- Journal List
- PeerJ Comput Sci
- v.9; 2023
- PMC10495966
As a library, NLM provides access to scientific literature. Inclusion in an NLM database does not imply endorsem*nt of, or agreement with, the contents by NLM or the National Institutes of Health.
Learn more: PMC Disclaimer | PMC Copyright Notice
PeerJ Comput Sci. 2023; 9: e1449.
Published online 2023 Aug 29. doi:10.7717/peerj-cs.1449
PMCID: PMC10495966
PMID: 37705659
Ke Zhang
Academic Editor: Chenxi Huang
Author information Article notes Copyright and License information PMC Disclaimer
Associated Data
- Supplementary Materials
- Data Availability Statement
Abstract
Wireless sensor networks (WSNs) are networks formed by organizing and combining tens of thousands of sensor nodes freely through wireless communication technology. WSNs are commonly affected by various attacks, such as identity theft, black holes, wormholes, protocol spoofing, etc. As one of the more severe threats, wormholes create passive attacks that are hard to detect and eliminate. Since WSN is often used in the tactical network field, a planned secure network is essential for military applications with high security. Guard nodes are traffic monitoring nodes used to supervise neighbors’ data communication around the tactical networks. Therefore, this work proposes a Quality of Service (QoS) security mechanism to select multiple dual-layer guard nodes at different paths of the WSN based on the path qualities to detect wormholes. The entire network’s links are categorized into high, normal, and low priority levels. As such, this study aimed to confirm the security of high priority nodes and links in the tactical network, avoid excessive overhead, and provide random security facilities to all nodes. The proposed measures of the QoS-based security provision, including link cluster formation, guard node selection, authenticated guard node identification, and intrusion detection, ensure economic and efficient network communication with different quality levels.
Keywords: Tactical network, WSN, Passive attack, Wormhole, QoS, Protocols, Intrusion, Secure routing and neighbor monitoring
Introduction
Wireless security networks (WSNs) are a type of sensor network that deploys multiple wireless sensor nodes around vast geographical regions. Each sensor node in the network can be manufactured with multiple sensors and transceivers that observe environmental objects, such as heat, moisture, pressure, etc. These sensor nodes and other gateway systems are implemented into tactical networks to increase security. However, despite the secure environment, the network is still vulnerable to different attacks that harm its functions and, thus, requires new techniques to enhance security further. Guard nodes provide a security technique that employs separate nodes with other tactical nodes to supervise neighbours’ activities. These nodes must be optimally selected from any part of the tactical WSN. to maintain data transmission quality. In this work, guard nodes were chosen for detecting wormhole attacks raised in the tactical WSN.
A wormhole attack is a passive attack that creates a separate unauthorized link between two communicating nodes, subsequently causing the legitimate nodes to send data through this link. Thus, the data are intercepted, and the corresponding nodes are compromised. In a tactical WSN, the guard node selection should be based on current link qualities and priorities to ensure dedicated security benefits. However, in data communication, QoS in security depends on its availability, reliability, and serviceability. This work analyzed the specific characteristics, limitations, and QoS factors of tactical WSNs. Specifically, guard nodes were selected for monitoring purposes by analysing the quality metrics of each node.
Because selecting multiple guard nodes helps to protect the links and nodes from wormhole attacks. The principle of QoS is to ensure the security of all links and guard node activities. At the same time, the priority-based security provision is achieved using this effective guard node selection process. To develop QoS-based guard nodes and establish secure monitoring to eliminate wormholes, supervised monitoring nodes (SMNs) are improved with quality control techniques. analysed wormhole attackers and the complexity of intrusion detection, focusing on QoS and security difficulties. Results showed that such attacks do not concentrate on network availability, communication reliability, or security in WSN. Therefore, the prior wormhole attack detection and performance estimation was the target of the research.
In this work, guard node-based security was combined with QoS for a WSN as a protective measure against wormhole attacks due to inadequate resources and composite interactions of WSN operations. This proposed measure is pertinent for developing secured and QoS-provisioned data transmission.
This presented work suggests the selection of multiple guard nodes to protect the tactical WSN from wormhole attacks. Each node in the network is equipped with wormhole detection procedures and alarm units and can be requested to act as a guard node. At the same time, the guard node uses wormhole detection procedures to detect attacks from the nearest hops. In addition, the proposed system ensures link quality, priority, and QoS levels of each node to provide guard node-based security. The rest of this article is organized as follows. The second section presents related works. The third section describes QoS-based guard node selection procedures, followed by discussions on QoS attainments, secure guard node authentication, and wormhole detection procedures. The fourth section explains the results of implementing the proposed QWDGN. The fifth section provides concluding remarks.
Related Work
Various detection techniques have been proposed to protect tactical WSNs against attacks. Precisely, the wormhole attack detection techniques follow either rule-based, feature-based, or signature-based identification. proposed a transmission round time-oriented wormhole attack detection algorithm in wired networks. In this approach, the authors analysed traffic attributes using an enhanced interior gateway routing protocol then implemented the proposed mechanism in cisco-based networks. discussed effective wormhole detection strategies in wireless mesh networks containing more links than other networks. The authors concentrated on mesh network links in which wormholes were created to misuse the network resources. The authors further investigated the performance rates of attack detection algorithms against a large number of wormhole links.
established a distributed-level coding system, DAWN, to protect the network resources against multiple wormhole attacker nodes. The proposed system was designed to monitor local, and global network services, communication synchronization patterns, and wormhole attacks by controlling network coding protocols. Both and analysed proactive and reactive protocols for WSN security, focusing on support for data communication, security problems, and the necessary solutions.
and proposed wormhole attack detection strategies in WSNs to protect the nodes. In these works, wormhole attacks were first created by multiple attackers among legitimate nodes, then detected using the proposed algorithms based on the node signatures and transmission patterns. However, the proposed strategies suffer from a limited number of nodes. In the same way, proposed QoS support protocols for WSNs to build reliable security in the proposed system. Moreover, Wang et al. (2010) devised a QoS-based efficient routing approach using MAC optimization for cross-layer activities between MAC and routing protocol procedures. The authors claim that this design performs better in WSN, whereby the MAC and IP data sequences can be customized to obey QoS requirements. Further, the authors suggest that the QoS-based routing strategy offers less delay and smaller packet loss compared to other methods.
Previous studies have proposed diverse viewpoints and principles of QoS. For instance, investigated QoS measurements and optimal power consumption using QoS procedures and policies with the Gur prototype, and found that node dimension, deployment, coverage, and liveliness of each node constrain QoS. Dissimilar to other works, this work developed QoS as a provision to guard node selection procedures. The researchers matched the requirements of both QoS and security in a single view to building an efficient guard node-based Intrusion Detection System (IDS). Since tactical WSNs are prone to different types of wormhole attacks, aimed to establish security against wormhole attacks without compromising the quality performance of the network. The latter authors incorporated security policies and a QoS strategy as a protective measure against wormhole attacks.
Similarly, Pazynyuk et al. (2008) investigated the challenges and needs of QoS-based security features by selecting guard nodes and using SMNs to maintain the optimal data loss rate, transmission rate, and delay with energy utilization. Because QoS and security concerns are not associated with the context of WSN, proposed different solutions against wormhole attacks. The authors emphasized the WSN environment, where both QoS and security attainments are required for successful operation. Tactical networks, such as those used in military target tracking applications, are expected to be more secured. demonstrated the impact of the inclusion of certain security protocols on the rate of QoS and the effects of specific QoS parameters on the network’s security needs. All mentioned studies found notable correlations between QoS and security despite not being closely related notions.
Even though there are different routing and wormhole attack detection techniques, security and QoS maintenance are vital in WSNs(). InFathi et al. (2021) the quality of service-based sensor location modelling is done, and the service pricing is determined based on that describes the usage of wireless sensor networks with mobile elements for designing a platform for the smart environment. In this manner, this presented work suggests security provisions against wormhole attacks(Kaliyar et al., 2020; ) by considering link-wise QoS requirements and offering the flexibility of customized security metric allotments for different links in tactical WSNs. Specifically, QoS’ needs and security qualities are interrelated and secured, while security levels are ensured using Hash-based Authentication Codes (HMAC) computations. Herein, the communication parameters were optimized to enhance the security of QoS levels.
Based on the analysis, both the computation and communication overhead provide efficient security procedures and, thus, improved security for nominal computation overhead in the WSN.
QoS-based Wormhole Detection Using Guard Nodes
In the proposed QWDGN, security and QoS parameters were analyzed and correlated. First, security levels were determined with varying HMAC complexities and packet lengths, as given in Table 1. Then, QoS and guard node characteristics were mapped for the selection procedures. In the next phase, the selected guard nodes were identified. In the end, the wormhole attack detection procedures were activated to ensure security in the tactical WSN.
Table 1
Security levels and packet lengths.
| Security levels | Security details | Packet length (Bytes) |
|---|---|---|
| 0 | Not secured packet | 54 |
| 1 | 8 bytes of HMAC | 62 |
| 2 | 12 bytes of HMAC | 66 |
| 3 | 16 bytes of HMAC | 70 |
| 4 | 20 bytes of HMAC | 74 |
Open in a separate window
Providing security in the selection process of guard nodes creates additional control messages and data exchanges. This can cause the packet length to increase, affecting the QoS assigned to the data transmission.
Table 1 provides details of the various security levels. Discussion of related works focuses on the secured packets with the help of HMAC. As the size of HMAC increases, the packet length also increases, which affects data transmission. Thus, building guard node-based IDS with minimal cost of packet overhead is an important task. Only a few research works describe object or node-tracking mechanisms in WSNs.
Guard nodes and master nodes
Guard nodes contain the intrusion detection system (IDS) as the active agent to configure rules and procedures to validate node traffic. Since the IDS agent can be designed to monitor any violations in the tactical network, it was configured with wormhole attack patterns in this work. Guard nodes in the network can activate these IDS procedures to validate their behaviors and traffic patterns. Figure 1 shows a sample tactical WSN with various clusters in which several nodes can be grouped. Guard nodes must be selected based on link efficiency to keep QoS constraint. In addition, the supervising master nodes (SMNs) were configured to organize guard nodes’ activities and reports.
Figure 1
Tactical WSN formation.
Figure 1 also illustrates the guard node selection process in the initial steps of the selection algorithm. In the network setup stage, secure cluster formation and guard node selection phases were incorporated with QoS constraints. The following section explains QoS-based guard node selection algorithms and QoS-based SMN configuration procedures.
As seen in Fig. 1, the network setup displays four clusters, each containing members, cluster heads, and SMNs. Algorithm 1 represents the QoS-based cluster formation and cluster head election, assuming there are four classes of QoS requirements.
QoS-based cluster formation
QoS attributes, such as delay, bandwidth, jitter, energy, and throughput, are given reference values to classify clusters and node characteristics. Algorithm 1 (as shown in Fig. 2) requires a few additional steps for incorporating QoS requirements in each cluster. In this setup phase, quality measurements for all nodes and links are defined and updated in the base station and the cluster head. The quality definitions are provided in Table 2, in which the dots specify the range or sequence of link quality.
Figure 2
The pseudo-code of Algorithm 1.
Table 2
Simulation attributes.
| Simulator name | NS-3 |
|---|---|
| Simulation Time | 200s |
| Area | 1000*1000 m |
| Number of nodes | 300 |
| Power (Joules) | 200 |
| Transmitting power (Joules) | 0.5 |
| Routing protocol | AOMDV |
Open in a separate window
Figure 3 shows the clusters and cluster node links. Using these nodes and QoS requirements, the guard nodes must be selected, while SMNs need to be configured to monitor the nodes. Figure 4 displays the creation of wormhole nodes and links (grey nodes) in different clusters, in which the short wormhole are affected by Node 1 and Node 6 from Cluster 2.
Figure 3
Clusters, nodes, and link identification.
Figure 4
Different types of wormholes in each cluster.
Besides Nodes 1 and 6 from Cluster 2, Nodes H and K from Cluster 3 are also affected by short wormhole attackers. A single wormhole attacker can use high transmission energy to entice the neighbour nodes to send their data to the attacker. This creates a wormhole between Nodes 1 and 2 and between Nodes L and M, presenting the first case of vulnerability creation. In comparison, Nodes 7, 15, 14, 13, and 12 from Clusters 0 and 1 are influenced by the longest wormholes, which affect the entire link.
According to the QoS requirements and security needs, the proposed QWDGN provides controllable security complexities. For example, level 0 requires high priority of QoS but allows minimal security overhead, thus, QoS and security levels are indirectly proportional. Yet, this lack of security is not allowable in the best QoS links. In Cluster 1, the affected nodes include Nodes B, C, G, and the cluster head. All wormhole attackers collect packets from their victims and then misuse or divert the collected information. Otherwise, they may alter the received data and send false information to other network nodes. These attacks create extensive issues for low, medium, and high-priority links.
Due to the complex nature of WSNs, identifying guard nodes and maintaining the availability of nodes are complicated tasks. Therefore, in addition to the optimal guard node selection algorithms, this presented study performed the secure cluster head identification and trust evaluation procedures, as reported in previous works.
QoS-based guard node selection
Algorithm 2 (as shown in Fig. 5) is responsible for validating each link in the network and then subsequently analyzing the priority vector details, which describe the priority levels of each link. From the initial level of analysis, the possible guard nodes are identified.
Figure 5
The pseudo-code of Algorithm 2.
Once the list of optimal neighbours has been formed, they can share their monitor requests with the nodes to be monitored. Advanced Encryption Standard (AES) encrypts these requests at each guard node. This is explained in Algorithm 3 (as shown in Fig. 6).
Figure 6
The pseudo-code of Algorithm 3.
Authenticating guard node
The nodes that receive valid permission from Node ‘i’ can monitor the guard node. Typically, the guard nodes are not selected from high priority QoS links, but rather from low priority links, which causes delays in sensitive data transmission. Also, the bandwidth of superior priority links is saved.
By using this approach, throughput is increased. For MP links, the guard nodes are selected based on the W weight vector, which may fractionally vary between 0 and 1. Once these guard nodes are selected successfully, they are under the control of SMNs. In this QoS-based security mechanism, the SMNs need to be configured in different manners.
SMN configuration
SMN is the master node that acts as the authenticated cluster head and must be configured for maintaining the operation of guard nodes in wormhole detection. Guard nodes detect wormholes at their nearest hops, then raise alarms and send reports to their closest SMNs, which repeat the wormhole alert messages to all other members of the WSN cluster. Algorithm 4 (as shown in Fig. 7) gives the details of SMN configuration. Figure 8 illustrates the creation and utilization of guard nodes and SMNs, represented by shaded and bold line circles, respectively. The lines between circles indicate the monitoring processes between the grey nodes in the four clusters with several attackers (circles). In Cluster 0, Node 8 monitors Node 9, while Node 10 monitors Node 13. Assuming that Node 6 is sending data to any other node in a cluster, then that data transmission is monitored by two nodes.
Figure 7
The pseudo-code of the Algorithm 4.
Figure 8
Guard nodes (shaded circles) and SMNs (bold line circles) in cluster neighbors.
The monitoring processes are dependent on QoS conditions. For example, if Node 3 withdraws its monitoring task on Node 6 to monitor Node 1, it is assumed that the association between Nodes 1 and 3 has higher priority than between Nodes 3 and 6. The same situation can occur for the operation of Node 5 and each cluster to maintain the network traffic requirements based on QoS metrics. Once this QoS-based intrusion detection is enabled in the respective guard node, the node executes its IDS agent module.
Wormhole attack detection using guard nodes
Usually, wormholes create separate attacker nodes at the transmitting ends (source and destination). The wormhole attackers generate a private unauthenticated link from the source to the destination to intercept the data. Since this attack is not openly active, it is rather complicated to be detected. However, the nodes’ signatures and traffic patterns help identify wormhole attackers in tactical WSN, which are implemented in the proposed QWDGN system. Algorithm 5 (as shown in Fig. 9) describes the procedure of wormhole detection.
Figure 9
The pseudo-code of Algorithm 5.
At the end of this process, various wormholes can be detected. In this work, a secure Ad Hoc On-Demand Distance Vector (AOMDV)(Fathi et al., 2021; ) was used for a safe routing process, in which the transmission path is declined once the attackers are identified successfully. Then, the path is forever marked as vulnerable in the AOMDV routing table, thus ensuring secure routing.
Implementation and Results
Herein, the proposed QWDGN was verified using Network Simulator-3 (NS-3). The network was designed with the simulation characteristics, which are provided are in Table2. In this simulation, 300 tactical WSN nodes were created with an initial transmitting power of 0.5 Joules, then the tactical WSN area of 1000*1000 m was configured.
Figure 10 shows the performance of the proposed QWDGN system at different security levels of links, where the link counts vary according to different HMAC lengths. For this performance analysis, three existing wormhole detection techniques, namely wormhole detection in static WSN (WSWSN), round-trip time (RTT) based wormhole detection (RTTWD), and AODV for wormhole detection (AWD), were included for comparison. In the WSWSN approach, several wormholes are simulated on a static WSN and are identified using signature-based procedures. However, this approach assumes that all nodes are preconfigured with predefined guard nodes().
Figure 10
Nodes and secure links.
Figures 11 and and1212 present the details of the different wormhole detection methods, namely WSWSN, RTTWD, and AWD, compared with the proposed QWDGN system. Results show that QWDGN performs better than the other methods due to its dynamic QoS aware guard nodes and security aspects.
Figure 11
Number of attacks detected.
Figure 12
Attack detection ratio.
Figure 13 illustrates the comparison of QoS-based overhead between our proposed strategy and the other methods. In this case, the different methods lack quality parameters of the sensitive tactical WSN, which increases the complexity of all QoS levels when developing security principles. Comparatively, our proposed QWDGN system ensures limited overhead in providing security features to all links.
Figure 13
QoS levels and computation overhead.
Conclusion
The proposed QWDGN was designed and implemented to create a wormhole detecting guard node environment. The nodes were selected based on the required quality levels of each link, which were detained separately as priority based on QoS needs. In this environment, the selected guard nodes were dynamically switched to detect the wormholes considering QoS needs, while routing was carried out using secure AOMDV. According to the performance evaluation, the proposed strategy can produce a sufficient number of guard nodes and ensure security of the tactical WSN based on the QoS provision levels with 20% less overhead. Nevertheless, the main challenge of this proposed system is maintaining the availability of guard nodes against dynamic network changes. Thus, our strategy can be improved by using secure quality aware routing algorithms to minimize the latency by 20% and packet loss and implementing deep learning-based neural network techniques to increase the dynamic decision-making rate against wormholes.
Supplemental Information
Supplemental Information 1
Raw data and code:
Click here for additional data file.(267K, zip)
Funding Statement
The author received no funding for this work.
Additional Information and Declarations
Competing Interests
The author declares that there are no competing interests.
Author Contributions
Contributed by
Ke Zhang conceived and designed the experiments, performed the experiments, analyzed the data, performed the computation work, prepared figures and/or tables, authored or reviewed drafts of the article, and approved the final draft.
Data Availability
The following information was supplied regarding data availability:
The raw data and code are in the Supplemental Files.
References
Dutta & Dunkels (2012) Dutta P, Dunkels A. Operating systems and network protocols for wireless sensor networks. Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences. 2012;370(1958):68–84. doi:10.1098/rsta.2011.0330. [PubMed] [CrossRef] [Google Scholar]
Fathi etal. (2021) Fathi M, Marufuzzaman M, Buchanan RK, Rinaudo CH, Houte KM, Bian L. An integrated pricing, QoS-aware sensor location model for security protection in Society 5.0. IEEE Transactions on Engineering Management. 2021 doi:10.1109/TEM.2021.3088389. [CrossRef] [Google Scholar]
Ji, Chen & Zhong (2015) Ji S, Chen T, Zhong S. Wormhole attack detection algorithms in wireless network coding systems. IEEE Transactions on Mobile Computing. 2015;14(3):660–674. doi:10.1109/TMC.2014.2324572. [CrossRef] [Google Scholar]
Kaliyar etal. (2020) Kaliyar P, Ben Jaballah W, Conti M, Lal C. LiDL: localization with early detection of sybil and wormhole attacks in IoT Networks. Computers & Security. 2020;2020(94):101849 [Google Scholar]
Karthigadevi, Balamurali & Venkatesulu (2018a) Karthigadevi K, Balamurali S, Venkatesulu M. Wormhole attack detection and prevention using EIGRP protocol based on round trip time. Journal of Cyber Security and Mobility. 2018a;7(1):215–228. [Google Scholar]
Khan & Lavagno (2012) Khan SU, Lavagno L. Security in wireless sensor networks. Global Journal of Computer Science and Technology Network, Web and Security. 2012;12:16. [Google Scholar]
Kumhar & Ukani (2015) Kumhar M, Ukani V. Survey on Qos aware routing protocols for wireless multimedia sensor networks. International Journal of Computer Science & Communication. 2015;6(1):121–128. [Google Scholar]
Kurmi, Verma & Soni (2017a) Kurmi J, Verma RS, Soni S. An efficient and reliable methodology for wormhole attack detection in wireless sensor network. Advances in Computational Sciences and Technology. 2017a;10(5):1129–1138. [Google Scholar]
Lakshmi & Yadav (2019) Lakshmi TV, Yadav N. An improved wormhole attack detection and prevention method for wireless mesh networks. International Journal of Advanced Research in Computer and Communication Engineering. 2019;4(2):480–485. [Google Scholar]
Patel, Aggarwal & Chaubey (2019) Patel M, Aggarwal A, Chaubey N. Advances in computer communication and computational sciences. Springer; Singapore: 2019. Detection of wormhole attack in static wireless sensor networks; pp. 463–471. [Google Scholar]
Pazynyuk etal. (2008) Pazynyuk T, Li J, Oreku GS, Pan L. QoS as means of providing WSNs security. Seventh international conference on networking (ICN 2008); Piscataway. 2008. pp. 66–71. [CrossRef] [Google Scholar]
Perillo & Heinzelman (2005) Perillo MA, Heinzelman WB. Fundamental Algorithms and Protocols for Wireless and Mobile Networks. Boca Raton: CRC Hall; 2005. Wireless sensor network protocols. [Google Scholar]
Poonam & Preeti (2014) Poonam M, Preeti D. Packet forwarding using AOMDV algorithm in WSN. International Journal of Application or Innovation in Engineering & Management (IJAIEM) 2014;3(5):456–459. [Google Scholar]
Roy & Khan (2020) Roy AK, Khan AK. RTT based wormhole detection for wireless mesh networks. International Journal of Information Technology. 2020;2020(12):539–546. [Google Scholar]
Sartori & Melen (2021) Sartori F, Melen R. Design and implementation of a platform for wearable/mobile smart environments. IEEE Transactions on Engineering Management. 2021 doi:10.1109/TEM.2021.3062786. [CrossRef] [Google Scholar]
Tun & Maw (2008) Tun Z, Maw AH. Wormhole attack detection in wireless sensor networks. World Academy of Science, Engineering and Technology. 2008;46:2008. [Google Scholar]
Wang etal. (2010) Wang H, Zhang X, Naït-Abdesselam F, Khokhar A. Cross-layer optimized MAC to support multihop QoS routing for wireless sensor networks. IEEE Transactions on Vehicular Technology. 2010;59(5):2556–2563. doi:10.1109/TVT.2010.2042185. [CrossRef] [Google Scholar]
Articles from PeerJ Computer Science are provided here courtesy of PeerJ, Inc
