Multi-stage secure clusterhead selection using discrete rule-set against unknown attacks in wireless sensor network

Received Jul 5, 2018 Revised Feb 3, 2020 Accepted Feb 26, 2020 Security is the rising concern of the wireless network as there are various forms of reonfigurable network that is arised from it. Wireless sensor network (WSN) is one such example that is found to be an integral part of cyber-physical system in upcoming times. After reviewing the existing system, it can be seen that there are less dominant and robust solutions towards mitigating the threats of upcoming applications of WSN. Therefore, this paper introduces a simple and cost-effective modelling of a security system that offers security by ensuring secure selection of clusterhead during the data aggregation process in WSN. The proposed system also makes construct a rule-set in order to learn the nature of the communication iin order to have a discrete knowledge about the intensity of adversaries. With an aid of simulation-based approach over MEMSIC nodes, the proposed system was proven to offer reduced energy consumption with good data delivery performance in contrast to existing approach.


INTRODUCTION
The usage of wireless network has almost substituted majority of the legacy wired product in past decade. Although, there are significant advance of the wireless networks, there are potential challenges too [1]. There is various research works towards investigating the solutions for identifying the challenges in different forms of wireless network e.g. wireless local area network (WLAN) [2,3], wireless sensor network (WSN) [4,5], mobile adhoc network (MANET) [6,7], etc. Out of all forms of wireless network, WSN has got a significant future as it is an integral part of Internet-of-Things (IoT) as well as any cyber-physical system [6]. There are wide ranges of application supported by WSN that has significantly found its way to the commercial products. However, security factor is becoming a rising concern because of various reasons. The first reason of security concern about WSN is that it cannot execute typical cryptographic programs as it doesn't have adequate resources to execute complex cryptographic programs [8]. A complex cryptographic algorithm e.g. RSA (Rivest Shamir Algorithm) is a strongest encryption technique; however, size of the key for RSA is too large to be consistently used in a resource constraint sensors. The second reason of security concern is that majority of the existing security approaches are only meant for addressing specific form of attacks. This increases the development cost and reduces its applicability as malicious program can change at any point of time. Hence, the applicability of the security solution diminishes in this regard. The third reason of security concern is that it is not feasible for identifying the attacks generated from cross-platform networks. This usually happens when two different networking technologies are connected together e.g. IoT is formed by the integration of sensors and cloud. Where it is one of the most challenging tasks to identify  Availability of less benchmarked solution towards potential resistance against lethal attack is found less in existing literatures. Therefore, the problem statement of the proposed study can be stated as "Developing a potential security solution to resist unknown forms of attack in wireless network using cost effective resistive solution with far reaching effect". The next section outlines the solution towards resisting these problems.
The implementation of the proposed technique is carried out using an analytical research methodology and the proposed system acts as an extension of our prior work [34]. The core aim of the proposed technique is to offer a significant protection against an unknown form of adversary in WSN using simple and yet robust form of security mechanism. The schematic diagram to represent the implementation of proposed system is highlighted in Figure 1.

Construction of Rule-Set
Primary rule-set ϕ P Secondary Rule-Set ϕ s

Assessing Intensity of Adversary
Applying Rule-Set to Resist Adversary

Logic of Identification and Resistance
Sensors distance adversary Energy Figure 1. Proposed schematic diagram Figure 1 highlights the implementation flow of the proposed system where it can be seen that the proposed system considers initially a typical preparation of the simulation area by considering the sensors, distance, adversaries, and energy factor. The proposed system also considers that adversary module is quite potential; however, it will never launch any attack when it joins a new network. Hence, there is no apriori information about the adversary. The proposed system also constructs a rule-set that is further classified in two forms i.e. primary Ruleset and secondary rule-set. These rule sets are meant to perform a specific task of selection of secure clusterhead. The primary rule-set is meant for ensuring selection of most eligible clusterhead followed by secondary Ruleset that is meant to perform security analysis of the primarily selected clusterhead. The outcome of the secondary rule-set is a finally selected secured clusterhead. This operation is followed by constructing the design in order to investigate the intensity of the attacker followed by applying this rule set in order to ensure proper selection. Finally, the adversary node is identified and is updated to all the neighboring as well as finally to complete network so that all the communication process generated to and from such adversary could be terminated. The core objective of the proposed methodology is to ensure that a lightweight security policy is implemented in order to ensure that a better supportability of public key encryption is available.

ALGORITHM IMPLEMENTATION
The prime purpose of the proposed algorithm is to offer a secure data aggregation by addressing the secure selection of cluster-head. The hypothesis of the proposed algorithm construction is carried out on the fact that a clusterhead bears significant and valuable information as compared to other member nodes. Therefore, it is more likely that clusterheads will be more targeted to be compromised as compared to member nodes. Hence, the complete algorithm constructions are carried out to protect all sorts of communication originating to and from the clusterhead in WSN. The algorithm takes the input of S area (Simulation area), E i (initial energy), n (sensors), p x, y (position of sensors), p CH (probability of cluster-heads), and n ad (number of adversary) that after processing yields an outcome of nCH (secure CH). The steps included in the proposed algorithm are as follows: For j=1:n 7.

End End
The flows of the proposed algorithmic steps are illustrated as below:

Preparation of the simulation area
The algorithm initializes all the input parameters (Line-1) and performs deployment of all the sensor nodes in random order i.e. rand (n x, y ), whereas it can also change the position of the base-station b x, y at any part of the simulation area (Line-2). The algorithm also selects certain number of adversary nodes; however, in order to assess the system, the algorithm is designed with no pre-defined information about the location of the adversary.

Construction of rule-set
The proposed system constructs two sequential rule set that is utilized for filtering the selection process of the secure clusterhead. The first rule-set ϕ P is about primary selection while second rule-set ϕ S is about secondary selection criterion of the clusterhead (Line-3). Construction of both the rule-set are carried out using trapezoidal membership function.

Primary rule-set ϕP
The algorithm takes the energy and the number of the neighbor as an input parameter to the rule-set processor that offers the output of primary selected clusterhead. The construction of the rule-set for inputs are carried out considering lower, higher, and medium value of if, whereas inferencing of the output is carriedout by multiple combination of it as highlighted in Figure 2. The logic of this rule-set is that if a sensor node bears lower residual energy and lower neighbor nodes, those nodes don't suit to be become strong clusterhead and hence never come under the radar of adversary. Apart from security viewpoint, such weaker form of nodes will not serve the purpose of being a clusterhead owing to their incapability to offer robust data aggregation. On the other hand, if the residual energy of a node is quite high and it has good connectivity with other adjacent nodes, than those nodes are considered as the potential clusterhead. It is also imperative that such clusterhead will likely to attract the attention of the adversary as if such nodes are compromised than dispersion of the malicious attack will be more. Hence, the primary rule-set end up selecting the most suitable cluster head that can assists in data aggregation process for longer duration with good residual energy.

Secondary rule-set ϕs
This rule-set is meant for further filtering the selection process of the secure clusterhead as an extension of the primary rule-set. Figure 3 highlights that in this stage, the processor takes three different inputs i.e. vulnerability, vicinity, and distance. All these parameters are more-or-less linked with distance metric itself. Vulnerability is basically condition when a sensor node is in a distance within the sensing range of an adversary while vicity is same distance with closest distance with the adversary node. On the other hand, distance is basically a Euclidean distance between two communicating clusterhead (in case of multihop communication only). According to this final rule-set, the safest clusterhead will be that node which has lower value of vulnerability, vicinity, as well as distance. It simply infers that only node that are located at the farthest end from the adversary are the secure node and is more like to be selected as clusterhead.  Figure 3. Construction of secondary rule-set

Assessing intensity of adversary
The proposed study constructs the adversary scenario with a combination of i) active attack and ii) dynamic state of node. Althouugh, the algorithm is equally capable for testifying different possible attack scenario and different discrete states of node; this scenario is selected for analysis as this is the most challenging scenario with respect to intensity of attack and its aftermath consequences. The algorithm considers all the nodes present in the simulation area (Line-3) and implements a simple formula of θ (Line-4) in order to render arbitrary orientation of the sensor nodes. This part of the algorithm implementation is all about checking the distance to investigate the presence of adversary. For this purpose, the algorithm computes the vulnerable distance V d (Line-5). It further performs more filteration of the distance on the basis of vulnerability assessment using simple distance-based logic. For all the sensor nodes (Line-6), the proposed algorithm applies multiple explicit functions in order to perform this assessment. The algorithm first implements a function f 1 (x) that takes the input arguments of number of nodes (n), position of nodes (p x, y ), and range of neighbor nodes (R nn ). Only the sensors whose distance value is less than or equal to range of neighboring node is considered as the neighboring nodes (Line-7). The next part of the algorithm performs computation of the vulnerability metric vul considering sensors (n) and position of node (p x, y ) (Line-8). It does so by constructing a function f 2 (x) that carry out estimating the Euclidean distance between the normal node and the adversary node followed by summation of all the estimated distance. The next part of the algorithm implementation performs computation of vicinityfactor (Line-9). The algorithm uses a function f 3 (x) that computes the distance between the regular and malicious node and checks if they are located by closely to each other.

Applying rule-set to resist adversary
The algorithm then assesses the primary optimization by applying the primary rule-set ϕ P on initialied energy and number of neighbor nodes. According to this primary optimization, a regular node should spontaneously dissipate energy. However, a malicious node will always try to save maximum energy until and unless it has not initiated its attack. It will mean that if a malicious node has not launched an attack, it is not feasible to differentiate attacker node and normal node. Hence, the presence of abnormally higher Int J Elec & Comp Eng ISSN: 2088-8708  amount of energy will be one of the indications of presence of malicious node in primary optimization process. Establishment of communication with such nodes is instantly aborted after this. However, the algorithm extends the primary optimization to the secondary optimization in order to further ascertain about the efficiency of the resistance. In the secondary optimization, the algorithm considers applying secondary rule-set ϕ s to finally ensure that no such vulnerable node is selected in this process. The function takes the input arguments to ensure that only the secured clusterhead is selected in this process (Line-10). Finally, the algorithm selects the highly utilized secondary optimized value that ends up selecting the most eligible clusterhead n CH (Line-11).

Logic of identification and resistance
The proposed system applies a unique logic of identifying and conforming the presence of malicious node and implements a mechanism to resist any form of intrusion. The identification process of the adversary is carried out in dual steps. In the first step of identification, the sensor performs exchange of information in the form of beacons with each other that also bears a specific field for residual energy. The proposed system assumes that all the clusterheads are higher degree of communication synchronocity with each other by periodic exchange of beacons among the clusterheads during inter-cluster communication. According to this scheme, a cluster head bears all the authenticated information related to its associated member nodes and this will call for eventually monitoring all the resource-related information too. Even if a conventional TDMA scheme is assumed to be implemented than the time for data fusion as well as aggregation is almost fixed. This entails that regular nodes spontaneously deplete energy in the progressive step of data aggregation and hence in this process, if there is a presence of any node that bears abnormally more residual energy than it is less likely that such node will be regular node. However, presence of such node with higher residual energy cannot be used to conclude that the node is a malicious one and therefore, it proceeds for next round of check. For the purpose of confirming the presence of malicious nodes at the end of preliminary checking stage, the algorithm considers multiple distance-based parameters e.g. vulnerability and vicinity parameters in order to carry out more indepth investigation about the behaviour of the sensors. The underlying principle of this resistance theory is that a malicious node will not lauch any form of attack when it joins a new network. At the same time, it will neither reside in a same network for a longer period of time. The gain of the malicious node is only at the instance when they are successful in their attempt. For this purpose, the adversary will be required to increase its attacking event as far as feasible. The next step is to check for the presence of intermittent communication links, which directly depicts that this link leads to malicious nodes at some point.
Therefore, as per the logic of the proposed algorithm, the presence of more number of consistent remnant energy is a direct representation of the fact that there is a malicious node at the end. However, there is also a possibility that it oculd be regular node. In such case, the prior history from the routing table will be checked. If upon checking it is found that that node has transmitted many data in past and still it retains more energy than it is a positive indication of malicious node or else it could be regular node. At the same time, if the number of distances that are always increasing in its size than it directly depicst that there is a spontaneous spread of attack which is feasible by capturing the public keys. Therefore, it is imperative that normal sensors will always have less number of increasing spatial distances (as it will drain more energy) as well as increasing distance among different sensors. On the other hand, it is less likely that adversary will stop after compromising few nodes as fair chances are there to increase the number of attacks. Once the malicious node is confirmed for its presence than all the communication to and from the adversary will be eliminated and subsequent a flag message about the node and its respective neighbors are updated to all the nodes as an update. Hence, the proposed algorithm offers significantly cost-effective solution to offer significant resistance to any lethal forms of attack in WSN. The next section discusses about the outcomes obtained after implementingthis algorithm.

RESULT ANALYSIS
This section discusses about the outcomes obtained after implementing the algorithm discussed in prior section. The complete emphasis of the analysis is given to the mainly two performance scale i.e. throughput and energy. Scripted in MATLAB, the analysis of the proposed algorithm is carried out considering 500-1000 sensors considering large scale network of area 1000x1200 m 2 . The sensors are programitically designed bearing the standard charecteristic of MEMSIC nodes along with 2500 bits of packet and 0.5 Joules of energy. The study outcome of the proposed system is compared with the standard security protocol of SecLEACH [35] because this protocol is known for both its security benefits and energy conservation in WSN.  Figure 4 highlights that proposed system offers good network lifetime as there are good number of sustaining nodes over increasing number of simulation rounds as compared to conventional SecLEACH algorithm. The prime reason behind this is SecLEACH uses a typical encryption mechanism that uses recursive function in order to generate the secret key for authentication. This phenomenon will require a node to always have specific amount of resources to carry out this task. Moreover, the placement of the base station is another bigger challenge in existing system that result in massive traffic converging using single hop mainly. Hence, SecLEACH cannot offer energy conservation as the test environment chosen is a combination of active attacks with dynamic sensor nodes that cannot be supported energy efficiently by SecLEACH. Figure 6 discusses the comparative analysis of the throughput for both proposed and SecLEACH algorithm. The outcome shows that SecLEACH couldn't offer sufficient throughput more than 40% completion of simulation rounds, whereas proposed system offers spontaneously increased amount of throughput till the 90% of the simulation rounds proving that proposed system offers significant throughput performance along with optimal security. Figure 7 highlights that proposed system offers significantly less energy fluctuation as compared to SecLEACH. Increased fluctuation in energy is always linked with lack of synchronocity among the nodes that results in failure of an effective data transmission as well as nonsupportability of any form of energy-efficient algorithms. Increased energy variance of SecLEACH is caused due to lack of synchronous as well as lack of supportability of multi-hop communication scheme. This results in more degradation of energy but in a highly intermittent way. On the other hand, the proposed system offers increasing events of dissemination of the updates that results in exchange of nearly updated data everytime thereby assisting the other sensors know about the event of successful data transmission or presence of malicious node. Hence, the proposed system is found to offer more resistivity againt maximum form of threats with lesser degradation to the energy consumption among the sensor nodes.

CONCLUSION
This paper has discussed that identifying a malicious node is not at all an easy task that can also justify the reason behind not 100% fail -proofness about the existing security approaches in WSN. The logic of the proposed method claims that there is always a common and a typical behaviour of any adversary node, which saves the time to investigate multiple attacks. In this regard, the energy acts as an essential resource for all the sensors whether it is regular node or malicious node. The proposed system considers dual level of filtering the patterns where in the first level an efficient clusaterhead is selected while in the second level security charecteristics is emphasized more. A common track of retention of abnormal residual energy is considered as one of the critieria of malicious node whereas there are also dual checks to confirm this fact. The simulation outcome shows that it ispractically feasible to offer good level of security to majority of attacks as it offers good network lifetime and data delivery performance in comparison to existing secure and energy-efficient approaches.