A Novel Secure Routing Method based on Hybrid Encryption in Heterogeneous Wireless Sensor Networks
Subject Areas : International Journal of Smart Electrical Engineering
Milad Jafari
1
,
Mohsen Chekin
2
,
Amin Mehranzadeh
3
1 - Department of Computer Engineering , Dezful Branch, Islamic Azad University, Dezful, Iran
2 - Department of Computer Engineering , Dezful Branch, Islamic Azad University, Dezful, Iran
3 - Department of Computer Engineering , Dezful Branch, Islamic Azad University, Dezful, Iran
Keywords:
Abstract :
A Novel Secure Routing Method based on Hybrid Encryption in Heterogeneous Wireless Sensor Networks
Milad Jafari 1, Mohsen Chekin,1 , Amin Mehranzadeh1
1 Department of Computer Engineering, Dezful Branch, Islamic Azad University, Dezful, Iran.
Abstract
Routing in a wireless sensor network is a very challenging task that allows nodes to be routed to transmit information from source to destination. In these networks, the sensor nodes are very limited in terms of energy. As a result, optimal energy consumption is an important goal for designing a routing algorithm. In addition, due to the wireless communications and adverse environments, it is very important to ensure the security of communication links. In this research, a secure routing method for clustered and heterogeneous wireless sensor networks is presented. The proposed secure routing method consists of three phases: startup phase, inter-node routing phase and communication security phase. In the startup phase, the base station loads the system parameters and encryption functions into the memory of the sensor nodes. In the routing phase between cluster head nodes, the cluster head nodes calculate their score for rerouting the path request packet (RREQ) based on the information in the packet. If their score exceeds a threshold, they will redistribute the RREQ package. It should be noted that the score of cluster head nodes is calculated based on four parameters: the distance of the current cluster head node to the destination, the residual energy of the nodes, the quality of the communication link and the number of steps. In the communication security phase, a symmetric and asymmetric combination encryption method is used to secure communication links in the network. This phase consists of two stages: establishing a secure connection within the cluster and establishing a secure connection between the cluster head nodes. The proposed secure routing method is implemented using NS2 emulator. Then, the results are compared with SMEER and LEACH-C routing methods. Experimental results indicate that the proposed routing method improves end-to-end delays, efficiency, energy consumption, packet delivery rate (PDR) and packet loss rate (PLR).
Keywords: Wireless Sensor Networks, Secure Routing, Security, Scalability, Encryption.
1. Introduction
A network consisting of a set of ultra-light and low-power sensor nodes is called a wireless sensor network. In these networks, the sensor nodes are powered by a small battery, so energy constraints in wireless sensor networks are a major challenge [1]. Of course, nodes that have more processing power, energy, and memory than normal nodes form a heterogeneous wireless sensor network. Sensor nodes continuously monitor and collect real-time data, such as temperature, humidity, and so on. These nodes send the collected information directly or through other sensor nodes to the base station (BS). Routing in these types of networks is a serious research challenge. Routing in a wireless sensor network is a very important task that allows nodes to be routed to transmit information from source to destination. Because sensor nodes are associated with energy constraints, optimal energy consumption is an important goal in designing a routing algorithm [2]. Therefore, energy efficiency should be considered in designing a routing method. In addition, due to the wireless communications and adverse environments, it is very important to ensure the security of communication links. In one routing method, an attacker might modify the routing information sent between nodes and disrupt network performance. As a result, security needs need to be considered when designing a secure routing approach.
Network security is defined as a set of general policies, mechanisms and services that protect a network against all kinds of attacks and unauthorized access [3]. Of course, given the energy constraints and computing power of sensor nodes, this is a challenge. The AODV Routing Protocol is a response routing protocol in which each node maintains a routing table that contains the next step in reaching that destination. The AODV routing protocol consists of two phases: the path detection phase and the path maintenance phase. Route request packages (RREQ) and route response packets (RREP) are used in the route discovery phase. The problem with the AODV routing algorithm is the high communication overhead and the possibility of an all-terrain storm [4]. In the proposed routing method, the AODV routing protocol will be improved.
1.1. Security considerations in WSN
Ideally in a wireless sensor network, one sensor node should be able to verify the identity of the other sensor nodes and receive all relevant messages [5]. It must also ensure that the messages have not changed and that the attacker cannot read the contents of the messages. In addition, each sensor member of the network must be authenticated before accessing and using the network services [6]. A security mechanism in wireless sensor networks shall provide the following security services:
· Authentication of an entity: Nodes in a wireless sensor network must verify the identity of all nodes in the network before these nodes can access services or information.
· Source authentication: Sensor nodes must ensure that data is received from a reputable source.
· Data privacy: Sensor nodes must communicate securely through a wireless communication channel to prevent intrusion. Data must be protected when sending and encrypted using a key so that only the intended recipient has access to it [7].
· Accessibility: Each network member node must have free access to all network services.
· Data integrity: Sensor nodes must ensure that the received data has not changed or been replaced.
· Data Update: Wireless sensor networks are vulnerable to replay attacks, meaning an attacker may resend old data packets that have already been replicated by legitimate nodes on the network. Therefore, the normal operation of the network is disrupted. As a result, a security mechanism must be designed to protect the network from such attacks.
· Access control: Sensor nodes connected to the network must be authenticated before accessing information and services.
However, due to some limitations in wireless sensor networks, it is very difficult to design a security model that can achieve all the stated goals. In fact, a flexible security mechanism should be implemented that combines prevention, detection and recovery operations to prevent the network from being exposed to hostile attacks.
1.2. Some routing attacks in WSN
In this section, some common attacks related to the routing process in wireless sensor networks are introduced. In the following, these attacks will be divided into four categories:
· Routing attacks: In this type of attack, routing information messages are manipulated. These attacks include forging, modifying, and replaying routing information. Path-forming attacks directly target a path-forming mechanism in the routing process. An attacker sends fake and replayed routing information to affect the routing process by creating routing loops, declaring a shortcut fake, lengthening a route, generating false messages, increasing end delays, endings, and so on [7].
· Link and path attacks: These types of attacks manipulate a link or path formed between two or more sensor nodes to disable all or part of the network. Link and path attacks include fake verification attacks, selective send attacks (gray hole), black hole attacks, well hole and wormhole attacks [8].
· Identity attacks: These attacks affect node identification and include node amplification or syntax attacks and Sybil attacks. Identity attacks simply work in routing methods that do not have specific security mechanisms [9].
· Extensive network attacks: In this type of attack, extensive network operations are affected. These attacks include flood attacks.
1.3. Cryptography and its types
In the encryption process, information security will be ensured by converting the primary message into a form that only a valid user can access. Therefore, this process allows secure and confidential exchange of messages between the recipient and the sender. In the encryption process, the primary message is called Plaintext and the encrypted message is called Cipher text. The repainting process is shown in Figure 1.
Figure 1. Cryptographic process
In the following, some cryptographic methods are described. In wireless sensor networks, these methods are commonly used to encrypt and secure communication links:
· Asymmetric key encryption: In the symmetric encryption process, the recipient and sender of the message use the same encryption key, and until this encryption key is discovered, the security of the messages on the network is guaranteed. This encryption process is called traditional encryption or single-key encryption and is a very common encryption mechanism. In this process, a password key is used to convert the primary message into a unique password [10]. There are two methods of symmetric key cryptography:
· Chain encryption: In this method, one bit of the original message is converted to a password message at any time.
· Block Encryption: Block encryption receives and encrypts a number of bits according to the size of the block and generates the encryption message [11].
· Asymmetric key cryptography: The process of asymmetric key cryptography was introduced in 1976 by Diff and Hellman. In this encryption process, the message encryption key in the sender is different from the message decryption key in the receiver. Thus, the asymmetric key encryption process provides more security between the sender and receiver, but increases power consumption and communication overhead in the network. In view of the above, it can be considered that it is necessary to provide a secure routing method based on hybrid encryption in wireless sensor networks due to the existing limitations and to prevent the impact of some attacks on the normal operation of the network. In Section 2, a number of secure routing methods in wireless sensor networks will be studied and evaluated.
1.4. Contribution
In this study, a secure routing method is proposed for wireless sensor networks, which improves the AODV routing protocol. In this method, the network includes a large number of sensor nodes with power, memory capacity, limited processing power, as well as a powerful base station. It is assumed that the wireless sensor network is clustered by the LEACH algorithm. The proposed routing method consists of two phases: the routing phase between cluster head nodes (CH) and the communication security phase. In each cluster, the nodes of a cluster send their data directly (individually) to the header node and the header is responsible for sending the data to the base station. In the first phase of the proposed routing method, whenever a clustered node wants to send data to another node and has no destination, it will distribute a route request packet to neighboring nodes. Based on the information in this packet, the node headers calculate their score for replaying the route request packet, and if their score exceeds a threshold, they will redistribute the route request packet. This process continues until the route request package reaches its destination. It should be noted that the score of cluster head nodes is calculated based on four parameters: 1) the distance of the current cluster head node to the destination (it is necessary that this distance is less than the previous step node), 2) the remaining energy of the nodes (nodes with higher energy score higher To participate in the formation of the route), 3) the quality of the communication link (in the formation of the route between nodes, nodes with better link quality have more points for the formation of the route) and 4) the number of steps (in the process of forming the route priority with fewer steps Have more). In the second phase, communication security will be considered. This phase consists of three parts: key formation, encryption of control messages and decryption of control messages. In the key formation process, a combined symmetric and asymmetric encryption algorithm will be used. Cluster nodes are responsible for generating the cluster key and sending it to the cluster member nodes. The cluster key is a symmetric key. Security between cluster head nodes is also provided by asymmetric keys.
The proposed routing method consists of two phases: the routing phase between cluster head nodes and the communication security phase. In the first phase, if a clustered node wants to send data to another node and does not have a path to the destination, it will distribute a path request packet to neighboring nodes. Cluster head nodes will calculate their score based on the information in this package, and if their score exceeds a threshold, they will redistribute the route request packet. It should be noted that the score of cluster head nodes is calculated based on four parameters: 1) the distance of the current cluster head node to the destination 2) the residual energy of the nodes, 3) the quality of the communication link and 4) the number of steps. In the second phase, communication security will be considered. This phase consists of three parts: key formation, encryption of control messages and decryption of control messages. In the key formation process, a combined symmetric and asymmetric encryption algorithm will be used. Cluster nodes are responsible for generating the cluster key and sending it to the cluster member nodes. The advantage of the proposed method over other routing methods is that, firstly, only high-scoring nodes participate in the path detection process between the node clusters, thus preventing a scatter storm in the network. Second, in the proposed method, cluster security is provided by using a symmetric switch, which consumes less energy than asymmetric switches. Cluster head security is also ensured by using asymmetric keys that have a higher level of security. Therefore, the proposed method takes advantage of both symmetric and asymmetric cryptographic methods. The proposed method is designed for clustered networks that also help manage energy consumption.
In this section, the organization of the dissertation is stated. In Section 2, some secure routing methods in a wireless sensor network will be described in detail. In the section 3, the proposed secure routing method using hybrid encryption in the wireless sensor network will be introduced in detail. Finally, in the forth Section, the results of the simulation of the proposed method in comparison with some secure routing methods in the wireless sensor network will be presented.
2. Related Works
In this section, some of secure routing methods in wireless sensor networks will be studied. Power consumption and secure data transmission are important research challenges in a wireless sensor network. Secure clustering and routing are effective solutions to create an efficient transmission process in these networks. Clustering and data collection help network grouping and control over communication overhead in the data transfer process. Dand et al. combined the K-means clustering algorithm and the Milky Way (ALO) optimization algorithm to group the nodes and select the optimal energy efficiency branch. They also used elliptic curve (ECC) encryption in the routing process to securely send data packets to the base station. The main purpose of this method is to improve network security and store energy in the communication system [12]. Elliptic curve encoding and multi-layer routing ensure secure transmission by encrypting messages with two different keys and sending packets in spherical format. The performance evaluation of the SMEER method is based on scales such as: package delivery rate, minimum energy consumption, communication overhead, efficiency and end delay, and shows better results than other methods. In the following, this method is described in detail. In the SMEER routing method, the network model is considered as a heterogeneous wireless sensor network. In this method, the nodes are clustered using the K-means algorithm and the selection of the header is done by the ant milking optimizer. Messages must be authenticated and encrypted using the ECC encryption method and sent by a multi-layer routing method [13].
To achieve the highest level of security with low power consumption in wireless sensor networks, a secure routing method based on multi-objective ant clone optimization (SRPMA) has been proposed [14]. In this method, the ant clone algorithm has been modified to become a multi-objective routing algorithm by considering the energy of the nodes and the validity of a path as optimization goals. In the SRPMA method, a path is formed based on the information of several pheromones, and the exploratory information consists of two objective functions. The validity model of each node is improved based on D-S certificate theory and is a pre-processing step to evaluate the degree of validity of the node. The simulation results of this method using NS2 simulator show that the SRPMA algorithm has achieved the desired performance against the black hole attack. In the following, this routing method is described in more detail. The SRPMA method considers the security and residual energy of the nodes as two optimization goals to find the optimal solution to improve network security and longevity [15]. This method, by introducing two objective functions and the optimal solution in ACO algorithm, tries to improve the classical one-purpose ant colony optimization routing algorithm and an optimal path according to the two specified objectives, namely: mean energy value and mean residual energy.
It is very important to provide a reliable routing method to ensure the security and efficiency of the routing process in wireless sensor networks. There is a great deal of research into improving the reliability of nodes in the path by cryptographic systems, credit management, or centralized path decision-making. However, there is still no effective way to prevent hostile attacks. In [16] proposed a reliable routing method using blockchain and enhanced learning (RLBC), which improves the security and efficiency of the routing process. This routing method provides a way to access node routing information in blockchain and makes routing information traceable and non-fake. The reinforcing learning model helps the nodes to dynamically select efficient and reliable paths. According to the experimental results, it can be seen that in a network with 50% hostile nodes, the RLBC routing method has a good performance in terms of delay compared to other routing methods. The details of this method are described below. In this method, it is assumed that the blockchain network is reliable, so that no attacking node can control and disrupt it [17]. It is also assumed that routing nodes are unreliable and may be controlled by attackers. In a routing scheduling process, a hostile router node may falsely claim to have sent a number of data packets to another node or delete data packets received from other nodes. Conflicting nodes may act as black hole nodes and delete data packets.
Secure routing is very important for wireless sensor networks because they are vulnerable to various attacks. In [18] proposed a new secure routing protocol in the presence of hostile nodes. For each replay node in the path, information such as status and validity is provided. The amount of credibility is defined as the probability of a node being attacked based on its behavior in sending the previous packet. Status is a composite scale that combines residual energy and distance to the well node. Therefore, the path generated by the IASR protocol is secure against hostile attacks and will be optimally based on this information. In this method, an improved version of Dijkstra algorithm is used to form a secure path against hostile nodes. The IASR protocol has been compared to the RBMSC routing method, which indicates better performance of this method. In the following, the IASR routing method is described in detail. Shi et al. (2020) have considered a wireless sensor network with n sensor nodes and a mesh topology structure. This network is in the form of a graph, so that N represents a set of sensor nodes, E represents a set of communication nodes between nodes, and W represents the weight of each edge. Graph G contains a source node and a well node [19]. For both source (s) and destination (d) nodes, there is a step transfer path k, such that and is. The data is sent to the well (destination) through this multi-step path.
Wireless sensor networks are used in a variety of environments. These networks can help detect early and reduce the damaging effects of chemical spills on the environment. The development of wireless sensor networks requires secure and energy-efficient mechanisms to ensure data accuracy. In addition, it is very difficult to recharge or replace the sensor batteries when these networks are developed in adverse environments [20]. For this reason, increasing the life of the network is very important. Also, wireless sensor networks are vulnerable to various attacks. As a result, efficiency and security are critical to the development of routing protocols [21]. Mahmud et al. proposed a low-energy, secure, secure (SeLeZoR) area-based routing protocol, in which network nodes are divided into several zones and each zone is divided into a number of clusters. In the SeLeZoR method, each cluster is controlled by a header (CH) and the information is sent to the area manager (ZH) using a secure key, which sends that data to the base station through a secure and efficient mechanism. The simulation results show that the SeLeZoR method achieves a higher level of security and better energy efficiency compared to other routing methods. In the following, this routing method is described in more detail.
Pernix et al. used an improved version of the Belmanford algorithm in the Ad hoc Demand-Based Distance Vector Routing Protocol (AODV) to store node energy and bandwidth. In the AODV algorithm, each node maintains a routing table, in which the next step to reach the destination is stored. When the source node wants to send a packet to the destination node and there is no valid path to the destination, the source node will start a path discovery process to find a path [22]. The source node distributes a route request packet (RREQ) to its neighbors, and this request is sent to their neighbors. This process is repeated until the packet reaches the destination or an intermediate node has a valid path to the destination node, as shown in Figure 2. The AODV algorithm uses a sequence number to ensure that the paths are ring-free and contain the latest information. Each node on the network maintains its own sequence number and a spreadsheet identifier (another local counter). Each time a node starts the path discovery process, it increases the spreadsheet ID by one unit [23][24]. The node address and its all-broadcast ID will make the RREQ packet unique. Thus, nodes can detect repetitive packets resulting from the flooding process. In addition, the source node inserts the last sequence number for the destination in the RREQ packet. As a result, intermediate nodes respond to the RREQ packet only if they have a path to the destination and the corresponding destination sequence number is greater than or equal to the RREQ sequence number, which means that a new path exists. When the middle nodes send RREQ packets, they store the address of the neighbor that received the first RREQ from them in their routing table, forming the reverse path. In addition, a timer is used in the path, and when this timer expires, it will be removed from the entry in the routing table.
Figure 2. Sending a path request packet in the AODV algorithm (Pernix et al., 2003)
Heinzelman et al. in [7] introduced an improved example of a low-energy adaptive hierarchical clustering protocol (LEACH) called centralized LEACH (LEACH-C). They believe that the LEACH distributed clustering algorithm has many advantages, but does not guarantee the replacement or proper number of cluster head nodes in the network. As a result, because clusters are adaptable, a weak clustering mechanism is set up when one step does not affect the overall performance of the network. Therefore, Heinzelman et al. used a central clustering algorithm to form clusters, so that better clusters could be formed by distributing clustered nodes throughout the network. This is the basis of the LEACH-C algorithm, which uses a centralized clustering algorithm in which the standby phase is similar to the LEACH algorithm. In the LEACH-C start-up phase, each node sends information about its current location (obtained using a GPS receiver) and its energy level to the base station. The base station has two functions: (1) to determine suitable clusters and (2) to ensure that the energy load is evenly distributed among all nodes in the network. To achieve these goals, the base station calculates the average energy of the nodes [25]. If the nodes have less energy than the average energy, they cannot be happy at the current stage. To select the cluster from the remaining nodes, the base station uses a simulated refrigeration algorithm to solve the NP-hard problem of finding the optimal k cluster. This algorithm tries to reduce the amount of energy consumed by non-cluster head nodes to send data to the thread by minimizing the sum of the square distances between the non-cluster head nodes and the nearest thread.
3. Proposed method
The wireless sensor network has many limitations such as resource constraints, insecure communications, and lack of central management and so on. Therefore, these limitations need to be considered when designing safe and efficient routing methods. As a result, the secure routing process in wireless sensor networks is a very challenging operation. A secure routing approach should ensure data integrity, authentication, and accessibility of messages in the presence of an attack node. However, due to some limitations in wireless sensor networks, it is very difficult to design a security model that can achieve all of these goals. In this chapter, a secure routing approach for wireless sensor networks is proposed that improves the AODV routing protocol.
3.1. Network Model
In the proposed routing method, a heterogeneous wireless sensor network is considered. In this method, it is assumed that the wireless sensor network is clustered using the LEACH algorithm. The network consists of a large number of normal sensor nodes with limited power, memory capacity and processing power, which act as cluster member nodes (CM) and are responsible for sensing the environment and sending the collected data to the clustered node. In addition, the network has a number of sensor nodes with more energy and processing power than other nodes. These nodes are known as cluster nodes (CH), which are responsible for receiving data from cluster member nodes and sending them to the base station. The network also includes a powerful and secure base station (BS), which is responsible for processing the received data and managing the entire network. The base station is located in the center of the network and all network nodes are aware of its spatial coordinates. The sensor nodes in the network (cluster member nodes or clustered nodes) are static and equipped with a Global Positioning System (GPS).
3.2. Suggested secure routing method
The member nodes of a cluster send their data directly (single step) to the header node, and the header is responsible for sending the data to the base station. The routing process in the proposed method consists of three phases. setup phase, routing between clustered nodes and communication security phase.
· Setup phase: In this phase, the base station loads the system parameters and encryption functions into the memory of the sensor nodes and assigns a unique identifier to each sensor node.
· Routing between clustered nodes: In this phase, whenever a cluster wants to send data to another node and does not have a destination, it will distribute a RREQ request packet to its neighboring nodes. Cluster nodes calculate their score for rerouting the path request packet (RREQ) based on the information in this packet. If their score exceeds a threshold, they will redistribute the RREQ package. This process continues until the RREQ packet reaches its destination.
· Communication security phase: In this phase, attention will be paid to communication security. In the proposed routing method, a combined symmetric and asymmetric encryption method is used to secure communication links in the network. This phase consists of two stages: establishing a secure connection within the cluster, establishing a secure connection between the cluster head nodes. Cluster nodes are responsible for generating the cluster key and sending it to the cluster member nodes. The cluster key is a symmetric key, which is used to secure internal cluster communications. Communication security between cluster head nodes is also provided by asymmetric switches.
3.2.1. Startup phase
In this phase, the base station assigns a unique ID to each sensor node and loads a primary key (
) into the nodes memory. This is the primary key () to secure the connections between the sensor nodes during network startup, which will be removed from the nodes memory after the network is expanded. The base station also loads some cryptographic parameters into the memory of the spinning nodes. Cluster nodes use these parameters to secure communication channels in inter-cluster communications and inter-cluster communications, which will be described in detail in Section 3.2.2. These parameters are:
· A key source for cluster key generation
· A pair of public-private keys
It should be noted that the security of communications within the cluster is provided using the symmetric encryption algorithm and the security of communication between the cluster head nodes is also provided based on the asymmetric cryptographic algorithm of the elliptic curve (ECC). The main reason for using an elliptic curve encryption system is that this method provides better security than traditional encryption systems for a key of a certain size. As a result, the Elliptic Curve (ECC) encryption method not only improves system security, but is also able to increase network performance to achieve a certain level of security by reducing key size and power consumption. The RREQ package structure is presented in Figure 3.
Node score value | Number of steps | Destination sequence number | Source sequence number | Destination address | Request ID | Source address |
Figure 3. RREQ package structure
Among the neighbors of an cluster head node, nodes that score higher than the previous node score listed in the RREQ packet can redistribute this packet. Before the RREQ packet is distributed, the header node will update the step number and score points fields of the node so that a unit adds to the number of steps and enters its score value in the node score field. The score of cluster head nodes is calculated based on four parameters:
· Distance of the current cluster head node to the destination (
): Whenever a cluster head node receives a path request packet (RREQ), it calculates its Euclidean distance to the destination node. The cluster head node that is closer to the destination node will have a higher score for replaying the RREQ packet. This parameter is calculated according to Equation 1:
(1)
So that the (XCH ,YCH) is coordinates of cluster head node and the (Xdes ,Ydes) is coordinates of the destination node.
· Residual node energy (
): Cluster nodes are aware of the amount of residual energy at any given time. The higher the energy, the higher the score for participating in the formation of the path.
· Communication link quality (
): The quality of communication links between nodes in a path is determined based on the received signal strength index (RSSI). Cluster head nodes When receiving an RREQ packet from a neighboring node, they are able to calculate the quality of the link between themselves and the cluster head node of the previous step. The paths are formed in such a way that the communication link between the cluster head nodes is of better quality.
· Number of steps (
): This parameter indicates the number of path steps from the source node to the current cluster head node. It should be noted that in the process of path formation, paths with fewer steps have more priority. This parameter is included in the RREQ package and one unit is added to it in each step. Finally, the score for each node (
) will be calculated based on Equation 2:
So that Qi indicates the quality of the link between the cluster head i and the cluster head of the previous step, Qmin indicates the minimum quality of the link, Qmax indicates the maximum quality of the link, Ei the residual energy of the cluster head nodes, Emax the initial energy of the node, HOPi the step number of the cluster head nodes. N is the sensor nodes in the network, di are the Euclidean distance from the current source to the destination node and dinitial is the Euclidean distance of previous step node to the destination.
Once the RREQ packet reaches the destination node, the destination node then prepares a path response packet (RREP) and sends it to the source node according to the specified path. After the RREP packet is received by the source node, information about this path will be entered in its routing table. The source node uses this path to send its data to the destination node. The flowchart of the route discovery process is presented in Figure 4.
Figure 4. Flowchart of the route discovery process
It should be noted that the routing maintenance process in the proposed routing method is similar to the AODV routing protocol. The purpose of the path maintenance process is for a node to ensure that the paths in its routing table are valid and to update a path if it is definitive.
3.2.2. Communication Security Phase
In this phase, the process of establishing secure connections in the network is introduced. this phase consists of two stages: establish a secure connection within the cluster and establish a secure connection between the cluster head nodes. In the following, each of these steps is described in detail.
A symmetric cryptographic method is used to secure the connections between the nodes of a member of a cluster. This phase consists of three parts:
· Cluster key formation: The cluster node is responsible for generating the cluster key and sending it to the cluster member nodes. For this purpose, after the cluster is formed and its members are identified, the cluster head node randomly selects a key from its key source, which is loaded in their memory before the nodes are distributed in the network. The header then encrypts this cluster (
) key and propagates it to its cluster member nodes, as described in Equation 3.
(3)
Each cluster member node (CM) that receives this message decrypts it and extracts the cluster key after confirming the clustered ID entered in the message. This process is calculated according to Equation (4).
(4)
· Message Encryption: Cluster member sensor nodes use the key to encrypt their messages in the cluster. Suppose a node wants to send data securely to its header. The message encryption process is presented in Equation 5.
(5)
· Decrypt messages: In a cluster, the message will also be decrypted using the cluster key (). When the cluster head node (CH) receives the node's encrypted message, it performs the message decryption process and extracts the (
) information from the data packet after confirming the node ID. This process is shown in Equation 6.
(6)
This process is shown in Figure 5.
Figure 5. Establishing a secure connection in a temperament
4. Simulation Results
In this chapter, the results of the simulation of the proposed secure routing method are presented and evaluated. These results are then compared with the two SMEER routing methods [5] and LEACH-C [7], which are described in detail in section 2.
In this section, a secure tracking function is proposed. First, the proposed routing method is implemented using the NS-Allinone-2.35 network simulator, and then the results of the simulation process are implemented with two routing methods, namely SMEER and LEACH-C. It should be noted that these two methods were described in detail in Chapter 3. In the simulation process, it is assumed that 100 sensor nodes in a space of 2500 × 50 square meters are randomly distributed and do not move. The base station is also located in the center of the network. The data packet size is 1024 bits. The initial energy of the sensor nodes is 0.5 joules and the initial energy of the cluster head nodes is one joule. In addition, the simulation time is 30 seconds. The simulation parameters are summarized in Table 1.
Table 4.1. Simulation parameters
Parameter | Value |
Simulator | NS2 |
Network size | 50m × 2500m |
Base station location network | Center |
number of network nodes | 100 |
The initial energy of the spinning nodes | 1 J |
Initial energy of sensor nodes | 0.5 J |
Antenna | Omni Antenna |
data packet size | 1024 bit |
Mac Layer Protocol | Mac / 802-11 |
Simulation time | 30 s |
In the simulation process, the performance of the proposed secure routing method is evaluated in terms of some parameters such as their delay, efficiency, energy consumption, packet delivery rate and packet loss rate and compared with other routing methods. In the following, these parameters are introduced:
· End Delay: This parameter is defined as the total time required sending packets to the receiver to receive packets by this node. The delay of the finishes is calculated according to Equation 7.
(7)
· Efficiency: This parameter is defined as the ratio of packets received at the receiver to the delay in the data transfer process. Yield is obtained based on Equation 8.
(8)
· Energy consumption: This parameter is expressed as the total energy received by the nodes to receive a packet and the sending energy of the sending node in the data transfer process. Energy consumption is obtained from Equation 9.
(9)
So that ERX is the energy needed to receive and the ETX is energy needed to send data packets.
· Package Delivery Rate (PDR): This parameter is introduced as a percentage of the total packets received by the recipient to the total packets sent to it. The package delivery rate is calculated based on Equation 10.
(10)
· Packet Loss Rate (PLR): This parameter is defined as the percentage of total data packets that did not reach their destination within a specified time period. The packet loss rate is obtained according to Equation 11.
(11)
4.1. Delay of the end
Figure 6 shows a comparison between the latencies of the ends in different routing methods. As you can see in this diagram, the proposed method has the lowest latency compared to other routing methods, it is on average 10.07% compared to the SMEER method [5] and 21.04% compared to the LEACH-C method [7]. performs better. As a result, the proposed secure routing method speeds up the data transfer process between nodes. This occurs for several reasons: (1) In the SMEER routing method the ECC-based asymmetric encryption method is used to ensure security in the data transfer process. This increases the latency of the data transfer process. While in the proposed routing method, a hybrid encryption method is used. In the proposed method, symmetric key cryptography is used in each cluster so that the nodes of the cluster encrypt their data using the cluster key and send it to the clustered node. Also, secure communication between cluster head nodes is ensured using an asymmetric key. This causes the proposed method to face less delay in the data transfer process than other routing methods. (2) The SMEER method uses the ant milk optimization technique in the network clustering process. It should be noted that the most important disadvantage of using this technique for network clustering is the high computational overhead and the need to repeat the steps to find the optimal answer, which greatly increases the latency and weakens the network performance. The LEACH-C method also uses a simulated refrigeration technique in the clustering process, which leads to an increase in computational overhead and latency. While in the proposed method, the LEACH algorithm is used for clustering, which is much faster than the two methods mentioned. (3) In the proposed routing process, the quality of communication links and the energy of cluster head nodes have been considered, as a result, more stable paths are formed. Therefore, the probability of path failure is reduced. This also reduces the delay in the routing process.
Figure 6. Comparison of end delays in different routing methods
4.2. Efficiency
Figure 7 provides a comparison between efficiencies in different routing methods. As you can see in this diagram, the proposed routing method has the best efficiency compared to other routing methods, because it averages 4.83% compared to SMEER and 46.85% does not belong to LEACH- C is more efficient. This is due to the fact that, firstly, the proposed routing method has less delay than other routing methods in the data transfer process, the reasons for which are stated in Section 4.1. Second, in the process of routing between cluster head nodes, an attempt is made to involve the nodes with the most energy in the path discovery process and to form paths with high link quality and fewer steps. As a result, the data transfer process is facilitated and efficiency is improved.
Figure 7. Comparison of efficiencies in different routing methods
4.3. Energy consumption
Figure 8 compares different routing methods in terms of energy consumption. As you can see in this diagram, the proposed routing method has the lowest energy consumption compared to other methods, because it has an average energy consumption of 8.82% compared to SMEER and 18.31% compared to LEACH-C reduces. This is due to the following reasons: In the LEACH-C method, the connection between the cluster head node and the base station is made directly (single step), which greatly increases the energy consumption of the cluster head nodes. On the other hand, in the SMEER routing process, the data source node sends its data to the base station in a multi-step method, which improves energy consumption in this method. However, in the SMEER method, when selecting the next step node, only two parameters, namely the distance and angle between neighboring nodes, have been considered. While selecting more appropriate parameters can further improve the performance of this routing method. In the proposed routing method, the connection between the base station and the cluster head is done in a multi-step method. As a result, stability paths are formed that reduce the packet loss rate and improve energy consumption in the transmission process.
Figure 8. Comparison of energy consumption in different routing methods
4.4. Closed loss rate
Figure 9 shows a comparison between packet loss rates in different routing methods. As you can see in this diagram, the proposed secure routing method has the lowest packet loss rate. Because, on average, it has an average packet loss rate of 31.43% lower than SMEER and 55.14% lower than LEACH-C. LEACH-C has the worst closed-loop rate because cluster head nodes face high communication overheads and consume a lot of power in the grid. They must receive the data from the cluster member nodes and send it directly to the base station. This can increase the packet loss rate due to the rapid discharge of energy from the cluster head nodes. On the other hand, in the SMEER method only two parameters of distance and angle between neighboring nodes in the path detection process have been considered. However, paying attention to the energy of nodes and the quality of communication links in this process is of particular importance. Therefore, in the SMEER method it will be possible to form unstable paths. This can increase the packet loss rate. In the proposed secure routing method, attention is paid to the energy of nodes and the quality of communication links in the route discovery process, which can help to establish stable routes and reduce the packet loss rate.
Figure 9. Comparison of packet loss rates in different routing methods
4.5. Closed delivery rate
Different routing methods are compared in terms of packet delivery rate in Figure 10 As you can see in this diagram, the proposed method does not have the best package delivery rate compared to other routing methods. Because, it improves the average package delivery rate by 13.83% compared to SMEER and 32.1% compared to LEACH-C. This suggests that the proposed routing method is faster in delivering data packets to the destination and can improve network performance. The reasons for this are described in detail in Section 4.4.
Figure 10. Comparison of packet delivery rates in different routing methods
5. Conclusion
Security is one of the most important challenges in wireless sensor networks. In this dissertation, a secure routing method for heterogeneous wireless sensor networks was introduced. The proposed secure routing method consists of three phases: the setup phase, the routing phase between the cluster head nodes and the communication security phase. In the routing phase between cluster head nodes, the process of distributing route request packets was controlled using a parameter called node score to generate high-quality link paths, fewer steps, and more energy between source and destination nodes. Also, in the security phase, a hybrid encryption technique was introduced and the processes of key formation, encryption of control messages and decryption of control messages were explained. Then, the proposed secure routing method was implemented using NS2 simulator. Next, its results in components such as end delays, efficiency, energy consumption, packet delivery rate and packet loss rate with two routing methods SMEER [5] and LEACH-C [7] were compared. The simulation results show the success of the proposed method compared to other secure routing methods. The proposed method consumes less energy, reduces latency in the data transfer process, improves network efficiency, and provides a higher packet delivery rate.
References
[1] Ahmed, A., Bakar, K.A., Channa, M.I. and Khan, A.W., 2016. A secure routing protocol with trust and energy awareness for wireless sensor network.Mobile Networks and Applications, 21(2), pp.272-285.
[2] Boulaiche, M., 2020. Survey of Secure Routing Protocols for Wireless Ad Hoc Networks.Wireless Personal Communications, pp.1-35.
[3] Darabkh, K.A., El-Yabroudi, M.Z. and El-Mousa, A.H., 2019. BPA-CRP: A balanced power-aware clustering and routing protocol for wireless sensor networks. Ad Hoc Networks, 82, pp.155-171.
[4] Deepa, C. and Latha, B., 2019. HHSRP: a cluster based hybrid hierarchical secure routing protocol for wireless sensor networks. Cluster Computing, pp.1-17.
[5] Dhand, G. and Tyagi, S.S., 2019. SMEER: Secure multi-tier energy efficient routing protocol for hierarchical wireless sensor networks. Wireless Personal Communications, 105(1), pp.17-35.
[6] Djedjig, N., Tandjaoui, D., Medjek, F. and Romdhani, I., 2020. Trust-aware and cooperative routing protocol for IoT security.Journal of Information Security and Applications, 52, p.102467.
[7] Heinzelman, W.B., Chandrakasan, A.P. and Balakrishnan, H., 2002. An application-specific protocol architecture for wireless microsensor networks. IEEE Transactions on wireless communications, 1(4), pp.660-670.
[8] Hu, F., Chen, B., Shi, D., Zhang, X. and Pan, H.Z., 2020, May. Secure Routing Protocol in Wireless Ad Hoc Networks via Deep Learning. In 2020 IEEE Wireless Communications and Networking Conference (WCNC) (pp. 1-6). IEEE.
[9] Kavidha, V. and Ananthakumaran, S., 2019. Novel energy-efficient secure routing protocol for wireless sensor networks with Mobile sink. Peer-to-Peer Networking and Applications, 12(4), pp.881-892.
[10] Kavitha, R.J. and Caroline, B.E., 2019. Secured and reliable data transmission on multi hop wireless sensor network. Cluster Computing, 22(5), pp.10915-10924.
[11] Kojima, H., Yanai, N. and Cruz, J.P., 2019. ISDSR+: improving the security and availability of secure routing protocol. IEEE Access, 7, pp.74849-74868.
[12] Maitra, T., Barman, S. and Giri, D., 2019. Cluster-based energy-efficient secure routing in wireless sensor networks. In Information technology and applied mathematics (pp. 23-40). Springer, Singapore.
[13] Mehmood, A., Lloret, J. and Sendra, S., 2016. A secure and low‐energy zone‐based wireless sensor networks routing protocol for pollution monitoring. Wireless Communications and Mobile Computing, 16(17), pp.2869-2883.
[14] Nakas, C., Kandris, D. and Visvardis, G., 2020. Energy Efficient Routing in Wireless Sensor Networks: A Comprehensive Survey. Algorithms, 13(3), p.72.
[15] Pathan, A.S.K. ed., 2016. Security of self-organizing networks: MANET, WSN, WMN, VANET. CRC press.
[16] Perkins, C., Belding-Royer, E. and Das, S., 2003. RFC3561: Ad hoc on-demand distance vector (AODV) routing.
[17] Sarkar, A. and Murugan, T.S., 2019. Cluster head selection for energy efficient and delay-less routing in wireless sensor network. Wireless Networks, 25(1), pp.303-320.
[18] Selmic, R.R., Phoha, V.V. and Serwadda, A., 2016. Wireless Sensor Networks. Springer International Publishing AG.
[19] Shi, Q., Qin, L., Ding, Y., Xie, B., Zheng, J. and Song, L., 2020. Information-Aware Secure Routing in Wireless Sensor Networks.Sensors, 20(1), p.165.
[20] Sun, Z., Wei, M., Zhang, Z. and Qu, G., 2019. Secure Routing Protocol based on Multi-objective Ant-colony-optimization for wireless sensor networks. Applied Soft Computing, 77, pp.366-375.
[21] Thangaramya, K., Kulothungan, K., Logambigai, R., Selvi, M., Ganapathy, S. and Kannan, A., 2019. Energy aware cluster and neuro-fuzzy based routing algorithm for wireless sensor networks in IoT.Computer Networks, 151, pp.211-223.
[22] Thangaramya, K., Kulothungan, K., Indira Gandhi, S., Selvi, M., Santhosh Kumar, S.V.N. and Arputharaj, K., 2020. Intelligent fuzzy rule-based approach with outlier detection for secured routing in WSN. Soft Computing, pp.1-15.
[23] Viswanathan, S. and Kannan, A., 2019. Elliptic key cryptography with Beta Gamma functions for secure routing in wireless sensor networks. Wireless Networks, 25(8), pp.4903-4914.
[24] Yang, J., He, S., Xu, Y., Chen, L. and Ren, J., 2019. A trusted routing scheme using blockchain and reinforcement learning for wireless sensor networks.Sensors, 19(4), p.970.
[25] Yang, G., Dai, L., Si, G., Wang, S. and Wang, S., 2019. Challenges and security issues in underwater wireless sensor networks.Procedia Computer Science, 147, pp.210-216.
