This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Intend of this project is to detect the clone attacks in wireless sensor networks using NDFD protocols, RAndom WaLk (RAWL) and Table-assisted RAndom WaLk(TRAWL).RAWL and TRAWL protocols, which are based on random walk, have only moderate communication. The TRAWL mechanism is used to reduce the memory overhead of RAWL. A central problem in sensor network security is that are susceptible to physical capture attacks. Once a sensor is compromised, the adversary can easily launch by replicating the compromised node, distributing the clones throughout the network, and starting a variety of insider attacks. Previous works against clone attacks suffer from either a high communication/storage overhead or poor detection accuracy. So, we propose a scheme for detecting clone attacks in sensor networks, by using two NDFD protocols which have moderate communication.
Keywords- Wireless sensor networks, computer network security, clone attacks, node replication,Random Walk.
Wireless sensor Networks consists of spatially distributed autonomous sensors to be cooperatively monitor physical or environment conditions ,such as temperature,sound,vidration pressure etc.Wireless Sensor Networks deployed in hostile environments and are vulnerable to clone attacks.
Clone attack (also called node replication attack) is a severe attack in WSNs. In this attack, an adversary captures, only a few of nodes, replicates them and then deploys arbitrary number of replicas throughout the network. Various approaches have been proposed to detect clone attacks , , , , .
The existing approaches may be deterministic, or cannot defend against smart attacks, or need a central control. Firstly, deterministic means that which nodes detect the abnormal symptoms of a given node is fixed (usually these nodes are called the witness nodes of the given node). In this case, if the adversary Compromises all the witness nodes of a captured node, he can then safely deploy any number of replicas of that node. Secondly; the adversary may protect his replicas by starting a special witness compromising attack, the smart attack In this attack the adversary finds out the witness nodes that will detect the replicas (we call them critical witness nodes), and only compromises these witness nodes to avoid detection.
In this paper, firstly, we show that in order to avoid the drawbacks of existing approaches, replica-detection protocols must be NDFD and fulfill three security requirements on witness selection. To our knowledge, Randomized Multicast  is the only Existing protocol fulfilling the requirements, but it has very high communication overhead. Secondly, based on random walk, we propose two new NDFD protocols fulfilling the requirements, while having only moderate communication and memory overhead. The first protocol, Random WaLk (RAWL), starts several random walks randomly in the network for each node a, and then selects the passed nodes as the witness nodes of node a. The
Second protocol, Table-assisted RAndom WaLk (TRAWL), is based one RAWL and adds a trace table at each node to reduce the memory costs.
For a given sensor network, we would like to detect
a node replication attack, i.e., an attempt by the adversary to add one or more nodes to the network that use the same ID as another node in the network. Ideally, we would like to detect this behavior without centralized solutions suffer from several inherent drawbacks.
III. PROBLEM DEFINITION
First the attacker attacks the Wireless Sensor Nodes then it makes a clone of the attacked node. This attacked node passes of the nodes as original WSN.The cloned nodes which are acting as original WSN collects the sensitive data and send to the attacker.As a result the whole network get comprimised
In the existing system one protocol has been used called as Deterministic Multicast. In this protocol the attacker compromises all the witness nodes and starts a smart attack. Smart attack is a attack which can protect the replicas from being detected. Some other protocols such as LSM, RED have also been used but they require central control and also subject
To a single point of failure. In the existing system the protocol that has been used are not fully distributed.
Only one protocol has been used called Randomized multicast which is fully distributed but has too much CPU overloaded over a period of time.
In the proposed system two NDFD protocols has been used.NDFD refers to non deterministic fully distributed in which for a single input several output has been produced.
A) Protocol Description:
RAWL refers to the Random WaLk which it walks randomly along the nodes.
At a high level, RAWL works with following steps in each execution (recall that our four protocols all can be scheduled to run periodically).
Each node broadcasts a signed location claim.
Each of the nodeâ€™s neighbors probabilistically forwards the claim to some randomly selected nodes.
Each randomly selected node sends a message containing the claim to start a random walk in the network, and the passed nodes are selected as witness nodes and will store the claim.
If any witness receives different location claims for a same node ID, it can use these claims to revoke the replicated node.
TRAWL protocol refers to the Table assisted Random WaLk. The main function of the TRAWL protocol is used to reduce the memory overhead of other protocols like LSM, RAWL.
VI. PROPOSED ARCHITECTURE
This proposed architecture is based on Random walk protocol and conflicting location claimes.These protocol does a random walk of the nodes. Each node broadcasts its location to the master with claim to neighbor node. The neighbor node becomes the witness and this is called as the witness node. That witness node stores the claim.
Each neighbor randomly selects g nodes. It uses geographic routing to forward the claim. Each node receiving the two claims independently and verifies the signatures. Then it stores the claim and become the witness. It will start a t-step random walk in the network and sending the location claim together with a counter of walked steps to a random neighbor. The neighbor will also become the witness node. When two different location claims are encountered the node will broadcasts the two conflicting claims. Then the replica node will get detected and get revoked.
The sink node or the master node is the same as the head node which gather, control data collected by other sensor node.
The following diagram shows the proposed architecture diagram for the detection of clone attacks in the wireless sensor networks. The diagram is as follows.
CLONED REPLICA WSN
SEND SENSITIVE DATA AND INFORMATION
C BECOMES WITNESS NODE FOR A
SAME NODE ADDRESS NO NEIGHBOUR NODE WITNESS
REVOKE CLONED NODE A
VCLAIM IS TRUE
NEIGHBOUR NODE WITNESS IS TRUE
VII MODULES DESCRIPTION
Here four modules have been used. The modules are,
A. WSN SETUP
In this module the wireless nodes are setup with information collection and dissemination to the sink or master node.
B. ATTACKER MODULE
Here a WSN is attacked and compromised.
Next the replica of the cloned node is created which acts like an original and sends data to the enemy.
C. REPLICA DETECTION
Node Location Broadcast
Each node broadcasts a signed location
Random Node Claim Forwarding
Each of the nodes neighbor probabilistically forwards the claim of the location to some randomly selected nodes
If any witness receives different location claims for the same node ID,it can use these claims to revoke the replicated node.
D. REPLICA REVOCATION
The compromised replicated node is identified and revoked
By using these protocols the adversary or attacker does not know the next walked node.
Packet history is erased.
Hence critical nodes are not compromised.
Less CPU overhead.
No central control is required.
In this paper we designed several new replica-detection protocols. We found that existing solutions have several drawbacks which greatly limit their usages, and then we explained that to avoid the drawbacks, replica-detection protocols must be non-deterministic and fully distributed (NDFD), and fulfill three security requirements on witness selection. Previously, only one NDFD protocol, Randomized Multicast, fulfills the requirements; however it has very high communication overhead which is only affordable in small networks. Our final protocols, RAWL and TRAWL, which are based on random walk, fulfill the requirements and have higher but comparable communication overhead than LSM. We believe they provide a better trade-off between the communication overhead and security properties than previous protocols. We also gave theoretical analysis on the required number of random walk steps. Finally, we note here that we think the mechanism TRAWL used to reduce the memory overhead of RAWL (i.e., using a table to cache the digests of location claims), could also be applied to other protocols like LSM.