Countering Node Misbehavior Attacks Using Trust Based Secure Routing Protocol

,


Introduction
The interest of research community has significantly increased in sensor networks during last few years due to low-cost solutions for diversity of applications including environmental monitoring, vehicle tracking and detection, healthcare, traffic control in smart roads, battle field monitoring, surveillance and battle damage assessment [1]- [3].Most of the times WSN operates in un-attended environments which exposes the deployed sensor nodes to variety of security attacks [4], [5].The security attacks in WSN may be classified into two types: Outsider (External) attacks and Insider or node misbehavior attacks [6].In outsider attack, attacker lacks authentication and key information and such type of attack can easily be dealt with classical security mechanism such as cryptography, encryption and authentication.In insider attack, an adversary already has all key and cryptographic information so that it can easily change the behavior of a node.Therefore, such type of node misbehavior attacks cannot be dealt with traditional security measures.The most common insider attacks are wormhole, blackhole, selective forwarding and sinkhole attacks [7]- [9].Several secure solutions have been develop [10]- [12] to protect WSN against variety of attacks.However, these solutions exploit traditional security mechanisms such as cryptography and authentication which are mostly not suitable to counter nodes' misbehavior attacks as these techniques assume that participating nodes as cooperative and trustworthy.However, this assumption is not realistic for insider or node misbehavior attacks [13].Similarly, these traditional security measures require some sort of central administration for security management which is usually not available in selforganized ad-hoc and sensor networks [14].The efficacy of cryptography based solutions is ineffective in a case where an authorized compromised sensor node due to internal attack, can have easy access to memory contents and valid secret keys [15].In addition, these traditional security solutions require high computation, memory and energy consumption which restrict their implementation in resource constrained sensor nodes [16].
To overcome limitations of traditional security primitives, the concept of trust has been successfully applied to ad-hoc and sensor networks to counter node misbehavior attacks.Trust

261
management is an effective tool that is suitable for security architecture of sensor network [17], [18].Several trust aware routing schemes have been developed over the years.In [19] a geographical trust aware routing protocol for combating blackhole and grayhole attacks in sensor network is proposed, which however generate huge amount of traffic over network by sending periodic updates for collecting firsthand (direct) and secondhand (indirect) information.Moreover, if the node mobility is very high it may increase trust build-up mechanism time.To defend against wormhole attack in WSN, a trust-aware routing framework (TARF) has been proposed [20].Each node to keeps record for trust and energy cost values for their known neighbors.Trust evaluation is based on detecting routing loops, whereas nodes involved in routing loops are penalized.Energy control messages are broadcasted that contains energy cost information to deliver a packet.However, broadcasting of energy control packets may increase routing load and it may also suffers from selfishness attack where a compromised node may send false energy cost information.A trusted node may be declared as malicious node if it drops packets due to significant level of congestion.In [21] trust based routing protocol based on AODV (TAODV) is proposed for MANET which exploits trust information in route discovery.The proposed scheme is not feasible for resource constrained environment such as WSN as it is computationally intensive and makes use of cryptographic module for providing security.Furthermore, authors did not consider the effects of attacks on their proposed scheme.
A trust aware routing protocol (TARP) has been proposed for sensor actuator network [22].The parameters like echo ratio and link quality have been used for evaluating the trustworthiness.The echo ratio represents broadcast overhearing messages in promiscuous mode.TARP makes use of various broadcast and unicast messages for maintaining and updating link quality, communication state and echo ratio.However, the type of node misbehavior attacks and its effect on trust model is neither mentioned nor considered.The link quality parameter for evaluating trust is not an appropriate choice as link quality may degrades due to inference or noise which effects in the decision making capability of trust model.Furthermore, efficacy of proposed scheme is only measured in term of energy consumption which is not the relevant parameter for evaluating the efficacy of trust based scheme.In [23], a trust based routing scheme, Friendship based AODV (Fr-AODV), is presented to counter blackhole attack.Trust evaluation is based on certain features such as node reputation and node identity.Each feature is assigned attribute number that is exchanged during packet forwarding.However, the proposed solution is not completely robust against node misbehavior attacks.The authenticated compromised node may exchange false information such as feature attribute number which may lead to incorrect decision making by trust model.Moreover, Fr-AODV is vulnerable to wormhole attack where a malicious node impersonates its identity.The increased number of route maintenance calls and exchange of hello messages also increases load on trusted nodes.
In this paper, we propose a light weight and quickly deployable Trust Based Secure Routing Protocol (TBSRP) for WSN to detect and isolate misbehaving and faulty nodes.TBSRP employ distributed trust model for dynamic identification of malicious and faulty nodes and thereby isolates them at earliest.TBSRP can re-route the packets to alternate routes if active paths encounter faulty or misbehaving nodes.The node's trust level and hop count are used for selecting reliable and shortest route.The rest of this paper is organized as follows.Section 2 provides proposed TBSRP scheme.Section 3 presents the research methods.Section 4 presents the simulation results and section 4 concludes the paper.

TBSRP-Proposed Scheme
The routing in WSN is modeled as directed graph , , where represents set of sensor node in network, represents the set of links between the nodes and represents the metrics used for measuring links.A trusted path consist of set of trusted sensor nodes , , , … , ∈ and , ∈ .For each , ∈ , it is assumed that node is the sender node and node is the receiver node.It is assumed that a faulty node may drop packets randomly due to significant congestion and its behavior is modeled as shows in Eq.(1), while the malicious node always drops all the received packets.The proposed trust base routing scheme, TBSRP, extends routing mechanism of AODV protocol.The Trust Evaluator, Trust database, Route Resolve and Route Setup constitutes the four building blocks of proposed TBSRP scheme.The Trust Evaluator evaluates the trustworthiness of nodes.The trust database stores all necessary information required in trust establishment such as Node ID, packet forwarding ratio, direct and indirect trust values.The route setup is responsible for finding routes that contains all trusted nodes.If at some later time some malicious, faulty or energy deficient node becomes part of active route, route resolve process is initiated to inform source node to establish new trusted path.

Trust Evaluator
The trust evaluator evaluates the trustworthiness of neighbor nodes by overhearing their transmission in monitoring mode [24] and dynamically indentifies misbehaving nodes.The results obtained from monitoring packet forwarding behavior of nodes are stored in Trust database.Based on the packet forwarding behavior of node , node evalutes trust for node represented by , as in equation (2).
, denotes the degree of direct trust node has for node , based on the node 's observation of packet forwarding behavior for node ., represents the average degree of indirect trust node has gained using recommendations from its neighbors ( ) for node .The weight factors and are assigned to , and , respectively, such that 1, whereas 0 1 and 0 1.The direct trust, , in equation ( 2), represents fundamental entity in constituting trust model and it is evaluated by monitoring the behavior of neighbor nodes.In order to estimate the direct trust, we compute packet forwarding ratio of a node.The packet forwarding ratio is the measure of number of correctly forwarded packets to the number of packets supposed to be forwarded, as shown in equation (3).
Every time a node receives a packet from neighboring node incremented by 1.Similarly, every time the node successfully forwards the received packets to intended destination is incremented by 1.An indirect trust in evaluated from the observations gained through interactions with neighbors who notify about their own direct observation for particular node.The indirect trust , is evaluated as: , represents the degree of indirect trust evaluated by node (common neighbor of node and node ).The evaluated indirect trust is exchanged as a part of recommendation with node ., is the average of existing trust evaluated by neighbors of node (node ) for node .Trust estimation involving indirect trust degree speeds-up the convergence of trust evaluating process.Based on packet forwarding ratio, trust model at node expresses the behavior of neighbor as either: well-behave or malicious-behave.If the packet forwarding ratio of node is above specified threshold , the node is considered as well-behave (trusted) node, otherwise it is considered as malicious node.
Figure 1 shows the analysis and efficacy of trust estimation mechanism of trust model.The weight factor plays an important role in trust estimation so we assigned higher weight to direct trust ( 0.6 ) than indirect trust ( 0.4) because it corresponds to direct observations gained by a node with its own interactions which are more accurate and timely available.It is observed that trust degree for well behave nodes increase linearly with time.Similarly, trust degree values for misbehaving nodes decreases as the simulation proceeds.It is 263 due to fact that trust rating for well behaving nodes incremented each time as it cooperates in packet forwarding.On contrary, negative assessment for misbehaving nodes is increment as they drop the packets.

Figure 1. Average trust for misbehaving and trusted nodes
The design of our trust model does not make use of cryptography, thereby requiring least computations.In addition, our trust model avoids the use of resource intensive parameters for trust estimation such as security attributes, link quality and routing loop.Therefore, it offers light weight secure solution which neither imposes too many constraints nor requires any specialized set of resources.These features together with dynamic detection of misbehaving nodes makes our trust model an appropriate choice for resource constrained WSN as compared to existing schemes.

Route Setup
The Route Setup is responsible for establishing shortest and trusted route.The proposed scheme expands the route setup process of AODV in order to select reliable and efficient path that contains all reliable and trusted nodes.The distinguishing characteristics that leads to the selection of AODV protocol are: it is on-demand protocol means it enables to find routes when it is desired and reduces control packet overhead, provides fresh/latest routes information, capable of both broadcast and unicast routing, low connection setup time, more scalable and reduced storage cost.TBSRP make use of composite routing metric, where an equal and adaptive weights 0.5 and 0.5 are assigned to node's trust level and hop count respectively which selects trusted and shortest paths for routing.High delivery ratio is achieved when reliable nodes are selected for delivery packets to destination.Consider a network shown in Figure 2(a) which assumes node as the sender and node as the receiver.Node wishes to transmit data packets to node , it broadcasts RREQ packet to its neighbors to initiate route discovery process.The neighboring nodes forwards RREQ packet to their neighbor nodes and also make reverse route entry for node , same process continues till route request packet reaches to destination.Destination (node ) unicasts RREP packet to node along the reverse route.If multiple RREQ packets have been received by destination from source via different routes, it sends multiple RREP packets along reverse routes to source node.This assists node to make decision accordingly and appropriate path among available paths is selected comprising of only trusted nodes.When a RREP packet is received by an intermediate node from its downstream neighbor , which is not a destination node, node refers to the trust table to check the trust value of node .If node is trusted one, it is included in the route, send RREP message to its upstream node(node )and makes forward route entry for node .RREP packet is dropped by node if it find node as unreliable node, and same process remains continue until route reply packet reaches at source node.Source node takes the routing path a-b-c-d as it is shortest path (contains all trusted nodes) and free of malicious nodes.The Figure 3 shows the flow chart for the route discovery of proposed TBSRP scheme.
(a) (b) Figure 2. Route Discovery and Route maintenance process

Route Resolve
The responsibility of Route Resolve procedure is to send RouteError control packet to source node so that new route may be established when the condition , becomes true meaning that an active route encounters some malicious or faulty nodes whose packet forwarding ratio is less than specified threshold value.In proposed scheme, route maintenance process is carried out whenever an intermediate node finds packet forwarding misbehavior caused by malicious or faulty nodes.A Route Error (RERR) message has been generated and forwarded to source node to find alternate route.Source node, reporting node and all intermediate nodes marks that route as an invalid route and source node starts new route discovery process.Consider the example shown in figure 2(b), where node finds the condition , has become true for node , it consider the node as misbehaving node and forwards RERR message to source node(node ) for finding a new reliable route.

Research Method
In this study, NS-2 simulator [25] has been used to analyze the performance of proposed TBSRP scheme.We consider blackhole attack for simulating misbehaving nodes where compromised nodes send fake route discovery packets to attract most of traffic.The behavior of faulty nodes is also simulated as some of the nodes drop packets randomly due to network faults or significant congestion level.Our simulation model is based on a network of 50 sensor nodes deployed randomly within an area of 1000m x 800m.The numbers of malicious and faulty nodes are varied from 0 to 5. In all experiments, the packet forwarding threshold ( is set to 0.6 while the trust threshold ( is set to 0.8.All nodes are initialized with neutral trust value 0.5.We used IEEE 802.15.4 as the MAC layer protocol.Constant Bit Rate (CBR) traffic has been used for the flows with packet size equal to 1500 bytes while the simulation time is 1000 seconds.The performance TBSRP and AODV is analyzed in terms of packet delivery ratio, average end-to-end delay and normalized routing load.

Results and Discussion
Figure 4 shows the performance of TBSRP and AODV in terms of packet delivery ratio (PDR) against number of malicious and faulty nodes.It is evident from the results that both AODV and TBSRP shows increased PDR when there no malicious and faulty nodes in network.The difference becomes prominent when at maximum number of malicious and faulty nodes as shown in Figure 4(a) and (b).The PDR for AODV decreases significantly by almost 90% as most of the traffic is attracted towards malicious nodes, as shown in Figure 4(a).By applying TBSRP, delivery ratio increases significantly as proposed scheme help the nodes to find trusted routes and isolate malicious nodes at earliest.Similarly, Figure 4(b) shows that TBSRP significantly improves the PDR when few faulty nodes drop random number of packets due congestion in active routes.
Figure 3. TBSRP Route Discovery Flow chart Figure 5 show the comparative results of average end-to-end delay for AODV and TBSRP under malicious and faulty nodes.When there are no misbehaving nodes in network, delay is similar for AODV and TBSRP.As the number of faulty and malicious nodes increases in the network, it creates more route disconnections which results in increased delay performance as shown in Figure 5(a) and (b).TBSRP relies on trusted and shortest routes avoiding misbehaving and faulty nodes therefore it shows better performance in term as average delay as compared to AODV where least number of packets delivered to destination in presence of increased number of malicious and faulty nodes.
The normalized routing load is an impotant design factor that should be considered while designing a routing protocols for WSN.As WSN is resource constrained network, increased routing load may badly effects the network lifetime of WSN. Figure 6(a) and (b) demonstrate the higher network overloads for AODV than TBSRP as it requires more number of retransmissions due to presence of malicious and faulty nodes in active routes.The more number of cotrol packets for route discvoeries further contributes to increased routing load of AODV.On contrary, the route remains more stable in TBSRP due to comprising of trusted nodes, therefore require less number of retranmissions and route discoveries.To sum-up, the proposed TBSRP offers a multifacet routing strategy thereby minimizing the overall routing and network overheads for resource constrained sensor nodes.Table 1 presents the comparative analysis of proposed and existing schemes.TBSRP and TARF make use of composite routing metric which can adapt to dynamic nature of network.The proposed scheme incurs low routing and network loads as compared to existing schemes due to simple and robust design without involving too many broadcasts and exchange of control packets.Furthermore, proposed scheme can also detect faulty nodes responsible for dropping packets due to significnalt level of congestion.

Conclusion
In this paper, we proposed a lightweight and readily deployable Trust Based Secure Routing Protocol (TBSRP) for wireless sensor network to isolate malicious and faulty nodes.TBSRP can also re-route the packets to other routes if established route encounter packet forwarding misbehavior due to faulty or congested nodes.The simulation results prove the efficacy of proposed scheme.The performance of TBSRP is compared against AODV in terms of packet delivery ratio, average end-to-end delay and normalized routing load.The simulation results show that malicious nodes badly affect the overall performance of AODV and bring down the PDR and throughput to unacceptable ranges.TBSRP significantly improves the overall network performance and isolates malicious and faulty nodes at earliest.As part of future work, we plan to compare the performance of proposed scheme against other node misbehavior attacks such as wormhole and Sybil attacks

Figure 4 .
Figure 4. PDR performance with malicious and faulty nodes

Figure 5 .Figure 6 .
Figure 5. End-to-End delay performance with malicious and faulty nodes

Table 1 .
Comparative Analysis