issue 5, pages 521534, 2002. 47.Petr Svenda and Vaclav Matyas. Key distribution and secrecy amplification in wireless sensor networks. In Technical Report,FIMU-RS-2007-05, Brno, C R, 2007. Masaryk University. 48.[TM006] Tmote Sky: Datasheet. http://www.sentilla.com/pdf/ eol/tmote-sky-datasheet.pdf, 2006. [WFSH06] Anthony D. Wood, Lei Fang, John A. Stankovic, and Tian He. 49..Sigf: a family of configurable, secure routing protocols for wireless sensor networks. In SASN 06: Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks,pages 3548, New York, NY, USA, 2006. ACM Press. 50.[WS02] Anthony D. Wood and John A. Stankovic. Denial of service in sensor networks. IEEE Computer, vol. 35, issue 10, pages 5462,2002. [WYC04] Xiaoyun Wang, Lizhen Yang 51.Xiaoyun Wang, Lizhen Yang, pages 205214, First European Workshop,ESAS 2004, Heidelberg, Germany, August 2004. Springer Authors:

Jagbir Singh Dhillon is working as Assistant Professor, in Deptt. of Electronics & Communication Engineering, St. Margaret Engineering College, Neemrana, NH-8 Delhi-Jaipur. He has done M.Tech. in ECE From M.D.U, Rohtak and pursuing Phd from Manav Rachana International University, Faridabad.He has a number of publications in some journal of well repute. His area of interest is security in wireless sensor network.

Krishan kumar is working as Asst. Proffessor in Deptt. Of electronics & communication enginnering St. Margaret Engineering College, Neemrana, NH-8 Delhi-Jaipur. He has done M.Tech. in ECE From M.D.U, Rohtak. He has a number of publications in some journal of well repute. His

International Journal of VLSI and Signal Processing Applications, Vol. 1, Issue 1 (48- 61),ISSN 2231-3133
area of interest is security in wireless sensor network.

Dr. Krishna Prasad Pamulapati, Professor & Head of IT Deptt. ,Faculty of Engineering and Technology, Manav Rachna International University, Faridabad has got 22 years experience in teaching Computer Science and guiding projects at Graduate and Post-Graduate levels. Experienced in guiding Ph.D. students. Previously he was M.Sc. program Coordinator for De Montfort University,UK in Singapore and Malaysia. Experienced with various universities in Bosnia & Herzegovina,Singapore, Malaysia, Sri Lanka and India. He has many papers to his credit in various journals of repute. His research area is artificial intelligence, soft computing, mobile network and wireless sensor network.