2016 5th International Conference on Informatics, Electronics and Vision (ICIEV)
813
A Unique Framework to integrate Secured BAN and Could Computing to Monitor Patient Mohammed Aseeri1, Muhammad R Ahmed2, Syed Nazmus Sakib3, M Shamim Kaisert4, King Abdul-Aziz City for Science and Technology, Riyadh, Saudi Arabia King Abdulaziz University, Faculty of Engineering, Electrical and Computing Dept., Jeddah, Saudi Arabia Military Institute of Science & Technology, Dhaka-1212, Bangladesh Institute of Information Technology, Jahangirnagar University, Dhaka-1342, Bangladesh Email:
[email protected],
[email protected],
[email protected],
[email protected]
Abstract—Body Area Networks (BAN) is a special purpose Wireless Sensor Network (WSN) which is designed for patient monitoring. BAN requires to transmit the monitored data to the medical personals as quick as possible in real time. It is possible to make it web based. The integration of the BAN and cloud computing allows the sensors to transmit their data in a short time and show it in the web application. The technology is low cost as it is distributed and shared system. Even though the system will work in real time with integration but there is a concern to get the secure data from the sensor. So to get the real time secured data an efficient security mechanism is necessary. It is a challenge to secure the network from malicious or internal attacks. To mitigate tis problem several work is been proposed but most of it based on the cryptography or based on predefined tanning data. Which has drawbacks, as it is a challenging task for any dynamic networks to find the internal attacks without fixed infrastructure such as BAN. In this paper we proposed the integration of BAN and cloud computing using content-based publish/subscribe (pub/sub) broker model and security mechanisms for BAN based on entropy. The simulation result shows the evaluation. Keywords- Body Area Network (BAN), Cloud computing, publish/subscribe broker model, Security, internal attacks.
I.
INTRODUCTION
The current development in Information and Communications Technology (ICT) has empowered the medical sector steps ahead. This advancement let us monitor the patient not only at the hospital but also at home with smart autonomous sensors [1] by utilizing the Body Area Network. It is consists of numerous tiny sensors which collet the data from the patient and send it to the sink node. Recently, this technology is widely used to monitor the patient remotely. The application of this started from implanted sensor node to the human body which has the wireless capability to communicate the sink or base station to send the data wirelessly. The sensors are capable of detecting the medical signals such as ElectroCardioGram (ECG), pulse rate, blood pressure [2]. Getting the significant and usable data from the sensors event is challenging. So, as secured mechanism is needed to get the meaningful data.
Within the ICT paradigm the upcoming and promising technology is known as the cloud computing. The technology is low-cost and rented, provide convenient and on-demand network access to a shared pool of configurable computing resources. As it is rented no infrastructure is needed so rapid deployment is possible. There are numerous benefit of implementing cloud computing such as advanced security, elasticity, on demand self-services, distributed locations, resilient, virtualization capability, low cost implementation. in the life care system it has necessary as using this technology the patient can be monitored remotely efficiently even the patient is at home [3]. Considering several benefits and application the patient monitoring using BAN has become more popular. Still there is constrain in the technology. In practical all the sensor nodes of the body area network is not possible to have an independent IP address. As a result it is not possible to connect the sensors to the internet using TCP/IP to have the web based application for efficient monitoring of the patient. The solution of this problem is to integrate Body Area Networks and Cloud computing to have secure and scalable data [4]. To support the integration of BAN to Cloud does not have many frameworks. Numerous challenges need to consider to enable this service as the network is a dynamic network. BAN is consisting of low cost sensor devices and it is normally implanted in the human body. The body temperature may have an effect on the wireless capability of the sensor devices. The sensor may change the network address anytime that may result the failure of the wireless capability. Most importantly, for the important patient the outsiders may try to access the patient data and security is a consideration. Moreover, because of the dynamic and temporal nature of the body area networks the application become problematic if the conventional approach is used in the network to host in the cloud as dissimilar cloud applications can be hosted and run on any machines anywhere on the cloud [5]. Furthermore, other cloud application may have the interest in the same sensor data for dissimilar purpose and access. Such as nurse
978-1-5090-1269-5/16/$31.00 ©2016 IEEE
814
and doctor may have different interest on the same data. In such kind of scenario the sensor need to run parallel application as well as need to maintain and manage the communications link. This may result of exceeding the sensor capability. In any communication network in operation, it is required to have an efficient mechanism for security. Protecting Body Area Network from several attacks is a challenge and essential. As the BAN nature and characteristics includes, wireless medium open nature, operation is un-attendant, constrained energy, limited memory, and limited power of computation, limited bandwidth and range of communications [6]. As a result it has more susceptibility to have the attacks compare to the typical network. . The distinctive properties and characteristics of Body Area Networks is necessary to be considered in order to protect the BAN. Numerous algorithms till now have been proposed for the secure functionality of wireless sensor network (WSN) from where BAN is developed. So the security is considered in WSN can be consider in BAN. There is no specific security mechanism is developed for BAN, Majority of the previous research on WSN has gave concentration on the on the main areas such as, key establishment (pair wise), authentication and access control and guard against attack. The previous works mostly based on the typical cryptographic data and authentication of data to formalize the association between the nodes. Nevertheless, the unpredictable communication scenario utilizing wireless communication channels made the communications techniques susceptible by permitting the sensor nodes to share the cryptographic or security with other nodes by not knowing who is the adversary [7]. The sensor which became compromised will act as a legitimate node. As a result it’s possible for compromised entity to perform the internal attacks. Whenever the attacks is performed the sensor node will act abnormally. The abnormal behaviour may include tempering and dropping the messages and even sending excessing data. In this research, we have shown the integration process of cloud computing and BAN. Moreover, we developed an algorithm based on Maximum-Entropy to detect the internal attack in Body Area Network. In this method the primary concept is to collect the primary information about communications performed within the sensor nodes, and forward the information to the sink in which the information’s are united and attached to the sensor node information vectors which is consider as a feature. As soon as the sinker receives all nodes’ information vectors, the sinker then utilizes the familiar type nodes information as a training data set, and engenders a maximum entropy model, then it tagged the unfamiliar type nodes, which come up with the probabilities of every type.
II. RELATED WORK There in not much work has been done on interrogation of cloud computing and body area networks. But some work is done on security of wireless sensor networks. Body area network is developed based on the wireless sensor network so the security mechanism of WSN can be implemented in BAN. In this research we are considering BAN internal attacks. Conventionally internal attack identification has studied in several research but it was limited to ad hoc wireless network and peer-to-peer, unfortunately very few research was conducted in the area of wireless sensor network. Utilizing the identification process of internal attacker we can have the knowledge of internal attacker. Till now, there is no significant attention and consideration was given to the internal attacker to secure the WSN utilizing abnormal behavior of the sensor node. The abnormal behavior of the node is projected in several works in the literature. Nevertheless, the major emphasis was set on avoiding and safeguarding the routing. WSNs Intrusion detection was projected in [8][9], In [8] Zhang et al. suggested new mechanism that is considered as initial research for intrusion detection for kind of network like wireless ad hoc networks. A different and novel framework is considered for cooperative statistical abnormality. The mechanism utilize the defense process on the ad hoc network. Silva et al. in [9], manage to triggered an alarm for intrusion detection, while a several failures beats a set pre-defined threshold. Utilizing this method the judgment of the attacker is done. In this work the conclusion was done relying on rule based simulation utilizing multiple rule. In the work of Staddon et al [10] portrays to track unsuccessful sensor nodes in the networks at the sinker to detect the abnormal behavior. It is done in sink as it has bigger memory and processing power, by assuming that in the network each sensor measured output will be forwarded to the sinker. The process follow the routing tree is utilized in the system. In this research, sinker will hold the overall condition and control of whole topology of the implemented network. The sinker is able to recognize the unsuccessful sensors using directional route update message. Another new technique is presented in [11][12] and [13], it is known as watchdog like technique. The resolution of the algorithm is to recognize attacker sensor. To do that it uses the eavesdropping of the communication of the next hop. The mechanism is able to identify the packet dropping attacks. It is done by allowing the sensor nodes to have the knowledge of the next hope nodes transmission mechanism which is broadcasting. Normally, numerous watchdog work cooperatively in judgment and an additional system known as reputation system is mandatory. The additional systems is needed to deliver the rating of the quality for the participating sensors.
815
In [14], the outlier of the networks is studied by the researchers. The authors came up with an algorithm that has the following properties: (i) technique is nonspecific – appropriate for numerous internal attacker discovery heuristics, (ii) again the method is normally operates within the network and utilizes a load proportionate of communications to the consequence and end result (i.e.in this the number of internal attacker is described), (iii) the technique is dynamic with respect to information and changing of the network, (iv) the decision of this is exposed and shared to all of the nodes.one of the drawback of the method is, it is not cost effective to implement as it is expensive. Lately the Game theory is frequently utilizes for the analysis of wireless sensor networks. This algorithm utilize the selfish/attacker sensor node to take decision. The game theory approach was studied by Reddy and Ma in [15][16], Reddy et al. in [15] utilizing the methodology of zero-sum game. Which might find the internal attacker sensor nodes in the forwarding and dispatching track. A certain level of energy is necessary to maintain to implement the method and to work effectively. The projected technique in [16] not only progresses giving protection to the wireless sensor networks , but it is capable of reducing the cost affected by observing sensor nodes and it lengthens each sensor nodes lifespan. Nonetheless, the mechanism does not take consideration of the special effect of the selfish behaviour of the sensor nodes that could abandon normal packet or stop transferring the usual packets in wireless sensor networks. The literature portrays that most of present techniques exists are fundamentally built on cryptography. Normally, in cryptography methods, the source utilizes cryptographic mechanisms in order to produce and send extra authentication information which permits nodes to authenticate the legitimacy of coded packets. The forge packets that has been polluted can then be extracted out by intermediate nodes. The presented methods are normally depends on algorithms such as homomorphic hash functions or homomorphic digital signatures. The literature and research shows that these mechanisms computational overhead is high, due to every authentication necessitates a huge number of modular exponentiations to conclude the result. Furthermore, they entail the authentication information data, for example, hashes or signatures needed to be transferred independently and it has to be reliable to all sensor nodes prior to send the data, that is usually problematic to accomplish proficiently in wireless sensor networks. III.
INTEGRATION
OF BAN AND CLOUD
In this paper in order to do the integration of the Body area network and cloud computing we have utilised the content-
based publish/subscribe (pub/sub) broker model. Our integration process of framework is portrayed on the figure. The framework works by delivering the collected sensor data from the patient to the web application on the cloud. It does not work on the basis of the network address. Basically it works based on the content of the interest of the user. To achieve the better and efficient performance for the bandwidth and the capabilities, the pub/sub broker is located in the cloud.
Figure 1: Integration of BAN and Cloud Computing.
One of the advantage of the pub/sub communication paradigm is it allows the communicating independent entities for decoupling fully [17]. This empowers the data exchanging between the huge numbers of independent entity dynamically. As a result no pre establishment is necessary to identify each other in order to share the information between the communicating entities. Furthermore, the process does not need any active participative interaction if durable subscription is facilitated. In the process, while the subscriber is not online and an event was created by the publisher at that time. The storage of the event will be done by the broker. As soon as the subscriber is online the event will be delivered. The pub/sub broker comprises of four components [18]. • • • •
Sensor Stream or Event monitoring and processing component (SMPC) Registry Component (RC) Analyser Component (AC) Disseminator Component (DC)
SMPC comes in several dissimilar forms. It is case by case basis. It can be raw data which should be captured, filtered and analysed. In other case it may be only stored. Based on the types and the nature of the data stream as well as the requirements the computation method is decided. It monitors the independent event streams in the cloud and correct the method of analysis. Based on the rate of the data and required processing it can do the parallel execution in the cloud. Several types of sensor data is required by the monitoring
816
user. To meet this dissimilar applications of SaaS register to pub-sub broker. The RC store the subscription of the user and the user interest for every application. For event delivery, every user is given a subscription with an application ID to the disseminator component The AC regulates the user application whether the user need the application in periodic or emergency deliver. AC does this as soon pub-sub broker receives any sensor data or independent event. After that the event is pass to the disseminator component in order to transport to proper users utilizing the SasS application. DC broadcasts the independent sensor events to the appropriate user by an algorithm which allow utilization of cloud execution framework parallel. That enables the fastest delivery of the event IV. BAN SECURITY METHOD The core conception of information theory is considered to be the Entropy which is the average quantity of information contained in each feature established and received. Which is considered the scale of the quantity of the data information which is disappeared before reception. Information entropy illustrates the ambiguity of a stochastic system. Normally, low information entropy is expected in an ordered systems; In contrast, high information entropy is expected in a chaotic system. Outlined that the probability of discrete random variable , the values can be represented as is ( ), in which represents as 1, 2 … . These explanation and equation of entropy of information theory was explained by an american mathematician, electronic engineer, and cryptographer Claude Shannon in 1948 [19] is in Equation 1. ( ) = − ∑
( )∗
( ( ))
(1)
Here, ( ), considered as the information entropy. According to the Bayesian probability theory, the probability distribution that explicitly characterizes the current or existing state of information based on the known information constraints is the one which has largest entropy. Whereas, in the case of discrete random variable, the value of entropy became large whenever the probability distribution is an average distribution. In equation (1), ( ) achieves the represents biggest value whenever ( ) = 1/ , {1, 2, … , }, which to be portrayed. The uniform distributions is considered the maximum entropy discrete probability distribution. The usual outcome of the Maximum Entropy [20] is in Equation 2. =
∈
( | ) = ∑(
, )
( , )
An internally attacked node will have low sending power than normal nodes as it has been re programed by enemy, therefore, when the node send the data, for the probability of successfully sending messages, the one hop next node will be lower than any of the usual node. Within the network in the case of selective forwarding attacks, the forwarding rate of a compromised or attached node will be lower than the normal node, it happened normally because of its malicious packet dropping. As the node create interests for the data streams towards it, an attacker node of blackhole attacks or sinkhole attacks normally the dimension of the data is larger. Which could even be extended to all neighbor nodes. Hence, in furthermost scenario, total count of the neighbor nodes are almost similar to the the maximum nodes and same case in measurement. In the case of uniformly distributed sensor nodes, usually normal cases the distance between each two nodes are almost same. However, the transmission interval became same for almost all nodes. In the case of attack, such as such as wormhole attack, normally the transmission delay became higher for the attacked node, because the attack node send the initial message and forward the message for the purpose of forging and creating the distortion in the routing. So it creates the transmission delay. Consequently, the attacked sesnor node shell be identified based on the legitimate nodes by making comparison with node features. Node features is decided before deployment. The internal attack detected based on the maximum entropy model. Initially it does the entropy calculation then data extraction, compare data, and finally do the judgment about internal attack.
( | )
(2)
Where, = { the probability distribution in the is considered as | , in which the conditions is satisfied by }, The features is in ( , ). The information’s which needed to make sure is in , besides the representation of in the context information’s of maximum entropy. In the equation (2) must follow the known statistical characteristics from the sample data. In our system we select the feature.
IMPLEMENTATION IN BAN
V.
In our Body area Network we utilize sensor nodes, there are n types of known sensor nodes, this includes internally attacked node. In the system each and every node has several feature which consider as k features. Which construct feature vector for each sensor node. The information or feature vector define about the internally attacked node well as this has been construct based on initial value of testing during deployment. All nodes vector compose in a sample space and all nodes sample are learned by the Maximum entropy algorithm. Therefore a model is engendered to categorize supplementary (N-n) type un-known sensor nodes correctly and effectively. If E is the expected value and f is feature that we have selected, and there are k features, in our case we select two featues (send rate and forward rate). The restriction of feature distribution can be defined as Equation 3. =
~
(3)
is the anticipated value of the Where, 1 ≤ ≤ , information , while the probability of distribution considered ~ is anticipated value of sample as . In addition, information. Therefore, and ~ could be re written as in Equation 4 and 5. =∑
∈
(
) (
)
(4)
817
=∑
~
(
∈
) (
) (5)
Finding a probability distribution with largest entropy value in the major objective of Maximum entropy principles. That can be distinct as in the following Equation 6 and 7. =
=
=
|
( | )
∈
(6)
~ , 1≤ ≤
(7)
The probability of distribution which satisfy the Equation 6 and 7, has a form like in Equation 8, (
= ∏
)
, 0 ≤
≤ ∞
(8)
is an internally attacked node. In order to do the simulation we have set some parameters in NS2 which is in Table 1. TABLE I THE PARAMETERS
Parameters Packet Size Initial Energy Transmission Range Routine protocol Simulation time
Values 500 bytes 2J 100m AODV 1 minute
The simulation result is shown in the Fig. 2. In the figure X and Y axis represents number of nodes and probability of malicious node (Internally attacked node).
We consider as normalization constant. Each feature of the message has a corresponding parameter model which is represented as , it can be calculated generalized iterative algorithm as in [21]. So, can be calculated from the equation 9 and 10 ( ) (
=1 )
=
(9) ( )
(10)
( )
From the definition of GIS and the theory we can get as the equation 11. = ∑
(
)
(11)
When enough iteration of data is run by GIS in the background we can get the probability distribution which corresponds to maximum entropy and we have the parameter model. However, based on equation 11 expected values with adjusted feature by GIS we can decide about the internal attack.
Fig. 2: The detection of Internal Attacks VII.
VI.
RESULT
In this research for the experimental purpose, we have considered the temperature measurement as our data, within squared field region network which is b by b and located in the normalized resiliency-degrees against the normalized time units. The simulation of the network is done in NS2 environment to find the attacks. In our simulation platform we have applied the Maximum entropy. For the purpose of simulation we have set the node only for selective forwarding attacks. In the simulation environment, we set total 400 randomly distributed nodes and out of that 25 programed as internally attacked nodes. The forwarding rate of selective forwarding attacks is set to 70%. We mainly consider the forwarding rate for the node in the simulation. We consider if the probability of the detection if more than 60%, the node
CONCLUSION
In this research paper we have presented a unique framework to integrate the Body area network and cloud computing using content based publish/subscribe (pub/sub) broker model. Moreover we have implemented the security mechanisms to save the network from internal attacks. To do that we have used entropy model. The simulation result shows that the appropriate detection of internal attack which is satisfactory to conclude that the system is working well. Patient monitoring is real time. So our future goal to make it as the end user product in the hardware.
REFERENCES
818
[1]
Anliker, U., "AMON: A Wearable multipara meter medical monitoring and alert system", IEEE Trans Information Tech. In Biomedicine, December 2004, Vol 8, No: 4, pp. 415-427 [2] Jovanov C. A., Milenkovic E., "A BAN based systems for health monitoring at home ", Proceedings of 3rd IEEE/EMBS Int Summer school, Medical devices and Bio sensors, Sept, 20-23, 2006, IEEE, Cambridge, MA, USA [3] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, “Above the Clouds: A Berkeley View of Cloud Computing,” University of California at Berkeley, UC Berkeley Reliable Adaptive Distributed Systems Laboratory, Technical Report UCB/EECS-200928, Feb. 2009. [4] V. Rajesh, J. M. Gnanasekar, R. S. Ponmagal, and P. Anbalagan, “Integration of Wireless Sensor Network with Cloud,” in 2010 International Conference on Recent Trends in Information, Telecommunication and Computing (ITC), March, pp. 321–323. [5] A. Kapadia, S. Myers, X. Wang, and G. Fox, “Secure cloud computing with brokered trusted sensor networks,” in 2010 International Symposium on Collaborative Technologies and Systems (CTS), May, pp. 581–592. [6] X. Huang, M. Ahmed, and D. Sharma, “Timing control for protecting from internal attacks in wireless sensor networks,” in 2012 International Conference on Information Networking (ICOIN), 2012, pp. 7 –12. [7] M. Ahmed, X. Huang, and D. Sharma, “A Taxonomy of Internal Attacks in Wireless Sensor Network,” in World Academy of Science, Engineering and Technology, Kuala Lumpur, Malaysia, 2012, pp. 427–430. [8] Y. Zhang and W. Lee, “Intrusion Detection in Wireless AdHoc Networks,” presented at the ACM MOBICOM, The Annual International Conference on Mobile Computing and Networking, Boston, Massachusesttes, USA, 2000, pp. 275–283. [9] A. P. R. da Silva, M. H. T. Martins, B. P. S. Rocha, A. A. F. Loureiro, L. B. Ruiz, and H. C. Wong, “Decentralized Intrusion Detection in Wireless Sensor Networks,” in Proceedings Of The 1st ACM International Workshop On Quality Of Service & Security In Wireless And Mobile Networks (Q2SWINET’05), 2005, pp. 16–23. [10] J. Staddon, D. Balfanz, and G. Durfee, “Efficient tracing of failed nodes in sensor networks,” in Proceedings of the 1st ACM international workshop on Wireless sensor networks and applications, New York, NY, USA, 2002, pp. 122–130.
[11] S. Marti, T. J. Giuli, K. Lai, and M. Baker, “Mitigating routing misbehavior in mobile ad hoc networks,” in Proceedings of the 6th annual international conference on Mobile computing and networking, New York, NY, USA, 2000, pp. 255–265. [12] K. Paul and D. Westhoff, “Context aware detection of selfish nodes in DSR based ad-hoc networks,” in IEEE Global Telecommunications Conference, 2002. GLOBECOM ’02, 2002, vol. 1, pp. 178 – 182 vol.1. [13] S. Bansal and M. Baker, “Observation-based Cooperation Enforcement in Ad hoc Networks,” Res. Rep. CsNI0307012, vol. 2, no. 1, pp. 1–10, Jul. 2003. [14] J. Branch, B. Szymanski, C. Giannella, R. Wolff, and H. Kargupta, “In-Network Outlier Detection in Wireless Sensor Networks,” in 26th IEEE International Conference on Distributed Computing Systems, 2006. ICDCS 2006, 2006, p. 51. [15] Y. B. Reddy, “A Game Theory Approach to Detect Malicious Nodes in Wireless Sensor Networks,” in Third International Conference on Sensor Technologies and Applications, 2009. SENSORCOMM ’09, June, pp. 462–468. [16] Y. Ma, H. Cao, and J. Ma, “The intrusion detection method based on game theory in wireless sensor network,” in 2008 First IEEE International Conference on Ubi-Media Computing, 2008, pp. 326– 331. [17] P. T. Eugster, P. A. Felber, R. Guerraoui, and A.-M. Kermarrec, “The many faces of publish/subscribe,” ACM Comput. Surv., vol. 35, no. 2, pp. 114–131, Jun. 2003. [18] M. Nabeel, N. Shang, and E. Bertino, “Efficient privacy preserving content based publish subscribe systems,” in Proceedings of the 17th ACM symposium on Access Control Models and Technologies, New York, NY, USA, 2012, pp. 133–144. [19] [S. J. Phillips, R. P. Anderson, and R. E. Schapire, “Maximum entropy modeling of species geographic distributions,” Ecol. Model., vol. 190, no. 3–4, pp. 231–259, Jan. 2006. [20] M. Jani and R. K. Azad, “Information Entropy Based Methods for Genome Comparison,” ACM SIGBioinformatics Rec, vol. 3, no. 2, pp. 2:1–2:4, May 2013. [21] E. Todorov and W. Li, “A generalized iterative LQG method for locally-optimal feedback control of constrained nonlinear stochastic systems,” in American Control Conference, 2005. Proceedings of the 2005, 2005, pp. 300–306 vol. 1..
