Abstract- Security of wireless sensor network is a issue because of its dominant expansion, Sybil attack is harmful attack against sensor network where node can gain multiple identities. Sybil node behaves as it is a part of the network as authenticated node.
On the basis of analysis, we have establish the way out in which each node will have encryption and decryption capabilities and will also design a data packet which consists of authentication key. A System will also have the monitoring node. And there will be a packet acceptance and rejection phenomenon for secure data transmission.
Key words’Wireless sensor networks, Sybil attacks, Encryption-decryption, Authentication key.
I. INTRODUCTION
Wireless sensor network is a capable new technology to facilitate economically viable solutions to a range of applications, for example pollution sensing system, structural integrity monitoring, and traffic monitoring system. The Sybil attack is a particularly harmful threat to sensor networks where a single sensor node illegitimately claims multiple identities. A malicious node may generate an arbitrary number of additional node identities using only one physical device. The Sybil attack can disrupt normal functioning of the sensor network, such as the multipath routing, used to explore the multiple disjoint paths between source-destination pairs. But the Sybil attack can disrupt it when a single adversary presents multiple identities, which appear on the multiple paths. Digital certificates are a way to prove identities, but they are not suitable for the sensor network because of the large computational overheads. Researchers have proposed a light-weight identity certificate method to defeat Sybil attacks, but it is not suitable for a large scale sensor network because of the huge memory usage required at each node.
A Sybil attacker can either create more than one identity on a single physical device in order to launch a coordinated attack on the network or can switch identities in order to weaken the detection process, thereby promoting lack of accountability in the network.
Due to the broadcast nature of wireless sensor network and the requirement of a unique, distinct, and persistent identity per node for their security protocols, Sybil attacks pose a serious
threat to such networks. Sybil attackers can create an arbitrary number of nodes and transmit false information in the network. Therefore, Sybil attacks will have a serious impact on the normal operation of wireless sensor networks. Sybil attack can be exceedingly detrimental to many important functions of the sensor network such as routing, resource allocation, misbehaviour detection, etc.
Wireless sensor network suffers from an attack called Sybil attack, when a node illegally claims number of identities or claims forged IDs, The node replicates itself to make number of copies to confuse and fail the network. The system can attack inside or on the outside. External attacks can be prevented by authentication process but not the internal attacks. There should be node to node mapping between identity and entity in WSN. But these attacks violate this node to node mapping by creating multiple identities.
II. BACKGROUND
The Sybil attack: It is a harmful attack particular in wireless sensor network in which node illegitimately claims the number of identities simultaneously to transmit the message.
Types of Sybil attack: There are two types of Sybil attacks. In the first type of attack, an attacker creates new identity while leaving its previously created identity; hence only one identity of the attacker is awake at a time in the network. This is also called a join-and-leave or whitewashing attack and the inspiration is to clean-out any bad history of malicious actions. This attack potentially promotes lack of liability in the network. In the second type of Sybil attack, an attacker at the same time uses all its identities for an attack, called simultaneous Sybil attack. The inspirations of this attack is to cause disturbance in the network or try to achieve more resources, information, access, etc. than that of a single node deserves in a network. The difference between the two is only the concept of simultaneity; however, their applications and consequences are different.
Distributed Storage: Because of the replication of data on several nodes, Sybil attack affects the architecture of a system. Data will be replicated on all the nodes created by Sybil attack.
Routing: Because of Sybil identities one node will be present in the different paths and different locations at the same time and hence routing mechanism in which the nodes are supposed to be disjoint is affected.
Data Aggregation: In sensor networks, for complete information data is aggregated into one node. When a Sybil node contributes their data many times pretence as different users, the aggregated data changes completely thus giving forged information.
Voting: In WSN, most of the decisions are made by voting. By having many identities Sybil node can vote many times by using single node, thus destructing the process.
Misbehaviour detection: The accuracy to detect a malicious node is reduced. Since Sybil node increases the reputation, recognition, conviction value by using its virtual identities.
Fair resource allocation: In wireless sensor network, each node have the resources allocated to it, because of multiple identities of Sybil nodes it affects the allocation of resources. For example, when many nodes allocate a single data lines, each node will be assigned a fraction of time per interval during which they can transmit. Since the Sybil node has many identities, it can obtain an unfair share of the resources thus reducing the actual share of resources to the legal node.
III. RELATED WORK
The analysis has some following observation of existing technology for detecting or for preventing the Sybil attack in the network.
‘ Trusted certificate: Trusted certificate is a third party system which is considered as one of the preventive solution for Sybil attack. In this type of system, a centralized authority is organized to authenticate the network from the Sybil nodes. Each entity in the network has the single strong certificate identity to securely transmit the data in the network. But it has some flaws such as it require initial setup which is a costly one and it has a single or centralized point from where the system security can break. Since it is centralized system it has lack of scalability.
‘ Resource Testing: In this method, the resources of node are tested by giving the different task to the each node in the network and also determine whether each independent node has sufficient amount of resources to complete these task. If the node does not have sufficient amount of resources to complete the task that node will be the Sybil node because Sybil attack does not have sufficient resources to complete the extra test imposed on each Sybil node. These are the tests which are carried out for checking the computational power, storage capacity and bandwidth of a node. The limitation of this method is that attacker can get enough hardware resources such as network card, memory and storage to complete these tasks.
‘ Position Verification: In this method the assumption is made that the node in the network are not movable. This is the one of the promising method to detect the Sybil attack in the network. This method consists of verification of physical position of each node in the network. So the Sybil entity can be detected easily using this method because Sybil node can be found exactly in same position as malicious node that generates them. And the limit is placed for the density of the network; in position verification can used to tightly bind the number of Sybil node the malicious node can create.
‘ Trusted device: This method consists of one to one mapping between hardware device and network entity, Such as one hardware devise say network card is bound to a single network entity. However, there is no way of preventing an entity from gaining number of hardware devices, for example in a situation in which an attacker installs two network cards.
‘ Based on RSSI: In this method the Sybil node can be detected in the network by using the received signal strength of the node. Whenever a new legitimate node enters in a network, it becomes the neighbor as soon as it enters inside radio range of other nodes; hence their first RSS at the receiver node will be low enough.
In contrast a Sybil attacker, which is already a neighbour, will cause its new identity to appear abruptly in the neighbourhood. When the Sybil attacker creates new identity, the signal strength of that identity will be high enough to be distinguished from the newly joined neighbour.
IV. PROPOSED FRAMEWORK
After taking efforts for analysis on Sybil attack detection in WSN’s, results have some solution which has following system design aspects:
Designing of a network of sensor nodes in which one node will act as a monitoring node. Each node will have their identity and authentication key which is enclosed in the data packet for secure transmission of data. We will also using the concept of cryptography for encoding the data and writing a program to provide a unique identity of the node assigned at the time of manufacturing. Here we are adding new concept packet acceptance and packet rejection process on the basis of node’s identity described below.
System architecture consists of number of nodes and one monitoring node amongst them. Monitoring node is responsible for the authentication of all the nodes in the network. All the nodes in the network will register them self with unique identity provided at manufacturing time to the monitor node. Here design a special data packet for the network in which it consist of Fix ID i.e. unique id which is use for authentication. If the sender is unauthentic, receiving node will reject the data packet or else accept the data packet and if the receiver is forged, it will receive the data but cannot decrypt the message using its key.
System Architecture:-
Scenario I: Fake sender detection
Here node will generate the signal and if the sender is authentic then receiver will accept the data and display it on LCD screen if sender is not authentic then receiver will reject the data but acknowledge the receiver about the fake identity attack.
Scenario II: Fake receiver blocking
Here it is generate the data through sender and it can be receive by the entire nodes but only authentic node with data decryption capability can read the data.
Figure consist of packet structure which have several fields namely Device name is the logical name of the device, Fix ID which is provided at manufacturing time, Channel ID is the identity of channel on which communication is carried out, Data (message), Setting(if required).Packet is specially designed for providing the authentication to the system by using Fix ID.
As this system provides efficient technique for detecting and preventing the Sybil attack in wireless sensor network and eliminate the drawback of existing system this is best suited solution for achieving Sybil attack detection.
IV. CONCLUSION
In this paper, we analyze the different method for detection of identity based attack, Sybil attack. Every method has some drawbacks such as resource constraints, cost, reliability, network constraint, etc.
On the basis of analysis we have proposed a solution which analyzes the result in different scenario such as Fake sender and Fake receiver blocking. Nodes discard data from the fake sender or in case of fake receiver; it cannot decrypt the data using its unique id. Unlike other traditional identity based authentication method, our scheme does not increase the overhead on sensor nodes.