SECURE ROUTING USING FREQUENCY HOPPING IN WIRELESS SENSOR NETWORK RAJA ZAHILAH BINTI RAJA MOHD. RADZI A project report submitted in partial fulfillment of the requirements for the award of the degree of Master of Engineering (Electrical – Electronics & Telecommunications) Faculty of Electrical Engineering Universiti Teknologi Malaysia MAY 2007 iii For Mak and Ayah. For Anata and our little Princesses. iv ACKNOWLEDGEMENT In preparing this master project, I was in contact with many people, researchers, and academicians. They have contributed towards my understanding and thoughts. In particular, I wish to express my sincere appreciation to my thesis supervisor, Professor Dr. Hjh. Norsheila Fisal, for encouragement, guidance, critics and friendship. Without her continued support and interest, this project report would not have been the same as presented here. I am also indebted to Universiti Teknologi Malaysia (UTM) for funding my Ms. study. Librarians at UTM also deserve special thanks for their assistance in supplying the relevant literatures. My fellow postgraduate students (especially Mr. Adel and Mrs. Razatulshima) should also be recognized for their support. My sincere appreciation also extends to all my colleagues at Department of Computer System and Communication, Faculty of Computer Science and Information System, UTM and others who have provided assistance at various occasions. Their views, comments and tips are very helpful. Finally, I am also very grateful to all my family members for their continuous encouragement and support. v ABSTRACT Wireless ad hoc sensor networks (WSN) operate in the absence of a predeployed infrastructure, are self-configurable, low cost and can be rapidly deployed. Hence, such networks enable a variety of consumer applications, such as emergency rescue, disaster relief, smart homes and patient monitoring, industrial applications, such as structural health monitoring and environmental control, and military applications, such as target identification and tracking. WSN are prone to failure and malicious user attack because any device within the frequency range can get access to the data being transmitted. Thus, the project aims to provide a secure WSN through frequency hopping at the network layer. In this work, Ad hoc On Demand Distance Vector Routing algorithm is used to determine the route and un-Slotted Carrier Sense Multiple Access / Collision Avoidance (slotted CSMA/CA) algorithm is used to access the medium. The frequency hopping algorithm was tested in WSN environment with and without malicious node. The results show tremendous decreased of throughput from malicious node when the number of frequency hop is increased. Therefore, WSN’s security is improved even though the throughput from source is slightly decreased. Proposed future works are addition of frequency synchronization with beacon using slotted CSMA-CA and addition of multiple interfaces support for IEEE 802.15.4 standard. vi ABSTRAK Rangkaian Sensor Tanpa Wayar (WSN) beroperasi dalam infrastruktur yang segera, boleh mengkonfigurasi sendiri, kos yang rendah dan sangat mudah dirangkaikan. Oleh itu, rangkaian ini berupaya menyokong pelbagai aplikasi pengguna seperti operasi menyelamat, bencana alam, pemantauan pesakit, pemantauan rumah pintar, aplikasi industri seperti pemantauan keselamatan struktur, pengawalan alam sekitar dan aplikasi ketenteraan seperti mengenalpasti dan mengesan target. WSN sangat mudah menghadapi ketidakfungsian dan serangan pengguna kerana sebarang peralatan yang berada di dalam julat frekuensi boleh mencapai data yang sedang dihantar. Oleh itu, projek ini bertujuan untuk menyediakan WSN yang selamat dengan menggunakan frequency hopping di aras Rangkaian. Dalam projek ini, algoritma Ad hoc On Demand Distance Vector Routing digunakan untuk mengenalpasti perjalanan data dan algoritma un-Slotted Carrier Sense Multiple Access / Collision Avoidance (slotted CSMA/CA) digunakan untuk mencapai medium penghantaran. Algoritma frequency hopping telah diuji dalam WSN dengan dan tanpa kehadiran nod asing. Keputusan menunjukkan penurunan truput yang sangat ketara daripada nod asing apabila bilangan frekuensi ditambah. Oleh itu, keselamatan WSN telah dapat dipertingkatkan walaupun truput daripada sumber juga mengalami sedikit penurunan. Cadangan sambungan kerja penyelidikan ialah penambahan frekuensi segerak dengan beacon menggunakan slotted CSMA/CA dan penambahan sokongan antaramuka yang banyak untuk standard IEEE 802.15.4. vii TABLE OF CONTENTS CHAPTER 1 2 TITLE PAGE DECLARATION ii DEDICATION iii ACKNOWLEDGEMENT iv ABSTRACT v ABSTRAK vi TABLE OF CONTENTS vii LIST OF TABLES x LIST OF FIGURES xi LIST OF ABBREVIATIONS xiii LIST OF APPENDICES xvi INTRODUCTION 1.1 A Review of Wireless Sensor Network 1 1.2 Statement of the Problems 2 1.3 Objectives 3 1.4 Scopes 3 1.5 Importance of the Study 4 1.6 Thesis Outline 4 REVIEWS OF SYSTEM 2.1 Wireless Sensor Network (WSN) 6 viii 2.1.1 Sensor 7 2.1.2 The Physical Layer 9 2.1.3 Data Transfer Model 10 2.2 Security Attacks 11 2.2.1 Passive Attack 11 2.2.2 Active Attacks 12 2.3 Routing Algorithms 2.3.1 Ad Hoc On Demand Distance Vector Routing 2.4 Carrier Sense Multiple Access/Collision 13 13 15 Avoidance (CSMA/CA) 2.4.1 Un-Slotted CSMA/CA 3 15 2.5 Frequency Hopping 17 2.6 Fedora Core 6 18 2.7 Network Simulator 2 (NS2) 18 2.8 The Trace File 20 2.9 Summary 20 THE FLOW PROCESS OF PROJECT 3.1 Introduction 22 3.2 Getting Started by Installing Fedora Core 6 23 3.3 Getting Started by Installing NS2 23 3.4 Low Rate WPAN Function Modules 24 3.5 Frequency Hopping 26 3.6 Random Number Generator 27 3.7 Coding 28 ix 4 5 3.7.1 Packet Format 28 3.7.2 Common header 29 3.7.3 Changes in AODV 30 3.7.3.1 AODV::forward() 30 3.7.3.2 AODV::recvAODV() 31 3.8 Network Parameter Configuration 32 3.9 Analysis of Trace File 34 3.10 Summary 35 RESULT, ANALYSIS AND DISCUSSION 4.1 Animation Capture of WSN 36 4.2 Analysis of Trace Files 39 4.2.1 WSN without Malicious Node 39 4.2.2 WSN with Malicious Node 41 CONCLUSION AND PROPOSED FUTURE WORK 5.1 The conclusion 43 5.2 Proposed Future Works 44 REFERENCES 46 Appendices A-E 48-56 x LIST OF TABLES TABLE NO. TITLE PAGE 2.1 Comparison between Wireless Personal Area Network (IEEE 802.15) 7 3.1 Network Parameter Definition 32 3.2 Available Options for Node Configuration 33-34 xi LIST OF FIGURES FIGURE NO. TITLE PAGE 1.1 Open System Interconnection Layer 2 2.1 A Typical Sensor Architecture 8 2.2 Actual Sensors 8 2.3 An Example of Communication in WSN 9 2.4 Channel Allocation in LR-WPAN 10 2.5 (a) Data Transfer Model: from device to coordinator (b) Data Transfer Model: from coordinator to device. 10 2.6 Diagram of AODV. (a) RREQ and RREP timing diagram. (b) AODV broadcast to adjacent neighbor. 14 2.7 Timing Diagram for CSMA/CA 15 2.8 Un-Slotted CSMA/CA Flow Chart 17 2.9 Simplified User’s View of NS 19 2.10 Fields of Trace File 20 3.1 LR-WPAN (IEEE 802.15.4) Function Modules 25 3.2 Frequency Hopping at Transmitting Side 26 3.3 Frequency Hopping at Receiving Side 27 3.4 Packet Format 29 3.5 Common Header Declaration 29 3.6 Additional Code in Function AODV::forward() 30 xii 3.7 Additional Code in AODV::recvAODV() 31 4.1 Network Animation of Broadcasting AODV message 37 4.2 Network Animation of Data Transmission 37 4.3 Network Animation of Malicious Node Trying to Get Into the WSN 38 4.4 Network Animation of Attack from Malicious Node (Black Dot) 38 4.5 Throughput before Frequency Hopping is Applied 39 4.6 Throughput of Simulation versus Different Period of Time 40 4.7 Throughput versus Time when Two Frequencies being Hopped 40 4.8 Throughput when Frequency Hopping is Applied (Two Frequency) 41 4.9 Throughput when Frequency Hopping is Applied (Four Frequency) 42 4.10 Comparison of Throughput between Two Frequency Hopping and Four Frequency Hopping 42 5.1 WPAN with PAN Coordinator, Coordinator and Devices 44 5.2 Multiple Interfaces Support 45 xiii LIST OF ABBREVIATIONS ACK - Acknowledgement AODV - Ad hoc On-demand Distance Vector AWK - derived from surname of its author (Alfred Aho, Peter Weinberger, and Brian Kernighan) BE - Backoff Exponent BP - Backoff Period CAP - Contention Access Period CBR - Continuous Bit Rate CCA - Clear Channel Assessment CFP - Contention Free Period CTS - Clear-To-Send CSMA/CA - Carrier Sense Multiple Access/ Collision Avoidance CSMA/CD - Carrier Sense Multiple Access/ Collision Detection CW - Contention Window DARPA - Defense Advanced Research Project Agency FC6 - Fedora Core 6 FTP - File Transfer Protocol GENOME - GNU Network Object Model Environment GTS - Guaranteed Time Scale GUI - Graphical User Interface IEEE - Institute of Electrical and Electronic Engineering xiv IP - Internet Protocol ISM - Industrial, Scientific and Medical Kbps - Kilobits per Second KDE - K Desktop Environment LOS - Line of Sight LQI - Link Quality Indication LR-WPAN - Low Rate Wireless Personal Area Network Mbps - Megabits per Second MHz - Mega Hertz NAM - Network Animation NB - Number of Backoffs NS - Network Simulator OSI - Open System Interconnection PTYPE - Packet Type RREP - Route Reply RREQ - Route Request RTP - Real-time Transport Protocol RTS - Request-To-Send TCL - Tool Command Language TCP - Transmission Control Protocol TS_ - Time Stamp UDP - User Datagram Protocol UID - Unique Identity VINT - Virtual InterNetwork Test-bed WPAN - Wireless Personal Area Network xv WSN - Wireless Sensor Network xvi LIST OF APPENDICES APPENDIX TITLE PAGE A Planning & Execution 48 B TCL Programming – sw8.tcl 50 C TCL Programming – sw8b1600.tcl 54 D AWK Programming – Myawk2.awk 59 E AWK Programming – Myawk4.awk 60 CHAPTER 1 INTRODUCTION 1.1 A Review of Wireless Sensor Network Wireless Sensor Network is a set of large number of sensors which provide a smart environment surrounding us, the sensors respond to its particular sensing characteristic changes around them and send the information to centre of processing unit. SmartDust program which is sponsored by DARPA defined sensor networks as: “A sensor network is a deployment of massive numbers of small, inexpensive, self-powered devices that can sense, compute and communicate with other devices for the purpose of gathering local information to make global decisions about a physical environment.” (Olariu, 2006) Sensor is a device which is very small, using low power to process or compute, use within short range of distance, got energy budget (battery) and got micro-sensor technology. Usually, it is link by wireless medium such as radio, infrared, ultrasound, laser and many more but the most popular medium is radio because it can operate without line of sight (LOS). Types of sensor are pressure sensor, temperature sensor, humidity sensor, seismic sensor, light sensor, chemical sensor and many more. WSN was initially developed for military and disaster rescue purposes but because the availability of ISM band (2.4 GHz), the technology are now emerging in public applications. The salient features in Wireless Sensor Network makes it different from other network (self-organize, low power, self configure, wireless, infrastructure-less). 2 Therefore, WSN design must encounter these features in order to provide a reliable network. One more thing to be considered is the fact that WSN are prone to failure and malicious user attack. This is because any device within the frequency range can get access to the data. So, we need a secure way to protect the network. Wireless communication only affects the physical, data link and network layers of the OSI layer. 1. Application 2. Presentation 3. Session Algorithm used 4. Transport AODV un-Slotted CSMA/CA 5. Network 6. Data Link Working at this layer 7. Physical Figure 1.1: Open System Interconnection Layer 1.2 Statement of the Problems Security attacks are consists of passive attacks and active attacks (William, 2003). When there is an observer who trying to obtain any information being transmitted, it is considered passive attack. Eavesdropping or monitoring of transmission is an example of passive attacks. When there is an attack to modify the data stream, it is considered an active attack such as denial of services. In order to achieve secure routing in WSN, the frequencies used need to be change within a short period of time. If there is any malicious node trying to send 3 information or retrieve information inside the WSN, the attempt can be prevent if the node can’t detect the frequencies that changes very quickly. Therefore, by using frequency hopping, we can prevent any intruder to reach the frequency. Thus, applying frequency hopping will secured the network. 1.3 Objectives There are many kinds of security mechanism exists. The most common mechanism is encryption techniques (William, 2003). The techniques require security keys in the algorithm which consume the memory storage space inside the device. So, in wireless sensor network which aims to use as minimal space as they can in order to save energy, frequency hopping techniques was chosen. In order to know the performance of the system, the throughput at destination was analyzed. Source and malicious node are sending the same amount of packets to the same destination. The throughput before the used of frequency hopping is examine first and then, the throughput after the used of frequency hopping is compared. After that, throughput from source and from malicious node is compared and the network performance can be seen. In short, the objectives of this project are: • To develop security in Wireless Sensor Network using frequency hopping method, • To analyze the throughput before and after the implementation of frequency hopping. 1.4 Scopes The simulation environment and testing parameter are based on Wireless Sensor Network according to IEEE 802.15.4 standard. 25 nodes are created in NS2 which runs on Linux Operating System. The nodes are assumed to be static and no hidden nodes between each other (all nodes within the signal range of the network). The security is base on frequency that hops randomly and the frequency is set during 4 routing at Network layer. The frequency hopping algorithm was programmed using C++ and inserted into AODV functions, while the WSN environment was programmed using TCL. Then, analysis of the trace files were done by using AWK programming. Simulations of the nodes are automatically demonstrated using NAM which has been set inside the TCL programming. 1.5 Importance of the Study Wireless Sensor Network is categorized in IEEE 802.15.4 task group which is in Low Rate Wireless Personal Area Network. The standard was just released in 2003 and the up grade version was released in 2006. Since this is a new research area, there are lots of arguments to be discussed and solved such as power consumption because the sensors depends on battery which only remains for a short period of time, topology because sensors can be static or mobile; and the topology is ever changing not only because of sensor mobility but also because of sleep-and-wake cycles of the sensors, bandwidth because usable bandwidth in WSN are limited compared to wired network, contribute by multi-path fading, noise and interference; and security because wireless is too vulnerable whether to insider user or outsider users attack. Therefore, one of topic of discussion (security) is chosen to be focused on this project. 1.6 Thesis Outline The thesis consists of five chapters which include Introduction; Reviews of System; The Flow Process of Project; Results, Analysis and Discussion and finally Conclusion and Proposed Future Works. Besides these, there are preliminary pages which help the reader to understand the whole thesis outline such as table of contents and the listing of table, figures, abbreviations and appendices. There are also additional pages (appendices) at the end after the list of reference. The appendices show project planning and programming code listings. 5 Chapter 1 describes Wireless Sensor Network in general and then follows by problem statements, the project’s objectives, the scopes which guide the project boundary, the importance of the study and finally the whole thesis outline. Chapter 2 elaborates the ideas from Chapter 1 in more details. This chapter was written based on various readings from IEEE website, journals, books and also the internet. All the references can be found at the list of References after the final chapter. Chapter 3 explains the process of the whole project from installing the operating system until testing procedure and testing process. Chapter 4 shows the results of simulation and testing in NS2 and NAM. There are animation captures in NAM and analysis results of the trace files. The final chapter, Chapter 5 summarized the work that has been done and two proposals of future works that can be developed to enrich the test bed environment. CHAPTER 2 REVIEWS OF SYSTEM 2.1 Wireless Sensor Network (WSN) Wireless Sensor Network (WSN) applications are suite with IEEE 802.15.4 standards. IEEE 802.15.4 standard is for low rate Wireless Personal Area Network (WPAN) and the standard was defines for wireless Medium Access Control layer and Physical layer. WSN characteristics which meet the standards are wireless medium, low power consumption, low cost and low data rate. Other WSN characteristics are large numbers of sensors, collaborative signal processing, easily deployed, selfconfigurable, and self-organize and infrastructure-less. Whereas, IEEE 802.15.4 (low rate Wireless Personal Area Network – LR WPAN) characteristics are data rates of 250 kb/s, 40 kb/s, and 20 kb/s, star or peer-to-peer operation, allocated 16 bit short or 64 bit extended addresses, allocation of guaranteed time slots (GTSs), carrier sense multiple access with collision avoidance (CSMA-CA) channel access, fully acknowledged protocol for transfer reliability, low power consumption, energy detection (ED), link quality indication (LQI) and 16 channels in the 2450 MHz band, 10 channels in the 915 MHz band, and 1 channel in the 868 MHz band. Refer to Table 2.1 below for comparison between each task group in IEEE 802.15. 7 Table 2.1: Comparison between Wireless Personal Area Networks (IEEE 802.15) It can be seen that LR-WPAN use the slowest data rate, far from the task group 3 and 4. The signal range is also in near distance and use battery to live. The number of devices can be thousands, a huge number compared to Bluetooth and HRWPAN. 2.1.1 Sensor WSN is a network with densely deployed sensor which can communicate with each other to carry a specific task given. It has no central controller and can randomly deploy in a specific area. So, what is a sensor? A sensor is a miniature device that has a micro-sensor technology, low power signal processing, low power computation and a short-range communications capability. Figure 2.1 shows a typical sensor diagram which consist of a short-range transceiver (around 3m-10m), limited memory storage (4-8 KB), low power sensor which hold a specific task (such as seismic sensor), an 8 bit slow embedded processor with frequency of 5 to 10 MHz and a multi-month life battery. There are many kinds of sensors such as pressure sensor, humidity sensor, thermal sensor, seismic sensor, level sensor, weight sensor and light sensor. Each of it will alert us with different data which suite its name. 8 1Kbps--10Kbs transmission range 3-10m Transceiver Transceiver Limited storage 4-8Kb Memory Memory Embedded Embedded Processor Slow processor 8bit, 5-10 MHz Processor Low-power special-purpose Sensor Battery Battery Nonrenewable Figure 2.1: A Typical Sensor Architecture [Olariu] Figure 2.2 show the pictures of the actual sensors available in the market. Notice the size of the sensors is very small as a size of a shilling but there are also various types of sensors with different sizes that meet its specific operation. Sensors are produce in a mass production with a huge number of outputs because with that amount it can reduce the total sensor cost. Figure 2.2: Actual Sensors 9 Figure 2.3 demonstrate a group of sensors sending information that has been requested by a laptop. A laptop requests a data from a sensor. The laptop sends request through the WSN and the message is pass from one sensor to another until it reach the destination. Then, the destination replies through its adjacent neighbors and the replies also pass through the WSN until it reached the laptop. The information was finally reach printer which acts as a sink. Sink Path of the query Path of the reply Figure 2.3: An Example of Communication in WSN 2.1.2 The Physical Layer Physical layer of Low Rate Wireless Personal Area Network consists of 27 channel altogether. The channels available are divided in three different bands: • 2.4 GHz ISM band (worldwide) • 915 MHz band (US) • 868 MHz band (Europe) There are 16 channels with data rates of 250 Kbps in 2.4 GHz band, 10 channels with data rates of 40 Kbps in 915 MHz band and 1 channel with data rates of 20 Kbps in 868 MHz band. The data rates are very low compared to other types of WPAN as seen in Table 2.1 (above). 10 868MHz/ 915MHz PHY Channel 0 868.3 2.4 GHz PHY Channels 1-10 2 902 928 5 Channels 11-26 2.4 2.4835 Figure 2.4: Channel Allocation in LR-WPAN 2.1.3 Data Transfer Model For un-slotted CSMA/CA, the algorithm use non-beacon mode for data transfer model. Below (Figure 2.4) is a model of data transfer, one is for data transfer from device to coordinator and the other one is for data transfer from coordinator to device. (a) (b) 11 Figure 2.5: (a) Data Transfer Model: from device to coordinator (b) Data Transfer Model: from coordinator to device. Data transfer model from device to coordinator, the device just transmit the data using un-slotted CSMA/CA. For data transfer model from coordinator to device, the device which requests the data will send MAC command request using un-slotted CSMA/CA. If the coordinator has the data, it will transmit it also using un-slotted CSMA/CA. 2.2 Security Attacks Security attacks are any action that exposes the security of information owned by a constitution. There are passive attacks and active attacks as classify in ITU-T Recommendation X.800. 2.2.1 Passive Attack Passive attacks are attempts to reach the owner data and make use of it without the owner realize it. It is hard to detect this kind of attack because it does not modify the data. So, the prevention of the attack is more useful rather than struggle for detection. The types of passive attacks are: 1. Release of message contents: Any information transferred through telephone conversation or electronic mail can be release to opponent which data may contains confidential information. 2. Traffic Analysis: Opponent can observe the frequency and length of data being transmitted and this information can be analyzed to get the nature of communication taking place. The attacker also may know the location of base stations, and the type of protocol being used in the transmission. 12 Eavesdropping is an example of passive attack. An attacker that monitors traffic can read the data transmitted and gather information by examining the source of a packet, its destination, size, number, and time of transmission. 2.2.2 Active Attack Actives attacks are involving alteration of information which may disastrous to the organization. Oppose to passive attack, active attack is more likely to be detected rather than to prevent. Furthermore, the detection has a preventive effect which may contribute to prevention as well. There are four types of active attacks: 1. Masquerade: Impersonation of an identity that pretends to be an authorized identity. 2. Replay: A passive capture of information to produce an unauthorized effect. 3. Modification of Message: The sequence of message has been jumble-up or the message has been delayed or even worst the meaning of message has been modified. 4. Denial of Service (DoS): DoS may disrupt the network and degrade its performance. This type of attack can be grouped into three categories: a. disabling of service (e.g., sinkhole, HELLO flood attack), b. exhaustion, and c. service degradation (e.g., selective forwarding attack) Man-in-the-middle is an example of active attack which establishes a rogue intermediary pretending to be a valid sensor. 13 2.3 Routing Algorithms Routing is a process of determining a path between source and destination upon request of data transmission. The routing protocols are divided into two categories; proactive protocols and reactive protocols [Liza]. Proactive protocols are protocols which updates its network routes from time to time. The data can be transmitted right away because the route is already known but one of the drawbacks is wasted energy because the device will continuously update the route even there is no demand. The examples of proactive protocols are Destination-Sequence Distance Vector (DSDV) routing and Wireless Routing Protocol (WRP). In contrast to proactive protocols, reactive protocols only compute its network route when there is a demand for it. The examples of reactive protocols are Ad hoc On-Demand Distance Vector (AODV), Dynamic Source Routing (DSR), Temporally Ordered Routing Algorithm (TORA) and Signal Stability-based Routing (SSR). This project chose AODV because it is a loop-free routes that can use even when there is broken link, less bandwidth usage because it does not periodically updates its route and it suite for a dynamic network like WSN. 2.3.1 Ad hoc On Demand Distance Vector Routing (AODV Routing) AODV routing is an algorithm use for finding a route for peer-to-peer connection between sensors. Basically, in AODV, sensors will send Route Request (RREQ) packet and receive Route Reply (RREP) packet to transmit and receive packets of data. Each sensor acts as router and routes are obtained only when needed. AODV will broadcast RREQ to all and whoever in the range of the frequency being transmitted and awake, they can receive the RREQ. Any sensor which meets the information in the RREQ will answer the RREQ with RREP. After the sender gets the RREP, it now has the peer-to-peer connection and ready to send. Refer to Figure 2.6 for the scenario. 14 Source Destination RREQ nodes RREP Tx (a) (b) Figure 2.6: Diagram of AODV. (a) RREQ and RREP timing diagram. (b) AODV broadcast to adjacent neighbors. AODV do not maintain any routing information but totally depends on needs to communicate with its neighborhood. There are several techniques for local connection between nodes neighborhood and one of it is through local broadcast known hello messages. The routing tables of the nodes were organized to optimize the response time of communication. AODV primary objectives are: 1. To broadcast discovery packets only when necessary, 2. To distinguish between local connectivity management (neighborhood detection) and general topology maintenance, 3. To disseminate information about changes in local connectivity to those neighboring mobiles nodes that are likely to need the information.[Charles] AODV is the simplest and widely used algorithm either for wired or wireless network. The advantages of bandwidth efficiency, loop-free routing and act as a reactive protocols makes it worth to apply within the network. 15 2.4 Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) CSMA/CA gives solution of hidden node problem in CSMA/CD which a node cannot detect another node which also wants to transmit packet resulting a collision. CSMA/CA protocol use four-way handshake. The node will listen (sense a voltage level) before transmit any packet. If it detects there is a signal, it’ll waits for a random period before listens to the network again. If no signal is detected, the node will send ready-to-send message (RTS) to all nodes. The RTS contains destination address and period of the transmission. The destination will reply with clear-to-send message (CTS) which denotes that the node can send message without collision. The destination/receiver will send acknowledgement for every packet it received. If ACK is not received, the packet is assumed lost or corrupted and will resend the packet until ACK is received. Source Destination RTS CTS Tx ACK Figure 2.7: Timing Diagram for CSMA/CA 2.4.1 Un-Slotted CSMA/CA This project uses un-Slotted CSMA/CA because the project does not cater for synchronization which need beacon for data transmission. Un-Slotted CSMA/CA is a 16 method of accessing channel before data can be transmits. The algorithm is explained in details in Chapter 3. This algorithm is working at Layer 2. The Un-slotted CSMA/CA is based on basic time unit called Backoff Period (BP). BP is equal to 0.32 ms which refer to aUnitBackoffPeriod (80 bits) [Anis and Y.C Tseng]. The Un-slotted CSMA/CA backoff algorithm is depends on two variables: 1. The BE enables the computation of the backoff delay, which is the time before performing CCAs. The backoff delay is a random variable between 0 and (2BE – 1). 2. The NB represents the number of times the un-slotted CSMA/CA algorithm was required to backoff while attempting to access the channel. This value is initialized to zero (NB = 0) before each new transmission attempt. First step of Un-slotted CSMA/CA is initializing NB=0 and BE=2 (depends on Battery Life Extension which is by default value is 3). Then, second step is counting down the random number of BPs which uniformly generated between 0 to (2BE – 1). Take note that the counting must start at the boundary of a BP. The third step is performing CCA at the boundary of the BP to access channel activity. Then, if the channel is idle, channel access is allowed. Therefore, un-slotted CSMA/CA will be performed to send the packet. If the channel is busy, the flow will go to fourth step. The fourth step will increment NB and BE. BE can’t exceed the setting maximum value. Incrementing the BE makes the probability of backoff delays becomes big. Then, if the NB exceeds the maximum number of allowed backoffs, the transmission is fail. If NB hasn’t reached the maximum value, it will repeat the second step. The un-slotted CSMA/CA will be activated each time transmission of a new packet. Refer to Figure 3.4 as description in flow chart: 17 Figure 2.8: Un-Slotted CSMA/CA Flow Chart 2.5 Frequency Hopping Frequency hopping is a method to make the channel difficult to be access by intruder. The frequency used within the environment/system will be hopped to different frequency/channel frequently. Therefore, it is hard for the intruder to track the data being transmitted. Details are explained in Chapter 3. 18 2.6 Fedora Core 6 Fedora Core is a free operating system base on Linux. The development of Fedora is sponsored by Red Hat and being developed by the open source community and the Red Hat engineers. Fedora Core 6 (FC6) is the latest release of the Fedora Project currently. Some primary features of FC6 are extensive performance improvements, support for Intelbased Macs and a new GUI virtualization manager. The variety of additional features that capture the user interest are introduction of a new theme, DejaVu default font which increases Fedora’s support for many languages that use Latin, Greek and Cyrillic alphabet, GNOME 2.16, KDE 3.5.4, The performance of the Fedora's default ext3 filesystem has been boosted in recent versions of the 2.6 Linux kernel. It has been argued that the most useful new feature in FC6 is the Fedora installer called Anaconda. Anaconda enable the user to specify third-party repositories and pull additional packages during installation time. Anaconda also support IPv6. FC6 applies 2.6.18 Linux kernel and it is now a single kernel (which detects either multi-processor or single-processor architecture) that can automatically detects the processor. 2.7 Network Simulator 2 (NS2) NS started as one variety of REAL network simulator projects in 1989 and was developed at University of California at Berkeley, USA with cooperation of several organizations. Now, it is a VINT project supported by DARPA. NS is not a finished tool that can manage all kinds of network model. It is actually still an ongoing effort of research and development. The users are responsible to verify that their network model simulation does not contain any bugs and the community should share their discovery with all. There is a manual called NS manual for user guidance. 19 NS is a discrete event network simulator where the timing of events is maintained by a scheduler and able to simulate various types of network such as LAN and WPAN according to the programming scripts written by the user. Besides that, it also implements variety of applications, protocols such as TCP and UDP, network elements such as signal strength, traffic models such as FTP and CBR, router queue management mechanisms such as Drop Tail and many more [Eitan, Jae Jung]. There are two languages used in NS-2; C++ and OTcl (an object oriented extension of Tcl). The compiled C++ programming hierarchy makes the simulation efficient and execution times faster. The OTcl script which written by the users the network models with their own specific topology, protocols and all requirements need. The form of output produce by the simulator also can be set using OTcl. The OTcl script is written which creating an event scheduler objects and network component object with network setup helping modules. The simulation results produce after running the scripts can be use either for simulation analysis or as an input to graphical software called Network Animation (NAM). Refer to Figure 2.9 for a simple user view of NS-2. Figure 2.9: Simplified User's View of NS 20 2.8 The Trace File The trace file is an ASCII code files and the trace is organized in 12 fields as in Figure 2.10 below. Event Time From To Pkt node node type Pkt size Flags Fid Src Dst Seq addrs addrs num Pkt id Figure 2.10: Fields of Trace File The first field is the event type and given by one of four available symbols r, +, - and d which correspond respectively to receive, enqueued, dequequed and dropped. The second field is telling the time which the event occurs. The third and fourth fields are the input and output node of the link at which the events takes place. The fifth is the packet type such as cbr or tcp. The sixth is the size of the packet and the next field is some kind of flags. The eighth field is the flow identity of IPv6 which can specify stream color of the NAM display and can be use for further analyze purposes. The ninth and tenth fields are the source and destination address in the form of “node.port”. The eleventh is the network layer protocol’s packet sequence number. NS keeps track of UDP packet sequence number for the analysis purposes. The twelfth which is the last field is the unique identity of the packet. 2.9 Summary The early part of the chapter describes about characteristic of WSN which suite IEEE 802.15.4 standard, overview of sensor with some description of its 21 implementation, the physical layer of LR-WPAN and the data transfer model of nonbeacon mode. Then, the types of security attacks were elaborates. Brief discussion regarding routing algorithm was describe and focus to AODV routing. Further elaborates the CSMA/CA algorithm. The latter part of the chapter discuss about the operating system platform (Linux Fedora Core 6) used and the simulation test bed (NS2). Finally, the trace file for analysis purpose was discussed. CHAPTER 3 THE FLOW PROCESS OF PROJECT 3.1 Introduction Wireless Sensor Network will definitely be a highly demand applications in the near future. It can be self-deploy anywhere one can imagine and in a short time, the network is already established. Other advantages includes the low cost production, small in size and its collaborative capabilities makes it easy for everyday life. WSN applications includes animal tracking, vehicle parking availability, in military purposes, cracks in building, humidity senses in humid-sensitive place and many more. WSN is a resource-constraint-type of network due to its low power consumption, minimal memory storage and low data rate. The system throughput is one of the issues to be discussed. Normally, everyone preferred the highest and fastest output as the system can support, and, if there is a way to prevent any intruder to get into the system, we must try as hard as we could to protect our network from any vulnerable situation. Frequency hopping is a solution to prevent any malicious node in WSN from entering into the system. Because of this, the performance of system throughput may experience a decreased. This chapter will discuss regarding the flow of the project from installation of the operating system until the description of trace files to determine the throughput performance. 23 3.2 Getting Started by Installing Fedora Core 6 Fedora Core 6 installation is now becomes easy with the help of Anaconda team. FC6 is a free operating system that can be installed in laptops, desktops and servers. The steps of installation can be easily understood even if one does not has any knowledge about Linux or computer networks before. The first thing to check is the computer architecture whether it is i386 systems, ppc system or x86_64 systems. The i386 systems consist of Intel x86-compatible processors, including Intel Pentium and Pentium-MMX, Pentium Pro, Pentium-II, Pentium-III, Celeron, Pentium 4, Xeon, Core Duo, and Centrino/Centrino Duo; VIA C3/C3-m and Eden/Eden-N; and AMD Athlon, AthlonXP, Duron, AthlonMP, Sempron, and Turion. While the ppc systems is a group of PowerPC processors, such as those found in Apple Power Macintosh, G3, G4, and G5, and IBM pSeries systems. The last one is x86_64 systems includes 64-bit AMD processors such as Athlon64/FX/X2, Turion64, Opteron; and Intel 64-bit processors such as EM64T. Make sure that the installation media is ready, the installation manual is on hand and the information of network configuration is known. The command line system needs at least 700 MB of storage while the desktop system requires 3 GB of storage capacity. It is recommended that the installation media is using a CD or DVD as it makes things easier. Five CDs are needed or only one DVD for storing the installation files. If everything is ready, just insert the media (eg. DVD) then, turn on the desktop. Just follow the instruction until the end of installation. 3.3 Getting Started by Installing NS-2 NS-2 is an event driven network simulator which can be implements in Linuxbased platform. This report will explain on how to install NS-2 in Fedora Core platform. The NS-2 files (recommended to download a piece of file which includes all the needed files called ns-allinone-2.xx) must be downloaded into any media storage, 24 most preferred is inside the computer itself where the NS-2 is going to be installed. It is not recommend to log in as a root because installation at root may interfere with any important Linux files. Log in FC6 as any users except root and store NS-2 in usr folder. Open the terminal and type the path of ns-2.30 (if you’re using NS-2 version 2.30). For example: > /usr/ns-allinone-2.30/ns-2.30 Then, type: >./install After the installation was done, there will be a message at the terminal to make a path environment setting in bash_profile. Follow the instruction by editing the bash_profile file. Then, type: >./validate It will take some time to validate the programs. After validation process was done, to check whether the NS-2 is successfully installed, type ‘ns’ (without apostrophe) at the command prompt. There will be ‘%’ sign appear at the command prompt. 3.4 Low Rate WPAN Function Modules The LR-WPAN function modules were developed by Jianliang Zheng and Myung J. Lee (2006) at The City University, New York. The work was done specially for a newly defined standard; IEEE 802.15.4. They had study and developed several features such as beacon enabled mode and non-beacon enabled mode, association, tree formation and network auto-configuration, orphaning and coordination relocation, CSMA/CA for both slotted and un-slotted and direct, indirect and GTS data transmissions (Jianliang, 2006). A brief description about the modules as in Figure 3.1 is: • Wireless Scenario Definition: It selects the routing protocol; defines the network topology; and schedules events such as initializations of PAN coordinator, 25 coordinators and devices, and starting (stopping) applications. It defines radiopropagation model, antenna model, interface queue, traffic pattern, link error model, link and node failures, super-frame structure in beacon enabled mode, radio transmission range, and animation configuration. • Service Specific Convergence Sub-layer (SSCS): This is the interface between 802.15.4 MAC and upper layers. It provides a way to access all the MAC primitives, but it can also serve as a wrapper of those primitives for convenient operations. It is an implementation specific module and its function should be tailored to the requirements of specific applications. • 802.15.4 PHY: It implements all 14 PHY primitives. • 802.15.4 MAC: This is the main module. It implements all the 35 MAC sub-layer primitives. Figure 3.1: LR-WPAN (IEEE 802.15.4) Function Modules This project is working on the routing layer by modifying the C++ files of AODV. The rest is not changed. 26 3.5 Frequency Hopping Frequency hopping is one of varies way to provide security in wireless data transmission. Say there are 20 frequencies are hopping in a limited time set earlier, if intruders get access to the channel and jammed the channel, it will only affect the particular channel only. There will be 19 channels still available for data transmission. If the number of frequency used are increase or/and time set of each frequency is random, the probability of intruder accessing the channels and jamming the frequency will be small. For this project, the time for each frequency is depends on a random function which will be explained later. Figure 3.2 shows a flow chart of additional coding add inside the AODV function modules that will forward the AODV message. The frequency holds by a packet was set according to the random number generated. Frequency Hoping Set the random number [0.0~1.0] Set the frequency either 0 or 1 according to the random number Transmit the packet as AODV message Figure 3.2: Frequency Hopping at Transmitting Side 27 Figure 3.3 shows a flow chart of additional coding add inside the AODV function modules that will received the AODV message. Frequency Hoping Set the random number [0.0~1.0] Set the frequency either 0 or 1 according to the random number no Freq same with packet’s freq? yes Drop the packet Accept the packet Figure 3.3: Frequency Hopping at Receiving Side 3.6 Random Number Generator Almost all module functions depends on the basic function random(), which generates a random float uniformly in the semi-open range [0.0, 1.0). Python uses the Mersenne Twister as the core generator. It produces 53-bit precision floats and has a period of 219937-1. The underlying implementation in C is both fast and thread-safe. The Mersenne Twister is one of the most extensively tested random number generators in existence developed by M. Matsumoto and T. Nishimura. However, being completely deterministic, it is not suitable for all purposes, and especially in cryptographic purposes. 28 A brief description of random() function is given below: random(): return the next random floating point number in the range of [0.0, 1.0). This uniform pseudo-random number generator was implemented in portable C-code. It passed several stringent statistical tests, including diehard and its speed is comparable to other modern generators. Its merits are due to the efficient algorithms that are unique to polynomial calculations. 3.7 Coding This subtopic will explain some coding involves in C++ files in NS-2. After each change, ‘make clean’ and ‘make’ command must be run at the terminal under ns2.30 folder to compile the codes, so that the changes will take action. But before the discussion of modifying the codes, the packet format of NS-2 must be understood because the changes made was in the common header which is one of the field in the packet header. 3.7.1 Packet Format Packet format consist of headers and data. There are many types of header available such as common header, IP header, TCP header, RTP header and Trace header. One can add their own header too by creating a new header in ns~/common/packet.h file in NS2. The type of header used in this project is common header. Common header has many fields such as uid, ptype, size and ts_. Refer to Figure 3.4 for the diagram of Packet Format. 29 Figure 3.4: Packet Format 3.7.2 Common header As mentioned before, common header is one type of header in NS packet format. The common header declaration can be found in ns-~/common/packet.h. Refer to Figure 3.5 for details of the common header’s fields which are declared in packet.h file. struct hdr_cmn { enum dir_t { DOWN= -1, NONE= 0, UP= 1 }; packet_t ptype_; int size_; int uid_; int error_; int errbitcnt_; int fecsize_; double ts_; int iface_; Figure 3.5: Common Header Declaration Field errbitcnt was chosen to be used to set the frequency since the field was not in used. See Figure 3.6 and 3.7 explained later for the usage of errbitcnt. 30 3.7.3 Changes in AODV AODV files located in ns-~/aodv/ folder. The file which has been changed is aodv.cc. The functions/ methods involves are AODV::forward() and AODV::recvAODV().AODV::forward() is a function used to forward AODV packet while AODV::recvAODV() is a function used to receive any AODV packet. 3.7.3.1 AODV::forward() Upon transmitting a packet, AODV::forward() function will set the frequency either ‘0’ or ‘1’. Variable x which has double data type will hold the pseudo-random number generated. Since, the errbitcnt has a data type of integer; the random value is modified to be an integer. If the random value is more than 0.5, the frequency will be set to 1; and if the random value is less than 0.5, the frequency will be set to 0. Refer to Figure 3.6 for the code addition in aodv.cc. void AODV::forward(aodv_rt_entry *rt, Packet *p, double delay) { struct hdr_cmn *ch = HDR_CMN(p); struct hdr_ip *ih = HDR_IP(p); // add this: double x; //create a variable x = Random::uniform(); //set random value //set ‘frequency’ if(x>=0.5) {ch->errbitcnt()=1;} else ch->errbitcnt() = 0; //until here. Figure 3.6: Additional Code in Function AODV::forward() 31 3.7.3.2 AODV::recvAODV() Upon receiving a packet, AODV::recvAODV() function will check the incoming frequency whether it is ‘0’ or ‘1’. If the frequency is not the same as its current frequency, then, the packet will be drop. If the frequency is the same as its current frequency, the packet will be accepted. Variable y (double data type) was declared to hold the pseudo-random number. Variable freq also declared to hold the modified value (integer data type) of y. Then, y will be compared to errbitcnt value which has been set before when the packet is transmitted. Refer to Figure 3.7 for the code addition in aodv.cc. void AODV::recvAODV(Packet *p) { struct hdr_aodv *ah = HDR_AODV(p); struct hdr_cmn *ch = HDR_CMN(p); assert(HDR_IP (p)->sport() == RT_PORT); assert(HDR_IP (p)->dport() == RT_PORT); //add this: double y; int freq; //set the ‘frequency’ y = Random::uniform(); if(y>=0.5) {freq=1;} else {freq=0;} //code to check if the freq is same or not if(ch->errbitcnt()!=freq) { drop(p); return; } else //until here. Figure 3.7: Additional Code in AODV::recvAODV() 32 3.8 Network Parameter Configuration The simplest and usually the first thing to setup a network is creating a node. A network is build up from its layers components such as Link layer, MAC layer and PHY layer. The components have to be defined before a node can be configured. See Table 3.1 for an example of network parameter definition: Table 3.1: Network Parameter Definition Parameter Suggested Value Description set val (chan) Channel/Wireless Channel Channel type set val (prop) Propagation/TwoRayGround Radio propagation model set val (netif) Phy/WirelessPhy/802_15_4 Network interface set val (mac) Mac/802_15_4 IEEE standard set val (ifq) Queue/DropTail/PriQueue Interface queue type set val (ll) LL Link layer type set val (ant) Antenna/OmniAntenna Antenna model set val (ifqlen) 50 Maximum packet in IFQ set val (nn) 25 Number of nodes set val (rp) AODV Routing protocol set val (x) 50 Setup topography object set val (y) 50 Setup topography object set val (stop) 200.0 Simulation time set val (traffic) cbr Traffic type We must also define and configure the node API before creating a node. The node API configuration is as follows: $ns node-config -adhocRouting $val(rp) \ -llType $val(ll) \ -macType $val(mac) \ -ifqType $val(ifq) \ -ifqLen $val(ifqlen) \ -antType $val(ant) \ -propType $val(prop) \ -phyType $val(netif) \ 33 -topoInstance $topo \ -agentTrace ON \ -routerTrace ON \ -macTrace OFF \ -movementTrace OFF \ -channel $chan_1_ \ There are other options of configuration that can be found in tcl/lib/ns-lin.tcl inside NS-2. Refer to Table 3.2 for the available options. Table 3.2: Available Options for Node Configuration Option Available Values Default general addressType flat, hierarchical Flat MPLS ON, OFF OFF both satellite- and wireless-oriented wiredRouting ON, OFF "" llType LL, LL/Sat "" macType Mac/802_11, Mac/Csma/Ca, Mac/Sat, Mac/Sat/UnslottedAloha, "" Mac/Tdma ifqType Queue/DropTail, "" Queue/DropTail/PriQueue phyType Phy/WirelessPhy, Phy/Sat "" wireless-oriented adhocRouting DIFFUSION/RATE, "" DIFFUSION/PROB, DSDV, DSR, FLOODING, OMNIMCAST, AODV, TORA propType Propagation/TwoRayGround, "" Propagation/Shadowing propInstance Propagation/TwoRayGround, "" Propagation/Shadowing antType Antenna/OmniAntenna "" channel Channel/WirelessChannel, "" 34 Channel/Sat topoInstance <topology file> "" mobileIP ON, OFF OFF energyModel EnergyModel "" initialEnergy <values in Joules> "" rxPower <values in W> "" txPower <values in W> "" idlePower <values in W> "" agentTrace ON, OFF OFF routerTrace ON, OFF OFF macTrace ON, OFF OFF movementTrace ON, OFF OFF errProc UniformErrorProc "" FECProc ? ? toraDebug ON, OFF OFF satellite-oriented satNodeType Polar, geo, terminal, geo- "" repeater downlinkBW <bandwidth value, e.g. "" “2Mb”> 3.9 Analysis of Trace File Results of simulation are stored into trace file (*.tr). AWK programming was used to analyze the trace file. Examples of lines in trace file as follow: s 0.100000000 _20_ AGT --- 0 cbr 70 [0 0 0 0] ------- [20:0 4:0 32 0] [0] 0 0 r 0.100000000 _20_ RTR 0] [0] 0 0 --- 0 cbr 70 [0 0 0 0] ------- [20:0 4:0 32 35 There are two AWK programming used in this project, Myawk2.awk and Myawk4.awk. Myawk2.awk will count total number of data packet transmitted by source and received by destination. Then, it will calculate and print the throughput at the screen. Myawk4.awk will count total number of data packet transmitted by source and malicious node; and total number of data packet received by destination from source and from malicious node separately. The number of packets being transmitted and received will be printed on screen. Then, it will calculate and print the throughput from each sender at the screen. Result on screen as presented in Chapter 4. Listings of AWK programming can be found at Appendix D & E. The AWK programming is run in the terminal command prompt. The command to run the AWK programming is: >awk –f myawk2.awk sw8.tr The file named myawk2.awk is the AWK programming file, while the file named sw8.tr is the trace file to be analyze or input to myawk2.awk. 3.10 Summary This chapter has discussed the whole process of the project from the installing of the operating system (Fedora Core 6) until the analysis of the trace file. The earlier subtopics was discussing in brief on how to install Fedora Core 6 which is a platform of this project. Then, the chapter continues with a short and simple explanation of NS2 installation. LR-WPAN functions modules was explained to show an idea of which layer the project was done. After that, the frequency hopping flow chart was described and continues with the coding elaboration. The network parameter was explained and also some API network configuration. Finally, the trace file analysis was discussed. CHAPTER 4 RESULTS, ANALYSIS AND DISCUSSION This chapter shows animation captures in NAM, explains analysis of result of trace files (*.tr) by AWK programming with some charts. The scripts of the network animation was saved in *.nam. and run by a software called NAM. . 4.1 Animation Capture of WSN NAM is a build-in program inside NS2. The simulation of nodes in WSN can be seen through the animation played by NAM. Once the TCL programming was running without error, it will invokes or execute the animation (provided it has been set inside the TCL programming) of the WSN. Figure 4.1 and 4.2 are animation capture of WSN without malicious node. Figure 4.1 is a scenario where the source (node 20) is broadcasting RREQ message to all its neighbors. Node 4 is the destination node (red circle). The nodes with the same frequency will receive the message and forward it to its neighbor, while the nodes with different frequency will drop the packet. Figure 4.2 is a scenario where a packet is on transmission from the source (node 20) to the destination (node 4). The red dot is a packet of data. 37 source RREQ message broadcast is from the source destination Figure 4.1: Network Animation of Broadcasting AODV message source A packet is on transmission to the destination destination Figure 4.2: Network Animation of Data Transmission 38 Figure 4.3 and 4.4 are animation capture of WSN with malicious node (node 25). Figure 4.3 shows the malicious node trying to get into the WSN. source RREQ message from malicious node A packet from the source destination Figure 4.3: Network Animation of Malicious Node Trying to Get Into the WSN Figure 4.4 is showing an attack from the malicious node. Red dots are packets from source while a black dot is a packet from malicious node. source An attack from malicious node destination Figure 4.4: Network Animation of Attack from Malicious Node (Black Dot) 39 4.2 Analysis of Trace Files Figure 4.5, 4.6, 4.7 and 4.8 are showing results when trace files (*.tr) have been processed by AWK programming (myawk2.awk & myawk4.awk). The *.awk files explanation can be found in Chapter 3. 4.2.1 WSN without Malicious Node When frequency hopping is not applied, the throughput is 100% as shown in Figure 4.5. The high throughput is expected because all nodes are using the same frequency. Thus, each node is reachable between one and another. Figure 4.5: Throughput before Frequency Hopping is Applied When two frequencies being hopped with different period of simulation time, we can see varies of throughput percentage. Refer to Figure 4.6 as appear on the screen when analysis is done and Figure 4.7 which presented in graph. The throughput is increased when period of simulation becomes longer. When simulation time is 200s, the throughput is 0.8% but increased and stabilized at 1600s. The stabilized throughput is 85%. Therefore, time of simulation is set to 1600s when malicious node is added. 40 Figure 4.6: Throughput of Simulation versus Different Period of Time Throughput over Time when Frequency Hopping is Applied 90 80 Troughput (%) 70 60 50 40 30 20 10 0 200 400 800 1600 3200 6400 Time (s) Figure 4.7: Throughput versus Time when Two Frequencies being Hopped 41 4.2.2 WSN with Malicious Node Figure 4.8 shows results of sw8b1600’s trace file. This file is result of simulation with malicious node attack and two frequencies being hopped. Total packets are 8000 packets each, sending from source and malicious node. Destination receives 7265 packets from source which gives 91% of throughput and 6405 packets from malicious node which gives 80% of throughput. Figure 4.8: Throughput when Frequency Hopping is Applied (Two Frequency) The number of frequency being hopped is added to four frequencies. The result can be seen in Figure 4.9. Total packets are 8000 packets each (same as two frequencies hopped), sending from source and malicious node. Destination receives 6593 packets from source which gives 82% of throughput and 2149 packets from malicious node which gives 27% of throughput. 42 Figure 4.9: Throughput when Frequency Hopping is Applied (Four Frequency) Analysis was done by comparing results of throughput between two frequencies and four frequencies. Refer to Figure 4.10 as shown on next page. The blue bar is from source and the orange bar is from malicious node. When using two frequencies, throughput from source is 91% while from malicious node is 80%. But when four frequencies are used, throughput from malicious node decreased rapidly to 27%. Even though throughput from source also decreased to 82% but the amount is small compared to throughput from malicious node. Therefore, WSN’s security is improved. Throughput at Destination (Node 4) 100 Throughput 80 60 from source (node 20) 40 from malicious node (node 25) 20 0 1 2 frequency 2 and 4 frequency Figure 4.10: Comparison of Throughput between Two Frequency Hopping and Four Frequency Hopping. CHAPTER 5 CONCLUSION AND PROPOSED FUTURE WORKS This chapter will conclude all and recommend two future works that can be further investigate. First recommendation is on types of mode setting in MAC layer and the latter recommendation is on network model itself. 4.1 The Conclusion The project focus is on provisioning security in AODV based WSN using frequency hopping. The frequency hopping algorithm was added in AODV routing algorithm. Initially, two frequencies are used. The throughput at the destination node was analyzed before and after the implementation of frequency hopping to compare the network performance. Without frequency hopping the WSN network is open to malicious attack, thus allowing high throughput. Then, the network was tested with the existence of a malicious node. The purpose of the testing is to analyze network performance (after security is applied using frequency hopping) in terms of throughput at the destination during attack. The throughput from source and from malicious node is compared. With frequency hopping, the security of the WSN against malicious attack is achieved at the expand of less throughput. 44 4.2 Proposed Future Works For future research, one can add synchronization of frequency hopping with beacon enabled mode using slotted CSMA/CA. PAN Coordinator are using beacon to synchronize data transmission of all coordinators and devices. Coordinators awaits beacon signal from PAN coordinator and devices awaits the signal from coordinator. Refer to Figure 5.1 for the idea of suggestion [J. Zheng]. Figure 5.1: WPAN with PAN Coordinator, Coordinator and Devices. Another suggestion is to add multiple interfaces support for IEEE 802.15.4 standard in NS2. This support is already available for IEEE 802.11 standard. Multiple interfaces can enable a node to have more than one channel at the same time. Thus, frequency hopping can be applied at the Physical layer itself. Refer to Figure 5.2 regarding the idea [Ramon Aguero Calvo]. 45 Figure 5.2: Multiple Interfaces Support 46 REFERENCES Abbas Jamlipour (2003). The Wireless Mobile Internet – Architectures, Protocols & Services: Wiley & Sons. 187. Anis Koubaa, Mario ALVES, Bilel NEFZI, Ye-Qiong SONG. Improving the IEEE 802.15.4 Slotted CSMA/CA MAC for Time-Critical Events in Wireless Sensor Network. Anis Koubaa, Mario ALVES, Eduardo TOVAR. A Comprehensive Simulation Study of Slotted CSMA/CA for IEEE 802.15.4 Wireless Sensor Network. Awk. http://www.grymoire.com/Unix/Awk.html Charles E.Perkins. Ad-hoc On-Demand Distance Vector Routing. Eitan Altman and Tania Jimenez (2003). Ns Simulator for Beginners. Elizabeth M. Royer, Charles E.Perkins. An Implementation of the AODV Routing Protocols. Fedora website. http://docs.fedoraproject.org/install-guide/fc6/en/ Feng Zhao, Leonidas Guibas (2004). Wireless Sensor Networks- An Information Processing Approach.: Morgan Kaufman Publishers. Holger Karl, Andreas Willig (2005). Protocols and Architectures for Wireless Sensor Network: John Wiley & Sons Ltd. IEEE 802.15.4 WPAN-LR Task http://www.ieee802.org/15/pub/TG4.html Group Website: Jae Jung, Mark Claypool. NS by Example. http://nile.wpi.edu/NS/packet.html Jose A’ Gutirez et al. IEEE 802.15.4: A Developing for Low Rate Wireless Personal Area Network. J. Zheng and Myung J. Lee (2006). A comprehensive performance study of IEEE 802.15.4 – Sensor Network Operations: Wiley Interscience. IEEE Press Chapter 4. 218-237. 47 Kevin Fall, Kannan Varadhan, and the VINT project. The ns manual. Laurent Parqueque (2006). A Module Based Wireless Node for NS2. Liza Abdul Latif, Norsheila Fisal. Routing Protocols in Wireless Mobile Ad Hoc Network – A Review. Marc Greis. Ns Tutorial. http://www.isi.edu/nsnam/ns/tutorial/index.html M. Matsumoto and T. Nishimura. Mersenne Twister: A 623-dimensionally equidistributed uniform pseudorandom number generator. ACM Transactions on Modeling and Computer Simulation Vol. 8, No. 1, January pp.3-30 1998. Prof. Stephen Olariu (2006). Sensor Networks – A Short Course. Old Dominion University Ramon Aguero Calvo (2007). Adding Multiple Interface Support in NS-2. S. McCanne and S. Floyd. Network Simulator. http://www.isi.edu/nsnam/ns/ Soo-Hwan Choi et.al. An Implementation of Wireless Sensor Network for Security using Bluetooth. TCL Tutorial. http://www.tcl.tk/man/tcl8.5/tutorial/tcltutorial.html William Stallings (2003). 3rd Ed. Cryptography and Network Security – Principles and Practices. Pearson Education Inc. New Jersey. Y.C. Tseng. Overview of ZigBee/802.15.4 48 APPENDIX A Planning & Execution 49 50 APPENDIX B TCL Programming – sw8.tcl # # sw.tcl # Projek Sarjana Kejuruteraan Elektrik (Elektronik & Telekomunikasi) # Sesi 2006/2007/2 # Raja Zahilah Raja Mohd. Radzi (ME051219) # # 2 freq hop # ===================================================================== = # Define options # ===================================================================== = global val set val(chan) Channel/WirelessChannel ;#Channel Type set val(prop) Propagation/TwoRayGround ;# radiopropagation model set val(netif) Phy/WirelessPhy/802_15_4 ;# network interface type set val(mac) Mac/802_15_4 ;# MAC type set val(ifq) Queue/DropTail/PriQueue ;# interface queue type set val(ll) LL ;# link layer type set val(ant) Antenna/OmniAntenna ;# antenna model set val(ifqlen) 50 ;# max packet in ifq set val(nn) 25 ;# number of nodes set val(rp) AODV ;# routing protocol set val(x) 50 ;# X dimension of topography set val(y) 50 ;# Y dimension of topography set val(Time1) 0.0 ;# in seconds set val(Time2) 0.3 ;# in seconds set val(Time3) 0.7 ;# in seconds set val(stop) 200.0 ;# stop time set val(traffic) cbr ;# udp/cbr # ===================================================================== = # Main Program 51 ===================================================================== = # Main Program # ===================================================================== = # # Initialize Global Variables # # Create simulator object set ns [new Simulator] # Open writing file for trace data set tf0 [open sw8.tr w] $ns trace-all $tf0 # Open writing file for nam data set nf [open sw8.nam w] $ns namtrace-all-wireless $nf $val(x) $val(y) $ns puts-nam-traceall {# nam4wpan #} ;# inform nam that this is a trace file for wpan (special handling needed) Mac/802_15_4 wpanNam namStatus on ;# default = off (should be turned on before other 'wpanNam' commands can work) # Create a topology boundary set topo [new Topography] # Define area of topology: x=50m,y=50m $topo load_flatgrid $val(x) $val(y) # Create object god create-god $val(nn) set chan_1_ [new $val(chan)] # Configure node $ns node-config -adhocRouting $val(rp) \ -llType $val(ll) \ -macType $val(mac) \ -ifqType $val(ifq) \ -ifqLen $val(ifqlen) \ -antType $val(ant) \ -propType $val(prop) \ -phyType $val(netif) \ -topoInstance $topo \ -agentTrace ON \ -routerTrace ON \ -macTrace OFF \ -movementTrace OFF \ -channel $chan_1_ \ 52 for {set i 0} {$i < $val(nn) } {incr i} { set node_($i) [$ns node] $node_($i) random-motion 0 ;# disable random motion } # Configure node position - assume static node set k 5 for {set j 0} {$j < 5} {incr j} { $node_($j) set X_ $k $node_($j) set Y_ 5.0 $node_($j) set Z_ 0.0 incr k 10 } set l 5 for {set j 5} {$j < 10} {incr j} { $node_($j) set X_ $l $node_($j) set Y_ 15.0 $node_($j) set Z_ 0.0 incr l 10 } set m 5 for {set j 10} {$j < 15} {incr j} { $node_($j) set X_ $m $node_($j) set Y_ 25.0 $node_($j) set Z_ 0.0 incr m 10 } set n 5 for {set j 15} {$j < 20} {incr j} { $node_($j) set X_ $n $node_($j) set Y_ 35.0 $node_($j) set Z_ 0.0 incr n 10 } set o 5 for {set j 20} {$j < $val(nn)} {incr j} { $node_($j) set X_ $o $node_($j) set Y_ 45.0 $node_($j) set Z_ 0.0 incr o 10 } for {set i 0} {$i < $val(nn) } {incr i} { $ns initial_node_pos $node_($i) 3 } #Setup a CBR over UDP connection proc cbrtraffic {src dst interval starttime} { global ns node_ set udp($src) [new Agent/UDP] eval $ns attach-agent \$node_($src) \$udp($src) set null($dst) [new Agent/Null] eval $ns attach-agent \$node_($dst) \$null($dst) set cbr($src) [new Application/Traffic/CBR] eval \$cbr($src) set packetSize_ 70 53 eval \$cbr($src) set interval_ $interval eval \$cbr($src) set random_ 0 #eval \$cbr($src) ser rate_ 250kb eval \$cbr($src) attach-agent \$udp($src) eval $ns connect \$udp($src) \$null($dst) $ns at $starttime "$cbr($src) start" } if { ("$val(traffic)" == "cbr")} { puts "\nTraffic: $val(traffic)" puts [format "Acknowledgement for data: %s" [Mac/802_15_4 wpanCmd ack4data]] set lowSpeed 0.5ms set highSpeed 1.5ms Mac/802_15_4 wpanNam PlaybackRate $lowSpeed $ns at [expr $val(Time1)+0.1] "Mac/802_15_4 wpanNam PlaybackRate $highSpeed" $ns at $val(Time2) "Mac/802_15_4 wpanNam PlaybackRate $lowSpeed" $ns at [expr $val(Time2)+0.1] "Mac/802_15_4 wpanNam PlaybackRate $highSpeed" $ns at $val(Time3) "Mac/802_15_4 wpanNam PlaybackRate $lowSpeed" $ns at [expr $val(Time3)+0.1] "Mac/802_15_4 wpanNam PlaybackRate $highSpeed" eval $val(traffic)traffic 20 4 0.2 0.1 Mac/802_15_4 wpanNam FlowClr -p AODV -c tomato Mac/802_15_4 wpanNam FlowClr -p ARP -c green if { "$val(traffic)" == "cbr" } { set pktType cbr } else { set pktType exp } Mac/802_15_4 wpanNam FlowClr -p $pktType -s 20 -d 4 -c red $ns at 0.1 "$node_(20) NodeClr red" $ns at 0.1 "$node_(4) NodeClr red" $ns at 0.1 "$ns trace-annotate \"(at 0.1) $val(traffic) traffic from node 20 to node 4\"" } for {set i 0} {$i < $val(nn)} {incr i} { $ns at $val(stop) "$node_($i) reset"; } $ns at $val(stop) "finish" $ns at $val(stop) "puts \"NS Exiting...\"; $ns halt" proc finish {} { global ns tf0 nf $ns flush-trace close $tf0 close $nf exec nam sw8.nam & exit 0 } # Start simulation puts "Start Simulation..." $ns run 54 APPENDIX C TCL Programming: malicious node – sw8b1600.tcl # # sw.tcl # Projek Sarjana Kejuruteraan Elektrik (Elektronik & Telekomunikasi) # Sesi 2006/2007/2 # Raja Zahilah Raja Mohd. Radzi (ME051219) # # 2 freq hop # ===================================================================== = # Define options # ===================================================================== = global val set val(chan) Channel/WirelessChannel ;#Channel Type set val(prop) Propagation/TwoRayGround ;# radiopropagation model set val(netif) Phy/WirelessPhy/802_15_4 ;# network interface type set val(mac) Mac/802_15_4 ;# MAC type set val(ifq) Queue/DropTail/PriQueue ;# interface queue type set val(ll) LL ;# link layer type set val(ant) Antenna/OmniAntenna ;# antenna model set val(ifqlen) 50 ;# max packet in ifq set val(nn) 25 ;# number of nodes set val(rp) AODV ;# routing protocol set val(x) 50 ;# X dimension of topography set val(y) 50 ;# Y dimension of topography set val(Time1) 0.0 ;# in seconds set val(Time2) 0.3 ;# in seconds set val(Time3) 0.7 ;# in seconds set val(stop) 1600.0 ;# stop time set val(traffic) cbr ;# udp/cbr # ===================================================================== = # Main Program #==================================================================== = 55 # # Initialize Global Variables # # Create simulator object set ns [new Simulator] # Open writing file for trace data set tf0 [open sw8.tr w] $ns trace-all $tf0 # Open writing file for nam data set nf [open sw8.nam w] $ns namtrace-all-wireless $nf $val(x) $val(y) $ns puts-nam-traceall {# nam4wpan #} ;# inform nam that this is a trace file for wpan (special handling needed) Mac/802_15_4 wpanNam namStatus on ;# default = off (should be turned on before other 'wpanNam' commands can work) # Create a topology boundary set topo [new Topography] # Define area of topology: x=50m,y=50m $topo load_flatgrid $val(x) $val(y) # Create object god create-god $val(nn) set chan_1_ [new $val(chan)] # Configure node $ns node-config -adhocRouting $val(rp) \ -llType $val(ll) \ -macType $val(mac) \ -ifqType $val(ifq) \ -ifqLen $val(ifqlen) \ -antType $val(ant) \ -propType $val(prop) \ -phyType $val(netif) \ -topoInstance $topo \ -agentTrace ON \ -routerTrace ON \ -macTrace OFF \ -movementTrace OFF \ -channel $chan_1_ \ for {set i 0} {$i < $val(nn) } {incr i} { set node_($i) [$ns node] $node_($i) random-motion 0 ;# disable random motion } 56 # Create malicious node set node_(25) [$ns node] $ns at 0.0 "$node_(25) NodeLabel \"malicious node\"" $ns at 0.0 "$node_(25) NodeClr red" $ns at 0.0 "$node_(25) add-mark m1 blue circle" $node_(25) random-motion 0 ;# disable random motion $node_(25) set X_ -10.0 $node_(25) set Y_ 25.0 $node_(25) set Z_ 0.0 $ns initial_node_pos $node_(25) 3 $ns at $val(stop) "$node_(25) reset"; # Configure node position - assume static node set k 5 for {set j 0} {$j < 5} {incr j} { $node_($j) set X_ $k $node_($j) set Y_ 5.0 $node_($j) set Z_ 0.0 incr k 10 } set l 5 for {set j 5} {$j < 10} {incr j} { $node_($j) set X_ $l $node_($j) set Y_ 15.0 $node_($j) set Z_ 0.0 incr l 10 } set m 5 for {set j 10} {$j < 15} {incr j} { $node_($j) set X_ $m $node_($j) set Y_ 25.0 $node_($j) set Z_ 0.0 incr m 10 } set n 5 for {set j 15} {$j < 20} {incr j} { $node_($j) set X_ $n $node_($j) set Y_ 35.0 $node_($j) set Z_ 0.0 incr n 10 } set o 5 for {set j 20} {$j < $val(nn)} {incr j} { $node_($j) set X_ $o $node_($j) set Y_ 45.0 $node_($j) set Z_ 0.0 incr o 10 } for {set i 0} {$i < $val(nn) } {incr i} { $ns initial_node_pos $node_($i) 3 } 57 #Setup a CBR over UDP connection proc cbrtraffic {src dst interval starttime} { global ns node_ set udp($src) [new Agent/UDP] eval $ns attach-agent \$node_($src) \$udp($src) set null($dst) [new Agent/Null] eval $ns attach-agent \$node_($dst) \$null($dst) set cbr($src) [new Application/Traffic/CBR] eval \$cbr($src) set packetSize_ 70 eval \$cbr($src) set interval_ $interval eval \$cbr($src) set random_ 0 #eval \$cbr($src) ser rate_ 250kb eval \$cbr($src) attach-agent \$udp($src) eval $ns connect \$udp($src) \$null($dst) $ns at $starttime "$cbr($src) start" } if { ("$val(traffic)" == "cbr")} { puts "\nTraffic: $val(traffic)" puts [format "Acknowledgement for data: %s" [Mac/802_15_4 wpanCmd ack4data]] set lowSpeed 0.5ms set highSpeed 1.5ms Mac/802_15_4 wpanNam PlaybackRate $lowSpeed $ns at [expr $val(Time1)+0.1] "Mac/802_15_4 wpanNam PlaybackRate $highSpeed" $ns at $val(Time2) "Mac/802_15_4 wpanNam PlaybackRate $lowSpeed" $ns at [expr $val(Time2)+0.1] "Mac/802_15_4 wpanNam PlaybackRate $highSpeed" $ns at $val(Time3) "Mac/802_15_4 wpanNam PlaybackRate $lowSpeed" $ns at [expr $val(Time3)+0.1] "Mac/802_15_4 wpanNam PlaybackRate $highSpeed" eval $val(traffic)traffic 20 4 0.2 0.1 Mac/802_15_4 wpanNam FlowClr -p AODV -c tomato Mac/802_15_4 wpanNam FlowClr -p ARP -c green if { "$val(traffic)" == "cbr" } { set pktType cbr } else { set pktType exp } Mac/802_15_4 wpanNam FlowClr -p $pktType -s 20 -d 4 -c red $ns at 0.1 "$node_(20) NodeClr red" $ns at 0.1 "$node_(4) NodeClr red" $ns at 0.1 "$ns trace-annotate \"(at 0.1) $val(traffic) traffic from node 20 to node 4\"" } for {set i 0} {$i < $val(nn)} {incr i} { $ns at $val(stop) "$node_($i) reset"; } $ns at $val(stop) "finish" $ns at $val(stop) "puts \"NS Exiting...\"; $ns halt" 58 proc finish {} { global ns tf0 nf $ns flush-trace close $tf0 close $nf exec nam sw8.nam & exit 0 } # Start simulation puts "Start Simulation..." $ns run 59 APPENDIX D AWK Programming – Myawk2.awk BEGIN { count_s count_r = { if ($1 == if ($1 == } = 0 0 } "s" && $4== "AGT") count_s++ "r" && $4 == "AGT") count_r++ END { print count_r/count_s*100, "%" } 60 APPENDIX E AWK Programming – Myawk4.awk BEGIN { count_s20 = 0 count_s25 = 0 count_r20 = 0 count_r25 = 0 } { if ($3 == "_20_") { if ($1 == "s" && $4== "AGT") count_s20++ } if ($3 == "_25_") { if ($1 == "s" && $4== "AGT") count_s25++ } if ($3 == "_4_" && $14 == "[20:0") { if ($1 == "r" && $4 == "AGT") count_r20++ } if ($3 == "_4_" && $14 == "[25:0") { if ($1 == "r" && $4 == "AGT") count_r25++ } } END { print print print print print print print print } "Receiving at Node 4:" "from Node 20 =",count_r20 "from Node 25 (malicious) =",count_r25 "Sending from:" "Node 20 =",count_s20 "Node 25 =",count_s25 "20:4->", count_r20/count_s20*100,"%" "25:4->", count_r25/count_s25*100,"%"
© Copyright 2024 Paperzz