27-11-2012, 05:31 PM
Catching Packet Droppers and Modifiers in Wireless Sensor Networks
1catching packet droppers and modifier.pdf (Size: 345.67 KB / Downloads: 68)
INTRODUCTION
In a wireless sensor network, sensor nodes monitor the
environment, detect events of interest, produce data and collaborate
in forwarding the data towards a sink, which could
be a gateway, base station, storage node, or querying user. A
sensor network is often deployed in an unattended and hostile
environment to perform the monitoring and data collection
tasks. When it is deployed in such an environment, it lacks
physical protection and is subject to node compromise. After
compromising one or multiple sensor nodes, an adversary
may launch various attacks [1] to disrupt the in-network
communication. Among these attacks, two common ones are
dropping packets and modifying packets, i.e., compromised
nodes drop or modify the packets that they are supposed to
forward.
THE PROPOSED SCHEME
In our scheme for identifying packet droppers and modifiers,
a system initialization phase is followed by several equalduration
rounds of intruder identification phases.
² In the initialization phase, sensor nodes form a dynamic
routing tree rooted at the sink. The structure of the tree
changes dynamically from round to round.
² In each round, data traffic is transmitted through the
routing tree to the sink, and each packet sender/forwarder
adds a small number of extra bits to the packet and also
encrypts the packet. When one round finishes, based on
the extra bits carried in the received packets, the sink
runs the node categorization algorithm to identify nodes
that must be droppers or modifiers and nodes that are
suspiciously bad.
² The routing tree is reshaped every round. As a certain
number of rounds have passed, the sink will have collected
information about node behaviors in different routing
topologies. The information includes which nodes are
bad for sure, which nodes are suspiciously bad, and the
nodes’ topological relationship. To further identify bad
nodes from the potentially large number of suspiciously
bad nodes, the sink runs heuristic ranking algorithms.
PERFORMANCE EVALUATION
A. Objectives, Metrics, and Methodology
Our packet dropper/modifier identification scheme is implemented
in the ns-2 simulator (version 2.30) to evaluate
the effectiveness and efficiency of the proposed scheme. We
measure the performance of our scheme from two aspects: the
detection rate, defined as the ratio of successfully identified
bad nodes, and the false positive probability, defined as the
ratio of mis-accused innocent nodes over all innocent nodes.
We run simulations on a 400 £ 400m2 network with randomly
generated network topology. Unless otherwise stated,
we set the percentage of bad nodes to 10%, the network size
to 100 sensor nodes, the per-node packet reporting interval to
3 seconds, and the length of each round to 300 seconds. Also,
when a bad node decides to drop packet in a round, it drops
30% of the packets.
CONCLUSION
To address the problem of packet dropping and modification,
we proposed a simple yet effective scheme to identify
misbehaving forwarders that drop or modify packets. Extensive
analysis and simulations have been conducted and verified
the effectiveness of the proposed scheme in various scenarios.