Secure Target Detection and Tracking in Mission Critical ... - IEEE Xplore

6 downloads 458 Views 928KB Size Report
Dec 14, 2010 - Email: [email protected], [email protected], ... Keywords-secure target tracking, compromised nodes, target detection ...
Secure Target Detection and Tracking in Mission Critical Wireless Sensor Networks 2

3

Alma Oracevic1 Serkan Akbaş2 Suat Ozdemir Mladen Kos 1University of Bihac Technical Faculty, 2 Computer Engineering Department, Gazi University, 3 University of Zagreb Faculty of Electrical Engineering and Computing (FER) 1 Bihac, Bosnia and Herzegovina, 2 Ankara, Turkey, 3 Zagreb, Croatia Email: [email protected], [email protected], [email protected], [email protected] Abstract—Target tracking is one of the important applications for wireless sensor networks (WSNs) that are deployed into a remote and hostile environment. In such environments, sensor nodes may be compromised by intruders to distort the integrity of data by sending false data reports, injecting false data during target tracking, and disrupting transmission of sensed data. For mission critical WSNs, such as border protection systems, the result of above attacks may be catastrophic. In this paper, we propose a secure and reliable target tracking protocol that considers security and target tracking tasks simultaneously. The basic idea behind the proposed protocol is to ensure tracking security using trust concept for individual sensor nodes. The performance evaluation results show that the use of proposed protocol allows the network to retain the trustworthiness of data even in the presence of compromised nodes thereby achieving secure and reliable target tracking process. Keywords-secure target tracking, compromised nodes, target detection, wireless sensor networks.

I.

INTRODUCTION

Target tracking in a sensor field has become one of the most important applications of WSNs particularly for military purposes [1-5]. Although there are many papers that propose target tracking algorithms by focusing on energy conservation, bandwidth and communication overload [5-10], there is limited amount work considering secure target tracking in the literature [11-13] . In real world, mission-critical WSNs are deployed in unattended hostile environments, hence sensor nodes in the network can be compromised and they pose a significant threat to target tracking algorithms. In addition, these compromised nodes are hard to detect and they usually make traditional security algorithms ineffective for WSNs. Hence, a target tracking algorithm must be highly energy efficient while being able to function securely in the presence of possible compromised nodes within the WSN. In this paper is we propose a novel secure and reliable target tracking protocol that considers security and target tracking tasks simultaneously. The proposed protocol is based on the fact that sensor nodes can monitor each other and compute their trust levels using Beta reputation model [16]. The proposed protocol is evaluated using an event based simulator and extensive simulation results are provided. The performance evaluation results show that the use of proposed protocol allows the network to retain the trustworthiness of data and to

securely track a target in the presence of compromised sensor nodes and cluster heads. The rest of paper is organized as follows: In section II, system model and assumptions are given. In Section III, we define the secure target detection and tracking problem. In Section IV, the proposed protocol is explained in detail. Section V presents performance evaluation of the proposed protocol. Finally, concluding remarks are made in Section VI. II.

SYSTEM MODEL AND ASSUMPTIONS

We assume that system consists of a large number of sensor nodes distributed over a remote geographic area to be monitored. Nodes are deployed with uniform density ρs which is sufficient to guarantee redundant coverage of the region and that a localization service exists thereby each node knows its location. Sensors are equipped with omnidirectional antennas which have sensor-to-sensor communication range r . Sensor nodes also have sensing range r where r 2 r . The total number of sensors in WSN is denoted as N whereas the total number of malicious sensor nodes is N , we assume that N N . We assume that sensor nodes are capable of measuring targets’ moving pace and direction. Sensor nodes are equipped with the necessary cryptographic primitives and they share a secret key with their neighboring nodes using a random key pre-distribution scheme [25]. We aim to ensure the security of target tracking process and consider only the attacks against integrity and correctness of data. Hence, we assume that sensor data are not encrypted but message integrity codes are attached to messages to provide data integrity. III.

SECURE TARGET DETECTION AND TRACKING IN WSNS

From the target detection and tracking point of view, compromised nodes can generate false measurements or false target-state predictions into the network, and those nodes which receive such information are not able to produce correct target location estimates. If there are compromised (corrupted) nodes on the trajectory of the target, they may not report detected target detection to Cluster Head (CH) resulting in undetected trespassing. This type of attack can be defended by CHs as another sensor node in the neighborhood of compromised node may detect the target and report it to CH. However, if a compromised node is CH, it can perform a variety of attacks and the result of these attacks can be more serious. In what

follows, we define the attacks that can be achieved by the compromised nodes and CHs.

and employ ‘‘density based local outlier detection[24]” technique to detect false data injection attacks.

Attack 1. Selection of CH: In dynamic clustering scenarios, selection of CH is performed usually by sensor nodes using an election scheme. If several compromised node located in a certain region, then they can negatively affect the election process and make one of the compromised node CH. In this case, the compromised CH can perform the attack 2, 3 and 4.

For detection and routing tasks, each sensor node records good and bad actions of its neighbors in a table referred to as reputation table. Reputation tables are exchanged among sensor nodes to be used as second-hand information during trust evaluation. The reputation tables are later used in CH selection process. TABLE I. presents an example of reputation table that a node has a judgment about its neighboring nodes. Reputation values are quantified using beta distributions [14] of node actions.

Attack 2. CH can delay/omit wake up message: We assume that target is entering in sensing range of a cluster. If CH is compromised he does not wake up sensors that are closest to the target. In that case, target goes through monitored area without being noticed.

TABLE I. REPUTATION TABLE OF NODE A (RepTabA) WITH 3 NEIGHBORS

Attack 3. CH may delay the target position message to base station.: Compromised CH may wake up sensors that are closest to the target but CH does not send the collected messages to the base station. Attack 4. Compromised CH can wake up wrong group of sensors. In this scenario, sensor nodes that are closest to the target are still in sleep mode. Waken sensors are not closest to target, so target and as a result of this scenario, tracked target passes monitored area without being noticed. To prevent from these attacks, we propose a secure and reliable prediction based target tracking protocol for WSNs that employs reputation concept. In the proposed protocol, sensors nodes monitor each other. In what follows, we give the details of the proposed protocol. IV.

SECURE AND RELIABLE PREDICTION BASED TARGET TRACKING (SRPTT) PROTOCOL

The basic idea behind the proposed protocol is to evaluate trustworthiness of sensor nodes by using reputation which is calculated using observed good and bad actions of sensor nodes. Reputation can be defined as the trustworthiness of an entity whereas trust is the expectation of one entity about the actions of another [14-16]. A reputation based system in WSN concept is a system in which the actions of every node are observed by the other nodes in an attempt to evaluate their trustworthiness. Sensor nodes monitor actions of their neighbors to obtain first-hand information. In this paper, detection and routing behaviors of sensor nodes are employed for trust evaluation as follows. If there are compromised nodes in our WSN, they selectively forward received data packets or misdirect them by changing the destination address of packets. Routing misbehaviors are detected by neighboring nodes using a simple watchdog mechanism where sensor nodes maintain a buffer of recently sent packets by and compare each overheard packet with the packet in the buffer to see if there is a match [16]. Compromised sensor nodes send false sensing reports to CH in order to distort the reliability of sensed data. Usually it is impossible for CHs to verify the correctness of a sensor node’s data. However, due to the dense deployment requirement of sensor networks, neighboring sensor nodes often have overlapping sensing ranges and data sensed by neighboring sensor nodes are correlated. We take advantage of this property

In SRPTT protocol, each CH is monitored by some of its neighboring nodes called watchdogs in order to perform secure and reliable prediction based target tracking. In addition every sensor node monitors all of its neighboring nodes whenever they are awake. Initially, after the network deployment, CHs and their monitoring nodes are selected randomly [17-20]. Once the initial, clustering is performed, the proposed protocol SRPTT provides secure and reliable target tracking and it has three phases as follows: Phase 1. Monitoring: Each sensor node continuously monitors its neighborhood and fills its reputation table. Monitoring nodes that monitor CHs ensure that CHs correctly perform their job. Phase 2. CH Selection: Periodically, sensor nodes exchange their reputation tables and compute trust values for their neighbors. Based on trust values and remain energy levels, new CHs are selected in a distributed manner. Phase 3. Target Detection and Tracking: Each CH is responsible for detecting targets that enter its sensing range and waking up appropriate sensor nodes for tracking. In order to prolong the network lifetime, if there is no target in monitored area, sensor nodes stay in sleeping mode and they wake up periodically to obtain information from the environment. When a target is detected by the CH, it wakes up sensor nodes that are close to the target. To prevent problems which occur in case of compromised CH, as described above, T neighbors of CH are selected as monitoring nodes (watchdogs). Basic steps of monitoring and CH node selection algorithm are shown in Fig. 1. The basic idea behind the selection of T monitoring nodes for each CH in algorithm MCHNS is to assign indices to the neighboring nodes in the order of their reputation value and

Target detection and tracking is the third phase of SRPTT protocol, Fig 2. Each CH is responsible for detecting targets that enter its sensing range and waking up appropriate sensor nodes for tracking. Whenever an object is detected by CH, based on the distances of the sensor nodes from the object, T number of closest nodes is selected to monitor the movements of the object.

Figure 1. Algorithm of monitoring and CH node selection algorithm (MCHNS)

At any time, these sensors monitor the movements of the object. CH calculates the location, speed and the trajectory of the target by processing the sensing reports sent by its sensing nodes. CH performs the trilateration algorithm and calculate the (x, y) coordinates of the object [23]. The sensors tracking the object keep changing as the object moves. The election process is constantly done based on the location of the object at different time instants. There is a certain signal strength threshold used to determine when to revoke/reassign tracking nodes. By using this information, CH predicts the future location of the target and sends a warning message to the CH node closest to the targets predicted future location. V.

PERFORMANCE EVALUATION

A. Simulation Setup For the simulations, we randomly placed 180 sensors within a square area of size 60m 60m, density of sensor nodes ρ 0,05 sensors/m2. Sensing range of sensor nodes is r 10m.

Figure 2. Algorithm Target Detection and Tracking (TDT)

energy load and then compute T number of monitoring nodes. The combination of reputation value and remaining energy level is called nomination value. Data collected in monitoring process are stored in reputation tables, and after every period of time λ, reputation tables are being exchanged among sensor nodes [21-22]. CH computes and sorts the sensor nodes according to highest level of nomination value. Equation for calculating nomination value NV is expressed as: (1) where υ, ε are values that show reputation value and remaining energy level of a sensor node, respectively. As the initial energy value ε of sensor nodes is 15390 joules, and initial reputation value υ is 0,5, before calculating value υ, ε are need to be normalized. Equation for calculating nomination value NV depends on the application type of WSN. For example, if WSN is used in mission critical environment then reputation value must have stronger value in the beginning. If it is opposite and WSN is placed in area where high priority is the network lifetime, then energy level must have stronger value. Hence, in the equation coefficients z and t are used. Based on application requirements, values z and t can range between 1 and 2 . If application requires high security then z have value close to 2, otherwise the value is close to 1. monitoring nodes. The adverse impacts of a compromised node are minimized by involving all neighboring nodes with the selection of CH and monitoring nodes.

At initial stage, cluster heads and watchdogs are selected randomly. The location of each target is generated from uniform distribution. Then, the locations of sensor nodes are uniformly computed and cluster formation is started. CH election and cluster formation is performed every τ second. The sensor nodes that are in range of corresponding CH are selected as cluster member. The sensing ranges of CHs are prevented to be overlapped in order to improve target detection accuracy. Due to space limitations we do not provide an analysis of the performance of SRPTT in a benign environment when no attacks occur. All sensor nodes are in sleep state unless they are waked up by CH as a target detected. The two reputation parameters of each sensor node, r and s, are initialized as 0, thereby the initial reputation value of each sensor node is 0.5 (2) Since the simulation network size is relatively small, only two cluster members that are the closest ones to the border of CH’s sensing area are selected as watchdogs. The simulations are performed for different percentages of compromised nodes, and compromised CH and cluster member ratio is computed by proposed reputation algorithm. According to calculated ratios, compromised CHs and cluster members are selected randomly. Also a target is created at a random location in surveillance area and the random walk model is used for modeling target motions. Target in Sensing Area Test (TISA) is applied to determine which targets are detected and which cluster heads or

watchdogs detect them. Cluster that is closes to the target becomes active cluster. Then, cluster head wakes up N sensor nodes closest to the target. The number of waked up sensor node is selected as at least 3 in order to perform the trilateration algorithm. Now TISA test is applied for all cluster members. During this process false and correct target detection actions are recorded. The aging weight is randomly chosen to be 0.98. If a cluster head cannot detect the target but one of its watchdogs detects it, it informs cluster and sends the position of target to cluster head. If any target is detected by compromised CH, cluster members or non-member sensor nodes, TISA test assumes that target is missed. The initial energy value of sensor nodes is setup as 15390 joules. After every TISA test process, randomly generated energy consumption values are distributed to sensor nodes. If the sensor node is in active state, the energy consumption value is generated between 4 and 8 mJ randomly. If the sensor node is in sleep state, the energy consumption value is generated between 0 and 1.5 mJ randomly. Finally, simulation model presents data set which is used in the evaluation process. 10 targets are created at border line of the network randomly and they are moved by random walk model along 20 different trajectory respects to 6 different compromised node percentages. The simulation runs 20 times and values are averaged. The lifetime of the network is defined as the number of queries processed until the time when the first sensor node runs out of its energy. The simulation is applied to both SRPTT and without SRPTT. The results are compared. B. Simulation Results for Target Detection and Tracking Naturally, in a trusted environment the detection accuracy achieved is significantly higher than when target detection information is blocked or changed by the compromised sensor nodes. Therefore, in order to investigate the relationship between the proposed SRPTT protocol and target detection ratio, we run several simulation scenarios with varying percentages of compromised sensor nodes in the network. Percent of compromised sensor nodes NC , in total number of sensor nodes N can be 0%, 5%, 10%, 15%, 20% and 25%. In the first scenario, compromised nodes are randomly widespread all over WSN. The effect of SRPTT protocol on target detection ratio is shown in Fig. 4 (a). Since the SRPTT protocol prevents compromised node to become CH the target detection ratio with SRPTT protocol is more successful. As the

(a) compromised nodes all over network

number of compromised nodes is increased, the performance of the network without SRPTT decreases whereas the network with SRPTT becomes stable. In the second scenario, we assume that target enters into monitored area from border parts of network, Fig. 3 (left); as a result, a smart attacker will compromise sensor nodes in border parts of WSN. The target detection ratio with SRPTT protocol is more successful, but similar to first scenario, as the number of compromised nodes is increased, the performance of the network without SRPTT decreases whereas the network with SRPTT becomes stable, Fig. 4 (b). The third scenario, focused attack only on one part of the WSN, Fig. 3 (right). It is visible on Fig. 4 (c) this is the most dangerous attack on WSN. As one can see, WSN without SRPTT has very low target detection ratios for increasing numbers of compromised nodes. Similar to these results, WSNs target detection rations with SRPTT is decreasing but with SRPTT implemented, target detection ratio is higher in comparison without SRPTT, so we conclude that network is more precise in target detecting with SRPTT protocol implemented. Fig. 5 (a) presents the effect of compromised sensor nodes on the target tracking accuracy. The figure shows that the target tracking accuracy with SRPTT protocol is more successful. As the number of compromised nodes is increased, the performance of the network without SRPTT decreases whereas the network with SRPTT becomes stable. Fig. 5 (b) shows accuracy according to time periods T . For this simulation scenario we use constant number of compromised nodes, 15% of total number of nodes is compromised, in order to measure target tracking accuracy with increasing time t. WSN without SRPTT has fast decreasing of target tracking accuracy with increasing of time, while WSN with implemented SRPTT have stable accuracy even after nine time periods T. cluster User Site

CH

Site

User

sensor node

Figure 3. Scheme of attack on WSN in cluster border line (left) and attack on WSN in specific region (right)

(b) compromised nodes in border line of network

c) compromised nodes in specific region of network

Figure 4. Target detection ratios for various percents of compromised nodes in the diferent places in WSN

[7]

[8]

(a)

(b)

Figure 5. Target tracking accuracy according to change of number of compromised nodes and time period, with SRPTT protocol and without SRPTT.(a) accuracy compared with number of compromised nodes in WSN. (b) 15% compromised nodes, x axis time period refers to target which moves on the trajectory respectively

[9]

[10]

[11]

The protocol SRPTT incurs high computational and communication overhead, however, it significantly prevents compromised nodes to become cluster head or watchdogs. Therefore, protocol SRPTT greatly compensates its computational and communication overhead and provides better energy efficiency than without SRPTT implementation. The simulations results show that SRPTT is able to solve problems described in this paper while achieving longer lifetime for WSN. VI.

[12]

[13]

[14]

CONCLUSION

In this paper, we presented a novel secure and reliable prediction based target tracking protocol for WSNs. We first identify the security problem that may occur in the presence of compromised CHs. We propose target detection and tracking protocol that ensures the security of target detection and tracking process by using reputation concept. The proposed protocol’s security is analyzed with respect to the defined security problems. The security analysis and performance evaluation show that the proposed protocol prevents the problems and ensures secure and reliable target tracking in WSNs. ACKNOWLEDGMENT This research is supported by Ministry of Science, Industry and Technology of TURKEY and by HAVELSAN Inc. under Grant SANTEZ 0211.STZ.2013-1.

[15]

[16]

[17]

[18]

[19]

[20]

REFERENCES [1]

[2]

[3]

[4] [5]

[6]

M. Fayyaz, “Classification of object tracking techniques in wireless sensor networks”, Wireless Sensor Network, Vol. 3, No. 4, pp. 121124, 2011. Salatas, V. “Object Tracking Using Wireless Sensor Networks”, Master Thesis, Naval Postgraduate School, pp. 11-25, September 2005. Bhatti, S. and Jie Xu. “Survey of target tracking protocols using wireless sensor network”, Proceedings of Fifth International Conference on Wireless and Mobile Communications (ICWMC), pp. 110-115, August 2009. J.Li and Y. Zhou, “Target Tracking in Wireless Sensor Networks”, ISBN 978-953-307-321-7, Published: December 14, 2010 M.Nandhini and V.R.Sarma Dhulipala (2012). “Energy-Efficient target tracking algorithms in wireless sensor networks: an overview”, IJCST Vol. 3, Isuue 1, pp. 66–71, Jan. - March 2012. S. Samarah, M. Al-Hajri and A. Boukerche, “A Predictive EnergyEfficient Technique to Support Object-Tracking Sensor Networks”,

[21]

[22]

[23] [24]

[25]

IEEE Transaction on vehicular technology: Vol. 60, No. 2, pp. 656663 February 2011 S. Kaur Sarna and M. Zaveri, “ERTA: energy efficient real time target tracking approach for wireless sensor networks”, Proceedings of the 4th International Conference on Sensor Technologies and Applications (SENSORCOMM), pp. 220-225 , July 2010. Y. Wang and D. Wang, “Energy-Efficient node selection for target tracking in wireless sensor networks”, International Journal of Distributed Sensor Networks, 6 pages, Volume 2013. S. Pattem, S. Poduri, and B. Krishnamachari, “Energy-Quality Tradeoffs for Target Tracking in Wireless Sensor Networks”, LNCS 2634, pp. 32–46, 2003. F. Deldar and M. H. Yaghmaee, “Designing an Energy Efficient Prediction-based Algorithm for Target Tracking in Wireless Sensor Networks”, Wireless Communications and Signal Processing (WCSP), pp 1-6, 2011. M. Mansouri and L. Khoukhi, “Secure Quantized Target Tracking in Wireless Sensor Networks“, IEEE 978-1-4577-9538-2/11, pp. 713718, 2011. A. P. Fard and M. Nabaee, “Secure Tracking in Sensor Networks using Adaptive Extended Kalman Filter”, arXiv preprint arXiv:1204.3141, Apr 14, 2012 M. Mansouri, L. Khoukhi, H. Nounou, and M. Nounou, “Secure and Robust Clustering M. Mansouri, L. Khoukhi, H. Nounou, and M. Nounou, “Secure and Robust Clustering for Quantized Target Tracking in Wireless Sensor Networks, Journal Of Communications And Networks, Vol. 15, No. 2, April 2013 S. Ozdemir, and H. Cam, “Integration of False Data Detection with Data Aggregation and Confidential Transmission in Wireless Sensor Networks”, IEEE/ACM Transactions on Networking, vol.18, no.3, pp. 736-749, Jun. 2010. M. Meghdadi, S. Ozdemir, I. Guler, “A Survey of Wormhole-Based Attacks and Their Countermeasures in Wireless Sensor Networks”, IETE Technical Review, vol. 28, no. 2, pp. 89-102, 2011. S. Ozdemir, “Functional reputation based reliable data aggregation and transmission for wireless sensor networks”, Computer Communications 31 (2008) 3941–3953 Z. Wang, W. Lou, Z. Wang, J. Ma and H. Chen, “A Hybrid ClusterBased target tracking protocol for wireless sensor networks”, International Journal of Distributed Sensor Networks, 16 pages, Volume 2013. H. Yang and B. Sikdar, “A protocol for tracking mobile targets using sensor networks,” in Proceedings of the 1st IEEE International Workshop on Sensor Network Protocols and Applications, pp. 71–81, 2003. Z. B. Wang, H. B. Li, X. F. Shen, X. C. Sun, and Z. Wang, “Tracking and predicting moving targets in hierarchical sensor networks,” in Proceedings of the IEEE International Conference on Networking, Sensing and Control, pp. 1169–1174, 2008. Z. B. Wang, Z. Wang, H. L. Chen, J. F. Li, and H. B. Li, “Hiertrack— an energy efficient target tracking system for wireless sensor networks,” in Proceedings of the 9th ACMConference on Embedded Networked Sensor Systems, pp. 377–378, 2011. G. Jin, X. Lu, and M. Park, “Dynamic Clustering for Object Tracking in Wireless Sensor Networks”, UCS 2006, LNCS 4239, pp. 200 –209, 2006. Springer-Verlag Berlin Heidelberg 2006 A. Alaybeyoglu, O. Dagdeviren, K. Erciyes, A. Kantarci, “Performance Evaluation of Cluster-based Target Tracking Protocols for Wireless Sensor Networks” T. A. Malik, “Target Tracking in WSN”, A Thesis for Master of Science in Electrical Engineering, May 2005, Louisiana State Uni. S. Ozdemir and Y. Xiao, “FTDA: Outlier Detection Based Fault Tolerant Data Aggregation for Wireless Sensor Networks ”, Security and Communication Networks, Wiley, Volume 6, Issue 6, pp. 702– 710, 2013. H. Chan, A. Perrig, and D. Song, “Random Key Predistribution for Sensor Networks”, IEEE Symposium on Security and Privacy, 2003.