Energy Efficient Fuzzy Adaptive Verification Node Selection-Based Path Determination in Wireless Sensor Networks

Muhammad Akram, Tae Cho
2017 Symmetry  
Wireless sensor networks are supplied with limited energy resources and are usually installed in unattended and unfriendly environments. These networks are also highly exposed to security attacks aimed at draining the energy of the network to render it unresponsive. Adversaries launch counterfeit report injection attacks and false vote injection attacks through compromised sensor nodes. Several filtering solutions have been suggested for detecting and filtering false reports during the
more » ... forwarding process. However, almost all such schemes presuppose a conventional underlying protocol for data routing that do not consider the attack status or energy dissipation on the route. Each design provides approximately the equivalent resilience in terms of protection against compromised node. However, the energy consumption characteristics of each design differ. We propose a fuzzy adaptive path selection to save energy and avoid the emergence of favored paths. Fresh authentication keys are generated periodically, and these are shared with the filtering nodes to restrict compromised intermediate filtering nodes from the verification process. The scheme helps delay the emergence of hotspot problems near the base station and exhibits improved energy conserving behavior in wireless sensor networks. The proposed scheme provides an extended network lifetime and better false data filtering capacity. Symmetry 2017, 9, 220 2 of 25 at the cluster. The cluster head forwards the same report, on a low-cost path, to the base station (BS). The verification nodes on the path attempt to verify the forwarded report by authenticating the MACs attached to it. The report is dropped as soon as the detected false MACs number hits a pre-set threshold value. Attaching bogus MACs to legitimate reports results in denial of service (DoS). Such reports are repeatedly generated and forwarded to the BS by the event reporting cluster head until the BS acknowledges its receipt. The regeneration, retransmission, and repeated verification of such reports causes drain of the limited energy resources in the sensor network. In FRIA, several nodes within a cluster conspire to fabricate a report about a non-existent event in the surrounding environment and attach MACs to it. The reception and forwarding and en-route verification of these fabricated reports drains a significant amount of the limited energy resources at the intermediate verification nodes [11] . For the sake of clarity, a cluster head that generates the report is referred to as an event-cluster head or as an e-CH, whereas all the other cluster heads are simply referred to as cluster heads or as CHs hereafter. In the past, several filtering schemes have been proposed in an effort to counter the two attacks, viz. FVIA and FRIA [7, [12] [13] [14] [15] [16] [17] . Either static [17] or dynamic [18] key management schemes are used to generate keys in en-route filtering schemes. As a defense against FRIA, various solutions, such as location based resilient security (LBRS) [19] , the statistical en-route filtering scheme (SEF) [5], the key inheritance-based filtering scheme (KIF) [20], the interleaved hop-by-hop authentication scheme (IHA) [16] , and the dynamic en-route filtering scheme (DEF) [12] have been proposed. These security techniques prevent forwarding of reports of non-existent events in the cluster and filter false reports during the forwarding process. However, these methods also inadvertently make it easier for adversaries to launch FVIA, and all the reports with a single false vote/MAC attached to them are dropped en-route if SEF, DEF, IHA, KIF, or LBRS are used. As a countermeasure against FVIA, different security solutions such as the multi-path en-route filtering scheme (MEF) [21], probabilistic voting-based filtering scheme (PVFS) [7] , and false negative resilient SEF (FNRSEF) [22] have been proposed. In PVFS, reports with false votes less than the threshold are forwarded to the BS, whereas multiple copies of the reports are transmitted through multiple routes in the MEF and FNRSEF. However, the previously mentioned schemes are not effective in terms of saving energy when attacks do not occur [23] , and due to the extra computational and communication overhead. The associated energy and communication costs are seldom discussed by researchers who propose secure WSN protocols. Existing routing protocols can be categorized into three groups: the one-hop model, the multi-hop planar model and the cluster-based hierarchical model [7] . The one-hop model is impractical for large scale WSNs, and it does not accommodate filtering schemes. In the multi-hop planar model, due to no division of sensors in the network, compromised nodes in arbitrary locations can conspire with each other to launch a FRIA attack because there are no divisions between sensors in the network [5]. Cluster-based data routing has proven to be effective in minimizing energy consumption, managing network topology and aggregating data in WSNs [24] . In WSNs, multi-hop cluster head communication is more energy efficient, and the CHs collaborate with each other to forward their data to the BS [25] . Thus, data forwarding on a multi-hop path through intermediate CHs is a more realistic solution [25] . Cluster head communication facilitates energy efficient and safe routing of data in WSNs. A cluster based trust-aware routing protocol allows cluster member nodes to forward reports through the trusted CHs towards the BS [26] . The trust-aware routing protocol allows for re-election of a new CH to maintain safe routing in the network. Multi-hop cluster head-based communication is scalable and provides energy efficiency in WSNs [27, 28] . Therefore, cluster-based model becomes a natural option due to its suitability as a filtering mechanism. Cluster head communication saves energy in multi-hop communication based WSNs [7, 26] . In [11] , we proposed the Fuzzy Adaptive Selection of Intermediate verification Nodes (referred to as FASIN hereafter), which adaptively selects verification nodes based on the attack situation, the energy levels and the distance of the nodes. FASIN surpasses the PVFS in terms of energy saving and Symmetry 2017, 9, 220 3 of 25 extended network life in the sensor network, and it provides equivalent security against FRIA and FVIA at the same time. We propose a fuzzy rule-based route selection coupled FASIN that uses dynamic authentication key dissemination technique to achieve earlier detection of fabricated reports during the filtering process and enhance the energy efficiency of the filtering-based WSNs. The proposed method considers the following three important factors in the sensor network for selecting the fittest routing path:
doi:10.3390/sym9100220 fatcat:2qh2ujpn7vaa3b4s6cvr56wute