A lightweight algorithm for detecting mobile Sybil nodes in mobile wireless sensor networks☆
Introduction
Wireless sensor networks (WSN) consist of many tiny sensor nodes which cooperate with each other to monitor an area and have a wide variety of applications including battlefield monitoring, industrial applications, health applications and etc. WSNs are mostly used in environments where human attendance might be dangerous or costly. There are hundreds or thousands of sensor nodes deployed in an area when the mission is terminated. Therefore it is not often possible to recollect these sensor nodes. Sensors’ small size limits memory capacity, computational power, radio power and energy. Regarding these limitations and wireless nature of sensors, it is very important to provide them with a secure system (especially in military applications). This challenging field has recently attracted attention of many researchers [1].
Sybil is one of the most famous attacks that affect network layers [2]. In Sybil attack, the adversary adds a malicious node to the network or captures a legal (normal) node, reprograms it and then sends it back to the network. Once this malicious node joins the network, it begins to exhibit multiple identities, referred to as Sybil nodes, which might be either fabricated or stolen from legal nodes of the network. Showing multiple identities, the malicious node is able to make legitimate nodes believe that they have many neighbors. Consequently, the malicious node attracts more traffic to itself which disrupts the routing protocol and affects network operations such as data aggregation, voting, reputation evaluation, and fair resource allocation [3].
So far, many algorithms have been proposed against Sybil attack in static WSNs which employ different mechanisms such as random key pre-distribution, radio resource testing [4], Received Signal Strength Indicator (RSSI) [5], neighboring information [6], Time Difference Of Arrival (TDOA) [7], Angle Of Arrival (AOA) [8]. But none of them work for mobile wireless sensor networks (due to the nodes’ mobility).
Vasudeval and Sood [9] and Piro et al. [10] proposed an algorithm for detecting Sybil nodes in mobile ad hoc networks. Sharmila and Umamaheswari [11] proposed an algorithm for detecting Sybil nodes in mobile wireless sensor networks. They introduced a technique that comprises three phases. During the first phase, in cooperation with Base station and also regarding the number of dropped packets, some nodes will be chosen as cluster head (Trust nodes). Then, these nodes detect Sybil nodes according to received signal strength from member nodes. In the second phase, two nodes which are close to Sybil node send packets to it at the same time. As a result, collision occurs because all Sybil nodes belong to a single device. Finally, in the third phase, the routing procedure is checked to verify if there are any hops between the identities. If true, they are not Sybil nodes; otherwise, the identities are considered as Sybil. This algorithm consists of three complicated and heavy phases. Since nodes' mobility has not been considered during detection mechanism, it seems not to be suitable for sensor networks.
Our goal is to present a practical and light-weight algorithm for detecting mobile Sybil nodes in mobile wireless sensor networks which eliminates drawbacks of previous algorithms. Proposed algorithm is not based on RSSI, random key pre-distribution, radio resource testing, or AOA mechanisms.
In short, the contributions of this paper are as follows:
- •
Utilizing a few Watchdog Nodes (WNs) which monitor the network traffic passively as well as nodes' mobility to detect Sybil nodes.
- •
Assigning bitwise tags to mobile sensor nodes, using WNs, considering their movement behaviors.
- •
Detecting Sybil nodes in cooperation with WNs.
- •
Eliminating memory, computation, and communication overheads of sensor nodes for detecting Sybil nodes.
The rest of this paper is organized as follows: in Section 2, related works are reviewed. In Section 3, network assumptions and attack model are discussed. Section 4 introduces the proposed algorithm, while Section 5 presents the simulation results. The paper is concluded in Section 6.
Section snippets
Related works
Douceur [2] first introduced the Sybil attack problem in peer-to-peer distributed systems. Karlof and Wagner [3] proved that Sybil attack could affect routing protocols in WSNs.
Newsome et al. [4] analyzed Sybil attack systematically and presented its taxonomy based on how Sybil identities are created and Simultaneity of their indication (indicating them). They also proposed several methods to defend against Sybil attack, such as: Radio Resource Test (RRT), Code Attestation (CA), Random Key
Symbols
- •
bit_label: a bitwise label assigned to each mobile sensor node, by WNs, considering its movement behavior in the network environment.
- •
Wi: the Watchdog Node with identity i.
- •
moving_history: a table in the memory of WNs to temporary store the SNs' bit label.
- •
P: the number of monitoring rounds that are carried out by WNs (the number of iterations in first phase of the proposed algorithm).
- •
Ri: the ith round of monitoring phase of the proposed algorithm.
- •
request_list: a list containing a set of node
Proposed algorithm
As mentioned before, there are two types of sensor nodes, SNs which are ordinary nodes and do the typical operations of the network and WNs that are supposed to be responsible for detecting Sybil nodes. In fact, the proposed algorithm would be implemented on WNs. The main idea of this algorithm takes advantage of the nodes' mobility. As all Sybil nodes belong to a single device (malicious node), they move together, therefore all of them would be neighbor of a WN at the same time. The proposed
Performance evaluation and simulation results
In this section, we first evaluate the overhead of the proposed algorithm in terms of memory, communication and computation. Then we simulate our proposed algorithm and evaluate its performance through experiments.
Summary
The experiments show that:
- •
Decreasing the value of threshold Ts increases both false and true detection rates at the beginning, but after about P = 100 rounds in the monitoring phase, value of false detection rate decreases to 0%.
- •
Increasing the number of propagated identities by each Sybil node, increases the value of true detection rate while it does not affect false detection rate.
- •
Increasing the number of malicious nodes in the network increases the value of false detection rate while it has no
Conclusion
In this paper, we proposed a new efficient light-weight algorithm for detecting mobile Sybil nodes in mobile wireless sensor networks. The proposed algorithm is based on nodes' mobility in the area, and does not use mechanisms like pinpointing, RSSI, etc. to detect Sybil nodes. The proposed algorithm consists of two phases: monitoring phase and detection phase, which are both performed by WNs.
In the first phase, Watchdog Nodes keep track of nodes' movement during different periods (P rounds)
Mojtaba Jamshidi received the B.S. degree in Computer Engineering from the Academic Center of Education, Kermanshah, Iran, in 2009, and M.S. degree in Computer Engineering from Islamic Azad University, Qazvin, Iran, in 2012. His research interests include computer networks, learning systems, security, data mining, and recommender systems.
References (26)
- et al.
Wireless sensor network survey
Comput Netw
(2008) - et al.
Detecting Sybil attacks in wireless sensor networks using neighboring information
Comput Netw
(2009) The Sybil attack
- et al.
Secure routing in wireless sensor networks: attacks and countermeasures
AdHoc Netw
(2003) - et al.
The Sybil attack in sensor networks: analysis and defenses
- et al.
An RSSI-based scheme for Sybil attack detection in wireless sensor networks
- et al.
TDOA-based Sybil attack detection scheme for wireless sensor
J Shanghai Univ
(2008) - et al.
AOA based trust evaluation scheme for Sybil attack detection in WSN
J Appl Res Comput
(2010) - et al.
Sybil attack on lowest ID clustering algorithm in the mobile ad hoc network
Int J Netw Secur Appl
(2012) - et al.
Detecting the Sybil attack in mobile ad hoc networks
Detection of Sybil attack in mobile wireless sensor networks
Int J Eng Sci Adv Technol
Privacy-preserving location based services for mobile users in wireless networks
A security routing mechanism against Sybil attack for wireless sensor networks
Cited by (0)
Mojtaba Jamshidi received the B.S. degree in Computer Engineering from the Academic Center of Education, Kermanshah, Iran, in 2009, and M.S. degree in Computer Engineering from Islamic Azad University, Qazvin, Iran, in 2012. His research interests include computer networks, learning systems, security, data mining, and recommender systems.
Ehsan Zangeneh received the B.S. degree in Computer Engineering from the Academic Center of Education, Kermanshah, Iran, in 2014. His research interests include computer networks, algorithms, and security.
Mehdi Esnaashari received the B.S., M.S. and Ph.D. degrees in Computer Engineering all from the Amirkabir University of Technology in Iran, in 2002, 2005, and 2011 respectively. Currently, he is an Assistant Professor in Cyberspace Research Institute, Tehran, Iran. His research interests include computer networks, learning systems and soft computing.
M.R. Meybodi received the B.S. and M.S. degrees in Economics from the Shahid Beheshti University in Iran, in 1973 and 1977, respectively. He also received the M.S. and Ph.D. degrees from the Oklahoma University, USA, in 1980 and 1983, respectively, in Computer Science. Currently he is a Full Professor in Computer Engineering Department, Amirkabir University of Technology, Tehran, Iran. His research interests include, channel management in cellular networks, learning systems, parallel algorithms, soft computing and software development.
- ☆
Reviews processed and recommended for publication to the Editor-in-Chief by Guest Editor Dr. R. Varatharajan.