A Dynamic En-route Filtering Scheme for Data Reporting in WirelessSensor Networks

Networks Aim: T h e a i m o f t h i s p r o je c t i s t o d r o p t h e f a l s e d a t a i n je c t i o n u s i n g H i l l C l i mb i n g approach in Dynamic En-route filtering scheme in wireless sensor network.

Abstract: In wireless sensor networks, adversaries can inject false data reports viac o mp r o mi s e d n o d e s a n d l a u n c h D o S a t t a c k s a g a i n s t l e g i t i ma t e r e p o r t s . R e c e n t l y , a number of filtering schemes against false reports have been proposed. However, theyeither lack strong filtering capacity or cannot support highly dynamic sensor networksv e r y we l l . M o r e o v e r , f e w o f t h e m c a n d e a l wi t h D o S a t t a c k s s i mu l t a n e o u s l y . I n t h i s paper, we propose a dynamic en-route filtering scheme that addresses both false reportinjection and DoS attacks in wireless sensor networks. In our scheme, each node has ahash chain of authentication keys used to endorse reports; meanwhile, a legitimate reportshould be authenticated by a certain number of nodes. First, each node disseminates itskey to forwarding nodes. Then, after sending reports, the sending nodes disclose their keys, allowing the forwarding nodes to verify their reports. We design the Hill Climbingkey dissemination approach that ensures the nodes closer to data sources have stronger filtering capacity. Moreover, we exploit the broadcast property of wirelessc o m m u n i c a t i o n t o d e f e a t D o S a t t a c k s a n d a d o p t m u l t i p a t h r o u t i n g t o d e a l wi t h t h e topology changes of sensor networks. Simulation results show that compared to existingsolutions, our scheme can drop false reports earlier with a lower memory requirement,especially in highly dynamic sensor networks.

PROBLEM STATEMENT This paper proposed to detect the f alse report using Multiple Keyed M e s s a g e Authentication codes (Macs) scheme and it is classified as 1. Pre-deployment phase. 2. Post -deployment phase. 3. Filtering phase.

1.Pre-deployment phase: Each node preloads an authentication key and a number of secret keys. The secretkeys are picked from some global key pools and used to encrypt the authentication key. 2Post-deployment phase: Each cluster head disseminates the encrypted authentication keys of all nodes inits cluster to the forwarding nodes. Each forwarding node stores the keys it can decryptand forwards all the keys to most possible next hop nodes. 3Filtering Phase: The false reports are detected and dropped in the filtering phase. After disseminating the authentication keys, cluster head can send the final reports aggregatedfrom the sensing reports of nodes.In wireless sensor network consist of a large number of small sensor nodes, thissensor nodes organized into cluster and send some report to base station. This sensor networks may suffer different types of malicious attacks. One type is called false reportinjection attack, in which adversaries inject into sensor networks the false data reportscontaining nonexistent events or faked readings from compromised nodes. These attacksnot only cause false alarms at the base station, but also drain out the limited energy of forwarding nodes.

Existing System There are several existing scheme for filtering the false data injection, they areSEF, IHA, CCEF and LED have been proposed to address false report injection attacksand/or DoS attacks. And they have some limitation chain. Before sending reports, nodes disseminate their keys to forwarding nodes usingHill Climbing approach. Then, they send reports in rounds.In each round, every sensing node endorses its reports using a new key and thendiscloses the key to forwarding nodes. Using the disseminated and disclosed keys, thef o r wa r d i n g n o d e s c a n v a l i d a t e t h e r e p o r t s . I n o u r s c h e m e , e a c h n o d e c a n m o n i t o r i t s neighbors by overhearing their broadcast, which prevents the compromised nodes fromchanging the reports. Report forwarding and key disclosure are repeatedly executed byeach forwarding node at every hop, until the reports are dropped or delivered to the basestation.

Advantages: In the proposed system false data injection is detected with secret information andit is authenticated using MAC (Message Authentication Codes). In addition Hill Climbingapproach is used to disseminate the secret keys in Sensor nodes. Modules 1. Pre-deployment phase.2. Post-deployment phase.3. Filtering phase. 4.Report Forwarding Phase 1. Pre-deployment phase

In the Pre-deployment phase each sensor nodes preloaded with distinct seed key.F r o m t h e s e e d k e y , i t c a n g e n e r a t e a s e q u e n c e o f a u t h k e y s u s i n g a c o m m o n h a s h function. Using these auth-keys to encrypt the report and forward at the base station. Thef i r s t k e y o f t h e h a s h c h a i n , a l s o i t s h o u l d b e u s e d f i r s t a t t h e e n c r y p t i o n p r o c e s s ; mean whi l e, i t i s the fi nal one generated f r o m t h e s e e d k e y . W e a s s u me t h a t t h e b a s e s t a t i o n i s a wa r e o f e a c h n o d e s s e e d k e y , s o t h e a d v e r s a r i e s c a n n o t i mp e r s o n a t e t h e uncompromised nodes. The key per-distribution phase is performed before the sensor nodes are deployed (e.g. it can be done in offline). 2. Post-deployment phase In the Post-deployment phase the sensing nodes organized as the cluster, formwhich cluster head randomly selected. This phase will happen before sending the report. In this phase the cluster head aggregates the auth-keys of the s e n s i n g n o d e s a n d t h e cluster-head should disseminate the first auth-keys of all nodes to the forwarding nodesbefore sending the reports. By using the disseminated keys, the forwarding nodes canverify the authenticity of the disclosed auth-keys, which are in turn used to check thevalidity and integrity of the reports. The first unused auth-key of a node is called thecurrent auth-key of that node. When none of a nodes auth-keys has ever been used, thecurrent auth-key is just the first auth-key of its hash chain.

3. Filtering Phase Each sensing nodes having own authentication keys using Mac algorithm. UsingM a c algorithm to encrypt the data using authentication key and each n o d e s e n d s t h e encrypt data to every forward node, forward node to transfer encrypt data to relevant basestation. 3 Report Forwarding Phase

In the report forwarding phase the sensing nodes forwarding the report to basestation. The reports are organized into rounds, each containing a fixed number of reports.In every round, each sensing node chooses a new auth-key to authenticate its reports. Tofacilitate verification of the forwarding nodes, the sensing nodes disclose their auth-keysat the end of each round. Meanwhile, to prevent the forwarding nodes from abusing thed i s c l o s e d k e y s , a f o r wa r d i n g n o d e c a n r e c e i v e t h e d i s c l o s e d a u t h - k e y s , o n l y a f t e r i t s upstream node overhears that it has already broadcast the reports. Receiving the disclosedkeys, each forwarding node verifies the reports, and informs its next-hop node to forwardor drop the reports based on the verification result. If the reports are valid, it discloses thekeys to its next-hop node after overhearing. The forwarding nodes at every hop repeat theprocesses of verification, overhearing, and key disclosure until the reports are dropped or delivered to the base station.

Conclusion: A d y n a mi c e n - r o u t e f i l t e r i n g s c h e me u s e d t o d r o p t h e f a l s e r e p o r t i n wi r e l e s s sensor network. In the network each sensing nodes uses its own auth-keys to authenticatet h e i r r e p o r t s . T h e a u t h - k e y s o f e a c h n o d e f o r m a h a s h c h a i n a n d a r e u p d a t e d i n e a c h round. The cluster-head disseminates the first auth-key of every node to forwarding nodesand then sends the reports followed by disclosed auth-keys. The forwarding nodes verifythe authenticity of the disclosed keys by hashing the disseminated keys and then check t h e i n t e g r i t y a n d val i di ty of the reports usi ng the di sc l osed keys. A c c o r d i n g t o t h e verification report the next node or hop forwarding the report to another node or hop;otherwise it will drop the report.