Security and Energy Considerations Routing Hierarchical ...dkundur/pub_pdfs/OkoMarKunMASS06.pdfby nodes themselves, based on some cost function such as minimum energy, order of received

Security and Energy Considerations for Routing in

Hierarchical Optical Sensor Networks

Unoma Ndili Okorafor, Kyle Marshall and Deepa KundurDepartment of Electrical & Computer Engineering

Texas A & M University, College Station, Texas 77843-3124Email: {unondili, deepa} @ece.tamu.edu

Abstract- In this paper we evaluate the energy and securityconsideration for a security-aware routing protocol proposed foruni-directional, hierarchical optical sensor network. We bootstrapthe unconstrained resources of the base station to design GORA,a greedy optimized routing algorithm, in which the base stationis responsible for network route optimization and updates. Thispaper extends our recent work on OPSENET, a novel andefficient protocol that facilitates secure routing in directionaloptical sensor networks. We evaluate security and energy metricsfor our scheme proposed scheme. Analysis and simulation resultsare used to show the performance of our algorithm, comparedwith other hierarchical bi-directional clustering routing schemes.

I. INTRODUCTION

Uni-directional optical wireless sensor networks (OSNs)that communicate using free space optics (FSO) with a di-rected sector of communication are of recent gaining morevisibility due the the advantages that FSO yields over tradi-tional omni-directional RF based techniques [1]-[4]. Notably,directional communication greatly improves communicationefficiency and transmission energy of nodes, and yields se-curity benefits in the routing and physical layers, therebyresulting in a highly desirable improvement to the lifetime andreliability of the sensor network. Additionally, OSNs realizeultra-high bandwidths which can benefit real-time multimediaand visual sensor network applications [5].

Directional communication has distinct characteristics andeffects on security and routing in the network layer thatwarrant novel analysis and solutions. Efficient route setupin a purely uni-directional OSN requires that optimal (backchannel) reverse routes for each forward link in the network bediscovered. The random deployment of nodes (node positionsand orientations are not known a priori), makes secure networkdiscovery in OSNs challenging. In this paper, we consider thesecurity and energy benefits of directional hierarchical cluster-ing, which is inherent in our network model of the OSNs. Wecompare the performance of the OSN to conventional clusteredsensor networks, in terms of security and energy.

A. Related Work

Traditionally, routing decisions in sensor networks are madeby nodes themselves, based on some cost function suchas minimum energy, order of received routing beacon [10],received signal strength, geographic distance [6] etc. Thisapproach implicitly assumes the bi-directionality of network

links in which reverse paths are used to build a minimumspanning routing tree, rooted at the base station. For example,in tinyOS routing [7] the base station floods beacons whichyield reverse paths back to the base station. A node that hearsthe beacon marks the base station as its parent, and recursivelyrebroadcast the beacon. Nodes who do not have a parent node,and receive the beacon mark the sender as its parent. Data isrouted to the base station when each node forwards its datato its parent. Many other routing schemes in sensor networkssuch as Directed Diffusion [8], Dynamic Source Routing [9],Minimum Cost Forwarding [10], and Geographic routing [6]also employ a similar reverse path approach. In an OSN, allnetwork links are uni-directional, and reverse path routingcannot be leveraged.

Because of lack of bi-directionality, a node cannot discoverother nodes in the network who can 'hear' or receive packetsfrom it using simple passive or active listening. Without bi-directionality, link layer acknowledgements is also non-trivial.One approach to route discovery in this scenario involves usingcircuit paths [11], in which a node floods routing beaconswhich travel through circuits rooted at the node, gatheringroute data as it traverses the circuit. Once a given node'sbeacon returns, the node can tell from the sequence of nodeIDs, who can hear him. This technique of abstracting bi-directionality using the underlying unidirectional circuits isknown as tunneling [12]. In [13], Ernst and Dabbous discusscircuit discovery, validation, integration and deletion of links.Huang et al. [11] present algorithms for a single circuit dis-covery to each destination, based on distance vector RoutingInformation Protocol, in which each node stores a FROM andTO table. Lou and Wu [14] extend this idea by storing a circuitto a given destination through each outgoing link.

B. Summary of Our ContributionIn this paper, we present a secure and efficient network

discovery and routing scheme, under a hierarchical directionalOSN model, in which some nodes in the network act as clusterhead nodes. Cluster heads have a low-energy bi-directionallink with the base station using passive optical communication.They are ordinary nodes which by virtue of their orientation(based on how they fall after random deployment), have bi-directional line-of-sight with the base station, and therefore actas gateways to the network. All other nodes in the networkseek to discover and route data to the cluster heads (uplink).

1-4244-0507-6/06/$20.00 ©2006 IEEE 888

Authorized licensed use limited to: Texas A M University. Downloaded on December 23, 2008 at 03:11 from IEEE Xplore. Restrictions apply.

The base station also seeks to discover and route data to allnodes via cluster heads (downlink). Routing between nodes inthe network employs active optical communication (lasers orLEDs), while cluster heads and the base station use passivecommunication [3].We propose a novel secure routing philosophy which heav-

ily leverages hierarchy and the all-powerful base station,by further pushing complexity and processing to the basestation. In essence, we trade-off the inherent and unavoidableoverhead of uni-directional routing with less processing at thenodes, to yield energy savings in the network. Furthermore,we exploit the directionality of links and the trusted basestation to achieve tight security for route setup. The noveltyof our work lies in exploiting network hierarchy and thebase station's unconstrained resources to achieve efficient andsecure network discovery and routing.Our scheme entails centralized network discovery and op-

timized routing decisions handled by the base station asfollows: The base station floods secure routing beacons intothe network via the various gateways (i.e. cluster heads), whichare uniformly distributed through the network. The beaconsact as agents that traverse the network, gathering routing dataas they propagate. Beacons are terminated when they reacha cluster head, which then forwards them back to the basestation. The base station can authenticate returned beacons aswell as per hop node information on the path (or base stationcircuit), using shared keys with the nodes, pre-deployed keyingand one way key chains. Data gathered from the returnedbeacons is used to construct the optimized network topology,and hence, efficient uplink and down-link paths for each node.

In our recent work [15], [16], heuristics and algorithmsfor secure and efficient network discovery in the OSN weredeveloped. Specifically, we developed OPSENET, a novelsecure cluster-based routing protocol for base station circuit(BS-circuit) discovery. In this paper, we extend our work toconsider security and energy issues for an efficient GreedyOptimization Routing Algorithm (GORA), anchored at thebase station. GORA is fast, efficient and greedy, yieldingsub-optimal (locally optimal) routing paths which we affirmis sufficient for our routing purposes, versus the complexityof globally optimal schemes. Our algorithm is similar toDijkstra's [17] and other shortest path routing algorithms, withadditional optimization constraints, namely; the routing treeoriginates and terminates at a given subset of nodes (the clusterheads), and traverse every network link once only.

The rest of our paper is organized as follows: In Section 2,we present preliminaries and network setup. Section 3 presentsa review of the OPSENET routing protocol [15], while Section4 details GORA. We present security and energy analysis inSection 5, and concluding remarks in Section 6.

II. PRELIMINARIES, NETWORK SETUP AND ASSUMPTIONSA. OSN Network Setup Preliminaries

Consider an OSN in which all nodes are equipped with anoptical trans-receiver consisting of photo-detectors and a semi-conductor laser with a given maximum communication range

Si~~~~~~S

0-comIIUII cat 01

(a)

Sb (b)

Fig. 1. Node Sj can only hear node Si if it falls into S'scommunication section. However Sj talks to Si via the back channelSj -+ S -+~Sb -+ S, S,.

'rmax chosen to verify network connectivity constraints [1],[16]. Let {S, } be the set of n nodes placed in a given area

according to a uniform distribution - U[O, 11]2 , and indexedasS~:i: t' = 1,2,... n. Let I(.) be an information assignmentfunction on {S}, where I is a positive real valued mappingfrom {S, } to the 3I-tuple as:

X= (Xl,X2, .xn)andy =(Yl, Y2,..-Yn) representthex-yposition coordinates of {Sn}, such that xi, yi -'- U(O, 1]. Theorientation vector (9 =(ei, (92,.. 9- ) is obtained as (9,U(O,~2w] Vi'. I(Sn) is known as the Information on {Sn}.Each node 5i can orient its transmitting laser within a

contiguous angular scanning region 2' +8 < D < +e8i2w22 .

Following the model in [1], [2] and as depicted in figure 1(a),this means that each node Si can send data over a randomlyoriented communication sector (D of a degrees, for a fixedangle a e [0, 2w]. The case with a= 2w represents bi-directional communication. The receiving photo-detector isomni-directional and thus receives data from any direction.This means that node 5i may directly talk to Sf(Si -it S) if(xi,yj i s( ci;however, Sj can only talk to Si via a multi-hopback-channel or reverse route, with other nodes in the networkacting as routers along the path (unless (xi, yj) e Dj.). In figure1(b) this reverse route is: Si. ` a Sb Sc

B. OSN Hierarchical Network with Cluster Heads

In addition to optical trans-receivers, all nodes are alsoequipped with corner cube retroreflectors (CCR) [4]. A CCRis a simple optical device that reflects incident light back tosource, and when used to modulate an interrogating beamfrom the base station yields huge energy savings comparedto an active laser. This mode of communication is passiveand bi-directional between a node and the base station, andis especially attractive because all the optical energy forcommunication is supplied by the base station, with negligibleenergy used for the modulating circuitry of the CCR on thenode. CCRs are good for OSN nodes due to their small size,ease of operation and negligible power consumption.

889


After random deployment, a fraction of nodes {CH} calledcluster heads, are oriented such that they have a communi-cation line-of-sight path with the base station, and can thusemploy their CCRs to exploit the advantages of passive bi-directional communication with the base station [2]. Let PCHbe the probability that a node is a cluster head. Assume thereare m _nPCH cluster heads in the network, we designate anynode S, which is a cluster head, as CHj, forj 1, m.The set of cluster heads {CH} depends on node orientation(which is uniformly random), and the base station's location,so that cluster heads are uniformly distributed in the network.

Cluster heads forward/receive data to/from the base stationwithout adversely depleting their energy resources. This leadsnaturally to a hierarchical structure in which nodes route datato the upwards 'closest' cluster head for onward forwardingto the base station (uplink), or receive data or broadcasts fromthe base station (down-link) via another downwards closestcluster head. This hierarchical architecture is tied to currentlyexisting FSO and CCR technology, and has been studied,under Berkeley's Smart Dust Program [2].

C. Graph Theoretic Preliminaries

The OSN yields an underlying directed graph structureGn = (Sn, E: 9,) rmax) which has been identified by Diaz etal [1] as a random directed sector graph. The directed graphconsists of a vertex node set Sn and edge set S, where everyedge is an ordered pair of distinct nodes. S is representedas the n x n adjacency matrix of Gn with one row and onecolumn for every node in the network, where:

1I if (xj,yj) C (D.0 otherwise

indicates that there is (or not), an edge Si -> Sj. S(i, i) =0 disallows self loops, and directionality implies S(i, j) #tS(j, i) necessarily, Vi,j. Cardinality SEF = ZiSE(i,j) isthe total number of edges in G(.

Let Si's forward neighborhood denoted FNeb(Si) be theset of nodes {Sk } that Si can talk to, i.e. Si -> {Sk }. Formally,FNeb(S,) = {Sk },Vk S(i,k) = 1. Nodes in FNeb(Si) arecalled Si's successors, and the cardinality, IFNeb(Sj)l alsodenoted as S+, is equivalent to Sis out degree. Similarly, Si'spredecessors are nodes in its backward neighborhood definedas BNeb(Si) = {Sh},Vh Sh ` Si. IBNeb(Sj)l denotedS,- is equivalent to Sis in degree. The sum along the jth rowof S is the out-degree of node Si while S,- is the sum alongthe jth column of S. A path from node S, to Sk in G, isa sequence of nodes [Si ... Sk] such that (Si, Si+±) (denotedSi - Si+,) is an edge for i C [1 k -1]. A circuit is a closedpath, which means that it starts and ends at the same vertex.We define a BS-circuit as a circuit which starts and ends at thebase station. Note that a BS-circuit must pass through eitherone or two (different) cluster heads.

D. Network Assumptions and Threat Model

We make the following assumptions on our network entities:

1) All network nodes are homogeneous, possessing thesame capabilities and resources. Each node is equippedwith beam steering circuitry, and knows its geographicallocation [1]. At initialization every node is good.

2) The base station is part of the trusted infrastructure thatmay not be compromised, and is resource rich.

3) At the least, an attacker may launch an outsider attackby deploying alien nodes in the network. This includeseavesdropping on network communication, injectingfalse data, and replaying previously overheard packets.

4) Nodes are not tamper resistant, so an attacker maysubvert a random subset of nodes. A subverted nodereveals its code, keys and security primitives to theattacker, making it possible for an attacker to controlthe node in an arbitrary way.

5) A judicious attacker may act in smart ways designed tomaximally disrupt network activities. For example, anattacker may cause more damage by targeting clusterheads or highly connected nodes who are in the path ofseveral BS-circuits.

III. REVIEW OF OPSENET RoUTING PROTOCOLOPSENET is a security aware optimized BS-circuit (up-

link/down-link) discovery algorithm that assures nodes of theorigin and integrity of routing signals. A summary of the fivestages of OPSENET are:

. Initialization and key setup: Base Station pre-generates andstores a one-way key chain [18], where F is a publicly knownforward one way function, Kn is an initial random bit stringand K' is the commitment to the key chain. Si is pre-deployedwith: an individual key Ki shared with the base station, acounter Ci initialized to a random value (known to the basestation), and the commitment Kl. Base station scans networkto discover authentic cluster heads and floods routing beaconscalled cluster discovery packets (CDPs) to network via {CH}.

. Flooding Routing Beacons (CDPs): When a node Si receivesa CDP it has not previously processed, it increments the CDPsHops Traversed (HT)field by one, appends its information I(Si)in the CDP packet's payload, and rebroadcast the updated CDPto its successors FNeib(Si), else it drops CDP.

. Terminating Routing Beacons: CDP routes are terminatedwhen the CDP expires (i.e., length ofpath > predefined constant6, or it reaches an (exit) cluster head who completes the BS-circuit by forwarding the CDP back to the base station.

. Base Station Network Topology Construction: Given I(Srt)extracted from all returned CDPs, the base station constructsapproximate graph topology and performs route optimizations.

* Multicasting Routing Information Packets (RIPs): The basestation constructs and multicasts secure RIPs which containindividually secured information on the locally optimal next-hop uplink and downlink path for each node. Returned RIPsthrough uplink paths act as acknowledgement packets to helpdetect and prevent black hole and denial of service attacks.

A. Node processing of the CDPThe CDP, illustrated in figure 2 consists of a

160-bit header and a variable payload. A new CDP[HT = OiK2 E(Ki(nonce))1[.1 has an empty payload. Uponreceiving a CDP from a cluster head, node Si processes theCDP as shown in the Table below.

890

S(i, j)l<i,j<n


Format of a CDP packet passing through nodes 1 to p

BS revealed nextkey in key chain X

Encrypted Nonceand node's counter

Entry CH information Exit CH information

COI osTaesd Suc nrpe oc il Nodes sequentially append their information:C ops raverse Source Encrypted nonce fieldIDoretin,lcin,adM C fthrField is incremented by authentication used for freshness. ID orientation location and MAC of their

one for each receiving field information as they process each COPnode

CDP Header - 20 bits CDP Payload - variable

Fig. 2. Illustrating the format of a CDP; The first Hops Traversed(HT) field counts the number of hops made by the CDP, used to expirea packet and prevent excessively long paths. The second field is forbroadcast authentication. Encrypted nonce field is for data freshness,and provides per hop node authentication with each node's counterXOR'ed to the nonce. The payload successively stores the MAC ofinformation of nodes that process the CDP, to prevent routing loops,sinkhole or identity replication attacks.

1. Verify: F(K ) Kl, HT < d; Si has not processed CDP.If 1. verifies

Decrypt: D(K1, M.Nonce)Update: New M.Nonce = Old M.Nonce C1Encrypt: E(K1, M.Nonce)Increment: HT = HT + 1;Sign: [Si .authenticate] = MAC(Ki, M.Nonce I(Si))Append: I(Sj) and [Si.authenticate] to CDP packet.Rebroadcast: CDP -) FNeb(Si) (CDP -) BS if Si* C {CH})

Each node verifies the CDP originated from the base stationusing Kl, and increments HT by one. Nodes decrypt, updatethe nonce by 'XORing' their counters to the nonce, and re-encrypt, resulting in a modified nonce M.nonce. XOR functionis chosen as it does not expand the bit size of the field. Weassume 64-bit keys, nonce and counters, and a 32-bit HT field.To avoid routing loops, each node first examines a receivedCDP's payload to ensure that it's information is not in thepayload (i.e., it has not previously processed this CDP fromthe same route of predecessors). Excessively long routingpaths are avoided by terminating CDPs whose HT > 6, apre-defined constant. If both conditions above are false, thenode appends an individually signed message authenticationcode (MAC) of its ID, Information I(Si) and M.nonce to theCDP's payload, and re-broadcasts. If the node is a cluster head,routing is terminated and the CDP returned to the base station.p is the number of appended sections in the CDP's payload.

B. Base Station Processing

The base station, with its unconstrained memory, energyand processing power, has the task of constructing the networktopology, optimizing and communicating routing decisions tonodes. Each returned CDP reveals a BS-circuit, from which Sis populated. Base station processes received CDPs as follows:

1. Verify HT = p; number of appended sections in CDP payload2. if (1): Vp sections C CDP payload, identify & verifyMAC of the nodes S1 ... Sp.

3. if (2): Verify encrypted nonce by: D(K1, M.Nonce)Nonce _ M.Nonce D Ci ( C2 @ ...* Cp

4. if (3): Extract I(S) ... I(Sp) into base station routing tableElse:Discarded CDP & initiate intrusion detection for the BS-circuit.

IV. GORA: GREEDY OPTIMIZED ROUTING ALGORITHM

The aim of optimized routing in the OSN is to find theglobally optimal uplink and downlink path for each nodeto/from the base station (from the maze of possible paths), withrespect to some cost function. Unfortunately, global networkroute optimization is known to be NP-complete [20], there-fore, we propose a simple distributed greedy approximationheuristic called GORA (Greedy Optimization Routing Algo-rithm) which quickly determines a locally optimized routinggraph for G,. GORA is anchored at the base station. Weemploy a minimum cost network flow model [20], with anintegrated security and energy cost function. Each edge Sijis associated with a cost Cij given as CU rj for uplink,and CD Dri for downlink, where Dij Xc d(i,j)2 is thetransmission energy/bit expended on link Si -> Sj (knownfor FSO communication [3]), and Fi = S+ or Fj = S,represents the trust factor (security confidence) of Si foruplink or downlink respectively. Cij trades off energy efficientroutes versus security gains, and formalizes the idea that ahighly connected node poses a higher security risk, since ifcompromised, several dependent BS-circuits are undermined.GORA optimizes uplink and downlink routing paths for

each node [16] by obeying the rules: (1) Uplink: St V Si CG = 1 exactly. (2) Downlink: S, V Si C Gn 1 exactly.(3) Each link is traversed once only for any routing event. Thepseudo-code for GORA uplink paths is detailed below

Input <- S, D, C, ChildInitialize Child[i] = NULL, for every node i

Set C[i] = 0, for i f {CH}; C[i] = oc, for i C {CH}StateO {CH}

while(StateX != NULL SET)for int i=O to StateX.count

FNEB(StateX[i] = j for which S(i, j) = 1;for (int j = 0; j <FNEB(StateX[i].count; j++)StateX+l.add ( FNEB (StateX[i]) [j])

if (C[StateX[i]] + D[StateX[i], FNEB(StateX[i])[i]]< C[FNEB(StateX[i])t]]);

C[FNEB(StateX[i])ti]] = C[StateX[i]]+ D[StateX[i], FNEB(StateX[i])t]];

Child[FNEB(StateX[i])[U]] = StateX[i];end if;

Starting with each cluster head, for incoming uplinks,GORA compares the cumulative cost for each node to reachthe set {CH}, and assigns the uplink with the minimum

down-link procedure is similar, except the transpose of S and input vectorParent (instead of Child) is used.

891


cost to each node. The optimal next hop link for every nodeis stored in the vector Child[n]. After GORA executes, thebase station constructs and multicasts individually secure routeinformation packets (RIP) to all nodes containing the ID andinformation of their next uplink and downlink hop, via theappropriate entry cluster heads.

A. Power and Topology Control at the NodesGiven ID and location of the optimal uplink and down-

link next hop for Si, denoted [Child[i], (Xchild[i], YChild[i)]),and [Parent[i], (XParent[i].YParent[i])] respectively, Si ini-tiates power and topology control by fixing its laser tothe appropriate orientation (depending on broadcasting orgathering) and adjusting its transmitter power level rela-tive to Child[i] or Parentt[i]. For example, with uplinkgathering, Si orients its laser to (9i = arctan(XChild[i] -

Xi/YChild[i]- yi), and adjusts its transmitter power such thatri = max[d(Si, Child[i]), d(Si, Parcnt[i])].

V. ANALYSIS AND SIMULATIONS

A. Complexity Analysis for Network DiscoveryTheorem 1: Network discovery routing for hierarchical

OSN is O(mrn Flog n] -m2 Flog n]) in message complexity,and O(5) in time complexity.Proof: Each of the m cluster heads receives a CDP packetto broadcast down link. The n- m nodes (including en-try but excluding exit cluster heads) have an out-degree ofO([logn]) [1]. Consider m spanning trees, each rooted atevery cluster head. Every tree contains O((r -m) [log n])edges, so that number of broadcast messages required to dis-cover the network topology is O(mn [log n] -m2 log n] ) -

O(mnrlogn]) for m << n. Since all CDPs are terminatedafter d hops, time complexity is limited by this constant.

B. Security ConsiderationsWe enumerate the security properties of our scheme as:

* A judicious attacker may not elect himself cluster head forthe purpose of denial of service or other malicious attacks, ascluster heads are not self-elected. The only way this may occuris if the malicious node is capability-enhanced in a way that heobtains a line-of-sight path to the base station irrespective of itsorientation or the base stations' location. We do not considerthis attack here, since we assume all nodes are homogeneous.* Directionality may be leveraged to counter attacks based ontraffic pattern analysis. Unlike conventional clustering basedon geographical Euclidean radius from a cluster head, OSNclustering does not reveal the position or direction of a clusterhead, unless each link is followed to a cluster head.* Our cost function which integrates an energy and trust factorconsideration mitigates attacks that target highly connectednodes in the hope of placing the attacker in several paths.* Individual keys ki are used in each nodes MAC to provideper hop (node) authentication to the base station. IndividualMAC on a nodes' data also prevents a malicious node fromarbitrarily inserting false IDs in the CDP to lengthen routes,as he cannot manufacture an authentic individual key.

* Due to cumulatively changing the counter (employing XORfunction), routing messages may not be arbitrarily altered.Because nodes decrypt, add their counter and re-encrypt thenonce, if a malicious node deletes a previous entry into theCDP, computation on the final nonce will not verify at the BS.* Alien nodes may not participate in route establishment sinceonly authentic nodes know K' used to decrypt the nonce, andtheir individual keys used for MAC.* Since only the base station knows future keys e.g., K2prior to network discovery, and a unique nonce used toauthenticate routing signals, it is difficult for another entityto spoof, fabricate or initiate routing signals. Even though K2is revealed in the CDP in the clear, it does not lead to sinkholeattacks due one way paths for link directionality. Wormholeattacks to confuse base stations topology construction andGORA are concievable, however position information insertedinto the CDP by each node helps mitigate this threat. In addi-tion, wormhole attacks require enhanced-capability maliciousnodes, which we do not address in this paper.* A subverted node is restricted only to denial of service(blackhole) attacks, which is the best that can be hoped for.

C. Energy Considerations

We consider energy required for uplink data gathering, asit is similar for downlink broadcasting. Assume fixed packetsize p-bits and Ep is transmission energy/p-bits/unit distance(receiver energy for FSO is negligible). Consider two sensormonitoring possibilities:(1) Continuous Monitoring: All nodes constantly sense androute their data to the base station, e.g., habitat monitoring.Number of packets sent by node Si is Di + 1 where Di is thenumber of descendants of Si. Total network routing energy isgiven by EN = ViCG Ep.(Di + l).Di,Child[i](2) Leaf-Node Monitoring: Data is sampled only by the leafnodes who forward data to the base station (similar to reverseflooding). In this case: EN = ZViCG, Ep. * Di,Child[i].

Simulations: All simulations are done on OPSENET soft-ware designed for testing OSN routing algorithms [19]. Oursimulation use n = 500 nodes, rmaX(i) 1.2 lo anda = 27/9 (unless stated otherwise), in a square region of unitarea. In our simulations, we compare the OSN hierarchicaldirectional clustering with conventional bi-directional 1-hopclustering (all nodes are one hop from the clusterhead), andmulti-hop clustering (nodes employ multihop routing withinclusters using same r). We have assumed the same networksetup (i.e., same G, and given set of clusterhead nodes {CH})for all simulations scenarios. Figure 3 shows energy versusnode density graphs for (b)leaf-node, and (c) continuous mon-itoring. We see that in all cases, increasing node density doesnot significantly impact the energy dissipated in the network,since routing distances (and energy) oc 1 /n. Also, as would beexpected, multi-hop clustering outperforms 1-hop clustering,and both clustering techniques in a bi-directional networkoutperforms directional hierarchical clustering. Figure 4(a) and(b) comparing energy versus PCH show that increasing the

892


Fig. 3. (a) Plotting the percentage of outlier nodes versus the number of nodes in the network reveals that connectivity improves with network density andPCH- (b-c) Comparing routing energy versus node density for (a) leaf-node and (b) continuous monitoring versus conventional bi-directional clustering. Bothgraphs show that node density does not impact total network routing energy, and conventional bi-directional clustering out-performs uni-directional clustering.

Fig.24.5Routing energy versus probability of cluster heads in the network for (a)leaf node monitoring and (b) continuousmonitorin5g.

35-

10 00 2105 0 2 3 05 0 4 50 00- 1 05 0 2 0 3 4 05 0

P,.b.blity Of I-Ut,, head(PCH) P,.b.blity Of I-Ut,, head (PCH)

Fig. 4. Routing energy versus probability of cluster heads in the network for (a)leaf-node monitoring and (b) continuous monitoring.

number of cluster heads in the network significantly improvesnetwork routing energy in all scenarios.

VI. CONCLUSIONSIn this paper, we presented energy and security considera-

tions for network discovery and optimized routing protocol forOSNs. Our analysis and simulations show the performance ofproposed algorithms in terms of energy and security.

REFERENCES

[1] J. Diaz, J. Petit, and M. Serna, A random graph model for opticalnetworks of sensors, In IEEE Transactions on Mobile Computing, vol.2, no. 3, pp. 186196, July- September 2003.

[2] J. M. Kahn, R. H. Katz, and K. S. J. Pister. Next century challenges:Mobile networking for smart dust. In Proc. ACM/IEEE Int. Conf. onMobile Computing and Networking, Washington, Aug 1999, pp. 271278.

[3] J. Hill, R. Szewczyk, A. Woo, S. Holler, D. Culler and K. Pister.System architecture directions for networked sensors. Proceedings of theninth international conference on Architectural supportfor programminglanguages and operating systems, pages 93-104, 2000.

[4] S. Teramoto and T. Ohtsuki. Optical wireless sensor network systemusing corner cube retroreflectors. EURASIP Journal of Applied SignalProcessing 1, 39-44. (Mar. 2005).

[5] W. Luh and D. Kundur, Distributed Privacy for Visual Sensor Networksvia Markov Shares, Proc. 2nd IEEE Workshop on Dependability andSecurity in Sensor Networks and Systems, Maryland, April 2006.

[6] Brad Karp and H. T. Kung, GPSR: greedy perimeter stateless routingfor wireless networks, MobiCom '00: Proceedings of the 6th annualinternational conference on Mobile computing and networking, Boston,Massachusetts, United States, pp 243-254, 2000.

[7] C. Alvarez, J. Diaz, J. Petit, J. Rolim and M. Serna. Efficient andreliable high level communication in randomly deployed wireless sensornetworks MOBIWAC-2004.

[8] C. Intanagonwiwat, R. Govindan and D. Estrin. Directed diffusion: Ascalable and robust communication paradigm for sensor networks. Proc.of the Sixth Annual Int. Conf on Mobile Compt and Networking, 2000.

[9] D. B. Johnson and D. A. Maltz. Dynamic source routing in ad hocwireless networks. In Imielinski and Korth, editors, Mobile Computing,volume 353. Kluwer Academic Publishers, 1996.

[10] F. Ye, A. Chen, S. Lu, and L. Zhang. A scalable solution to minimumcost forwarding in large sensornetworks. Proc of Tenth InternationalConf on Computer Comm. and Networks, pp 304-309, 2001.

[11] H. Huang, G.H. Chen, F.C.M. Lau and L. Xie, A Distance-VectorRouting Protocol for Networks with Unidirectional Links, ComputerCommunications, Vol. 23, No. 4, 2000

[12] S. Nesargi and R. Prakash, A tunneling approach to routing with unidi-rectional links in mobile ad-hoc networks, In Proc. Ninth InternationalConf. on Computer Comm. and Networks., pp 522-7, NJ, USA, 2000.

[13] W. Dabbous, E. Duros, and T. Ernst, Dynamic routing in networks withunidirectional links, WOSBIS97, Budapest, Hungary Oct 1997.

[14] W. Lou and J. Wu, A multi-path routing protocol for unidirectionalnetworks, in Proc. of 2001 International Conference on Parallel andDistributed Processing Techniques and Applications (PDPTA2001), pp.2021 2027.

[15] U. Ndili Okorafor and D. Kundur. OPSENET: A Security EnabledRouting Scheme for a System of Optical Sensor Networks Proc.International Conference on Broadband Communications, Networks,and Systems (BROADNETS), San Jose, California, Oct 2006.

[16] U. Okorafor and D. Kundur, Efficient Routing Protocols for a Free SpaceOptical Sensor Network, In Proc. IEEE Int. Conference on Mobile AdHoc and Sensor Systems, Washington, D.C., November 2005.

[17] Dijkstra's algorithm, http://en.wikipedia.org/wiki/Dijkstra 's algorithm[18] H. Chan and A. Perrig Security and Privacy in Sensor Networks In

IEEE Computer Magazine, October 2003.[19] OP SENET: Optical Sensor Network Simulator, http://opsenet.tamu.edu.[20] R. K. Ahuja, T. L. Magnanti, J. B. Orlin Network Flows: Theory,

Algorithms, and Applications Prentice Hall 1993

893


Documents

Security and Energy Considerations Routing Hierarchical ...dkundur/pub_pdfs/OkoMarKunMASS06.pdfby nodes themselves, based on some cost function such as minimum energy, order of received