International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 6June 2013

ISSN: 2231-2803 http://www.ijcttjournal.org Page 1834

Three Mode Security For Wireless Sensor
Networks with Mobile Sinks

Mrs.S.Rajakumari
#1
, Mr.P.Suresh
.2
, Dr.R.Sukumar
*3
,

#1
PG Student, Sethu Institute of Technology, Kariapatti, TN, India.
.2
Associate Professor, Sethu Institute of Technology, Kariapatti, TN, India.
*3
Professor, Sethu Institute of Technology, Kariapatti, TN, India.
.



AbstractFor efficient data accumulation and
revoking the compromised sensors, Mobile sinks (MS)
are essential in many wireless sensor network (WSN)
applications. Existing key predistribution schemes for
pairwise key establishment and authentication between
sensor nodes and mobile sinks, elevates a new security
challenge in such applications. For example, in the basic
probabilistic key predistribution schemes, an attacker
can easily obtain a large number of keys by capturing a
small fraction of nodes, and can gain control of the
network by deploying a replicated mobile sink
preloaded with some compromised keys. This paper
proposes a general framework that provides three mode
security to the network and permits the use of any
pairwise key predistribution scheme as its basic
component. Some nodes are preselected as stationary
nodes that act as intermediate access points between
mobile sink and sensors. This architecture requires two
key pools: mobile pool for authentication between
mobile sink and stationary node, and static pool for
pairwise key establishment between the stationary node
and sensors. To reduce the damages of replication
attack, we have strengthened the security of the paper
by implementing the detection algorithm in the nodes.
By performing the security analysis, we show this
architecture has higher network resilience to the node
replication attack.

KeywordsDistributed, security, wireless sensor
networks, Mobile Sink, replica attack.
I. Introduction
Recent headway in digital circuitry, wireless
communication, and Micro Electro-mechanical Systems
(MEM), have made possible the integration of sensing,
communication, and power supply into an inch-scale sensor
devices. These latest progress have paved the way for the
development of wireless sensor networks (WSNs)
consisting of a large number of low-power, low-cost sensor
nodes that communicate wirelessly [1] which can beused
in a wide range of applications, such as, military sensing
and tracking, health monitoring, data acquisition in
hazardous environments, and habitat monitoring. In WSN,
the base station collects the data from the sensors for
analysis .But if the sensing field is too far from the base
station, multihop transmission of the data over long
distances may weaken the security strength (e.g., some
intermediate may modify the data passing by, capturing
sensor nodes, launching a wormholeattack, a sybil attack,
sink hole), and increasing theenergy consumption at nodes
near the base station, reducing the lifetime of the network.
Therefore, mobile sinks (MSs)(mobile sensor nodes) are
essential components in the operation of many sensor
network applications, including data collection in
hazardous environments, localized reprogramming,
oceanographic data collection and military navigation.


Fig.1. Wireless Sensor Network with MS

Sensor Networks are highly vulnerableto attacks
because, it consists of various resourceconstrained devices
which communicate via wireless links. Thus the
establishment of pairwise keys and authentication between
sensor nodes and sink is a fundamental challengein Sensor
Networks. However the usage of asymmetric keys are
expensive dueto their storage and computation cost. These
limitations make key predistribution schemes [2], [3], [4],
[5], [6], [7], [8] the tools of choice to provide low cost,
secure communication between sensor nodes and mobile
sinks. But thesemethods do not safe the sensor networks
suffering in mobile sink replica attacks. In the basic
probabilistic and q-composite methods, the adversary can
capture a large number of keys by compromising small
fraction of sensor nodes.

International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 6June 2013

ISSN: 2231-2803 http://www.ijcttjournal.org Page 1835

To address the above mentioned problem, we
have proposed a general framework that provides three
mode security to the sensor network. The architecture
layers the network into three: Mobile Sink, Stationary
access node and sensor nodes and has two pools: mobile
polynomial and static polynomial. To avoid capturing of
mobile sink by compromising the sensor nodes, a few
nodes arepreselected as stationary access nodes. They act
as intermediate points between mobile sinks and sensor
nodes. The mobile sinks trigger the network for data
acquisition through the stationary access nodes. A sensor
node sends the data to the stationary access node which
then passes the data to themobile sink. For authentication
between the mobile sink and stationary access node, they
randomly select keys from mobile polynomial. Similarly,
for the authentication between the stationary access node
and sensor node, they collect the polynomials from static
polynomial. This method helps to secure the key sharing of
mobilesink independent of sensor nodes. By this way, the
adversary cannot capture themobilesink, by compromising
a few sensor nodes.


Fig 2.TheThree Mode Security schemefor WSN with MS

In addition to the layering, the mobile sink and
the nodes are equipped with detection algorithm to find
replicas. When the nodes or mobile sink receive the
messages from the other nodes, the algorithm detects to
find whether the message is from replica nodes. The
analysis of this paper shows that this framework provides
good network resilience against mobile sink replica attacks
and stationary access nodereplica attacks.

This paper is organized as follows. Section 2
discusses about the related existing schemes. Section 3
clearly says about our proposed framework. Section 4
analyses the security of this paper. Section 5 concludes the
architecture.

II. Related Work

Eschenauer and Gilgors [2] probabilistic key
predistribution scheme helped to introducethe initial trust
between the sensor nodes. Their work was to let each
sensor noderandomly pick a set of keys from a key pool
before deployment, so that any two sensor nodes had a
certain probability of sharing at least one common key.

Chan et al. [3] extended the above idea and
developed two key predistribution schemes: the q-
composite key predistribution scheme and the random
pairwise keys scheme. Theq-composite key predistribution
scheme also had a key pool, but required two sensor nodes
to compute a pairwise key from at least q predistributed
keys that they shared. The random pairwise keys scheme
randomly picked pairs of sensor nodes and assigned each
pair a unique random key. For thebasic probabilistic [2]
and the q composite [3] key predistribution schemes, as the
number of compromised nodes increases, the fraction of
affected pairwisekeys also increases quickly. As a result, a
small number of compromised nodes may affect a large
fraction of pairwisekeys.

Thet-degree bivariate key polynomial proposed
by Liu et al. [4] was a general framework for pairwise key
establishment using the polynomial-based key
predistribution protocol [1] and the probabilistic key
distribution in [2] and [3]. But their scheme could tolerate
no more than t compromised nodes, where the value of t
was limited by the memory availablein the sensor nodes.

Perrig et al. [15] identified the concept of replica
attack, and some detection methods wereproposed, such as
centralized detection, local detection, and distributed
detection. In general, centralized methods will bring out the
problem of single point failure, and many communications
are converged in the neighborhood of the central node.
Local detection doesnt deal with the replicas deployed in
different zones and the communication is too high in the
distributed detection. Perrig et al. proposed randomized
multicast and line-selected multicast which use some
witness nodes to replace thewholenetwork detection and
ensure the detection probability by the birthday paradox
theory.

Ho et al. [16] further decreased the
communication cost by using group deployment
knowledge. Ho et al. [17] also presented a SPRT method
for replica detection in mobile sensor networks, in which
all sensors aremobile. Pietro, Oligeri et al. [18] considered
another type of mobile sensor network in which mobile
sinks visit stationary sensors and collect the data once in
each round.

III. Three Tier Framework
3.1. Architecture

In this framework, we use two pools: Mobile
polynomial pool and static polynomial pool. Polynomials
from themobilepolynomial pool are used to establish the
authentication keys between the mobile sinks and
stationary access nodes, which will enable these mobile
sinks to access the sensor network for data gathering. To
minimize the probability of a mobile polynomial being
compromised if R
c
sensor nodes are captured, a small
fraction of randomly selected nodes called as stationary
access nodes, act as authentication access points to the
network. The mobile sink sends data request message to
sensor nodes through stationary access nodes. These data
request messagemake the stationary access nodes to trigger
International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 6June 2013

ISSN: 2231-2803 http://www.ijcttjournal.org Page 1836

the network to collect and send thedata back to thesink.
Similarly, the sensor nodes and the stationary access nodes
take polynomials from the static pool to establish
authentication between them. This key sharing will take
place during deployment as follows.

Key Predistribution: A mobile polynomial pool of size |M|
and a static polynomial pool of size|S| aregenerated. The
pools include the polynomial identifiers. To minimize the
mobile polynomial compromise when thestationary access
nodes are captured, the number of polynomials in the
mobile sink should be more than the number of
polynomials in every stationary access node. So all mobile
sinks and stationary access nodes are randomly given K
m

and one polynomial (K
m
>1) from M. By the way, all the
sensor nodes and the stationary access nodes select a subset
of K
s
and K
s-1
polynomials from S.

Key discovery and path establishment: In initial stage, we
assume that there areno attacks during deployment. After
key predistribution, key discovery and path between the
nodes has to be established. For a mobile sink V to collect
data from a sensor node U, there should be an
authentication path between mobile sink V and sensor node
U through a stationary node A.

The mobile sink beacons its encrypted list of
polynomial IDs and sending time T and its position (X
V
,
Y
V
).The messageC
V
is theclaim of mobile sink V.

C
V
=E
Ks(V)
{ID
V
,{( X
V
, Y
V
) || T },E
Kv
(),v=1,.|Ksi|}

Here(X
V
, Y
V
) is the position of V, T is thetime
sent and encryption list of polynomial IDs
,E
Kv
(),v=1,.|K
si
| as in [2] and [3].The stationary nodes
receivethe beacon message and decrypt it and calculates
the common shared polynomial. If the stationary node A
finds the common polynomial, it can establish a link
between A and mobile sink V. Also, the node A, calculates
its position (X
U
, Y
U
) and stores in a list MS, the
informations like ID
V
, location, time sent T and received
time R with whom it shared the key. Similarly, the
stationary nodes send their message to mobile sinks. For
example themessage of node A is

C
A
=E
Ks(A)
{ID
A
,{( X
A
, Y
A
) || T },E
Kv
(),v=1,.|K
si
|}

Each mobile sink receives the message and
checks whether it shares key. The mobile sink V which
shares key with nodeA will storethe information of Node
As ID
A
, location and the time sent and the time received.

Likewise, the stationary nodes and sensor nodes
find the path by common key. The stationary nodes
maintains another list SN to have information about the
sensor nodes it shared keys and similarly, the sensor nodes
maintains a list having the datas about the SAN it share
keys.

At theend of deployment, every nodewill have
knowledge about their link with other nodes and their
memory has that information. Thenodes also calculate and
store the estimated transmission delay of receiving
messages and acceptable error based on the received T
and R for each link they have established.

By this shared keys, the nodes can establish
direct path like V-A-U or indirect path V-A-I-U where I is
an intermediate node.

3.2Three mode security implementation

In real time, the sensor networks are hostiled in
the unattended environments. So the adversary tries to
capture the secret information of theencrypted message in
the compromised node, and replicate the compromised
nodeto many replicas with the sameidentity.

Our three mode framework provides better
network resilience against replica attacks. As the
architecture uses polynomial pool based key, it inherits
their properties. The node exchanges only the encrypted
ids, so the actual key they share is not known to any
adversary. Hence, if a node is captured, the adversary
cannot find the actual keys shared by capturing the
information stored in thecompromised node.

To add onto the security of the three layer
polynomial pool scheme, a detection algorithm is
implemented in the nodes to detect the replicas. This
algorithm works whenever the nodes receive messages
from the other nodes.

The detection algorithm in mobile sink:

Themobile sink acts as a patrol node to detect
and avoid thereplica nodes to attack or compromise base
station .It is assumed that mobile sink is allowed to movein
some static interval. The mobile sink speed V
max
should
satisfy the formula

max
2 1
2 1
V
Interval T T
L L
s





Where L1 and L2 are previous and new locations of
sink.T1 is the time when sink is at L1 and similarly
T2.When the mobile sink moves ,it updates its memory
information about the position of the nodes (sharing key)
corresponding to its new location. The following algorithm
is implemented in mobile sink to detect replica node
messages.

Algorithm 1:

1. Mobilesink V if shares keys with nodeA
computes the location of node A, L
A
.

2. If || L
A
(X
A
, Y
A
) || < , then A is non-replica
node else declare A as replica nodeand block all
nodes with same ID.Also store in the memory the
nodeis a compromised node. Here(X
A
, Y
A
) is the
updated location in Vs memory.
International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 6June 2013

ISSN: 2231-2803 http://www.ijcttjournal.org Page 1837


The detection algorithm in Sensor node:

The stationary node has to detect mobile sink
replica and sensor nodereplica attacks. As themobile sink
moves and changes its position in some regular Interval
(T,T+Interval) ,then it is highly likely that atleast two nodes
with same identity are present in the network.Futher the
network sets that the mobile sink should not move faster
than system-configured maximum speed V
max
and satisfies
the formula 1(given above).

Algorithm 2:

1. If themessage received by thestationary node A is
from the sink V,

i. Node A computes d and d from the signal
power and thereceived location of V.

ii. If ||d-d|| > and ||T
1
-T
2
||>Interval, then MS V is
replica node and block all nodes with same ID.
Update thelist MS.

iii. Also check thespeed of thesink V to satisfy
the formula V
max
.If not satisfied, reject the
message from thesink V.

2. If the node V shares key and is not MS then do the
Algorithm 3 using thelist SN. (The node A has received
the message from a static node V.)

Algorithm 3:

1. ThenodeA computes d from the signal power and
checks ||d-d|| > and ||T||> .If so, the message is
from replica nodeand the node A blocks all nodes
with id V.The d is thedistance between A and V
which is already stored in A and T is thetime taken
for the packet to reach A.

As both stationary nodes and sensor nodes are
fixed, the detection algorithm is easy to implement and
costs less overhead. It is suitable for the networks in
unattended regions.

IV. Security Analysis

The proposed framework has three layers as
mobilesinks, stationary access nodes and sensor nodes and
separates the key sharing between themby using two pools.
The mobile sink key sharing is independent from key
sharing of sensor node . So the adversary that compromises
sensor node cannot reach the mobile sink by getting the
secret information of compromised node. This framework
gives better connectivity between thenodes.

The probability P
m
, the mobile sink and the
stationary access node can establish a key directly is
expressed by


M
K
P
m
m =


where m is thenumber of stationary access nodes in the
network. The probability P
s
wheretwo sensors share a
common static polynomial is


2
2
2
1
|
|
|
.
|

\
|
|
|
.
|

\
|
|
|
.
|

\
|
|
|
.
|

\
|
=
s
s
s
s
s
K
S
K
K
K
S
P

The probability P
sa
where a stationary access node and
sensor nodeshares a static key is,


P
sa
=1-
|
|
.
|

\
|
|
|
.
|

\
|

|
|
.
|

\
|
|
|
.
|

\
|
|
|
.
|

\
|

|
|
.
|

\
|

1
1
1 2
1 2
s s
s
s
s
K
S
K
S
K
K
K
S


As stated in the previous section, for an attacker
to launch a mobilesink replication attack on the network,
the adversary has to compromise at least one polynomial
from the mobile polynomial pool. To achieve this, the
adversary must capture atleast a specific number of
stationary access nodes that hold the same mobile
polynomial. To estimate the probability Pr of a mobile
polynomial being compromised, we consider thecaptureof
sensor nodes is independent. Now let w be a polynomial in
the mobile pool. Theprobability of w being chosen for a
stationary access node is 1/|M|, and theprobability that any
captured node is a stationary access node is m/n, and the
probability that a captured nodeis a stationary access node
and it hold w is 1/|M| X m/n. Therefore, theprobability that
this polynomial being chosen exactly by x stationary
access nodes among R
c
captured nodes (R
c
>t
m
wheret
m
is
the degree of polynomial w) is


) ( ^
1
1 ^
1
) ( x R
n
m
M
x
n
m
M x
R
x P c
c

|
|
.
|

\
|

|
|
.
|

\
|

|
|
.
|

\
|
=


Thus, theprobability that any polynomial from the mobile
pool being recovered by an attacker is

=
=
tm
x
x P
0
) ( 1 Pr

International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 6June 2013

ISSN: 2231-2803 http://www.ijcttjournal.org Page 1838


Even though, the nodes are compromised, the
detection algorithm provides good security against replica
nodes. The implementation of thedetection algorithm does
not increase the communication cost. The detection
algorithm may be compromised if the attacker is very close
to the compromised node. This paper is stimulated in NS-2
and experimental results are shown below.




Fig 3. Mobile sink (patrol) detects replica nodes.


Through analysis, we studied that the
implementation of the detection algorithm in the
framework gives more security, throughput, less delay than
using only three layers in thearchitecture.

Fig 4 shows the comparison of the architecture
with and without the implementation detection algorithm in
it.




Fig 4. Thegreen graph shows that thedetection algorithm
has high throughput.



Fig 5. The green graph shows the detection algorithm has
less delay.

V. Conclusion

Our paper three mode security framework
proposed an optimal approach for authentication and
pairwise key predistribution for a distributed wireless
sensor networks. This architectureprovides high security to
the network against replica attacks on mobile sink and
stationary access nodes. Through analysis, we conclude
that this approach provides nearly 70 percent detection
against replica attacks and wormhole attacks. We are in
future work to extend the security of this paper to avoid
node capturing.

REFERENCES
[1] I.F. Akyildiz,W. Su, Y. Sankarasubramaniam, and
E.Cayirci,Wireless Sensor Networks: A Survey,
Computer Networks, vol. 38, no. 4, pp. 393-422, 2002.

[2] .LEschenauer and V.D.Gligor, A Key-Management
SchemeFor Distributed Sensor Networks ,Proc. ACM
Conf. Computer Comm.Security (CCS 02), pp. 41-47,
2002.

[3] H. Chan, A. Perrig, and D. Song, Random Key Pre-
Distribution Schemes for Sensor Networks, Proc.
IEEE Symp. Research in Security and Privacy, 2003.

[4] D. Liu, P. Ning, and R.Li. Establishing, Pairwise Keys
in Distributed Sensor Networks, Proc. 10th ACM
Conf. Computers and Comm. Security (CCS 03), pp.
52-61, Oct. 2003.

[5] H.Chan,A. Perrig, and D. Song, Key Distribution
Techniques for Sensor Networks, Wireless Sensor
Networks, pp. 277-303, Kluwer Academic, 2004.

[6] D. Liu and P. Ning, Location-Based Pairwise Key
Establishments for Static Sensor Networks, Proc. First
ACM Workshop Security AdHoc and Sensor Networks,
2003.
International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 6June 2013

ISSN: 2231-2803 http://www.ijcttjournal.org Page 1839


[7] S. Zhu, S. Setia, and S. J ajodia, LEAP: Efficient
Security Mechanisms for Large-ScaleDistributed
Sensor Networks, Proc.10th ACM Conf. Computers
and Comm. Security (CCS 03), pp. 62-72,Oct. 2003.

[8] A. Rasheed and R. Mahapatra, An Efficient Key
Distribution Scheme for Establishing PairwiseKeys
with a Mobile Sink in Distributed Sensor Networks,
Proc. IEEE 27th Intl Performance Computing and
Comm. Conf. (IPCCC 08), pp. 264-270, Dec. 2008.

[9].A. Rasheed and R. Mahapatra, A Key Pre-Distribution
Schemefor Heterogeneous Sensor Networks, Proc.
Intl Conf. Wireless Comm. and Mobile Computing
Conf.(IWCMC 09), pp. 263-268,June2009.

[10].L. Lamport, Password Authentication with Insecure
Communication, Comm. ACM, vol, 24, no. 11, pp.
770- 772, Nov. 1981
.
[11] C. Blundo, A. DeSantis, A. Herzberg, S. Kutten, U.
Vaccaro, and M. Yung, Perfectly-SecureKey
Distribution for Dynamic Conferences,Proc. 12th
Ann. Intl Crryptology Conf. Advances in Cryptology
(CRYPTO 92), pp. 471-486, 1993.

[12] Zahariadis,T Leligou, H.C. Trakadas,P. Voliotis S.
Trust management in wireless sensor networks. Eur.
Trans. Telecommun. 2010, 21, 1-10.

[13]. Zhang, Q.; Yu, T.; Ning, P. A framework for
identifying compromised nodes in wireless sensor
networks. ACM Trans. Inform. Syst. 2008, 11, 1-37.

[14].Shaikh, R.A.; J ameel, H.; Auriol, B.J.;Lee, H.; Lee, S.;
Song. Y.J. Intrusion- awarealert validation algorithm
for cooperativedistributed intrusion detection
schemes of wireless sensor networks Sensors 2009,
9, 5989-6007.

[15].Parno, B.; Perrig, A.; Gligor, V.D. Distributed
detection of node replication attacks in sensor
networks. In Proceedings of IEEE S&P, Oakland,
CA, USA, 811 May 2005; pp. 49-63.

[16].Ho, J .W.; Wright, M.; Das, S.K,Fast detection of
replica node attacks in mobile sensor networks using
sequential analysis. In Proceedings of IEEE
INFOCOM, Rio de J aneiro, Brazil, 1925 April 2009;
pp. 1773-1781.

[17].Ho, J .W.; Liu, D.; Wright, M.; Das, S.K. Distributed
detection of replica nodeattacks with group
deployment knowledge in wireless sensor networks.
Ad Hoc Network. 2009, 7, 1476-1488.

[18].Pietro, R.D. Oligeri,G, Soriente,C.Tsudik,G.
Intrusion resiliencein mobile unattended WSNs. In
Proceedings of INFOCOM, San Diego, CA, USA,
1419 March 2010; pp. 1-9.

[19].Mariano.G.Zahariadis, T.lvarez, F.Leligou,
H.C.Adrin,P.H.Karkazis,P.Francisco,J.C.Secure
geographic routing in ad-hoc and wireless sensor
networks.URASIP J. Wirel. Comm. 2010, 975607, 1-
1