A Key Management Method Based on Dynamic Clustering for Sensor ...

Hindawi Publishing Corporation International Journal of Distributed Sensor Networks Volume 2015, Article ID 763675, 9 pages http://dx.doi.org/10.1155/2015/763675

Research Article A Key Management Method Based on Dynamic Clustering for Sensor Networks Ying Zhang,1 Bingxin Zheng,1 Pengfei Ji,1 and Jinde Cao2,3 1

College of Information Engineering, Shanghai Maritime University, Shanghai 201306, China Department of Mathematics, Southeast University, Nanjing 210096, China 3 Department of Mathematics, Faculty of Science, King Abdulaziz University, Jeddah 21589, Saudi Arabia 2

Correspondence should be addressed to Ying Zhang; [email protected] Received 6 August 2014; Revised 23 November 2014; Accepted 24 November 2014 Academic Editor: Qin Xin Copyright © 2015 Ying Zhang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. Many cluster-based routing protocols had been proposed which had rarely considered the network security issues so far. The existing key management methods have imperfection when they combine with cluster-based routing protocols. Normally cluster-based key management method has better performance than the distributed key management method, but most of the layer-cluster key management methods do not consider the problem of key updating and being captured for cluster heads. Considering the nodes’ capture probability, particle swarm optimization algorithm was used to optimize the clustering of sensor networks. A dynamic key management method was proposed to achieve key updating regularly and provided a security strategy for sensor networks to solve the problem of being captured for cluster heads. The simulation illustrates that the proposed key management method can achieve better security performance.

1. Introduction Sensor network security issues are becoming the focus of the industry recently [1, 2]. Because of limited storage space and computing power, lacking of a priori knowledge for later nodes deployed, and inability to guarantee the physical security in deployment region for sensor network, the traditional network security method is not suitable for sensor networks. Lightweight key management method, which aims to secure communication, becomes the most important and basic aspect of security research for wireless sensor networks [3–5]. According to the differences of topological structure, sensor networks can be divided into flat networks and layercluster networks. Layer-cluster wireless sensor networks have the advantage of high-energy efficiency. Recently, many scholars had proposed cluster-based routing protocols [6–8], which only considered the energy factor but paid no attention to security issues. Key management is an important way to protect the safety of clustering. Nodes are often deployed in the enemy area for monitoring, so they could be captured by the enemies. In particular in layer-cluster networks, cluster

heads play an important role in the network. Once being captured, they will reveal more keys and information. It will threaten the safety of the whole network. This paper presents a kind of capture probability model of network nodes. The model considers the capture probability as network clustering, and the nodes which hold lower capture probability will be the cluster heads first. On the basis of this model, a dynamic key management method (DKMM) was proposed. The key management method can achieve dynamic key update and solve the problem of system security defense when the cluster heads are captured. The system simulation indicates that the proposed method based on clustering routing protocol has the features of lower storage consumption and strong ability of resistance to capture.

2. Related Work There are many kinds of key management methods proposed [9–12]. In the field of distributed key management method, Eschenauer and Gligor (E-G) [13, 14] first presented a random key predistribution method. In this method, each node randomly selects 𝑚 keys from the key pools before

2

International Journal of Distributed Sensor Networks

deployment. If the adjacent nodes at least have one same key, they can directly establish a session key. Chan et al. [15] also proposed a method based on the E-G method which is called 𝑞-composite key management method. In this scheme, the adjacent nodes can establish communication if they at least have 𝑞 same keys. The connection rate of these two methods is lower, and the cost of keys storage is higher. In the field of cluster-based key management methods, Zhu et al. [16] devised a method called LEAP. This method not only can support the processing inside the network, but also is a kind of key management method with fine ability of resistance to capture. In order to meet the different security requirements, LEAP supports the establishment of four types of keys. They are individual key, group key, clustered key, and pair key, respectively. It also provides the network node authentication based on one-way key chain. But its mechanisms of key update, revocation, nodes canceling, and nodes adding are not perfect, and clusters will dynamically be changed in practical applications. Jolly et al. [17] proposed a low-energy key management protocol that supports revocation for the attacked nodes. Since each node can only communicate with the cluster heads or base station, each sensor node only needs to store two symmetric keys in the key predistribution process. This method adopts the multilayer network architecture, which greatly reduces the energy consumption caused by the key management. However, this method has poorer network expansibility. The key update is not supported, so it increases the chance of being cracked by the enemy when using one kind of key in a long period of time. Du et al. [18] devised a key predistribution for heterogeneous sensor networks. This method takes the high-energy nodes as cluster heads, which can store a lot of keys and be equipped with tamper-proof hardware devices. The ordinary nodes will only be preloaded with a small number of keys. Compared with the existing random key predistribution methods, this method enhances the anticapture capabilities. But its storage overhead of keys is larger and the cluster heads are unable to be changed dynamically. Once being captured, the clusters will not work properly.

3. Network Model The proposed DKMM method adopts the model of layercluster wireless sensor network, which is shown in Figure 1. We make some assumptions as follows.

BS

CH

CH

CH

CH

Figure 1: Schematic diagram of sensor network model (BS is base station; CH is cluster head).

(6) Data fusion technology can be used to reduce the amount of data transferred. (7) The base station (BS) is trusted and has sufficient energy, and it can communicate with all the nodes in monitoring area. Once a node is captured, it will be detected immediately by BS. This paper also presents a model of capture probability of the network nodes shown as follows: 0 { { { { 𝑑 − 𝑑0 2 𝐺 = {𝐺max × ( ) { 𝑑𝐻 − 𝑑0 { { {𝐺max

0 ≤ 𝑑 < 𝑑0 𝑑0 ≤ 𝑑 < 𝑑𝐻

(1)

𝑑𝐻 ≤ 𝑑.

𝑑𝐻 is a threshold value of monitoring area; 𝑑0 is the safety value of monitoring area. 𝐺max is the maximum probability of being captured. The values of 𝑑𝐻, 𝑑0 , and 𝐺max are determined by the specific monitoring area; 𝑑 is the distance from the node to the base station. Assuming the base station is the safest position, when the distance to base station is less than 𝑑0 , owing to being far away from the enemy activity area, the probability of enemy appearance is almost zero. Therefore, the capture probability of the nodes in this area is the lowest. When the distance is more than 𝑑0 , the chance of the enemy appearing grows, and the capture probability of the nodes also increases. When the distance to the base station exceeds 𝑑𝐻, the nodes can monitor the main activity area of the enemies, and the capture probability of the nodes is the maximum.

(1) The node has a unique ID and is randomly deployed in the monitoring area.

4. Clustering Based on PSO

(2) After being deployed, all the nodes are stationary and energy-constrained.

Particle swarm optimization (PSO) is an algorithm based on iterative optimization [19]. PSO initializes particle swarm as a group of random solutions and then searches optimal solution in the solution space by following the current optimum particles. In the process of iteration, the particles are updated according to the two extreme values which are called the individual extreme value and the global extreme value. Thereinto, the individual extreme value is the optimal solution which is founded by each particle, and the global extreme value is the optimal solution which is founded by

(3) All nodes are with the same capacity, equal status. Once being captured, they would reveal the keys they had stored. (4) Nodes can adjust the transmission power according to the distances. (5) All nodes are aware of their position and perform the data collection tasks periodically.


3

Table 1: The implication of parameters in PSO. Variable V 𝑥 𝑡 𝑐1 , 𝑐2 𝜑1 , 𝜑2 𝑝id 𝑝gd 𝑝𝑏𝑒𝑠𝑡 𝑔𝑏𝑒𝑠𝑡 w

Variable name The particle velocity The particle position The rounds Learning factors Random number between 0 and 1 Individual best position Global best position Fitness value of 𝑝id Fitness value of 𝑝gd Inertia weight

Initialize position and velocity of each particle

Calculate the fitness of each particle to get pid and pgd Update and x

Limitation on and x Map the particle’s location to cluster nodes’ location Calculate the fitness of each particle

global particle swarm. Particle position and velocity can be updated by

cost < pbest ?

Vid (𝑡) = 𝑤 × Vid (𝑡 − 1) + 𝑐1 × 𝜑1 (𝑝id − 𝑥id (𝑡 − 1)) + 𝑐2 × 𝜑2 (𝑝gd − 𝑥id (𝑡 − 1)) 𝑥id (𝑡) = 𝑥id (𝑡 − 1) + Vid (𝑡) ,

cos 𝑡 = 𝛽1 × 𝑓1 + 𝛽2 × 𝑓2 + 𝛽3 × 𝑓3 ,

pbest < gbest ?

(3)

where 𝑑 (𝑛𝑖 , CH𝑝,𝑘 ) } { 𝑓1 = max { ∑ 󵄨󵄨 󵄨 } 𝑘=1,2,...,𝐾 󵄨󵄨𝐶𝑝,𝑘 󵄨󵄨󵄨 󵄨 󵄨 } {∀𝑛𝑖 ∈𝐶𝑝,𝑘 𝑓2 =

∑𝑁 𝑖=1 𝐸 (𝑛𝑖 ) 𝐾 ∑𝑘=1 𝐸 (CH𝑝,𝑘 )

(4)

𝐾

𝐴 × 𝐺𝑘 . 𝐾 𝑘=1

𝑓3 = ∑

𝑓1 is the evaluation factor of cluster’s compactness, which is the maximum average Euclidean distance of nodes to their

Update pid and pbest

No

(2)

where the parameters in the formula are defined as in Table 1. The clustering is based on centralized control strategy and realized by base station with unlimited energy. Polling mechanism is applied to protocol implementation, and each round includes two stages: the setting-up of clustering and steady state of clustering. After the nodes deployment, they will report the base station about the information of their position and energy. Because the base station knows the initial energy of all the nodes, it can estimate the energy consumption of the nodes by each round clustering information and gets node energy information after each round. The node’s location is fixed. Therefore, nodes do not need to send the information of position and energy to the base station subsequently. According to application requirements and the circumstance of network operation, they will resend the information of position and energy after a long interval of cycle. The probability of nodes being captured will be considered in the process of clustering. The fitness function is set as follows:

Yes

Yes Update pgd and gbest

No No

Iterations == Max? Yes End

Figure 2: Flowchart of PSO clustering.

associated cluster heads. 𝑑(𝑛𝑖 , CH𝑝,𝑘 ) is the distance between node 𝑛𝑖 and cluster head. |𝐶𝑝,𝑘 | is the number of the nodes which belong to cluster 𝐶𝑘 in particle 𝑃. 𝑓2 is the evaluation factor of cluster head’s energy, which is the proportion of total initial energy of all nodes 𝑛𝑖 (𝑖 = 1, 2, 3, . . . , 𝑁) in the network and the total current energy of the cluster heads in the current round. 𝑓3 is the evaluation factor of probability of node being captured, and 𝐴 is a constant. 𝑓1 , 𝑓2 , 𝑓3 are in the same magnitude. 𝐺𝑘 is the probability of each cluster head being captured. 𝛽1 , 𝛽2 , 𝛽3 are the weight coefficients of each evaluation factor, and 𝛽1 + 𝛽2 + 𝛽3 = 1. Figure 2 is the flowchart of PSO clustering, and the specific steps of PSO clustering are as follows. (a) Initialize 𝑆 particles, and each particle contains 𝐾 cluster heads randomly selected from the eligible candidates of cluster head. (b) Node 𝑛𝑖 is assigned to the nearest cluster head, and the fitness function of each particle 𝑃 (𝑃 = 1, 2, . . . , 𝑆) can be calculated according to formula (3)∼(4). (c) Find the individual and global best solution for each particle. (d) Update the particle’s velocity and position.

4


Random initialization for velocity V𝑖 (0) and position 𝑥𝑖 (0) of particles, 𝑖 ∈ [1, . . . , 𝑆] Map the particle’s location to the nodes’ location according to the distance between the position of each cluster heads and the position of the nodes for each particle 𝑖 ∈ [1, . . . , 𝑆]: Calculate fitness 𝑓(𝑥𝑖 (0)) of particle using formula (3) 𝑝id ← 𝑥𝑖 (0) 𝑝𝑏𝑒𝑠𝑡𝑖 ← 𝑓(𝑥𝑖 (0)) end for 𝑔𝑏𝑒𝑠𝑡 ← min{𝑓(𝑥1 (0)), 𝑓(𝑥2 (0)), . . . , 𝑓(𝑥𝑆 (0))} for iterations 𝑡 ∈ [1, . . . , 𝑀𝑎𝑥𝐼𝑡𝑒𝑟]: for each particle 𝑖 ∈ [1, . . . , 𝑆]: Update V𝑖 (𝑡) and 𝑥𝑖 (𝑡) Map the particle location to the location of the eligible candidates of cluster head Calculate fitness of particles if 𝑓(𝑥𝑖 (𝑡)) < 𝑝𝑏𝑒𝑠𝑡𝑖 then 𝑝𝑏𝑒𝑠𝑡𝑖 ← 𝑓(𝑥𝑖 (𝑡)), 𝑝id ← 𝑥𝑖 (𝑡) if 𝑝𝑏𝑒𝑠𝑡𝑖 < 𝑔𝑏𝑒𝑠𝑡 then 𝑔𝑏𝑒𝑠𝑡 ← 𝑝𝑏𝑒𝑠𝑡, 𝑝gd ← 𝑝id end for end for Pseudocode 1

(e) Map the particle’s location to cluster heads’ location. (f) Repeat the above steps until achieving the maximum number of iterations. It will get into the steady phase after building cluster, and then the cluster heads will complete the tasks as data collection and fusion. After a period of time, in order to ensure the safety of the system, it should update the clustering to repeat the process above. The pseudocode of this PSO clustering is shown in Pseudocode 1.

5. The Key Management Method for Sensor Networks Based on Dynamic Clustering 5.1. Key Establishment. Suppose 𝑁 nodes are safe for a period of time after deployment, and they could not be captured by the enemy. Each node stores the initial key 𝐾0 and one-way hash function 𝐻. Nodes are randomly deployed in monitored area, and each node 𝑛𝑖 sent their own position 𝐿 𝑖 , energy 𝐸𝑖 , and id𝑖 information to the base station by key 𝐾0 : 𝑛𝑖 󳨀→ BS : 𝐸𝐾0 (id1 ‖ ⋅ ⋅ ⋅ id𝑖 ‖𝐿 𝑖 ‖ ⋅ ⋅ ⋅ 𝐿 𝑖 ‖𝐸1 ‖ ⋅ ⋅ ⋅ 𝐸𝑖 ) 𝑖 = 1, 2, . . . , 𝑁.

(5)

After receiving the information from each node, base station considers the probability of nodes being captured and makes the clustering by the method above. Then it will broadcast id𝐶𝑗 and location information 𝐿 𝑗 of cluster heads after selecting 𝐾 cluster heads: BS 󳨀→ ∗ : 𝐸𝐾0 (id1 ‖ ⋅ ⋅ ⋅ id𝐶𝑗 ‖𝐿 1 ‖ ⋅ ⋅ ⋅ 𝐿 𝑗 ) 𝑗 = 1, 2, . . . , 𝐾.

(6)

Each node, which is not the cluster head, decrypts the received information and then chooses the nearest cluster head to join in according to the location information. They also calculate the session key and a cluster key which are used for communicating with cluster head and base station, respectively. After establishing three kinds of session keys, the initial key 𝐾0 will be deleted. Assume node 𝑢 wants to establish a session key with the cluster head 𝐶𝑗 : 𝐾𝑢𝐶𝑗 = 𝐻 (𝐾0 ‖id𝐶𝑗 ‖id𝑢 )

(7)

𝐾𝑢𝐵 = 𝐻 (𝐾0 ‖id𝑢 )

(8)

𝐾𝐶𝑗 = 𝐻 (𝐾0 ‖id𝐶𝑗 ) .

(9)

After receiving the information, cluster head will calculate the session key for communicating with base station: 𝐾𝐶𝑗 𝐵 = 𝐻 (𝐾0 ‖id𝐶𝑗 ) .

(10)

Then 𝐾0 will be deleted. The cluster head will not store cluster keys. After calculating according to formula (7)∼(10), the base station will obtain the session keys used for communication with all the nodes and the cluster keys of all the clusters, and then it will tell the cluster heads about all the information of its corresponding nodes assigned to them by 𝐾𝐶𝑗 𝐵 . After getting the information of every node in the cluster, each cluster head will calculate the session key for communicating with nodes in the cluster according to formula (7); then 𝐾0 will be deleted. So the establishment of the entire network key is completed. 5.2. Key Update. In the stable transmission phase, if the key was used for a long time, it will have the risk to be cracked by


5

the enemies; so the key needs to be updated. Key update will be launched by the cluster head, and each cluster head needs to calculate the formula 𝑃(𝑥) = (𝑥 − 𝐾1 )(𝑥 − 𝐾2 ) ⋅ ⋅ ⋅ (𝑥 − 𝐾𝑎 ), where 𝐾𝑎 is the session key between the cluster head and the nodes. The cluster head broadcasts 𝑔(𝑥) = 𝑃(𝑥) + 𝑆 in the cluster. When the nodes put the session keys into 𝑔(𝑥), they can get key update parameter 𝑆, and then they can get the new session keys: 󸀠 = 𝐻 (𝐾𝑢𝐶𝑗 ‖𝑆) . 𝐾𝑢𝐶 𝑗

(11)

5.3. Key Establishment in Clustering by Polling. Suppose time 𝑇 of establishing the cluster is less than time 𝑇min which is the time for nodes being captured. In the clustering phase, the base station elects the cluster heads with PSO algorithm and then sends the new cluster head information and key parameter 𝑆󸀠 to the cluster members of last round, respectively, by the cluster key of the last round. Because the cluster head does not have the cluster key, the base station will transfer the new cluster header information and 𝑆󸀠 to the cluster head of last round by 𝐾𝐶𝑗 𝐵 with unicast. Each noncluster head node decrypts the received information and then chooses the nearest cluster head to join in according to the location information. They also calculate the cluster key and the session key which are used for communicating with cluster head, while updating the session key used for communicating with the base station. After establishing the session key, 𝑆󸀠 will be deleted. Assume node 𝑢 wants to establish a session key with the cluster head 𝐶𝑗 : 󸀠 𝐾𝑢𝐶 𝑗

󸀠

= 𝐻 (𝑆 ‖id𝐶𝑗 ‖id𝑢 )

(12)

After the nodes in cluster received the message, the session key for communicating with old cluster head will be deleted, and a new session key for communicating with the new cluster head will be created: 󸀠 = 𝐻 (𝑆󸀠󸀠 ‖id𝐶𝑗 ‖id𝑢 ) . 𝐾𝑢𝐶 𝑗

(16)

The base station passes the information about the nodes in cluster to the new cluster head by 𝐾𝑢𝐵 , and then the new cluster head would calculate and get the session key within the cluster according to formula (12).

6. Performance Evaluation We would evaluate the performance of our proposed key management method from the aspects of connectivity, storage overhead, communication overhead, and security by system simulation. In the simulation experiment, 100 nodes are deployed in the area of 100 × 100 m2 . We adopt the wireless communication model proposed in literature [10]. If we transmit 𝑘-bit message and the transfer distance is 𝑑, the energy consumption of transmitter can be expressed as 𝐸𝑇𝑥 (𝑘, 𝑑) = 𝐸𝑇𝑥 elec (𝑘) + 𝐸𝑇𝑥 amp (𝑘, 𝑑) 𝑘𝐸 + 𝑘𝜀𝑓𝑠 𝑑2 = { elec 𝑘𝐸elec + 𝑘𝜀𝑚𝑝 𝑑4

𝑑 < 𝑑0 𝑑 ≥ 𝑑0 ,

(17)

where 𝜀𝑓𝑠 , 𝜀𝑚𝑝 are the energy consumption coefficient of power amplification circuit. Consider 𝑑0 = √𝜀𝑓𝑠 /𝜀𝑚𝑝 . When receiving 𝑘-bit data, the energy can be consumed as

󸀠 𝐾𝑢𝐵 = 𝐻 (𝐾𝑢𝐵 ‖𝑆󸀠 )

(13)

𝐸𝑅𝑥 (𝑘) = 𝐸𝑅𝑥 elec (𝑘) = 𝑘𝐸elec ,

𝐾𝐶󸀠 𝑗 = 𝐻 (𝑆󸀠 ‖id𝐶𝑗 ) .

(14)

where 𝐸elec = 50 nJ/bit, 𝜀𝑓𝑠 = 10 pJ/bit/m2 , and 𝜀𝑚𝑝 = 0.0013 pJ/bit/m4 .

The base station tells cluster head the information of its corresponding nodes assigned in its cluster by 𝐾𝑢𝐵 . After getting the information of all the nodes in cluster, each cluster head can calculate the session key used for communicating with the nodes according to formula (12). Then the establishment of the session key by polling is completed, and 𝑆󸀠 will be deleted. 5.4. Key Revocation. If the base station found a noncluster head node captured, it would tell cluster head to delete the keys related to the captured node by the key used to communicate with the cluster head. If the captured node was cluster head, the base station would find the node whose energy is greater than the average energy of the nodes in the cluster and its probability of being caught is the smallest, and let it be the new cluster head. As the cluster head does not store the cluster key in the key establishment process, the base station would transfer the information 𝑚 about the captured cluster head and the information of the new cluster head, as well as the key update parameter 𝑆󸀠󸀠 to the cluster members with multicast: BS 󳨀→ CH : 𝐸𝐾𝐶 (𝑚‖id𝐶𝑗 ‖𝑆󸀠󸀠 ) . 𝑗

(15)

(18)

6.1. Comparison of the Capture Probability of Cluster Heads. DKMM was proposed based on the type of layer-cluster network structure. Cluster heads are the key nodes in the network which contain a large number of keys. The keys will be revealed when the cluster heads are captured, and rebuilding the cluster needs a great deal of energy consumption. Therefore, nodes with lower capture probability should be selected as cluster heads in the clustering process. The clustering method with particle swarm algorithm considering the probability of nodes being captured (PSO-G) will be compared with the clustering method with particle swarm algorithm without considering the probability of nodes being captured (PSO-C). The simulation parameters are shown in Table 2, and the curves of capture probability model of the nodes are shown in Figure 3. In PSO-C method, nodes whose energy is greater than the average energy of the nodes can be a candidate of the cluster heads. PSO-G2 is a kind of clustering method based on PSO-C which considers the capture probability of the nodes. PSO-G1 is also a kind of clustering method based on PSOC which not only considers the capture probability of the

International Journal of Distributed Sensor Networks Table 2: Simulation parameters definition. Parameter values

The number of particles 𝑆 Learning factors 𝑐1 , 𝑐2 Inertia weight w

Capture probability

Evaluation factor 𝛽1 Evaluation factor 𝛽2 Evaluation factor 𝛽3 The number of cluster heads 𝐾 Constant 𝐴 The maximum capture probability 𝐺max The threshold value of the monitoring area 𝑑𝐻 The safety value of monitoring area 𝑑0 The size of the message data Initial energy of node 𝐸0 0.1 0.09 0.08 0.07 0.06 0.05 0.04 0.03 0.02 0.01 0

20 2 Decrease from 0.9 to 0.4 linearly 0.25 0.15 0.6 5 100 0.1

0.08 0.07 0.06 0.05 0.04 0.03 0.02 0.01 0

0

20

40

60

80

100 120 140 160 180 200 220 Rounds

PSO-G1 PSO-C

Figure 4: The average capture probability of cluster heads in each round.

65 m 5m 4000 bits 0.1 J

The average probability of cluster head captured in each round

Parameter

The average probability of cluster head captured in each round

6

0.07 0.06 0.05 0.04 0.03 0.02 0.01 0

0

2

4

6

8

10

12

14

16

18

20

22

Rounds × 10

0

10 20 30 40 50 60 70 80 90 The distance between nodes and base stations (m)

100

Figure 3: The curves of capture probability model of the nodes.

nodes, but also makes the nodes whose energies are more than half of the average energy become the candidates of cluster head. Normally the time duration from the starting to the time when the first dead node appears is defined as the survival time of the network. Figure 6 shows that the first dead node in PSO-G1 appears on the 203rd round, PSO-G2’s first death node appears on the 216th round, and the PSOC’s first death node appears on the 218th round. The average capture probability of cluster heads in PSO-G1 and PSOC is shown in Figure 4. In order to analyze better, capture probability value of a cluster head could be taken in every ten rounds, and it is shown in Figure 5. As shown in Figures 4 and 5, in front of the 203rd round, we can find that the average capture probability of cluster heads in PSO-G1 is lower than PSO-C’s in the process of nearly 90% rounds, and the average capture probability of cluster heads in PSO-G2 is lower than PSO-C’s in the process of more than 60% rounds. It indicates that the cluster heads will be safer if they are selected by considering the capture probability of the nodes. In PSO-G1 method, we can choose the nodes with lower capture probability as cluster heads, since it reduces the influence of energy for electing the cluster

PSO-G1 PSO-G2 PSO-C

Figure 5: The average capture probability plot of cluster heads of PSO-G1 and PSO-G2 compared with PSO-C (get the average capture probability of cluster heads in every 10 rounds).

heads. There exist more candidate cluster heads for electing. However in PSO-G2 method, only the nodes whose energies are greater than the average energy can be the candidate cluster heads. This shrinks the range of selecting for cluster heads. Thus we can draw a conclusion that the security of cluster heads which are selected by PSO-G1 is better than the thing in PSO-G2. In Figure 6, the network lifetime and energy balance of PSO-G1 are all worse than PSO-G2 and PSO-C. Its first dead node appears only ahead of 15 rounds compared to the others. PSO-G1 has greatly improved the security of the network by sacrificing a little network survival time, so it can be acceptable from the view of the whole process. 6.2. Storage Overhead. The storage space of sensor network nodes is limited, so it is necessary to reduce consumption of node’s key storing under the condition of safety. In DKMM, each node needs to store one cluster key and two session keys which are used for communicating with base station and cluster heads. At the same time, cluster heads need to store keys which are used for communicating with nodes in its

100 90 80 70 60 50 40 30 20 10 0

7 5000 4500 4000

0

50

100

150

200 250 Rounds

300

350

400

Total number of keys

Number of nodes alive


3500 3000 2500 2000 1500 1000

PSO-G1 PSO-G2 PSO-C

500 0

20

30

40

Figure 6: The curves of the network lifetime for three methods. E-G m = 50 PKAS

6.3. Energy Consumption. In the strategy of DKMM, the nodes only need to receive the updated parameters of secret keys transmitted from base station to get their session secret keys by the one-way hash function. So its energy consumption is lower. Because the energy consumption of calculation is smaller compared with the energy consumption of communication, we only consider the total communication energy consumption of the nodes while setting up the keys. Based on this circumstance, the comparison of energy consumption for DKMM, E-G, and CECC [22] is shown in Figure 8. It is clearly observed that the communication energy consumption for setting up keys of DKMM is the lowest one.

7. Security Analysis of the Scheme The cluster head is the key node in the layer-cluster network structure, which contains a large number of keys. It will reveal a lot of information once being physically captured by the enemies. Rebuilding clusters will also consume a lot of energy. So in order to guarantee the security and effectiveness of the network, we should select the nodes with lower capture probability as the cluster heads when building clusters.

80

90

100

MUQAMI DKMM

Figure 7: The comparison of key storage consumption regarding DKMM with E-G, PKAS, and MUQAMI.

Communication energy consumption (J)

cluster and base station. Assuming that there are 𝑁 ordinary nodes and 𝑀 number of cluster heads in the network, so it needs to store 4 × 𝑁 + 𝑀 keys in DKMM. In the E-G method, each node needs to store a large number of keys in advance. In order to guarantee the connectivity rate reaching 0.5, it is necessary to store 75 keys for each node when the size of the key pool reaches 10000. In 𝑞-composite method based on E-G, it will store more keys to keep the same connectivity rate compared with E-G. If each node selects 𝑚 keys from the key pool randomly, the number of keys of storage in E-G will be equal to 𝑚 × (𝑁 + 𝑀). In the PKAS [20] and MUQAMI [21] schemes, the storage space requirement will be equal to (4𝑀 + 6𝑁), 𝑀(3 + 2(log2 𝑁)2 ) + 𝑁(5 + log2 𝑁), respectively. Figure 7 shows the comparison of key storage consumption regarding DKMM with the methods of E-G, PKAS, and MUQAMI.

50 60 70 Total number of nodes

0.16 0.14 0.12 0.1 0.08 0.06 0.04 0.02 0 20

30

40

50 60 70 Total number of nodes

80

90

100

E-G m = 50 CECC DKMM

Figure 8: Comparison of communication energy consumption for setting up keys regarding DKMM with E-G and CECC.

Clustering by PSO with consideration of the capture probability factors of the nodes can ensure the nodes with lower capture probability to become the cluster heads. As illustrated in Figures 4 and 5, we can find that the cluster heads of PSO-G1 and PSO-G2 have lower capture probabilities than PSO-C in the most part of the iteration process. After the first dead node appearing, the average capture probabilities of cluster heads of PSO-G1 and PSO-G2 start to be higher than PSO-C. The reason is that the nodes with lower capture probability will be the cluster heads with many times, and their energy consumption will be greater, so most

8 of the dead nodes will be this kind of secure nodes. With energy reducing of these nodes, energy becomes the major factor of electing the head clusters. That is why the cluster heads’ average capture probabilities of PSO-G1 and PSO-G2 are higher than PSO-C after the first dead node appearing, and it goes up quickly. Fortunately, after the first dead node appearing, it is out of the network’s normal life time; so, in the normal life cycle of the network, clustering with PSO-G1 and PSO-G2 is more secure than PSO-C. As Figure 5 illustrates, the security of cluster heads elected with PSO-G1 is higher than PSO-G2 from an overall perspective. The energy threshold of PSO-G1 for selection of candidate cluster heads is lower than PSO-G2; it reduces the influence of energy for cluster heads’ election in PSOG1, so it leads to emerging more candidate cluster heads in PSO-G1. This brings the chance to select more nodes with lower capture probability to become the cluster heads. But, in PSO-G2, only the nodes whose energies are greater than the average energy of the nodes could be the candidate cluster heads, this shrinks the scope of cluster heads’ selection. So the security of cluster heads elected by PSO-G2 is lower than PSO-G1. Although the network survival time and the balance of energy consumption of PSO-G1 are not as good as PSOG2 and PSO-C and the round of its first dead node appears ahead of 13 rounds and 15 rounds, respectively, compared to PSO-G2 and PSO-C, the network survival time and the balance of energy consumption of PSO-G1 are still better than LEACH protocol. PSO-G1 greatly improves the security of the network by sacrificing a little balance of energy consumption of the network. This kind of sacrifice is acceptable and valuable indeed. In the scheme of DKMM, the keys of each node communicating with base station or cluster heads are different from each other. When a node is captured, it will not reveal the communication keys between other nodes. Cluster heads, as the key nodes in the network, will be selected from the more secure nodes as clustering. When a cluster head is captured, the base station will select a new cluster head according to the residual energy and capture probability of the nodes within cluster, and it will inform the nodes within cluster by cluster keys. Therefore the antidestroying ability of DKMM is better. When the node is captured, it will not influence the secure communication between other nodes. For the widely used dynamic key management scheme of EBS matrix method [23], when multiple nodes are captured within cluster at the same time, the captured nodes could obtain the whole EBS key set of the cluster by sharing their respective keys. This will make the whole cluster lose the security and seriously threaten the safety of whole network. But in the scheme of DKMM, even though multiple nodes are captured within a cluster at the same time, this will not reveal the keys between other nodes. So DKMM has higher security. For LEAP key management method, it also has fine antidestroying ability, but each node needs to store cluster key which is shared by the whole network. Once a node is captured, the update of keys will consume a lot of energies.

8. Conclusion This paper puts forward a probability model of nodes being captured. We not only consider the energy in the case of

International Journal of Distributed Sensor Networks dynamic clustering, but also take the capture probability of nodes into consideration. A kind key management method named DKMM was proposed, and this key management strategy makes more secure nodes most likely have the chance to become the cluster heads. Although considering the safety of the cluster heads while clustering, the cluster heads may still be possible to be captured. So DKMM method considers the possibility that the cluster heads may be captured. By the realization of the cluster head’s reselection mechanisms and the dynamical updating mechanisms of the keys, we can minimize the risk of information leaking due to the cluster heads’ capture.

Conflict of Interests The authors declare that there is no conflict of interests regarding the publication of this paper.

Acknowledgments This work was supported by the National Nature Science Foundation of China (no. 61273068), Nature Science Foundation of Shanghai (no. 12ZR1412600), and Scientific Research Innovation Project of Shanghai Education Committee (no. 13YZ084).

References [1] K. H. Kalita and A. Kar, “Wireless sensor network security analysis,” International Journal of Next-Generation Networks (IJNGN), vol. 1, no. 1, pp. 1–10, 2009. [2] X. He, M. Niedermeier, and H. De Meer, “Dynamic key management in wireless sensor networks: a survey,” Journal of Network and Computer Applications, vol. 36, no. 2, pp. 611–622, 2013. [3] G. D. Anand, G. H. Chandrakanth, and M. N. Giriprasad, “Security threats & issues in wireless sensor networks,” International Journal of Engineering Research and Applications, vol. 2, no. 1, pp. 911–916, 2012. [4] A. S. Reegan and E. Baburaj, “Key management schemes in wireless sensor networks: a survey,” in Proceedings of the IEEE International Conference on Circuit, Power and Computing Technologies (ICCPCT ’13), pp. 813–820, March 2013. [5] J. C. Lee, V. C. M. Leung, K. H. Wong, J. Cao, and H. C. B. Chan, “Key management issues in wireless sensor networks: current proposals and future developments,” IEEE Wireless Communications, vol. 14, no. 5, pp. 76–84, 2007. [6] A. A. Abbasi and M. Younis, “A survey on clustering algorithms for wireless sensor networks,” Computer Communications, vol. 30, no. 14-15, pp. 2826–2841, 2007. [7] R. Azarderakhsh, A. Reyhani-Masoleh, and Z. E. Abid, “A key management scheme for cluster based wireless sensor networks,” in Proceedings of the 5th International Conference on Embedded and Ubiquitous Computing (EUC ’08), vol. 2, pp. 222– 227, December 2008. [8] M. F. Younis, K. Ghumman, and M. Eltoweissy, “Locationaware combinatorial key management scheme for clustered sensor networks,” IEEE Transactions on Parallel and Distributed Systems, vol. 17, no. 8, pp. 865–882, 2006.

International Journal of Distributed Sensor Networks [9] W. B. Heinzelman, A. P. Chandrakasan, and H. Balakrishnan, “An application-specific protocol architecture for wireless microsensor networks,” IEEE Transactions on Wireless Communications, vol. 1, no. 4, pp. 660–670, 2002. [10] O. Younis and S. Fahmy, “HEED: a hybrid, energy-efficient, distributed clustering approach for ad hoc sensor networks,” IEEE Transactions on Mobile Computing, vol. 3, no. 4, pp. 366– 379, 2004. [11] J. Zhang and V. Varadharajan, “Wireless sensor network key management survey and taxonomy,” Journal of Network and Computer Applications, vol. 33, no. 2, pp. 63–75, 2010. [12] X. Chen, K. Makki, K. Yen, and N. Pissinou, “Sensor network security: a survey,” IEEE Communications Surveys and Tutorials, vol. 11, no. 2, pp. 52–73, 2009. [13] Y. Xiao, V. K. Rayi, B. Sun, X. Du, F. Hu, and M. Galloway, “A survey of key management schemes in wireless sensor networks,” Computer Communications, vol. 30, no. 11-12, pp. 2314–2341, 2007. [14] L. Eschenauer and V. D. Gligor, “A key-management scheme for distributed sensor networks,” in Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS ’02), pp. 41–47, New York, NY, USA, November 2002. [15] H. Chan, A. Perrig, and D. Song, “Random key predistribution schemes for sensor networks,” in Proceedings of the IEEE Symposium on Security And Privacy, pp. 197–213, Washington, DC, USA, May 2003. [16] S. Zhu, S. Setia, and S. Jajodia, “LEAP: efficient security mechanisms for large-scale distributed sensor networks,” in Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS ’03), pp. 62–72, Washington, DC, USA, October 2003. [17] G. Jolly, M. C. Kuscu, P. Kokate, and M. Younis, “A lowenergy key management protocol for wireless sensor networks,” in Proceedings of the 8th IEEE International Symposium on Computers and Communication (ISCC ’03), pp. 335–340, July 2003. [18] X. Du, Y. Xiao, M. Guizani, and H.-H. Chen, “An effective key management scheme for heterogeneous sensor networks,” Ad Hoc Networks, vol. 5, no. 1, pp. 24–34, 2007. [19] J. Kennedy and R. Eberhart, “Particle swarm optimization,” in Proceedings of the IEEE International Conference on Neural Networks, pp. 1942–1948, Perth, Australia, December 1995. [20] S. M. Rahman and K. El-Khatib, “Private key agreement and secure communication for heterogeneous sensor networks,” Journal of Parallel and Distributed Computing, vol. 70, no. 8, pp. 858–870, 2010. [21] M. K. R. R. Syed, H. Lee, S. Lee, and Y. K. Lee, “MUQAMI+: a scalable and locally distributed key management scheme for clustered sensor networks,” Annales des TelecommunicationsAnnals of Telecommunications, vol. 65, no. 1-2, pp. 101–116, 2010. [22] J. Mu, A Novel Cluster-based Isomorphic Key Management Scheme for Wireless Sensor Networks, Xidian University, 2011. [23] M. Eltoweissy, M. H. Heydari, L. Morales, and I. H. Sudborough, “Combinatorial optimization of group key management,” Journal of Network and Systems Management, vol. 12, no. 1, pp. 33– 50, 2004.

9

International Journal of

Rotating Machinery

Engineering Journal of

Hindawi Publishing Corporation http://www.hindawi.com

Volume 2014

The Scientific World Journal Hindawi Publishing Corporation http://www.hindawi.com

Volume 2014


Distributed Sensor Networks

Journal of

Sensors Hindawi Publishing Corporation http://www.hindawi.com

Volume 2014


Volume 2014


Volume 2014

Journal of

Control Science and Engineering

Advances in

Civil Engineering Hindawi Publishing Corporation http://www.hindawi.com


Volume 2014

Volume 2014

Submit your manuscripts at http://www.hindawi.com Journal of

Journal of

Electrical and Computer Engineering

Robotics Hindawi Publishing Corporation http://www.hindawi.com


Volume 2014

Volume 2014

VLSI Design Advances in OptoElectronics


Navigation and Observation Hindawi Publishing Corporation http://www.hindawi.com

Volume 2014



Chemical Engineering Hindawi Publishing Corporation http://www.hindawi.com

Volume 2014

Volume 2014

Active and Passive Electronic Components

Antennas and Propagation Hindawi Publishing Corporation http://www.hindawi.com

Aerospace Engineering


Volume 2014


Volume 2014

Volume 2014




Modelling & Simulation in Engineering

Volume 2014


Volume 2014

Shock and Vibration Hindawi Publishing Corporation http://www.hindawi.com

Volume 2014

Advances in

Acoustics and Vibration Hindawi Publishing Corporation http://www.hindawi.com

Volume 2014