Environment-based Selection Method for En- route ... - Semantic Scholar
292
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
Environment-based Selection Method for Enroute Filtering Scheme using Fuzzy Logic Sang Jin Lee Sungkyunkwan University, Suwon 440-746, Republic of Korea [email protected]
Hae Young Lee ETRI, Daejeon 305-700, Republic of Korea [email protected]
Tae Ho Cho Sungkyunkwan University, Suwon 440-746, Republic of Korea [email protected]
Abstract— Nodes in sensor networks can be easily compromised by an adversary due to hostile environments in which compromised nodes could be used to inject false reports into the network. The dynamic en-route scheme can detect and drop such false reports during the forwarding phase. In this scheme, choosing a threshold value is important as this gives a trade off between security of power and energy consumption. Thus, a threshold value should be chosen such that it provides sufficient resilience, yet is small enough to conserve energy. This paper presents a fuzzybased threshold determination method for the dynamic enroute scheme to filter false reports in wireless sensor networks. The base station periodically determines the threshold value using a fuzzy rule-based system. The resilience and energy efficiency of the proposed method, against false data injection attacks, are demonstrated using simulation studies. Index Terms— wireless sensor networks, false data filtering, false data injection attacks, fuzzy system, threshold value
I. INTRODUCTION Recent advances in wireless communications and electronics have enabled the development of low-cost, low-power, multifunctional sensor nodes that are small in size and can communicate unfettered over short distances [1]. Wireless sensor networks (WSN) consist of small nodes with sensing, computation, and wireless communications capabilities. WSNs can be applied to numerous applications, such as target field imaging, intrusion detection, weather monitoring, security and tactical surveillance, distributed computing, and detecting ambient conditions [2]. WSNs have limited capabilities in terms of available energy, memory capacity, and processing speed, and they can be exposed to a hostile environment [3]. Thus, sensor nodes may be captured or compromised by adversaries, and secret information, such as the symmetric key, may be revealed to the adversaries who can also easily inject false data reports of non-existent events or fake readings into the network.
© 2010 ACADEMY PUBLISHER doi:10.4304/jnw.5.3.292-299
Fig. 1 False data injection attacks.
These are referred to as false data injection attacks (see Fig. 1) [4, 5]. Such attacks may cause false alarms, and exhaust the limited energy of the nodes in forwarding these reports, thus, reducing the lifetime of the sensor networks [4]. To minimize such damage, the fabricated report should be dropped en-route as early as possible and any elusive ones should be rejected at the base stations [6]. Various security solutions [4-8] and adaptive methods [11-14] have been proposed to detect and drop the false reports. The dynamic en-route filtering scheme (DEF) proposed in this paper is one of these solutions. In the DEF, as proposed by Yu and Guan [4], the choice of a threshold value is important since it gives a trade off between security and overhead. A large threshold value allows false reports to be more easily detected, but this consumes more energy in forwarding. In contrast, a small threshold value may consume less energy, but results in inefficient filtering, or may even be useless if a large number of nodes have been compromised. The threshold value should therefore be chosen such that it provides sufficient resilience, whilst still conserving energy [7]. This paper proposes an adaptive threshold determination method using fuzzy
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
logic to choose an appropriate value. A fuzzy rule-based system is exploited to determine the threshold value that implies the required number of message authentication codes (MACs) per report. I.
BACKGROUND AND MOTIVATION
This section briefly describes the DEF, and the motivation for this work. Dynamic En-route Filtering scheme Yu and Guan proposed the DEF scheme [4] to detect and drop false reports. Compared to existing filtering schemes, the DEF is more effective in dealing with the dynamic topology of sensor networks. It outperforms in terms of energy efficiency, especially for large sensor networks (i.e., a network consists of a large number of clusters). In the DEF, a legitimate report can be verified by MACs, which are generated by the sensing nodes. The DEF consists of three phases: 1) a pre-deployment phase, 2) post-deployment phase, and 3) a filtering phase. In the pre-deployment phase, each node is preloaded with a seed authentication key, and secret keys (l + 1) randomly picked from a global key pool. (a)
Cluster k1
k2
293
stores the authentication keys if it has the corresponding keys. In the filtering phase, the DEF can detect a false report and drop it (see Fig. 2(c)). After disseminating the authentication keys, a cluster head aggregates reports attached to MACs that have been generated by its cluster nodes, and sends them to a neighbor node toward the BS. Each report should contain t distinct MACs of those cluster nodes, where t is a security threshold value. Motivation In the DEF method, determining the threshold value is important since it trades off between security of the power and energy consumption. The static number of MACs in the DEF is not appropriate in real-world wireless sensor networks. A large threshold value allows false reports to be more easily detected, but wastes energy in forwarding. Conversely, a small threshold value may conserve energy, but will result in inefficient filtering if a large number of nodes have been compromised. Thus, the appropriate threshold value should be chosen to provide sufficient resilience, whilst still conserving energy [7]. An adaptive threshold determination method using fuzzy logic is proposed for determining the appropriate threshold value. Threshold Determination Method Based on Fuzzy Logic (FDEF)
k3
Cluster
CH k7
k4 k5
k6
CN k5
(b)
k7 v1
CH
Fuzzy Logic
KDL k3 v3
v2 k4
k6 k1
DBS SP
(a)
BS
k5
Threshold value(SP)
(c) k3 CH k7
k7 v1
v2
k3 v3
(b)
: CH (cluster head) Fig. 3 Overview of the FDEF scheme. Fig. 2 Overview of the DEF.
In the post-deployment phase, every node in the cluster forwards encrypted authentication keys using its secret keys to its cluster head (see Fig. 2(a)), then each cluster head disseminates the encrypted authentication keys of all nodes in that cluster to the neighbor node. These keys can only be forwarded at most key dissemination limiting hops [8] (see Fig. 2(b)). Each receiving node decrypts and © 2010 ACADEMY PUBLISHER
In FDEF [15], the BS periodically determines the threshold value (SP) using a fuzzy rule-based system (see Fig. 3(a)). The number of cluster nodes (CN), the value of the key dissemination limit (KDL), and the estimated distance from the BS to each cluster (DBS) are used to determine the SP. If the determined SP differs from the current value, the BS broadcasts the determined value to all the corresponding nodes in the network (see Fig. 3(b)).
294
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
However, the threshold value is selected only according to the quality of area in the network. Thus, FDEF cannot consider the status of the network. II. ADAPTIVE THRESHOLD DETERMINATION This section describes the new proposed method in detail. Assumptions It is assumed that a sensor network is composed of a large number of small sensor nodes where the nodes within the cluster can elect one cluster head from amongst themselves. To balance energy consumption, all nodes of the same cluster may take turns playing the role of the cluster head. As nodes are not equipped with tamper-resistant hardware they can be compromised easily by adversaries, and can be used to inject false reports. However, the base station (BS) cannot be easily compromised. It is also assumed that the BS can know the estimated distance to each cluster, the rate of reports rejected by the BS, and the energy consumption. It is further assumed that the BS has a mechanism to authenticate all broadcast messages (e.g., based on µTESLA [9]), and that every node can verify the broadcast messages. Overview The proposed method, an adaptive DEF (ADEF), is based on the DEF scheme.
Fig. 4 Overview of the new proposed method.
The BS, by using a fuzzy rule-based system, periodically determines the security threshold (SP) that can be achieved with sufficient detection ability, whilst minimizing the energy consumption (Fig. 4(b)). The value of the key dissemination limit (KDL), the estimated distance from the BS to each cluster (DBS), the rate of false reports rejected by the BS (RRB), and the rate of the MAC attached to reports (MAR) are used to determine the SP (Fig. 4(a)). The SP changes from the number of MACs attached to the reports to the rate of MACs through a simple formula (1) (Fig. 4(c)).
© 2010 ACADEMY PUBLISHER
The result from the formula (1) is used to anticipate the current security threshold. The result is also used for one of the input parameters (Fig. 4(d)). That is, the previous security threshold can be anticipated through the MAR. After the filtering phase, the BS can calculate the rate of false reports rejected by the BS, and then this is used for the input value in the fuzzy rule-based system (Fig. 4(e)).
Input Parameters The MAR is similar to the number of MACs, and can calculate the MAC rate in each cluster. The MAR can be estimated by using formula (1).
(1)
where NNC is the number of nodes in the cluster and SP is the security threshold. A large MAR has a higher detection probability of false reports than a small MAR. A small RRB indicates that a large number of false reports have been dropped before arriving at the base station (BS). That is, the filtering scheme provides sufficient detection ability, even though the network is under attack by an adversary. A large KDL diffuses a large number of authentication keys through the network. This results in many nodes having the authentication key, and raises the probability of filtering out false reports. Thus, even a small SP can provide sufficient detection power. Conversely, a large SP should be chosen if the authentication keys are disseminated to only a few nodes (i.e., KDL is very small). Thus, the KDL value must also be considered when determining the SP. It is clear that sensor nodes near the BS consume less energy than other nodes in forwarding reports to the BS. In the case of undetected false reports with a small SP, the elusive reports generated near the BS have smaller travel hops than those generated by a compromised node in a cluster further away from the BS. Thus, the SP needs to be adjusted according to the DBS in order to conserve energy and reduce the overhead in the diffusion of the messages. Output Parameters (threshold value) The purpose of our proposed method is selecting adaptive threshold value. The threshold value means the length of MACs attached to the report. It is very important due to trading off between energy consumption and detection power. As we previously mentioned, the more increase a threshold value, the more likely it is that detection probability will be increased. However, it consumes more energy, if the sensor network is not attacked from attackers. That means larger threshold value cannot help to decreasing energy anymore, because the verification processing is implemented for both false reports and legitimate reports in order to verify the event reports whether they are legitimate or illegitimate.
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
295
Therefore, we need to determine adaptive threshold value which provides flexibility between energy consumption and strength of detection power. Evaluation Parameters After determining the threshold value which is the size of the MACs attached to the reports (SP) through the proposed method, an evaluation needs to be carried out as to whether the filtering scheme is well protected from attackers or not. The MAR and RRB are used to evaluate the filtering scheme but to measure the filtering detection power, using the MAR is essential. The current estimated SP can be known through the MAR (Fig. 5(a)) and the RRB is the rate of false reports reaching the BS. That is, false reports unfiltered by the filtering scheme. In other words, if RRB is large, the filtering scheme provides inefficient security of the power throughout the network; otherwise, the filtering scheme is well protected from attackers. It can be determined whether the selected value is adaptive or not by evaluating two factors (MAR, RRB) (Fig 5(c)). If the result from the evaluation is not good, the proposed method increases the threshold. Otherwise, the proposed method prefers to hold the current value if the evaluation result is acceptable. Tc means previously selected SP, and Tn is the selected SP in the next period. Ev is the parameter to control the threshold value according to status of the network (Fig. 5 (a) ,(b)).
Fig. 4(a), (b), (c), and (d) illustrate the membership functions of the fuzzy logic input parameters used. The labels of the fuzzy variables are represented as follows: ●
RRB = {F (Fine), N (Normal), B (Bad)}
●
KDL = {N (Narrow), M (Medium), W (Wide)}
●
DBS = {N (Near), M (Medium), F (Far)}
●
MAR = {VS (Very Small), S (Small), M (Medium), L (Large), VL(Very Large)}
The output parameter of the fuzzy logic is SP = {VS (Very Small), S (Small), M (Medium), L (Large), VL (Very Large)}, represented by the membership functions as shown in Fig. 6(e). F
1.0
0
B
0.25
0.5
1.0
1.0
N
0
1.0
N
M
F 1.0
0
5
10
VS
S
0
0.2
(C) DBS VS
S
0
2
M
W
5
10
(b) KDL
(a) RRB
1.0
(b)
0.1
N
M
L
0.4
0.6
VL
0.8
(d) MAR
M
L
4
6
VL
(c)
Evaluate MAR
RRB
(a)
Estimating capacity of filtering scheme 8
10
(e) SP
measuring security power
Fig. 6 Fuzzy membership functions.
Tn = Tc + (Ev) Ev = {hold, increase, decrease}
(d)
Table 1 shows portion of the entire fuzzy if-then rules. The fuzzy if-then rules determine the SP based on RRB and MAR. The fuzzy if-then rules have been designed according to following rules
setting up the number of threshold vaule Table 1: Fuzzy if-then rules. Event Nid1 ... n Kid(Nid1 ... n ) MAC(Event, kNidkid(Nid)) …. MAC(Event, kNidnkid(Nidn))
event report Fig. 5 Selecting the threshold value.
Determining based on fuzzy logic In our proposed method, the BS periodically determines the SP for selecting the adaptive SP. We could find the optimal division of each membership functions via simulation result.
© 2010 ACADEMY PUBLISHER
Rule # 48 53 55 58 78 83 88
IF RRB F N B B F N B
KDL W W W W N N N
DBS F F F F F F F
MAR S S VL S S S S
THEN SP S M VS L S L VL
Fig. 7 shows how to determine the rules in our proposed method.
1.0
296
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
Normally, our proposed method determines the SP according to RRB and MAR. We can estimate the filtering ability of the DEF through RRB which is the rate of false reports rejected by the BS and know the previous the security strength of the DEF through MAR. After determining the SP, SP maybe be increased or be hold according to KDL and DBS. We can estimate detection probability of the DEF through the KDL. KDL means the value of the authentication key dissemination limit. As KDL rises, the detection probability of the DEF increases as well. DBS means the estimated distance from the BS to each cluster. The larger DBS becomes, the larger travel hops becomes. It means large DBS consumes more energy than small DBS. We explain the efficiency of the each factors in detail through the following the sentence. Design of if-then rules: z
Case 1 (see Fig. 7(1)):
Generally, if RRB is F, the fuzzy system prefers to hold the SP (Rule 48, 78). That is, the network is well protected by the filtering scheme. If RRB is N or B it means the filtering scheme is not providing sufficient
security of the power, or is not able to filter the false reports. Thus, the fuzzy system increases the SP. The increased rate is determined based on RRB when the fuzzy system increases the SP. The MAR is the previous result of the calculation that is the amount of MAC in each report (Fig. 3(d)). When RRB is N, the fuzzy system increases one step more than the current MAR (Rule 53). If RRB is B, the fuzzy system increases two steps (Rule 58). z Case 2 (see Fig. 7(2)) Consider that when KDL is N it has less filtering probability than KDL for W. Therefore, when KDL is N, the fuzzy system adds one step to the existing rule (Rule 83). That is, if RRB is N and KDL is N, then the fuzzy system increases two steps. z Case 3 (see Fig. 7(3)) The reports generated near the BS have smaller travel hops than those generated by sensor nodes further away from the BS. In other words, the report generated near the BS consumes less energy than other nodes in forwarding reports to the BS. Therefore, the fuzzy rule of the proposed method selects a small SP when the DBS is less than M. Otherwise, the SP will be increased in steps of one unit.
(1)
Fine
(2)
Hold SP
Yes
Increase one step
KDL is N? RRB
Normal
Increase one step No Increase two step
Bad
MAR is VL ?
No
Yes SP = VS
Sink
Increase Yes one step
DBS ≥M?
No (3) Fig. 7 Design of Fuzzy if-then rules.
© 2010 ACADEMY PUBLISHER
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
297
SIMULATION
In this section, the efficiency of the proposed method (ADEF) is demonstrated through simulation studies. Simulation Environment The original DEF and FDEF schemes [10] have been compared with the ADEF method. In the original DEF scheme, the key dissemination limitation is fixed during the post-deployment phase. In the simulations, a virtual sensor network has been used, which has 500 clusters randomly distributed and each cluster consists of 10 nodes.
Bas e station
Cluster head
Traveled hops of the false reports
12000
III.
10000 8000 ADEF
6000
FDEF MAC(7)
4000
MAC(3) 2000 0 100 200 300 400 500 600 700 800 900 1000 The number of false reports
Fig. 9 Number of travel hops.
Ro uting path
Fig. 10 shows the rate of filtered reports caused by successfully picking out the false reports. Existing methods, such as FDEF and the original DEF, have a static SP. Thus, they do not determine the SP dynamically based on the status of the network. As shown in Fig. 10, ADEF reaches an increasingly high probability, because ADEF determines the SP by increasing the SP after comparing RRB to the MAR (Rules 53, 58, 83, and 88 in Table 1). Thus, ADEF can provide sufficient security of the power to the network based on the network’s status.
Fig. 8 Virtual sensor network.
Each node consumes 16.25, 12.5 µJ to transmit/receive a byte and each MAC consumes 15 µJ for the verification. The size of the original report is 24 byte, and the MAC is 1 byte. Each node randomly takes five y-keys and one zkey from the global key pool, whose size is 100. Simulation Results The original DEF (SP = 3, 7) and the FDEF [10] has been compared to ADEF in the distance range (13≤d≤15), KDL = 4 and the compromised nodes in the clusters is assumed to be 80%. Fig. 9 shows the number of traveled hops for the false reports. The proposed method (ADEF) shows fewer traveled hops than both the FDEF and the original DEF schemes (with SP = 3, 7). That is, ADEF detects false reports earlier than the other methods so that it conserves energy consumption, reducing unnecessary energy waste, such as non-existent event reports.
© 2010 ACADEMY PUBLISHER
Fitering out false reports ratio (%)
80% 70% 60% 50% ADEF
40%
FDEF 30%
MAC(7)
20%
MAC(3)
10% 0% 100 200 300 400 500 600 700 800 900 1000 The number of false reports
Fig. 10 The filtered reports ratio.
Figs. 11(a), (b), and (c) show the energy consumption when one round has 200 event reports. The proposed method (filled diamond) performs more effectively in conserving energy than the original DEF and FDEF schemes (see Figs. 11(b), and (c)). FDEF and the original DEF with a large SP provide sufficient security of power that conserves energy by quickly dropping false reports. However, this is only when false reports occur. Legitimate reports may consume more energy than a small SP, because the verification processing is implemented for both false reports and legitimate reports. That is, if the false traffic report (FTR) is not high in the network, then total energy consumption with a large SP is
298
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
greater than with a small SP (Figs. 11(a), (b)). However, the proposed method can provide flexibility between false reports and legitimate reports by controlling the SP by using the fuzzy system. This is demonstrated in Figs. 11(b) and (c). Sometimes the proposed method has a lower value than the original DEF scheme (Fig. 11(a)). However, the difference between the original DEF with 3 MACs (empty circle) and the proposed method is very small, and it is more effective in other scenarios (see Figs. 11(b) and (c)).
25000 20000 ADEF
15000 10000
FDEF
18000
MAC(7)
16000
MAC(3)
Energy consumption (mJ)
Energy consumption (mJ)
30000
Fig. 12 shows the energy consumption when the filtering scheme can no longer filter the false reports. If RRB is B when MAR is VL, the fuzzy system considers that the filtering scheme does not operate well under attack conditions. Thus, the filtering scheme has lost security. In this case, the SP must be decreased, since false reports cannot be detected regardless of the size of the SP. Thus, the fuzzy system reduces the SP to VS (Rule 58 in Table 1) in order to conserve energy. As shown Fig. 12, ADEF performs more effectively in conserving energy than FDEF and the original DEF with 7 MACs, except in the case where the original DEF has 3 MACs. However, the original DEF with 3 MACs cannot provide sufficient detection probability for the false reports when the filtering scheme retrieves its security.
5000 0 200 400 600 800 1000 1200 1400 1600 1800 2000 The number of event reports
(a) FTR = 25%
14000 12000 10000
ADEF
8000
FDEF
6000
MAC(7) MAC(3)
4000 2000
25000
Energy consumption (mJ)
0 100 200 300 400 500 600 700 800 900 1000
20000
The number of false reports
15000 ADEF FDEF
10000
MAC(7) MAC(3)
5000 0 200 400 600 800 1000 1200 1400 1600 1800 2000 The number of event reports
(b) FTR = 50% 25000
Energy consumption (mJ)
Fig. 12 Energy consumption when the filtering scheme is unable to detect false reports.
20000
15000 ADEF FDEF
10000
IV.
CONCLUSION
The SP is important in the DEF scheme, since it trades off between security of the power and energy consumption. This paper has proposed a new ADEF method which uses RRB, KDL, DBS, and MAR to determine the adaptive threshold value according to the dynamic operational status of the network. Also, the ADEF scheme can verify its efficiency through a feedback parameter, which is the MAR, after determining the security threshold. This phase or operation can select a more adaptive threshold value by comparing the previously selected security threshold with the result. As shown by simulation studies, the proposed method exhibits effective performance, balancing energy conservation and security of the power.
MAC(7) MAC(3)
V.
ACKNOWLEDGMENTS
5000
0 200 400 600 800 1000 1200 1400 1600 1800 2000
This work was supported by Korea Science and Engineering Foundation(KOSEF) grant funded by the Korean government (MEST) (No. 2009-0076504).
The number of event reports
REFERENCES (c) FTR = 75% Fig. 11 Energy consumption. © 2010 ACADEMY PUBLISHER
[1] I. Akyildiz, “A Survey on Sensor Networks,” IEEE Commun. Mag., vol. 40, no. 8, pp. 102-114, Aug. 2002.
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
[2] J.N. Al-Karaki , and A.E. Kamal, “Routing techniques in wireless sensor networks: a survey”, IEEE Wireless Communication Mag., vol. 11, no. 6, pp. 6-28, 2004. [3] D. Djenouri and L. Khelladi, “A Survey of Security Issues in Mobile Ad Hoc and Sensor Networks,” IEEE Communication Surveys and Tutorials, vol. 7, no. 4, pp. 228, December 2005. [4] Z. Yu and Y. Guan, “A Dynamic En-route Scheme for Filtering False Data Injection in Wireless Sensor Networks,” in Proc. IEEE INFOCOM’06, Apr. 2006. [5] Zhu S, Setia S, Jajodia S, Ning P. An Interleaved Hop-byHop Authentication Scheme for Filtering of Injected False Data in Sensor Networks. In Proc. S&P, 2004, pp.259-271. [6] Yang H, Lu S. Commutative Cipher Based En-Route Filtering in Wireless Sensor Networks. In Proc. VTC, 2003, pp.1223-1227. [7] Ye F, Luo H, Lu S. Statistical En-Route Filtering of Injected False Data in Sensor Networks. IEEE J. Sel. Area Comm., 2005, 23(4): 839-850. [8] F. Li and J. Wu, "A probabilistic voting-based filtering scheme in wireless sensor networks," Proc. IWCMC, pp.27–32, July 2006. [9] Perrig A, Szewczyk R, Tygar J D, Wen V, Culler D E. SPINS: Security Protocols for Sensor Networks. Wirel. Netw., 2002, 8(5): 521-534 [10] S.J. Lee, H.Y. Lee and T.H. Cho, “A Threshold Determining Method for the Dynamic Filtering in Wireless Sensor Networks Based on Fuzzy Logic”, International Journal of Computer Science and Network Security, vol. 8, no. 4, pp. 155-159, Apr. 2008. [11] H.Y. Lee and T.H. Cho, "Key Inheritance-Based False Data Filtering Scheme in Wireless Sensor Networks", Lect. Notes Comput. Sc., vol.4317, pp.116-127, Dec. 2006. [12] B.H. Kim, H.Y. Lee and T.H. Cho, “Fuzzy Key Dissemination Limiting Method for the Dynamic FileringBased Sensor Networks”, Lect. Notes Comput. Sc., vol.4681, pp.261-272, Aug. 2007. [13] H.Y. Lee and T.H. Cho, "Fuzzy Adaptive Selection of Filtering Schemes for Energy Saving in Sensor Networks," IEICE Transactions on Communications, vol. E90-B, no. 12, pp. 3346-3353, Dec. 2007 [14] B.H. Kim and T.H. Cho, “Condition-based Key Dissemination Period Determining Method in Sensor Networks”, In Proc. Of ICACT, 2008. [15] S.J. Lee, H.Y. Lee and T.H. Cho, “A Threshold Determining Method for the Dynamic Filtering in Wireless Sensor Networks Based on Fuzzy Logic”, International Journal of Computer Science and Network Security, vol.8, No.4, Apr. 2008.
Sang Jin Lee received his B.S. degree in Software Engineering from Baekseok University, Republic of Korea, in August 2007. He is currently a graduate student in the School of Information and Communication Engineering at Sungkyunkwan University. His research interests include wireless sensor networks, intelligent systems, and security.
© 2010 ACADEMY PUBLISHER
299
Hae Young Lee received his Ph.D. in Computer Engineering and B.S. in Electrical and Computer Engineering from Sungkyunkwan University, Korea, in 2009 and 2003, respectively. From 1998 to 2001, he worked in several start-up companies as programmers. In 2009, he was an Invited Lecturing Professor for the Department of Information Security, Seoul Women's University, Korea. His research interests include cyber-physical systems, design automation, modeling & simulation, and wireless sensor networks.
Tae Ho Cho received his Ph.D. degree in Electrical and Computer Engineering from the University of Arizona, USA, in 1993, and his B.S. and M.S. degrees in Electrical Engineering from Sungkyunkwan University, Republic of Korea, and the University of Alabama, USA, respectively. He is currently a Professor in the School of Information and Communication Engineering, Sungkyunkwan University, Korea. His research interests are in the areas of wireless sensor networks, intelligent systems, modeling & simulation, and enterprise resource planning.
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
Environment-based Selection Method for Enroute Filtering Scheme using Fuzzy Logic Sang Jin Lee Sungkyunkwan University, Suwon 440-746, Republic of Korea [email protected]
Hae Young Lee ETRI, Daejeon 305-700, Republic of Korea [email protected]
Tae Ho Cho Sungkyunkwan University, Suwon 440-746, Republic of Korea [email protected]
Abstract— Nodes in sensor networks can be easily compromised by an adversary due to hostile environments in which compromised nodes could be used to inject false reports into the network. The dynamic en-route scheme can detect and drop such false reports during the forwarding phase. In this scheme, choosing a threshold value is important as this gives a trade off between security of power and energy consumption. Thus, a threshold value should be chosen such that it provides sufficient resilience, yet is small enough to conserve energy. This paper presents a fuzzybased threshold determination method for the dynamic enroute scheme to filter false reports in wireless sensor networks. The base station periodically determines the threshold value using a fuzzy rule-based system. The resilience and energy efficiency of the proposed method, against false data injection attacks, are demonstrated using simulation studies. Index Terms— wireless sensor networks, false data filtering, false data injection attacks, fuzzy system, threshold value
I. INTRODUCTION Recent advances in wireless communications and electronics have enabled the development of low-cost, low-power, multifunctional sensor nodes that are small in size and can communicate unfettered over short distances [1]. Wireless sensor networks (WSN) consist of small nodes with sensing, computation, and wireless communications capabilities. WSNs can be applied to numerous applications, such as target field imaging, intrusion detection, weather monitoring, security and tactical surveillance, distributed computing, and detecting ambient conditions [2]. WSNs have limited capabilities in terms of available energy, memory capacity, and processing speed, and they can be exposed to a hostile environment [3]. Thus, sensor nodes may be captured or compromised by adversaries, and secret information, such as the symmetric key, may be revealed to the adversaries who can also easily inject false data reports of non-existent events or fake readings into the network.
© 2010 ACADEMY PUBLISHER doi:10.4304/jnw.5.3.292-299
Fig. 1 False data injection attacks.
These are referred to as false data injection attacks (see Fig. 1) [4, 5]. Such attacks may cause false alarms, and exhaust the limited energy of the nodes in forwarding these reports, thus, reducing the lifetime of the sensor networks [4]. To minimize such damage, the fabricated report should be dropped en-route as early as possible and any elusive ones should be rejected at the base stations [6]. Various security solutions [4-8] and adaptive methods [11-14] have been proposed to detect and drop the false reports. The dynamic en-route filtering scheme (DEF) proposed in this paper is one of these solutions. In the DEF, as proposed by Yu and Guan [4], the choice of a threshold value is important since it gives a trade off between security and overhead. A large threshold value allows false reports to be more easily detected, but this consumes more energy in forwarding. In contrast, a small threshold value may consume less energy, but results in inefficient filtering, or may even be useless if a large number of nodes have been compromised. The threshold value should therefore be chosen such that it provides sufficient resilience, whilst still conserving energy [7]. This paper proposes an adaptive threshold determination method using fuzzy
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
logic to choose an appropriate value. A fuzzy rule-based system is exploited to determine the threshold value that implies the required number of message authentication codes (MACs) per report. I.
BACKGROUND AND MOTIVATION
This section briefly describes the DEF, and the motivation for this work. Dynamic En-route Filtering scheme Yu and Guan proposed the DEF scheme [4] to detect and drop false reports. Compared to existing filtering schemes, the DEF is more effective in dealing with the dynamic topology of sensor networks. It outperforms in terms of energy efficiency, especially for large sensor networks (i.e., a network consists of a large number of clusters). In the DEF, a legitimate report can be verified by MACs, which are generated by the sensing nodes. The DEF consists of three phases: 1) a pre-deployment phase, 2) post-deployment phase, and 3) a filtering phase. In the pre-deployment phase, each node is preloaded with a seed authentication key, and secret keys (l + 1) randomly picked from a global key pool. (a)
Cluster k1
k2
293
stores the authentication keys if it has the corresponding keys. In the filtering phase, the DEF can detect a false report and drop it (see Fig. 2(c)). After disseminating the authentication keys, a cluster head aggregates reports attached to MACs that have been generated by its cluster nodes, and sends them to a neighbor node toward the BS. Each report should contain t distinct MACs of those cluster nodes, where t is a security threshold value. Motivation In the DEF method, determining the threshold value is important since it trades off between security of the power and energy consumption. The static number of MACs in the DEF is not appropriate in real-world wireless sensor networks. A large threshold value allows false reports to be more easily detected, but wastes energy in forwarding. Conversely, a small threshold value may conserve energy, but will result in inefficient filtering if a large number of nodes have been compromised. Thus, the appropriate threshold value should be chosen to provide sufficient resilience, whilst still conserving energy [7]. An adaptive threshold determination method using fuzzy logic is proposed for determining the appropriate threshold value. Threshold Determination Method Based on Fuzzy Logic (FDEF)
k3
Cluster
CH k7
k4 k5
k6
CN k5
(b)
k7 v1
CH
Fuzzy Logic
KDL k3 v3
v2 k4
k6 k1
DBS SP
(a)
BS
k5
Threshold value(SP)
(c) k3 CH k7
k7 v1
v2
k3 v3
(b)
: CH (cluster head) Fig. 3 Overview of the FDEF scheme. Fig. 2 Overview of the DEF.
In the post-deployment phase, every node in the cluster forwards encrypted authentication keys using its secret keys to its cluster head (see Fig. 2(a)), then each cluster head disseminates the encrypted authentication keys of all nodes in that cluster to the neighbor node. These keys can only be forwarded at most key dissemination limiting hops [8] (see Fig. 2(b)). Each receiving node decrypts and © 2010 ACADEMY PUBLISHER
In FDEF [15], the BS periodically determines the threshold value (SP) using a fuzzy rule-based system (see Fig. 3(a)). The number of cluster nodes (CN), the value of the key dissemination limit (KDL), and the estimated distance from the BS to each cluster (DBS) are used to determine the SP. If the determined SP differs from the current value, the BS broadcasts the determined value to all the corresponding nodes in the network (see Fig. 3(b)).
294
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
However, the threshold value is selected only according to the quality of area in the network. Thus, FDEF cannot consider the status of the network. II. ADAPTIVE THRESHOLD DETERMINATION This section describes the new proposed method in detail. Assumptions It is assumed that a sensor network is composed of a large number of small sensor nodes where the nodes within the cluster can elect one cluster head from amongst themselves. To balance energy consumption, all nodes of the same cluster may take turns playing the role of the cluster head. As nodes are not equipped with tamper-resistant hardware they can be compromised easily by adversaries, and can be used to inject false reports. However, the base station (BS) cannot be easily compromised. It is also assumed that the BS can know the estimated distance to each cluster, the rate of reports rejected by the BS, and the energy consumption. It is further assumed that the BS has a mechanism to authenticate all broadcast messages (e.g., based on µTESLA [9]), and that every node can verify the broadcast messages. Overview The proposed method, an adaptive DEF (ADEF), is based on the DEF scheme.
Fig. 4 Overview of the new proposed method.
The BS, by using a fuzzy rule-based system, periodically determines the security threshold (SP) that can be achieved with sufficient detection ability, whilst minimizing the energy consumption (Fig. 4(b)). The value of the key dissemination limit (KDL), the estimated distance from the BS to each cluster (DBS), the rate of false reports rejected by the BS (RRB), and the rate of the MAC attached to reports (MAR) are used to determine the SP (Fig. 4(a)). The SP changes from the number of MACs attached to the reports to the rate of MACs through a simple formula (1) (Fig. 4(c)).
© 2010 ACADEMY PUBLISHER
The result from the formula (1) is used to anticipate the current security threshold. The result is also used for one of the input parameters (Fig. 4(d)). That is, the previous security threshold can be anticipated through the MAR. After the filtering phase, the BS can calculate the rate of false reports rejected by the BS, and then this is used for the input value in the fuzzy rule-based system (Fig. 4(e)).
Input Parameters The MAR is similar to the number of MACs, and can calculate the MAC rate in each cluster. The MAR can be estimated by using formula (1).
(1)
where NNC is the number of nodes in the cluster and SP is the security threshold. A large MAR has a higher detection probability of false reports than a small MAR. A small RRB indicates that a large number of false reports have been dropped before arriving at the base station (BS). That is, the filtering scheme provides sufficient detection ability, even though the network is under attack by an adversary. A large KDL diffuses a large number of authentication keys through the network. This results in many nodes having the authentication key, and raises the probability of filtering out false reports. Thus, even a small SP can provide sufficient detection power. Conversely, a large SP should be chosen if the authentication keys are disseminated to only a few nodes (i.e., KDL is very small). Thus, the KDL value must also be considered when determining the SP. It is clear that sensor nodes near the BS consume less energy than other nodes in forwarding reports to the BS. In the case of undetected false reports with a small SP, the elusive reports generated near the BS have smaller travel hops than those generated by a compromised node in a cluster further away from the BS. Thus, the SP needs to be adjusted according to the DBS in order to conserve energy and reduce the overhead in the diffusion of the messages. Output Parameters (threshold value) The purpose of our proposed method is selecting adaptive threshold value. The threshold value means the length of MACs attached to the report. It is very important due to trading off between energy consumption and detection power. As we previously mentioned, the more increase a threshold value, the more likely it is that detection probability will be increased. However, it consumes more energy, if the sensor network is not attacked from attackers. That means larger threshold value cannot help to decreasing energy anymore, because the verification processing is implemented for both false reports and legitimate reports in order to verify the event reports whether they are legitimate or illegitimate.
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
295
Therefore, we need to determine adaptive threshold value which provides flexibility between energy consumption and strength of detection power. Evaluation Parameters After determining the threshold value which is the size of the MACs attached to the reports (SP) through the proposed method, an evaluation needs to be carried out as to whether the filtering scheme is well protected from attackers or not. The MAR and RRB are used to evaluate the filtering scheme but to measure the filtering detection power, using the MAR is essential. The current estimated SP can be known through the MAR (Fig. 5(a)) and the RRB is the rate of false reports reaching the BS. That is, false reports unfiltered by the filtering scheme. In other words, if RRB is large, the filtering scheme provides inefficient security of the power throughout the network; otherwise, the filtering scheme is well protected from attackers. It can be determined whether the selected value is adaptive or not by evaluating two factors (MAR, RRB) (Fig 5(c)). If the result from the evaluation is not good, the proposed method increases the threshold. Otherwise, the proposed method prefers to hold the current value if the evaluation result is acceptable. Tc means previously selected SP, and Tn is the selected SP in the next period. Ev is the parameter to control the threshold value according to status of the network (Fig. 5 (a) ,(b)).
Fig. 4(a), (b), (c), and (d) illustrate the membership functions of the fuzzy logic input parameters used. The labels of the fuzzy variables are represented as follows: ●
RRB = {F (Fine), N (Normal), B (Bad)}
●
KDL = {N (Narrow), M (Medium), W (Wide)}
●
DBS = {N (Near), M (Medium), F (Far)}
●
MAR = {VS (Very Small), S (Small), M (Medium), L (Large), VL(Very Large)}
The output parameter of the fuzzy logic is SP = {VS (Very Small), S (Small), M (Medium), L (Large), VL (Very Large)}, represented by the membership functions as shown in Fig. 6(e). F
1.0
0
B
0.25
0.5
1.0
1.0
N
0
1.0
N
M
F 1.0
0
5
10
VS
S
0
0.2
(C) DBS VS
S
0
2
M
W
5
10
(b) KDL
(a) RRB
1.0
(b)
0.1
N
M
L
0.4
0.6
VL
0.8
(d) MAR
M
L
4
6
VL
(c)
Evaluate MAR
RRB
(a)
Estimating capacity of filtering scheme 8
10
(e) SP
measuring security power
Fig. 6 Fuzzy membership functions.
Tn = Tc + (Ev) Ev = {hold, increase, decrease}
(d)
Table 1 shows portion of the entire fuzzy if-then rules. The fuzzy if-then rules determine the SP based on RRB and MAR. The fuzzy if-then rules have been designed according to following rules
setting up the number of threshold vaule Table 1: Fuzzy if-then rules. Event Nid1 ... n Kid(Nid1 ... n ) MAC(Event, kNidkid(Nid)) …. MAC(Event, kNidnkid(Nidn))
event report Fig. 5 Selecting the threshold value.
Determining based on fuzzy logic In our proposed method, the BS periodically determines the SP for selecting the adaptive SP. We could find the optimal division of each membership functions via simulation result.
© 2010 ACADEMY PUBLISHER
Rule # 48 53 55 58 78 83 88
IF RRB F N B B F N B
KDL W W W W N N N
DBS F F F F F F F
MAR S S VL S S S S
THEN SP S M VS L S L VL
Fig. 7 shows how to determine the rules in our proposed method.
1.0
296
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
Normally, our proposed method determines the SP according to RRB and MAR. We can estimate the filtering ability of the DEF through RRB which is the rate of false reports rejected by the BS and know the previous the security strength of the DEF through MAR. After determining the SP, SP maybe be increased or be hold according to KDL and DBS. We can estimate detection probability of the DEF through the KDL. KDL means the value of the authentication key dissemination limit. As KDL rises, the detection probability of the DEF increases as well. DBS means the estimated distance from the BS to each cluster. The larger DBS becomes, the larger travel hops becomes. It means large DBS consumes more energy than small DBS. We explain the efficiency of the each factors in detail through the following the sentence. Design of if-then rules: z
Case 1 (see Fig. 7(1)):
Generally, if RRB is F, the fuzzy system prefers to hold the SP (Rule 48, 78). That is, the network is well protected by the filtering scheme. If RRB is N or B it means the filtering scheme is not providing sufficient
security of the power, or is not able to filter the false reports. Thus, the fuzzy system increases the SP. The increased rate is determined based on RRB when the fuzzy system increases the SP. The MAR is the previous result of the calculation that is the amount of MAC in each report (Fig. 3(d)). When RRB is N, the fuzzy system increases one step more than the current MAR (Rule 53). If RRB is B, the fuzzy system increases two steps (Rule 58). z Case 2 (see Fig. 7(2)) Consider that when KDL is N it has less filtering probability than KDL for W. Therefore, when KDL is N, the fuzzy system adds one step to the existing rule (Rule 83). That is, if RRB is N and KDL is N, then the fuzzy system increases two steps. z Case 3 (see Fig. 7(3)) The reports generated near the BS have smaller travel hops than those generated by sensor nodes further away from the BS. In other words, the report generated near the BS consumes less energy than other nodes in forwarding reports to the BS. Therefore, the fuzzy rule of the proposed method selects a small SP when the DBS is less than M. Otherwise, the SP will be increased in steps of one unit.
(1)
Fine
(2)
Hold SP
Yes
Increase one step
KDL is N? RRB
Normal
Increase one step No Increase two step
Bad
MAR is VL ?
No
Yes SP = VS
Sink
Increase Yes one step
DBS ≥M?
No (3) Fig. 7 Design of Fuzzy if-then rules.
© 2010 ACADEMY PUBLISHER
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
297
SIMULATION
In this section, the efficiency of the proposed method (ADEF) is demonstrated through simulation studies. Simulation Environment The original DEF and FDEF schemes [10] have been compared with the ADEF method. In the original DEF scheme, the key dissemination limitation is fixed during the post-deployment phase. In the simulations, a virtual sensor network has been used, which has 500 clusters randomly distributed and each cluster consists of 10 nodes.
Bas e station
Cluster head
Traveled hops of the false reports
12000
III.
10000 8000 ADEF
6000
FDEF MAC(7)
4000
MAC(3) 2000 0 100 200 300 400 500 600 700 800 900 1000 The number of false reports
Fig. 9 Number of travel hops.
Ro uting path
Fig. 10 shows the rate of filtered reports caused by successfully picking out the false reports. Existing methods, such as FDEF and the original DEF, have a static SP. Thus, they do not determine the SP dynamically based on the status of the network. As shown in Fig. 10, ADEF reaches an increasingly high probability, because ADEF determines the SP by increasing the SP after comparing RRB to the MAR (Rules 53, 58, 83, and 88 in Table 1). Thus, ADEF can provide sufficient security of the power to the network based on the network’s status.
Fig. 8 Virtual sensor network.
Each node consumes 16.25, 12.5 µJ to transmit/receive a byte and each MAC consumes 15 µJ for the verification. The size of the original report is 24 byte, and the MAC is 1 byte. Each node randomly takes five y-keys and one zkey from the global key pool, whose size is 100. Simulation Results The original DEF (SP = 3, 7) and the FDEF [10] has been compared to ADEF in the distance range (13≤d≤15), KDL = 4 and the compromised nodes in the clusters is assumed to be 80%. Fig. 9 shows the number of traveled hops for the false reports. The proposed method (ADEF) shows fewer traveled hops than both the FDEF and the original DEF schemes (with SP = 3, 7). That is, ADEF detects false reports earlier than the other methods so that it conserves energy consumption, reducing unnecessary energy waste, such as non-existent event reports.
© 2010 ACADEMY PUBLISHER
Fitering out false reports ratio (%)
80% 70% 60% 50% ADEF
40%
FDEF 30%
MAC(7)
20%
MAC(3)
10% 0% 100 200 300 400 500 600 700 800 900 1000 The number of false reports
Fig. 10 The filtered reports ratio.
Figs. 11(a), (b), and (c) show the energy consumption when one round has 200 event reports. The proposed method (filled diamond) performs more effectively in conserving energy than the original DEF and FDEF schemes (see Figs. 11(b), and (c)). FDEF and the original DEF with a large SP provide sufficient security of power that conserves energy by quickly dropping false reports. However, this is only when false reports occur. Legitimate reports may consume more energy than a small SP, because the verification processing is implemented for both false reports and legitimate reports. That is, if the false traffic report (FTR) is not high in the network, then total energy consumption with a large SP is
298
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
greater than with a small SP (Figs. 11(a), (b)). However, the proposed method can provide flexibility between false reports and legitimate reports by controlling the SP by using the fuzzy system. This is demonstrated in Figs. 11(b) and (c). Sometimes the proposed method has a lower value than the original DEF scheme (Fig. 11(a)). However, the difference between the original DEF with 3 MACs (empty circle) and the proposed method is very small, and it is more effective in other scenarios (see Figs. 11(b) and (c)).
25000 20000 ADEF
15000 10000
FDEF
18000
MAC(7)
16000
MAC(3)
Energy consumption (mJ)
Energy consumption (mJ)
30000
Fig. 12 shows the energy consumption when the filtering scheme can no longer filter the false reports. If RRB is B when MAR is VL, the fuzzy system considers that the filtering scheme does not operate well under attack conditions. Thus, the filtering scheme has lost security. In this case, the SP must be decreased, since false reports cannot be detected regardless of the size of the SP. Thus, the fuzzy system reduces the SP to VS (Rule 58 in Table 1) in order to conserve energy. As shown Fig. 12, ADEF performs more effectively in conserving energy than FDEF and the original DEF with 7 MACs, except in the case where the original DEF has 3 MACs. However, the original DEF with 3 MACs cannot provide sufficient detection probability for the false reports when the filtering scheme retrieves its security.
5000 0 200 400 600 800 1000 1200 1400 1600 1800 2000 The number of event reports
(a) FTR = 25%
14000 12000 10000
ADEF
8000
FDEF
6000
MAC(7) MAC(3)
4000 2000
25000
Energy consumption (mJ)
0 100 200 300 400 500 600 700 800 900 1000
20000
The number of false reports
15000 ADEF FDEF
10000
MAC(7) MAC(3)
5000 0 200 400 600 800 1000 1200 1400 1600 1800 2000 The number of event reports
(b) FTR = 50% 25000
Energy consumption (mJ)
Fig. 12 Energy consumption when the filtering scheme is unable to detect false reports.
20000
15000 ADEF FDEF
10000
IV.
CONCLUSION
The SP is important in the DEF scheme, since it trades off between security of the power and energy consumption. This paper has proposed a new ADEF method which uses RRB, KDL, DBS, and MAR to determine the adaptive threshold value according to the dynamic operational status of the network. Also, the ADEF scheme can verify its efficiency through a feedback parameter, which is the MAR, after determining the security threshold. This phase or operation can select a more adaptive threshold value by comparing the previously selected security threshold with the result. As shown by simulation studies, the proposed method exhibits effective performance, balancing energy conservation and security of the power.
MAC(7) MAC(3)
V.
ACKNOWLEDGMENTS
5000
0 200 400 600 800 1000 1200 1400 1600 1800 2000
This work was supported by Korea Science and Engineering Foundation(KOSEF) grant funded by the Korean government (MEST) (No. 2009-0076504).
The number of event reports
REFERENCES (c) FTR = 75% Fig. 11 Energy consumption. © 2010 ACADEMY PUBLISHER
[1] I. Akyildiz, “A Survey on Sensor Networks,” IEEE Commun. Mag., vol. 40, no. 8, pp. 102-114, Aug. 2002.
JOURNAL OF NETWORKS, VOL. 5, NO. 3, MARCH 2010
[2] J.N. Al-Karaki , and A.E. Kamal, “Routing techniques in wireless sensor networks: a survey”, IEEE Wireless Communication Mag., vol. 11, no. 6, pp. 6-28, 2004. [3] D. Djenouri and L. Khelladi, “A Survey of Security Issues in Mobile Ad Hoc and Sensor Networks,” IEEE Communication Surveys and Tutorials, vol. 7, no. 4, pp. 228, December 2005. [4] Z. Yu and Y. Guan, “A Dynamic En-route Scheme for Filtering False Data Injection in Wireless Sensor Networks,” in Proc. IEEE INFOCOM’06, Apr. 2006. [5] Zhu S, Setia S, Jajodia S, Ning P. An Interleaved Hop-byHop Authentication Scheme for Filtering of Injected False Data in Sensor Networks. In Proc. S&P, 2004, pp.259-271. [6] Yang H, Lu S. Commutative Cipher Based En-Route Filtering in Wireless Sensor Networks. In Proc. VTC, 2003, pp.1223-1227. [7] Ye F, Luo H, Lu S. Statistical En-Route Filtering of Injected False Data in Sensor Networks. IEEE J. Sel. Area Comm., 2005, 23(4): 839-850. [8] F. Li and J. Wu, "A probabilistic voting-based filtering scheme in wireless sensor networks," Proc. IWCMC, pp.27–32, July 2006. [9] Perrig A, Szewczyk R, Tygar J D, Wen V, Culler D E. SPINS: Security Protocols for Sensor Networks. Wirel. Netw., 2002, 8(5): 521-534 [10] S.J. Lee, H.Y. Lee and T.H. Cho, “A Threshold Determining Method for the Dynamic Filtering in Wireless Sensor Networks Based on Fuzzy Logic”, International Journal of Computer Science and Network Security, vol. 8, no. 4, pp. 155-159, Apr. 2008. [11] H.Y. Lee and T.H. Cho, "Key Inheritance-Based False Data Filtering Scheme in Wireless Sensor Networks", Lect. Notes Comput. Sc., vol.4317, pp.116-127, Dec. 2006. [12] B.H. Kim, H.Y. Lee and T.H. Cho, “Fuzzy Key Dissemination Limiting Method for the Dynamic FileringBased Sensor Networks”, Lect. Notes Comput. Sc., vol.4681, pp.261-272, Aug. 2007. [13] H.Y. Lee and T.H. Cho, "Fuzzy Adaptive Selection of Filtering Schemes for Energy Saving in Sensor Networks," IEICE Transactions on Communications, vol. E90-B, no. 12, pp. 3346-3353, Dec. 2007 [14] B.H. Kim and T.H. Cho, “Condition-based Key Dissemination Period Determining Method in Sensor Networks”, In Proc. Of ICACT, 2008. [15] S.J. Lee, H.Y. Lee and T.H. Cho, “A Threshold Determining Method for the Dynamic Filtering in Wireless Sensor Networks Based on Fuzzy Logic”, International Journal of Computer Science and Network Security, vol.8, No.4, Apr. 2008.
Sang Jin Lee received his B.S. degree in Software Engineering from Baekseok University, Republic of Korea, in August 2007. He is currently a graduate student in the School of Information and Communication Engineering at Sungkyunkwan University. His research interests include wireless sensor networks, intelligent systems, and security.
© 2010 ACADEMY PUBLISHER
299
Hae Young Lee received his Ph.D. in Computer Engineering and B.S. in Electrical and Computer Engineering from Sungkyunkwan University, Korea, in 2009 and 2003, respectively. From 1998 to 2001, he worked in several start-up companies as programmers. In 2009, he was an Invited Lecturing Professor for the Department of Information Security, Seoul Women's University, Korea. His research interests include cyber-physical systems, design automation, modeling & simulation, and wireless sensor networks.
Tae Ho Cho received his Ph.D. degree in Electrical and Computer Engineering from the University of Arizona, USA, in 1993, and his B.S. and M.S. degrees in Electrical Engineering from Sungkyunkwan University, Republic of Korea, and the University of Alabama, USA, respectively. He is currently a Professor in the School of Information and Communication Engineering, Sungkyunkwan University, Korea. His research interests are in the areas of wireless sensor networks, intelligent systems, modeling & simulation, and enterprise resource planning.
