Trust Based Routing In wireless sensor Network

Characteristics:Temporarily formedNodes act as routersInfrastructure-lessLimited resources wireless medium

Applications:Military battlefield

networks. Personal Area Networks Disaster and rescue

operation

About Sensor Network

Attacks on Wireless Networks

Passive attacksDo not change the routing informationListen to get valuable information

Active attacksUse its energy to manipulate the routing

information

Passive attack

passive attack "attempts to learn or make use of information from the system but does not affect system resources"

Traffic analysis

each message is encrypted because it is not important whether the data is

readable(understandable) to the attacker. Here, the adversary attempts to find patterns in the communication between two node, which might allow the adversary to derive certain assumptions based on these patterns.

Passive attack

Traffic analysis

Node Node

Attacker

Active Attack

Active attacks include security threats in which an node triesto manipulate code or data while it is transmitted between nodes. The most common examples of this kind of attack arealterations, in which an data is deleted or tampered with by an intruder .

Active Attacks

Modification: Malicious node can modify routing information

Fabrication: Generating false routing message

Impersonation: Initiate attack by masquerading as another

node

Active attack

CMalicious Node

A B

Existing Security Solutions

Intrusion preventionEncryption, authentication.

Nodes are required to have pre-shared keys or digital certificates.

Central trust authority or pre configuration is not practical for ad-hoc networks

Dynamic Source Routing (DSR) Protocol

On demand protocol: route information discovered only as needed.

Source routing: entire path to destination supplied by source in packet header.

Procedure: • Route discovery• Route maintenance• Routing

Route Discovery

.Route Request:

Source broadcasts Route Request message for specified destinationIntermediate node adds itself to path in message and forwards message toward destination

A B C D E

A A,B,CA,B A,B,C,D

Route Discovery

.

Route Reply:Destination unicasts Route Reply message to source

DSR route discovery method

B

FD

A

C

H

GE

Route Maintenance

Used when link breakage occursLink breakage may be detected using link-layer ACKs, “passive

ACKs”, DSR ACK request.

Route Error message sent to source of message being forwarded when

break detected.

Intermediate nodes “eavesdrop”, adjust cached routes .

Source deletes route; tries another if one cached, or issues new Route

Request.

A B C D E

ROUTE BROKEN C-D

DSR Based Model

Trust Based Routing

To compute the direct trust in a node. In doing so we measure the accuracy and sincerity of the immediate neighboring nodes by monitoring their participation in the packet forwarding.

As soon as it hears its immediate neighbour forwarding the packet, the node

checks the integrity of the packet by verifying it for requisite modifications. If the integrity check passes, it confirms that the node has acted in a benevolent manner and so its direct trust counter is incremented. Similarly, if the integrity check fails or the forwarding node does not transmit the packet, its corresponding direct trust measure is decremented.

Trust Calculation

To represent the direct trust in a node y by node x as T, andis given by the following equation:

Txy = W(PA) x PA + W(Pp) x Pp

• PA = represents the category Packet Acknowledgements that maintains a count of the number of packets that have been forwarded by a node.

• Pp= represents the category Packet Precision, which preserves a count of

the number of packets forwarded correctly.

• W reflects the weight or priority assigned to that category.

• PA is used to detect grey and black hole attacks, in which a node due to selfish or

malicious reasons dumps the received packets. • Pp is used to detect modification attacks carried out

by the forwarding nodes.

Trust Propagation

To propagate trust information beyond a single hop, piggyback the direct trust value of nodes along with the ROUTE REQUEST packets.

Before forwarding a ROUTE REQUEST packet, appends the direct trust value of the preceding node from which it had received the ROUTE REQUEST packet.

When the ROUTE REQUEST packet is propagated, it also spreads the trust information of other nodes in the network.

Trust Propagation

X

E

C

A

F

D

B

Y

Tax

Tcx

Tex

Tba, Tax

Tex,Tfe

Tcx,Tdc

References

1.TRUST-BASED ROUTING FOR AD-HOC WIRELESS NETWORKS , Asad Amir Pirzada., Amitava Datta, Chris McDonald School of Computer Science & Software Engineering, The University of Western Australia Crawley, WA 6009, Australia

2. An Intrusion Detection System for Wireless Sensor NetworksIlker Onat Ali Miri School of Information Technology and Engineering University of Ottawa, Canadae-mail: ionat@site.uottawa.ca, samiri@site.uottawa.ca

3. Intrusion Detection Techniques for Mobile Wireless Networks ,Yongguang Zhang ,HRL Laboratories LLC, Malibu, California Wenke Lee,College of Computing, Georgia Institute of TechnologyE-mail: wenke@cc.gatech.eduYi-An Huang,College of Computing, Georgia Institute of TechnologyE-mail: yian@cc.gatech.edu

Thank you