Research Article Trusted Tree-Based Trust Management ... - Hindawi

Hindawi Publishing Corporation International Journal of Distributed Sensor Networks Volume 2015, Article ID 385849, 13 pages http://dx.doi.org/10.1155/2015/385849

Research Article Trusted Tree-Based Trust Management Scheme for Secure Routing in Wireless Sensor Networks Zhi Hu,1,2 Yuxia Bie,3 and Hong Zhao1,2 1

College of Information Science and Engineering, Northeastern University, Shenyang 110819, China Software Centre, Northeastern University, Shenyang 110819, China 3 Information College, Dalian University, Dalian 116622, China 2

Correspondence should be addressed to Zhi Hu; [email protected] Received 13 July 2015; Revised 2 November 2015; Accepted 22 November 2015 Academic Editor: Pascal Lorenz Copyright © 2015 Zhi Hu et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. The unique characteristics of wireless sensor networks make them susceptible to the attacks. The secure scheme is considered in designing the routing protocol and algorithm. The cryptography and authentication secure technology can defend the external attacks but have no way to protect the network when the internal attacks occur. However, the trust management scheme with attack-resistance and robustness can efficiently detect the internal attack. On the condition of defending the attacks, it is also an issue that the trust management scheme aids routing algorithm to improve the security and performance. In this paper, we proposed a Trusted Tree-based trust management for secure routing in wireless sensor networks. The common attacks are firstly analyzed. And then the dynamic time window is designed in the distributed trust model with the detection of direct trust and indirect trust. Based on the trusted nodes, Trusted Tree is constructed. And the path quality of nodes in Trusted Tree is used as the gradient for routing. Finally, we add Trusted Tree-based trust management into the QoS based routing protocol and algorithm. Experimental results show that the QoS based routing algorithm with Trusted Tree has better performance and security.

1. Introduction Wireless sensor networks are the most important elements in Internet of Things [1–4] and playing more and more key role in a wide range of application domains, such as habitat monitoring, disaster prevention, automation control, and infrastructural security [5–7]. These network nodes are equipped with the sensor and collect the data from the monitored environments. Since the communication range and computing ability of node are limited, the ad hoc routing protocol is used in wireless sensor networks [8, 9]. The traditional network protocol is not suitable for wireless sensor networks, and their security protocol can not be directly used to defend against the attacks in wireless sensor networks [10–12]. Many routing protocols and algorithms are designed for the efficient transmission of data in wireless sensor networks. The network threat is considered, such as flooding attack and eavesdropping attack. These attacks are divided into two types: internal attacks and external attacks [13, 14]. The cryptography and authentication

are usually applied to the routing protocols to defend the external attacks, because the malicious nodes have no right to access the network. When the nodes are compromised and launch the internal attacks, the secure techniques with cryptography and authentication fail to protect the network security. For the internal attacks, the trust management is the effective method. The trust management can identify the malicious node by monitoring and evaluating their behavior. However, the trust management is also vulnerable to the attack, and some intelligent behavior can trick the trust management schemes, such as on-off attack and bad-mouthing attack. Therefore, robustness issue is also considered in the trust management scheme. The distributed trust mode with direct trust and indirect trust is used to enhance the robustness in the trust management. The trust management scheme is usually seen as the service for the network routing protocol and algorithm. The trust evaluation in the trust management does not only detect the trust value of the nodes; but it is also one of the metrics in the routing algorithm. By accumulating the trust value

2

International Journal of Distributed Sensor Networks

in the routing path to evaluate the security of routing path, the secure route can be reasonably established. Therefore, based on distributed trust mode, how to design an efficient trust management scheme is a critical issue in enhancing the performance of secure routing. In this paper, we propose a Trusted Tree-based trust management scheme for routing in wireless sensor networks, which can implement the routing security and improve network performance. The attacks are firstly analyzed. And then the trust computing model and Trusted Tree are established and maintained. Furthermore, our scheme is applied to the QoS based secure routing protocols and algorithms and guides the process of the routing establishment. The major contributions of this paper are threefold which are listed as follows. (i) Dynamic time window: the fixed size of sliding time window is changed into the dynamic size, so as to detect the malicious nodes with the low proportional bad behavior. (ii) Trusted Tree: based on the computed trust value of node, the Trusted Tree is established. The secure key of node is generated. The topology path quality in Trusted Tree is used as the gradient to guide the routing building. (iii) Aiding Routing: the QoS based routing protocol using Trusted Tree is implemented. The simulation results show that the QoS based routing protocol with Trust Tree can not only efficiently detect and exclude the malicious nodes, but also significantly enhance the network performance. The remainder of this paper is organized as follows: Section 2 discusses the related works. The attacks, computing of trust value, and Trusted Tree are proposed in Section 3. The simulation results are presented in Section 4, and Section 5 concludes the paper.

2. Related Work The trust management can ensure the security of data transmission in wireless sensor networks [15]. The trust management model in secure routing protocol and algorithms can be divided into the two classes: centralized trust model and distributed trust mode [16, 17]. 2.1. Centralized Trust Model. The trust value of nodes is computed by the particular trusted centre or base station. CENTER [18] is a centralized trust based efficient routing protocol for wireless sensor networks. The base station is used to observe the behavior information from the nodes and deduce the global network view. The nodes’ trust value and the best routes are calculated for excluding the malicious nodes. Improving on the previous CENTER, CENTERA [19] includes an appropriate authentication scheme, and the base station gathers minimal neighbor trust information from the nodes. Although the base station can calculate and evaluate the trust value of the nodes by the global view of the network,

the accuracy of trust metrics about the distributed nodes needs to be improved. TCFL [20] uses the nodes’ trust value to select the routing path with highest trust value. The fuzzy logical deduction is used to quantize the uncertain and imprecise data. The proper transmitting path can be established from the source to the destination. However, the high energy is consumed in the TCFL. 2.2. Distributed Trust Model. The sensor nodes calculate the trust value by themselves. TQOS [21] obtains the secure routing by combining the trustworthiness of the nodes and the QoS of the link along a route. Based on the trustworthinessbased QoS metrics, the secure routing is discovered and set up. The trust value of nodes is gained by computing the ratio of the number of messages verified and received, but this simple statistics model is vulnerable to attack. ReTrust [22] is an attack-resistant and lightweight trust management approach. The sliding time window is used to calculate the trust value of nodes. ReTrust is a typical instance that uses direct trust and indirect trust. But this fixed size of sliding time window makes it difficult to detect the malicious nodes with low proportional behavior. FTPR [23] proposes a fuzzy-based trust prediction model for routing. Based on the historical behavior and the fluctuations in trust value over a period of time, FTPR operates the trust prediction model to predict the future behavior of the neighbor nodes. However, the wireless link is unstable, and then the link temporary errors can result in the fluctuation of the trust value. For FTPR, it is difficult to discriminate them. PLUS [24] uses the personal reference information and recommendation information to build the reasonable trust relationship among the sensor nodes. The personal reference value is gained based on the ratio of correct packets, and the recommendation value is computed by the neighbor nodes’ trust value. The trust value of suspect node is decided by the integrity check of the packet. Consequently, the suspect node may get unfair penalty and be regarded as the malicious node. In [25], considering the vulnerability of trust establishment to different attacks and the unique features of sensor nodes, a lightweight and robust trust establishment scheme is proposed. The trust value of the nodes is computed based on the rate of misbehavior. Although the frequency of misbehavior is used to check the on-off attack, this method fails to detect the attack with the low percentage of bad behavior. Another interesting distributed trust model is proposed in ATSR [26]. ATSR also implements the trust mode by the direct and indirect trust information and adopts the locationbased approach to reduce the routing protocol storage and cost. However, ATSR needs to rely on the location information. GTMS [27] is a group-based trust management scheme for clustered wireless sensor networks. GTMS has three levels: the node level, the cluster head level, and the base station level. Although the timing window mechanism is used to calculate the trust value of the node, GTMS is designed for the clustered network. The cryptography and authentication technology are also used in the centralized and distributed trust model [28, 29].

International Journal of Distributed Sensor Networks In centralized trust model, CENTERA uses RC5 and PBC. In distributed trust model, TQOS contains authentication between two nodes. By analyzing the above instances of trust management mode, it is found that the centralized trust mode has high energy consumption and low accuracy. The distributed trust mode is used in the massive routing protocol and much more suitable for wireless sensor networks.

3. Trusted Tree-Based Trust Management In this section, the threats are firstly analyzed, and then the computing method of trust value and Trust Tree are designed. At last, the Trust Tree-based trust management is added into the QoS based routing protocol. 3.1. Threats Analysis. Two types of attacks could occur in wireless sensor networks. The first type is the external attack. Wireless sensor networks are generally deployed in the unattended environment. The malicious nodes make it easy to launch the external attacks, such as denial of service (DoS) attack, sniffing attack, and replay attack [30]. DoS attacker can flood the massive hello message or redundant information. The normal and legitimate communication between nodes is disrupted. Although the sniffing attacker has no key materials about communication, it can passively eavesdrop on the transmitted data between legitimate nodes. The replay attacker can simply retransmit the earlier packets to the neighbor nodes, since it can receive the packets by wireless link. These external attacks can be defended by some cryptographic algorithms and authentication mechanisms. However, the cryptography and authentication fail to defend the internal attacks. When the node is compromised to be the malicious node, it is changed to be the internal attacker. The second type is the internal attacks that the compromised nodes launch. These malicious nodes can participate in the routing or collude with other malicious nodes. Wireless sensor networks are more vulnerable to the internal attacks as compared to the external attacks. There are usually some internal attacks including Blackhole, Greyhole, Sinkhole, and Wormhole [31]. The Blackhole attacker drops all the messages when it receives them from the neighborhood nodes. The Greyhole attacker forwards a part of the received message or discards parts of them. The Sinkhole attacker likes the Blackhole attacker, but it deceives the nodes in its near area and disguises itself as the Sink node and then attracts all the data from this area. The two malicious nodes tunnel the messages and replay them from one part of network to another part. This attack is called Wormhole attack. The trust mechanism is a widely used technology in aiding the nodes to deal with the uncertainties and malfunctions of the internal attacker nodes. By observing the behavior of the nodes in the network for a certain period, the normal node calculates the trust value and then justifies if the observed node is trusted. Although the trust based security mechanism can continuously monitor nodes’ behavior to detect the malicious and compromised nodes, the trust mechanism itself is also easy to be attacked. Before the malicious and misbehaved

3 W Si

Fi

Si

Fi

Si

Fi

Si

Fi

Si

Fi

Si

Fi

Si

Fi

Si

Fi

Figure 1: Sliding time window.

nodes are not detected, they launch some attacks on the trust management system in the network, such as on-off attack and bad-mouthing attack. In the on-off attack, the malicious nodes avoid being found by alternatively good and bad behavior, hoping that they remain in the trusted nodes set. The bad-mouthing attacker forges the recommendation of nodes, in which they frame up the recommendation of normal nodes and boost the trust recommendation of malicious nodes. They impair the trust management system by this kind of different behavior. These malicious nodes trick and attack the trust management system by the intelligent misbehavior. When the proportion of malicious behavior is lower, the detection of malicious nodes is more difficult to achieve. The current trust mechanisms have seldom effective methods to detect the low proportional malicious behavior. In this paper, the dynamic sliding window is used to solve this issue. 3.2. Computing of Trust Value. By observing the weight of neighborhood nodes’ misbehavior, the node usually computes their trust value. The sliding time window is used to estimate the trust value of nodes. The time window 𝑊𝑛 contains the 𝑛 time units, as is shown in Figure 1. The 𝑆𝑘 and 𝐹𝑘 are the numbers of successful and failed transactions for each observation time unit. After each unit of time, the window slides to the right, recording the new experience and dropping experience recorded earlier. Based on the observed information in the time window, the direct trust value is estimated. The direct trust value of node 𝐵 for node 𝐴 is denoted by 𝑉𝐷𝑇 (𝐴, 𝐵): 𝑉𝐷𝑇 (𝐴, 𝐵) = 𝜆 ×

∑𝑛−1 𝑘=0 𝛼𝑘 𝑃𝑘 (𝐴, 𝐵) ∑𝑛−1 𝑘=0 𝛼𝑘

𝑆𝑘 + 1 𝑃𝑘 (𝐴, 𝐵) = , 𝑆𝑘 + 𝐹𝑘 + 2

, (1)

where 𝑃𝑘 is the trust value in each time unit; 𝑛 is the number of units; 𝜆 scales the computed trust value. 𝛼𝑘 is the aging factor parameter and is defined as 𝛼𝑘 = 𝜇𝑛−𝑘 , where 0 < 𝜇 < 1. The direct trust value is computed by the observed number of misbehavior. Since the on-off attacker behaves well and badly alternatively to get the high trust value, calculating the period of misbehavior is adopted to detect the on-off attack. Based on the units in sliding time window, the time interval of good and bad behavior is estimated. When the proportion of misbehavior is higher, the smaller size of sliding time window can detect the misbehavior. However, when the proportion of misbehavior is lower, the size of sliding time window needs to be enlarged to cover the enough observed behavior. The current sliding time window adopts the fixed size that is previously set, before the nodes are deployed. If the fixed size is larger, it is a waste of storage resource.

4

International Journal of Distributed Sensor Networks Size of (W) = 8

Size of (W) = 5

Off Off Off Off On Off Off Off Off Off Off Off Off

Off Off Off Off On Off Off (a)

(b)

Figure 2: Size of dynamic time window.

On the other hand, if the fixed size is smaller, it is not effective for detecting the low proportion of misbehavior. Therefore, in this paper, the sliding time window is changed into a kind of dynamic sliding time window. When the trust evaluation value is lower than the trust threshold of behavior, this window unit is considered as an on attacking unit and is temporarily stored in time window by prolonging the size of sliding time window. The fourth on window unit is reserved, as shown in Figure 2(a). In sliding time window, node 𝐴 observes the behavior of node 𝐵 and finds that 𝑃𝑘 (𝐴, 𝐵) is lower than the trust threshold. So node 𝐴 suspects that node 𝐵 launches a fourgood-one-bad on-off attack. And then node 𝐴 prolongs the size of sliding time window to 8 as shown in Figure 2(b). The window monitoring value of node 𝐵 for node 𝐴 is denoted by 𝑉𝑆𝑊(𝐴, 𝐵): 𝑉𝑆𝑊 (𝐴, 𝐵) =

∑ Unitson . ∑ Unitson + ∑ Unitsoff

(2)

Node 𝐴 normally sets a reasonable and secure value low bang 𝑉𝑇lb and high bang 𝑉𝑇hb for the dynamic window. If 𝑉𝑆𝑊 is larger than 𝑉𝑇hb , the size of sliding window is prolonged to observe more behavior of node in added window units. With the number of good behavior increasing, 𝑉𝑆𝑊 is reduced. When 𝑉𝑆𝑊 is lower than 𝑉𝑇lb , the number of window units is gradually decreased to the normal size. Recommendation consistency is used to estimate the recommendation trust. The outlier detection scheme is a tool for detecting recommendation consistency. After receiving the recommendations from the neighboring nodes, node 𝐴 firstly computes the mean 𝑀𝑉𝑅 and then deduces the variance 𝜎𝑅 . The recommendation is good as long as the variance of recommendation is lower than 𝜎𝑅 . Furthermore, the commendation trust value 𝑉𝑅𝑇 is calculated by adopting previous method of computing direct trust. The bad recommendation can be detected and avoided. So the node defends the badmouthing attack based on it. The indirect trust is calculated by employing trust chain, on the condition of legitimate recommendation trust. Node 𝐶𝑖 is the neighborhood nodes of node 𝐴, and every node 𝐶𝑖 has the trust value 𝑉𝐷𝑇 (𝐶𝑖 , 𝐵) for the observed node 𝐵. Indirect trust is computed by the trust propagation. With the recommendation trust from the trusted nodes, one way to calculate the indirect trust of node 𝐵 for 𝐴 is ∑𝑚 𝑖=1 𝑉𝑅𝑇 (𝐴, 𝐶𝑖 ) × 𝑉𝐷𝑇 (𝐴, 𝐶𝑖 ) × 𝑉𝐷𝑇 (𝐶𝑖 , 𝐵) , 𝑚

where 𝑚 is the number of good commendations.

𝑉𝑇 (𝐴, 𝐵) = 𝛽 ⋅ 𝑉𝐷𝑇 (𝐴, 𝐵) + (1 − 𝛽) ⋅ 𝑉𝐼𝑇 (𝐴, 𝐵) .

(3)

(4)

The computing process of node trust value is detailed as follows. Node 𝐴 firstly broadcasts the Trust Computing Request (TCR) message to the neighbor nodes in the communication range. The TCR message contains the following fields: ⟨TCR identifier, seq𝐴, 𝐵⟩ ,

(5)

where TCR identifier stands for the TCR message; seq𝐴 is the sequence number of TCR message that node 𝐴 sends; 𝐵 is the observed node. Node 𝐴 sets the timer for the reply of neighbors and then waits for the recommendation messages from them. Upon receiving the TCR message, the neighbor node 𝐶𝑖 takes 𝑉𝐷𝑇 (𝐶𝑖 , 𝐵) into the Trust Computing Reply (TRE) message and unicasts TCR message back to node 𝐴. The TCR message consists of the following fields: ⟨TRE identifier, seq𝐴, 𝐵, 𝐶𝑖 , 𝑉𝐷𝑇 (𝐶𝑖 , 𝐵)⟩ .

(6)

After node 𝐴 receives the recommendations, it can compute the trust value of node B and decide if node 𝐵 is reserved in its trusted neighbors set. 3.3. Model of Trusted Tree. Each node sends or forwards the data to the Sink in wireless sensor networks. The communication link is wireless channel, which is easily influenced by the environment. The quality of wireless link is usually measured by the number of data packets transmitted successfully [32–34]. The wireless link is a bidirection channel with ACK message. By using EWMA method, the nodes set time interval to compute the success probability of packet acceptance in the wireless link. The ETX is used to calculate the link quality. 𝑑𝑓 and 𝑑𝑟 are, respectively, indicated as the packet reception successful rate of the forward and reverse link. The wireless link quality is denoted by ETXlink = 1/(𝑑𝑓 × 𝑑𝑟 ). The smaller the ETX is, the better the data reception and link quality are. Suppose the ETX of Sink is 0; the path quality of the other node is equal to the accumulation of single hop link quality. Consider PQ𝐴 = min {PQ𝐵 + LQ𝐴,𝐵 | 𝐵 ∈ NS (𝐴)} ,

𝑉𝐼𝑇 (𝐴, 𝐵) =

The trust value of node 𝐵 for node 𝐴 is obtained according to the direct and indirect trust value:

(7)

where LQ𝐴,𝐵 stands for the link quality from node 𝐴 to node 𝐵; PQ𝐵 represents the path quality of node 𝐵; the path quality PQ𝐴 of node 𝐴 is the minimum value that the function min{∗} returns; NS(𝐴) is the neighbor set of node 𝐴.


B

5

A

Figure 3: Trusted Tree.

According to the accumulation process of path quality, the network topology can form a tree, and the root is Sink, as shown in Figure 3. To some extent, the path quality in this tree reflects the distance to the Sink, which is seen as the gradient information for routing. 3.4. Establishment of Trusted Tree. Since the bilinear pairing technology has been implemented on the sensor node platform, identity-based cryptography is used in wireless sensor networks [35]. The public key is derived based on the public information, such as the ID of node. The steps of key distribution and authentication between nodes are decreased. The complexity of computing and communication load is effectively controlled. In recent years, there have been many solutions put in wireless sensor networks, such as TinyTate [36], TinyPBC [37], and TinyParing [38]. Based on cryptography technology and trust management, Trusted Tree is constructed. 3.4.1. Key Predeployment. The data is forwarded to the Sink in wireless sensor networks. It is assumed that the Sink is secure and trusted, which is equipped with trusted computing module. Therefore, the Sink is trustworthy and unassailable and is seen as the trusted authority. All of the key materials are stored in the Sink. However, the normal nodes are not tamper-resistant and can be compromised easily. The key and data of node can be extracted, because the hardware of node is cost constraint. Before the network nodes are deployed, the initial key and the necessary part of key materials are stored in the normal nodes. The five steps are listed as follows: (i) Each node 𝐴 has a unique, integer-valued ID, denoted by ID𝐴. (ii) Choose the hash function 𝐻: {0, 1}∗ → 𝐺1 , mapping arbitrary strings to the elements in 𝐺1 , and bilinear pairing 𝑒𝑙: 𝐺1 × 𝐺1 → 𝐺2 , and master secret 𝑘 ∈ 𝑍𝑞 . (iii) Choose the hash function ℎ: {0, 1}∗ → {0, 1}𝑁, mapping arbitrary strings to the fixed length string. (iv) Set the path quality of node 𝐴 to the initial value PQinit and compute its public key 𝑃𝐾𝐴 = 𝐻(ID𝐴 ‖ PQinit ) and private key 𝑇𝐾𝐴 = 𝑘𝐻(ID𝐴 ‖ PQinit ). (v) Store the relative parameter (𝐺1 , 𝐺2 , 𝑒𝑙, 𝑞, 𝐻, ℎ) and 𝑇𝐾𝐴 in node 𝐴.

Since the Discrete Logarithm Problem is too difficult to be solved, it is infeasible to deduce 𝑘 from the ID and public key. In other words, although some nodes are captured and compromised, and relative key materials are extracted from them, the adversaries have no way to compute the critical key of other nodes. 3.4.2. Authentication between Neighborhood Nodes. The neighborhood authentication is the foundation of the data transmission between neighborhood nodes. When the legitimate node only forwards/receives data to/from the authenticated nodes, the bogus message is not injected into the network, and the secure data is not swindled by the external attackers. The detailed procedure of neighborhood authentication is the following. Before the node communicates with the neighbor, the nodes should firstly perform the mutual authentication. Node 𝐴 broadcasts the neighborhood authentication (NAU) message, which includes message identifier, ID𝐴, current path quality CPQ𝐴, and a random nonce 𝑅𝐴 . The NAU message comprises the following fields: ⟨NAU identifier, ID𝐴 , CPQ𝐴, 𝑅𝐴 ⟩ ,

(8)

where NAU identifier uniquely identifies the NAU message; ID𝐴 denotes that this NAU message is from node 𝐴; CPQ𝐴 is used to negotiate the shared key between the neighborhood nodes; 𝑅𝐴 is applied to calculate and compare the message integrity code. Node 𝐵 responds to this message, when it is within the transmission range of node 𝐴. Node 𝐵 firstly calculates the shared key 𝑁𝐾𝐵,𝐴 based on ID𝐴 , CPQ𝐴, ID𝐵 , and CPQ𝐵 . And then Node 𝐵 computes the message integrity code ℎ𝑁𝐾𝐵,𝐴 (𝑅𝐴 ‖ 𝑅𝐵 ‖ 1) by using parameters 𝑅𝐴 and 𝑅𝐵 . Node 𝐵 responds to node 𝐴, after it generates the Neighbor Respond (NRE) message with ℎ𝑁𝐾𝐵,𝐴 (𝑅𝐴 ‖ 𝑅𝐵 ‖ 1). The NRE message consists of the following fields: ⟨NRE identifier, ID𝐵 , CPQ𝐵 , 𝑅𝐵 , ℎ𝑁𝐾𝐵,𝐴 (𝑅𝐴 ‖ 𝑅𝐵 ‖ 1)⟩ , (9)

where NRE identifier presents the NRE message; the function of ID𝐵 , CPQ𝐵 , and 𝑅𝐵 is identical to the homologous fields in NAU message. Based on bilinear pairing formulation, 𝑁𝐾𝐵,𝐴 is computed by the private key 𝑇𝐾𝐵 of node 𝐵 and the public key 𝑃𝐾𝐴 of node 𝐴. Although 𝑁𝐾𝐵,𝐴 is generated on node 𝐵, 𝑁𝐾𝐵,𝐴 is equal to 𝑁𝐾𝐴,𝐵 that is deduced by node 𝐴. The computing process is described as follows: 𝑁𝐾𝐵,𝐴 = 𝑒𝑙 (𝑇𝐾𝐵 , 𝑃𝐾𝐴) = 𝑒𝑙 (𝑇𝐾𝐵 , 𝐻 (ID𝐴 ‖ CPQ𝐴)) = 𝑒𝑙 (𝑘𝐻 (ID𝐵 ‖ CPQ𝐵 ) , 𝐻 (ID𝐴 ‖ CPQ𝐴)) = 𝑒𝑙 (𝐻 (ID𝐵 ‖ CPQ𝐵 ) , 𝑘𝐻 (ID𝐴 ‖ CPQ𝐴)) = 𝑒𝑙 (𝐻 (ID𝐵 ‖ CPQ𝐵 ) , 𝑇𝐾𝐴 ) = 𝑒𝑙 (𝑇𝐾𝐴, 𝐻 (ID𝐵 ‖ CPQ𝐵 )) = 𝑒𝑙 (𝑇𝐾𝐴, 𝑃𝐾𝐵 ) = 𝑁𝐾𝐴,𝐵 .

(10)

6


Based on the bilinearity and symmetry of 𝑒𝑙, the above equation holds. Therefore, node 𝐴 uses 𝑁𝐾𝐴,𝐵 to compute ℎ𝑁𝐾𝐴,𝐵 (𝑅𝐴 ‖ 𝑅𝐵 ‖ 1). If the result is equal to what node 𝐵 sent, node 𝐴 considers node 𝐵 an authentic neighbor. After node 𝐴 verifies the NRE message, it sends the Neighbor Confirmation (NCO) message to node 𝐵. The NCO message contains the following fields: ⟨NCO identifier, ℎ𝑁𝐾𝐴,𝐵 (𝑅𝐴 ‖ 𝑅𝐵 ‖ 2)⟩ ,

3.4.3. Construction Procedure. The Sink is secure and not compromised in wireless sensor networks; otherwise it is difficult to set up the trust management mechanism and secure protocol. Since the path quality of Sink is 0, each node can find a path to the Sink, by the relaying of other nodes. In the construction procedure, the Sink firstly establishes the one-hop trusted path with the neighboring nodes, and then other nodes are added into the Trusted Tree by the nodes that have joined the Trusted Tree. The detailed procedure of construction is represented as follows. The Sink periodically broadcasts the Trusted Tree (TTR) message, which contains the message identifier, a sequence number 𝑁Sink , and the message integrity code which affirms the Sink origin of it. The TTR message comprises the following fields:

𝑇𝐾Sink [TTM identifier ‖ 𝑁Sink ]⟩ ,

(12)

where TTR identifier stands for the TTR message; 𝑁Sink is used to differentiate and compare the message; the private key 𝑇𝐾Sink of Sink is applied to sign the message. After the nodes receive and verify the TTR message, they rebroadcast the message. By comparing the messages from the neighboring nodes, the receiving node calculates the trust value and then sets up the trust relationship with them. The authenticated result of message is used in computing the node’s trust value. Node 𝐴 receives the messages from the certificated neighboring nodes. If the current path quality of neighboring node is not the initial value PQinit , the neighboring node has been authenticated with the Sink and has joined the Trusted Tree. Based on (7), node 𝐴 researches the parent node 𝐵 from its neighbor nodes set and then invokes the computing process of node trust value in Section 3.2. If the trust value of parent node 𝐵 is larger than the trusted threshold, node 𝐴 sets up the Joining Tree (JTR) message by using ID𝐴, current path quality CPQ𝐴 , new calculating path quality NPQ𝐴, 𝑉𝑇 (𝐴, 𝐵), and 𝑛𝑝 ⋅ (𝑃𝐾𝐴)NPQ . 𝑛𝑝 is a random number. (𝑃𝐾𝐴)NPQ is the public key that is generated

A

D Sink

Figure 4: Message delivering.

(11)

where NCO identifier denotes the NCO message. ℎ𝑁𝐾𝐴,𝐵 (𝑅𝐴 ‖ 𝑅𝐵 ‖ 2) is used to verify node 𝐴, due to ℎ𝑁𝐾𝐵,𝐴 (𝑅𝐴 ‖ 𝑅𝐵 ‖ 2) = ℎ𝑁𝐾𝐴,𝐵 (𝑅𝐴 ‖ 𝑅𝐵 ‖ 2). By the three-way handshaking above, node 𝐴 can construct the set of its certificated neighborhood nodes, and the shared keys between them are generated at the same time.

⟨TTR identifier, 𝑁Sink ,

B

by NPQ𝐴. And node 𝐴 uses the current private 𝑇𝐾𝐴 to sign it. The JTR message consists of the following fields: ⟨JTR identifier, ID𝐴, CPQ𝐴 , NPQ𝐴 , 𝑛𝑝 ⋅ (𝑃𝐾𝐴)NPQ , 𝑉𝑇 (𝐴, 𝐵) ,

(13)

𝑇𝐾𝐴 [ID𝐴 ‖ CPQ𝐴 ‖ NPQ𝐴 ‖ 𝑛𝑝 ⋅ (𝑃𝐾𝐴)NPQ ]⟩ , where JTR identifier represents the JTR message. Node 𝐴 sends the JTR message to the parent node 𝐵. Node 𝐴 encrypts the JTR message by using the shared key with node 𝐵. If node 𝐵 is not directly communicated with the Sink, it needs to forward JTR message to the relaying node 𝐷, and then node 𝐷 forwards it to the Sink. In the forwarding process, the trust value of relaying nodes is added into the JTR message. Figure 4 shows the JTR message delivering. After the Sink receives the JTR message from node 𝐴, the Sink stores the path quality of node 𝐴 and calculates the new private key according to (𝑇𝐾𝐴)NPQ = 𝑘𝐻(ID𝐴 ‖ NPQ𝐴). Then the Sink computes the trust value of topology path in Trusted Tree, which is denoted by 𝑉𝑇𝑇 (𝐴). The Sink packets the encrypted (𝑇𝐾𝐴)NPQ and 𝑛𝑞 ⋅ 𝑃𝐾Sink into the Tree Confirmation (TCO) message. 𝑛𝑞 is a random number and 𝑃𝐾Sink is the public key of Sink. The TCO message contains the following fields: ⟨TCM identifier, 𝑃𝐾𝐴 {(𝑇𝐾𝐴 )NPQ } , 𝑛𝑞 ⋅ 𝑃𝐾Sink , 𝑇𝐾Sink [𝑃𝐾𝐴 {(𝑇𝐾𝐴)new } ‖ 𝑛𝑞 ⋅ 𝑃𝐾Sink ]⟩ ,

(14)

where TCO identifier denotes the TCO message; the generated (𝑇𝐾𝐴)NPQ is securely transmitted back to node 𝐴 by encryption. At last, the Sink signs this message. The Sink calculates the shared key with node 𝐴, by using 𝑆𝐾Sink↔𝐴 = 𝑒𝑙 (𝑇𝐾Sink , 𝑛𝑝 ⋅ (𝑃𝐾𝐴)NPQ + 𝑛𝑞 ⋅ (𝑃𝐾𝐴)NPQ ) = 𝑒𝑙 (𝑘 ⋅ 𝑃𝐾Sink , (𝑛𝑝 + 𝑛𝑞 ) ⋅ (𝑃𝐾𝐴)NPQ ) 𝑘⋅(𝑛𝑝 +𝑛𝑞 )

= 𝑒𝑙 (𝑃𝐾Sink , (𝑃𝐾𝐴)NPQ )

.

(15)


7

Once node 𝐴 receives the TCO message, it also computes the shared key as follows: 𝑆𝐾𝐴↔Sink = 𝑒𝑙 ((𝑇𝐾𝐴)NPQ , 𝑛𝑝 ⋅ 𝑃𝐾Sink + 𝑛𝑞 ⋅ 𝑃𝐾Sink ) = 𝑒𝑙 (𝑘𝐻 (ID𝐴 ‖ NPQ𝐴 ) , (𝑛𝑝 + 𝑛𝑞 ) 𝑃𝐾Sink ) (16)

𝑘⋅(𝑛𝑝 +𝑛𝑞 )

= 𝑒𝑙 ((𝑃𝐾𝐴)NPQ , 𝑃𝐾Sink )

𝑘⋅(𝑛𝑝 +𝑛𝑞 )

= 𝑒𝑙 (𝑃𝐾Sink , (𝑃𝐾𝐴)NPQ )

= 𝑆𝐾Sink↔𝐴 .

After the shared key is set up and node 𝐴 has joined the Trusted Tree, node 𝐴 updates the information with its neighborhood nodes. And the neighbors, which are not added into the Trusted Tree, join the Trusted Tree by node 𝐴. In the processing of establishing the Trusted Tree, the Sink stores the secure information of nodes in network. These neighborhood authentication messages and Trusted Tree construction messages can be piggybacked in the routing protocol messages. So the communication overhead is further reduced. 3.5. Routing Algorithm. In the design of trust based routing, two aspects need to be considered. The first aspect implies checking the trust value of the nodes and path. Only the nodes and path, whose trust value is larger than the set trusted threshold, are placed into the candidate set of the routing decision. The second aspect tries to include the trust value metric and some kind of routing metric, such as hop counts and QoS parameter. In other words, on the basis of trusted nodes, the secure routing with QoS support is built. The routing decision is based on the combination value of the two metrics. The Trusted Tree-based trust management scheme can be applied in many routing protocols and algorithms. Taking the QoS based routing protocol as example, we add Trusted Tree-based trust management scheme into the TQOS, which implements TQOS using Trusted Tree (TT). Since both the trust and QoS requirement are considered, the cost that combines the trust and QoS requirement is designed as follows: 𝐶𝐴 (𝑃) = ∑ 𝛼 ⋅ Φ (𝑖, 𝑗) ⋅ (1 − 𝑉𝑇 (𝑖, 𝑗)) ,

(17)

Φ (𝑖, 𝑗) = 𝛽 ⋅ 𝐿𝑄𝑖,𝑗 ⋅ 𝐷𝑖,𝑗 ,

(18)

𝑖,𝑗∈𝑃

where 𝛼 is a coefficient that is used to scale the cost; Φ(𝑖, 𝑗) is a combined metric that contains the link quality LQ𝑖,𝑗 and delay 𝐷𝑖,𝑗 over the link from 𝑖 to 𝑗; 𝛽 is a scaling factor that is used to scale the impact of delay on the total metric. The bigger value of 𝐶𝐴 (𝑃) represents the higher cost of path 𝑃, which is due to lower path quality, or the less trust value of path, or both. The path that is less trusted and does not meet the QoS requirement cannot be selected. Therefore, the problem of routing decision can be described as researching the minimum cost of path to be selected as follows: min 𝐶𝐴 (𝑃) ,

𝑃 ∈ Ω𝐴 → Sink ,

(19)

where Ω𝐴 → Sink is the set of routing paths that are from node 𝐴 to the Sink. In order to implement the minimum 𝐶𝐴(𝑃), each relaying node needs to calculate an increase to the cost function 𝐶𝐴(𝑃) when it and next hop node are selected to join the path 𝑃. In the process of secure routing establishment, source node 𝐴 broadcasts the route discovery packet (RDP𝐴) with its secure signature. If node 𝐵 belongs to the trusted neighbors set of node 𝐴, and CPQ𝐵 is lower than CPQ𝐴, node 𝐵 adds its own information into the RDP𝐴 and then rebroadcasts it. The smaller CPQ𝐵 means node 𝐵 is nearer to the Sink, because the path quality in Trusted Tree is a kind of gradient information for routing. If CPQ𝐵 is higher than CPQ𝐴 , the distance or hop number of node 𝐵 to the Sink can be larger than node 𝐴. So node 𝐵 can not be the next hop of node 𝐴 and drops RDP𝐴. This process is repeated until it reaches the Sink. At the Sink, it firstly verifies RDP𝐴 and then calculates the total cost of the routing path by using (17). After the Sink receives a few routing discovery packets from node 𝐴, it makes the routing decision by using (19). The path with the least cost is selected as the optimal path. And then the Sink sends the route reply packet (REP𝐴) back to node 𝐴. After node 𝐴 receives and verifies REP𝐴 , the secure route between node 𝐴 and the Sink is established, and node 𝐴 starts data transmission. The process of route establishment is implemented on the Trusted Tree. The steps are shown in Algorithm 1(a). The nodes on the Trusted Tree monitor and observe the behavior of neighbor nodes. When the trust value of observed node is lower than the trust threshold, the route error (RER) message is generated to notify other nodes to change the route. For example, node 𝐸 is compromised. When the malicious behavior of node 𝐸 is detected by node 𝐷, it broadcasts RER𝐷. If node 𝐸 is next hop of node 𝐷, and node 𝐷 is not the source node of route, it only deletes node 𝐸 from its routing table and trusted neighbor set. If node 𝐷 is the source node, it needs to reestablish the route to the Sink by using Algorithm 1(a). When the neighbor node 𝐶 of node 𝐷 receives RER𝐷, and it finds that node 𝐸 or node 𝐷 is its next hop, it deletes this next hop from the routing table and broadcasts RER𝐷. After it reaches the source node, the new route establishment is conducted. Algorithm 1(b) describes this process.

4. Performance Evaluation All of the simulation experiments are run in the TOSSIM simulator [39]. TOSSIM inherits the implementation and design of TinyOS, which provides the tool to generate network topology and uses CPM algorithm to simulate noise. The scenario that is used in our experiments consists of a 100 m × 100 m square area. The Sink is placed at the edge of the experiment area. The nodes are uniformly randomly distributed, where the average node density is about 2 to 6 nodes in each 20 m × 20 m square subarea. And the distance between any two nodes is more than 7 meters. The ID of node is orderly numbered by their distance to the Sink from near to

8


(a) Algorithm for secure route establishment (1) Process Initialization; (2) Source node broadcasts RDP to its neighborhood nodes; (3) while (verify(RDP) == TRUE AND Receiving Node ≠ Sink); (4) if (CPQReceivingNode < CPQSendingNode ); (5) Receiving Node adds its own information and rebroadcasts RDP; (6) else (7) Receiving Node drops RDP; (8) end if (9) end while (10) By using (17), the Sink computes the cost for the current route of the RDP; (11) Store the current RDP and its cost into ΩSourceNode → Sink ; (12) if ΩSourceNode → Sink is FULL; (13) By using (19), select the one with the least cost; (14) Sends the REP back to the Source Node over the selected route; (15) end if (16) Source node receives the REP; (17) if (verify(REP) == TRUE) (18) Secure route is established, and start data transmission; (19) end if (20) End Process (b) Algorithm for secure route maintenance (1) Process Initialization; (2) if (The trust value of Monitored Node is lower than the trust threshold) (3) Generates the RER, and broadcasts the RER; (4) if (Monitoring Node == Source Node AND Monitored Node == Next Hop) (5) Deletes the route, and invokes Algorithm 1(a); (6) else if (Monitored Node == Next Hop) (7) Deletes the route; (8) end if; (9) end if; (10) while (Receiving Node ≠ Source Node) (11) if (Sending Node == Next Hop OR Monitored Node == Next Hop) (12) Deletes the route; (13) end if; (14) Broadcast the RER; (15) end while; (16) Establish the new route by using Algorithm 1(a); (17) End Process Algorithm 1: The processing flow of algorithm.

far. Among the total number of the nodes in the experiment, 10 percent nodes are selected as the malicious nodes. Other normal nodes generate the sensed data packets by the period of random time interval. Each node can have the difference task for monitoring the environment. The period of sensing data or event driven time is also different. The nodes send a packet at the random time interval, which is randomly set from 5 to 15 seconds. The simulation experiments are run for 6000 seconds. The main experimental parameters are listed in Table 1. We implement and compare TQOS, TQOS using ReTrust, and TQOS using TT (Trusted Tree). After the malicious and normal nodes are selected, each test is executed about 5 times, and then their average value is calculated. 4.1. The Security and Performance of Trusted Routing. The trust management scheme is the effective method to defend

Table 1: Simulation settings. Parameter Terrain (m2 ) Node number Packet length (Byte) MAC protocol Radio range (m) Trust threshold

Value 100 × 100 100 110 IEEE802.15.4 CSMA 40 0.4

the attacks in the network routing. In the tampering attack, the malicious node forwards the messages in the routing path, after receiving and tampering the messages. So the trust management scheme needs to cooperate with the cryptographic technique to detect the malicious nodes. And


9

1 200

150

0.9 Delay (ms)

Average delivery ratio

0.95

0.85

100

0.8 50 0.75 0.7

0 50

100

150 Run time

200

250

300

TQOS TQOS using ReTrust TQOS using TT

5

10

15 20 Source nodes

25

30


Figure 5: Average delivery ratio under tampering attack.

Figure 6: End-to-end delay under tampering attack.

then the trust management scheme recalculates the trust value of the nodes and path for the routing algorithm. As shown in Figure 5, the average delivery ratio of the packet decreases significantly when the malicious nodes launch the attack, while the average delivery ratio increases after the malicious nodes are detected out. At the initial stage of network running, the average delivery ratio is close to 1. Since the tampered messages are dropped, the packet loss ratio increases and the average delivery ration suffers the degradation. Compared with TQOS, the TQOS using ReTrust and TQOS using TT can earlier detect the malicious nodes, because the direct trust and indirect trust are used in them. TQOS has only direct trust by observing the neighbor nodes, so the detection efficiency of TQOS is lower than them. However, the trust value node and path are computed in dynamic time window of TQOS using TT, and the path quality gradient of Trusted Tree can speed up the building process of secure routing path. Therefore, the average delivery ratio in the new path of TQOS using TT increases more than the TQOS using ReTrust. Figure 6 represents the average transmission latency of the 30 normal nodes, which are randomly selected among the source nodes. The transmission time of packet is the base for the data transmission. The statistics of latency is based on the transmission time of packet. According to the transmission time of each packet from the source node to the destination node, the latency is counted and calculated on the Sink. Based on the link quality of Trusted Tree and the routing discovery, the TQOS using TT can get higher performance and has the lower transmission delay. TQOS using ReTrust has more stable routing path than the TQOS. Since the direct trust and indirect trust are used, the trust value of path is faster calculated for the routing. So the performance is enhanced. In the TQOS using TT, the routing path is built on the Trusted Tree. The next hop node is the trusted neighbor node, which is from the authenticated neighbor nodes set.

And the neighbor nodes, which take lower path quality as routing gradient, forward the routing discovery packet for route establishment. The massive flooding of routing message is avoided. So TQOS using TT has the lower route load as shown in Figure 7. Due to the large number of broadcast and rebroadcast packets sent and forwarded, TQOS has much higher cost. Based on the scheme of TQOS, the direct trust and indirect trust communication of TQOS using ReTrust result in more load. 4.2. Detecting Malicious Behavior. The malicious node can continue to change between the good and bad behavior, so as to achieve the purpose of damaging the network and avoid being detected. Firstly, we execute the simulation, in which the malicious nodes launch the on-off attack with dropping 50% of packets. The attack effect is shown in Figure 8. Compared with the tampering attack, the average delivery ratio decreases gently in the presence of the onoff attacking, but many packets are dropped. This is because the malicious nodes are difficult to be detected. The message authentication mechanism in TQOS is modified and replaced by the direct trust computing. The average delivery ratio is lower when only direct trust is used. But the malicious nodes are earlier detected out in the TQOS using ReTrust and TQOS using TT. And TQOS using TT has higher delivery ratio than TQOS using ReTrust, because of the dynamic time window and Trusted Tree. In the presence of on-off attack, the average transmission latency of the 30 normal nodes is shown in Figure 9. The transmission latency of data packet is computed. In TQOS, the instability of the trust value results in the fluctuation of the delay. TQOS using ReTrust can alleviate the instability of the trust value. By the dynamic time window and Trusted Tree, TQOS using TT can quicker find out the malicious node and enhance performance on the latency.

International Journal of Distributed Sensor Networks 0.35

250

0.3

200 Delay (ms)

Route load

10

0.25

0.2

100

50

0.15

0.1

150

0 2

3

4

5 6 7 8 Number of neighbor nodes

9

10

5

10

15 20 Source nodes

25

30



Figure 9: End-to-end delay under on-off attack.

Figure 7: Route load. 1

1



0.95 0.9 0.85 0.8

0.95

0.9

0.75 0.7

50

100

150 Run time

200

250

300


0.85

50

100

150 Run time

200

250

300


Figure 8: Average delivery ratio under on-off attack.

Figure 10: The effect of lower probability on-off attack.

When the malicious nodes launch the on-off attack with dropping 10% of packets, the attack effect is shown in Figure 10. TQOS and TQOS using ReTrust are difficult to detect out the attack. However, TQOS using TT can prolong the size of dynamic sliding window to find out the malicious nodes and raise the average delivery ratio. When the bad-mouthing attack is launched, the malicious nodes detection performance is shown in Figure 11. Let 𝐷 denote the set of malicious nodes that are detected out. 𝑀 represents the set of malicious nodes. The malicious nodes detection performance is defined as 𝐷/𝑀, which is a real number in [0, 1]. In order to avoid being detected, the malicious nodes do not launch bad-mouthing attack

constantly. When the proportion of bad-mouthing behavior is 50% and 20%, the TQOS using ReTrust and TQOS using TT can find out the malicious nodes. But the TQOS using TT has the higher performance. While the proportion of badmouthing behavior drops down to 10%, the TQOS using TT can still detect the malicious node since the dynamic time window is introduced. 4.3. Residual Energy. After the simulation is completed, the residual energy of normal nodes is shown in Figure 12. For TQOS using TT, the average value of residual energy is 0.679, and TQOS and TQOS using ReTrust are, respectively, 0.589 and 0.561. TQOS using TT does not use the message


11

5. Conclusions

Malicious nodes detection performance

1 0.9 0.8 0.7 0.6 0.5 0.4 0.3 0.2 0.1 0

0

50

100

150 200 250 Run time TQOS using ReTrust (The proportion of bad-mouthing behavior is 50%) TQOS using TT (The proportion of bad-mouthing behavior is 50%) TQOS using ReTrust (The proportion of bad-mouthing behavior is 20%) TQOS using TT (The proportion of bad-mouthing behavior is 20%) TQOS using TT (The proportion of bad-mouthing behavior is 10%)

300

In this paper, we proposed Trusted Tree-based trust management scheme for secure routing. The attacks in wireless sensor networks are firstly analyzed. Based on the distributed trust model with the detection of direct trust and indirect trust, the dynamic time window is used to compute the trust value of nodes. Then Trusted Tree is established on the trusted nodes. The node’s path quality in Trusted Tree can aid the routing discovery process to set up the routing path. Trusted Treebased trust management scheme can be added to the many secure routing algorithms, such as the QoS based secure routing algorithm. Compared with some current algorithms with the trust management scheme, the routing algorithm with Trusted Tree shows better performance and security, according to results of the simulation experiments. In the future, we plan to use message type weight to develop the distributed trust mode, which can both improve the detection efficiency and enhance the network performance. We will add our proposed trust management into some actual network protocol, such as IETF RPL protocol.

Conflict of Interests The authors declare that there is no conflict of interests regarding the publication of this paper.

Figure 11: Malicious node detection performance.

Acknowledgments 1

This work is supported by the National Natural Science Foundation of China under Grant nos. 60903159 and 61173153, the Special Fund from the Central Collegiate Basic Scientific Research Bursary N110818001 and N100218001, and Science and Technology Planning Project of Shenyang City under Grant no. 1091176-1-00. The authors would like to thank NSR (Neusoft Group Research) and research colleagues for support.

0.9

Residual energy

0.8 0.7 0.6 0.5

References

0.4 0.3 0.2

0

10

20

30

40 50 60 Network nodes

70

80

90


Figure 12: Residual energy.

redundancy and route redundancy to build secure routing. So the number of messages is decreased. TQOS using TT has the higher residual energy. The building process of routing path is shortened by introducing Trusted Tree. The network lifetime is longer in TQOS using TT.

[1] L. Mainetti, L. Patrono, and A. Vilei, “Evolution of wireless sensor networks towards the internet of things: a survey,” in Proceedings of the 19th International Conference on Software, Telecommunications and Computer Networks (SoftCOM ’11), pp. 1–6, Split, Croatia, September 2011. [2] P. Rawat, K. D. Singh, H. Chaouchi, and J. M. Bonnin, “Wireless sensor networks: a survey on recent developments and potential synergies,” Journal of Supercomputing, vol. 68, no. 1, pp. 1–48, 2014. [3] J. Duan, D. Yang, H. Zhu, S. Zhang, and J. Zhao, “TSRF: a trustaware secure routing framework in wireless sensor networks,” International Journal of Distributed Sensor Networks, vol. 2014, Article ID 209436, 14 pages, 2014. [4] G. Acampora, M. Gaeta, V. Loia, and A. V. Vasilakos, “Interoperable and adaptive fuzzy services for ambient intelligence applications,” ACM Transactions on Autonomous and Adaptive Systems, vol. 5, no. 2, article 8, 2010. [5] J. Yick, B. Mukherjee, and D. Ghosal, “Wireless sensor network survey,” Computer Networks, vol. 52, no. 12, pp. 2292–2330, 2008.

12 [6] L. Zhou, N. Xiong, L. Shu, A. Vasilakos, and S.-S. Yeo, “Contextaware middleware for multimedia services in heterogeneous networks,” IEEE Intelligent Systems, vol. 25, no. 2, pp. 40–47, 2010. [7] L. Liu, Y. Song, H. Zhang, H. Ma, and A. V. Vasilakos, “Physarum optimization: a biology-inspired algorithm for the Steiner tree problem in networks,” IEEE Transactions on Computers, vol. 64, no. 3, pp. 819–832, 2015. [8] I. F. Akyildiz, T. Melodia, and K. R. Chowdhury, “A survey on wireless multimedia sensor networks,” Computer Networks, vol. 51, no. 4, pp. 921–960, 2007. [9] Y. Song, L. Liu, H. Ma, and A. V. Vasilakos, “A biologybased algorithm to minimal exposure problem of wireless sensor networks,” IEEE Transactions on Network and Service Management, vol. 11, no. 3, pp. 417–430, 2014. [10] B. Liu, J. Bi, and A. V. Vasilakos, “Toward incentivizing antispoofing deployment,” IEEE Transactions on Information Forensics and Security, vol. 9, no. 3, pp. 436–450, 2014. [11] H. Yang, Y. Zhang, Y. Zhou, X. Fu, H. Liu, and A. V. Vasilakos, “Provably secure three-party authenticated key agreement protocol using smart cards,” Computer Networks, vol. 58, no. 1, pp. 29–38, 2014. [12] Z. Yan, P. Zhang, and A. V. Vasilakos, “A security and trust framework for virtualized networks and software-defined networking,” Security and Communication Networks, 2015. [13] S. Alam and D. De, “Analysis of security threats in wireless sensor network,” International Journal of Wireless and Mobile Networks, vol. 6, no. 2, pp. 35–46, 2014. [14] M. Dener, “Security analysis in wireless sensor networks,” International Journal of Distributed Sensor Networks, vol. 2014, Article ID 303501, 9 pages, 2014. [15] Q. Jing, A. V. Vasilakos, J. Wan, J. Lu, and D. Qiu, “Security of the internet of things: perspectives and challenges,” Wireless Networks, vol. 20, no. 8, pp. 2481–2501, 2014. [16] G. Han, J. Jiang, L. Shu, J. Niu, and H.-C. Chao, “Management and applications of trust in wireless sensor networks: a survey,” Journal of Computer and System Sciences, vol. 80, no. 3, pp. 602– 617, 2014. [17] Z. Yan, P. Zhang, and A. V. Vasilakos, “A survey on trust management for Internet of Things,” Journal of Network and Computer Applications, vol. 42, pp. 120–134, 2014. [18] A. Tajeddine, A. Kayssi, and A. Chehab, “CENTER: a centralized trust-based efficient routing protocol for wireless sensor networks,” in Proceedings of the 10th Annual International Conference on Privacy, Security and Trust (PST ’12), pp. 195–202, July 2012. [19] A. Tajeddine, A. Kayssi, A. Chehab, I. Elhajj, and W. Itani, “CENTERA: a centralized trust-based efficient routing protocol with authentication for wireless sensor networks,” Sensors, vol. 15, no. 2, pp. 3299–3333, 2015. [20] T. K. Kim and H. S. Seo, “A trust model using fuzzy logic in wireless sensor networks,” Proceeding of World Academy of Science Engineering and Technology, vol. 32, pp. 63–66, 2008. [21] M. Yu and K. K. Leung, “A Trustworthiness-based QoS routing protocol for wireless ad hoc networks,” IEEE Transactions on Wireless Communications, vol. 8, no. 4, pp. 1888–1898, 2009. [22] D. He, C. Chen, S. Chan, J. Bu, and A. V. Vasilakos, “ReTrust: attack-resistant and lightweight trust management for medical sensor networks,” IEEE Transactions on Information Technology in Biomedicine, vol. 16, no. 4, pp. 623–632, 2012.

International Journal of Distributed Sensor Networks [23] X. Anita, M. A. Bhagyaveni, and J. M. Manickam, “Fuzzy-based trust prediction model for routing in WSNs,” The Scientific World Journal, vol. 2014, Article ID 480202, 11 pages, 2014. [24] Z. Yao, D. Kim, and Y. Doh, “PLUS: parameterized and localized trust management scheme for sensor networks security,” in Proceedings of the IEEE International Conference on Mobile Ad-Hoc and Sensor Sysetems (MASS ’06), pp. 437–446, IEEE, Vancouver, Canada, October 2006. [25] F. Ishmanov, S. W. Kim, and S. Y. Nam, “A robust trust establishment scheme for wireless sensor networks,” Sensors, vol. 15, no. 3, pp. 7040–7061, 2015. [26] T. Zahariadis, P. Trakadas, H. C. Leligou, S. Maniatis, and P. Karkazis, “A novel trust-aware geographical routing scheme for wireless sensor networks,” Wireless Personal Communications, vol. 69, no. 2, pp. 805–826, 2013. [27] R. A. Shaikh, H. Jameel, B. J. d’Auriol, H. Lee, S. Lee, and Y.J. Song, “Group-based trust management scheme for clustered wireless sensor networks,” IEEE Transactions on Parallel and Distributed Systems, vol. 20, no. 11, pp. 1698–1712, 2009. [28] J. Zhou, Z. Cao, X. Dong, N. Xiong, and A. V. Vasilakos, “4S: a secure and privacy-preserving key management scheme for cloud-assisted wireless body area network in m-healthcare social networks,” Information Sciences, vol. 314, pp. 255–276, 2015. [29] Z. Zhang, H. Wang, A. V. Vasilakos, and H. Fang, “ECGcryptography and authentication in body area networks,” IEEE Transactions on Information Technology in Biomedicine, vol. 16, no. 6, pp. 1070–1078, 2012. [30] D. Djenouri, L. Khelladi, and A. N. Badache, “A survey of security issues in mobile ad hoc and sensor networks,” IEEE Communications Surveys & Tutorials, vol. 7, no. 4, pp. 2–28, 2005. [31] Y. Yu, K. Li, W. Zhou, and P. Li, “Trust mechanisms in wireless sensor networks: attack analysis and countermeasures,” Journal of Network and Computer Applications, vol. 35, no. 3, pp. 867– 880, 2012. [32] O. Gnawali, R. Fonseca, K. Jamieson, D. Moss, and P. Levis, “Collection tree protocol,” in Proceedings of the 7th ACM Conference on Embedded Networked Sensor Systems (SenSys ’09), pp. 1–14, ACM, Berkeley, Calif, USA, November 2009. [33] O. Gnawali, R. Fonseca, K. Jamieson, M. Kazandjieva, D. Moss, and P. Levis, “CTP: an efficient, robust, and reliable collection tree protocol for wireless sensor networks,” ACM Transactions on Sensor Networks, vol. 10, no. 1, article 16, 2013. [34] T. Wang, Y. Liu, and A. V. Vasilakos, “Survey on channel reciprocity based key establishment techniques for wireless systems,” Wireless Networks, vol. 21, no. 6, pp. 1835–1846, 2015. [35] C. Chen, T. Shih, Y. Tsai, and D. Li, “A bilinear pairingbased dynamic key management and authentication for wireless sensor networks,” Journal of Sensors, vol. 2015, Article ID 534657, 14 pages, 2015. [36] L. B. Oliveira, D. F. Aranha, E. Morais, F. Daguano, J. L´opez, and R. Dahab, “TinyTate: computing the tate pairing in resourceconstrained sensor nodes,” in Proceedings of the 6th IEEE International Symposium on Network Computing and Applications (NCA ’07), pp. 318–323, Cambridge, Mass, USA, July 2007. [37] L. B. Oliveira, M. Scott, J. L´opez, and R. Dahab, “TinyPBC: pairings for authenticated identity-based non-interactive key distribution in sensor networks,” in Proceedings of the 5th International Conference on Networked Sensing Systems, pp. 173– 180, June 2008.

International Journal of Distributed Sensor Networks [38] X. Xiong, D. S. Wong, and X. Deng, “TinyPairing: computing tate pairing on sensor nodes with higher speed and less memory,” in Proceedings of the 8th IEEE International Symposium on Network Computing and Applications (NCA ’09), pp. 187–194, IEEE, Cambridge, Mass, USA, July 2009. [39] P. Levis, N. Lee, M. Welsh, and D. Culler, “TOSSIM: accurate and scalable simulation of entire TinyOS applications,” in Proceeding of the 1st ACM Conference on Embedded Networked Sensor System (Sensys ’03), pp. 126–137, Los Angeles, Calif, USA, November 2003.

13

International Journal of

Rotating Machinery

Engineering Journal of

Hindawi Publishing Corporation http://www.hindawi.com

Volume 2014

The Scientific World Journal Hindawi Publishing Corporation http://www.hindawi.com

Volume 2014


Distributed Sensor Networks

Journal of

Sensors Hindawi Publishing Corporation http://www.hindawi.com

Volume 2014


Volume 2014


Volume 2014

Journal of

Control Science and Engineering

Advances in

Civil Engineering Hindawi Publishing Corporation http://www.hindawi.com


Volume 2014

Volume 2014

Submit your manuscripts at http://www.hindawi.com Journal of

Journal of

Electrical and Computer Engineering

Robotics Hindawi Publishing Corporation http://www.hindawi.com


Volume 2014

Volume 2014

VLSI Design Advances in OptoElectronics


Navigation and Observation Hindawi Publishing Corporation http://www.hindawi.com

Volume 2014



Chemical Engineering Hindawi Publishing Corporation http://www.hindawi.com

Volume 2014

Volume 2014

Active and Passive Electronic Components

Antennas and Propagation Hindawi Publishing Corporation http://www.hindawi.com

Aerospace Engineering


Volume 2014


Volume 2014

Volume 2014




Modelling & Simulation in Engineering

Volume 2014


Volume 2014

Shock and Vibration Hindawi Publishing Corporation http://www.hindawi.com

Volume 2014

Advances in

Acoustics and Vibration Hindawi Publishing Corporation http://www.hindawi.com

Volume 2014