SECURE ROUTING USING FREQUENCY HOPPING
IN WIRELESS SENSOR NETWORK
RAJA ZAHILAH BINTI RAJA MOHD. RADZI
A project report submitted in partial fulfillment of the
requirements for the award of the degree of
Master of Engineering (Electrical – Electronics & Telecommunications)
Faculty of Electrical Engineering
Universiti Teknologi Malaysia
MAY 2007
iii
For Mak and Ayah.
For Anata and our little Princesses.
iv
ACKNOWLEDGEMENT
In preparing this master project, I was in contact with many people, researchers,
and academicians. They have contributed towards my understanding and thoughts. In
particular, I wish to express my sincere appreciation to my thesis supervisor, Professor
Dr. Hjh. Norsheila Fisal, for encouragement, guidance, critics and friendship. Without
her continued support and interest, this project report would not have been the same as
presented here.
I am also indebted to Universiti Teknologi Malaysia (UTM) for funding my
Ms. study. Librarians at UTM also deserve special thanks for their assistance in
supplying the relevant literatures.
My fellow postgraduate students (especially Mr. Adel and Mrs. Razatulshima)
should also be recognized for their support. My sincere appreciation also extends to all
my colleagues at Department of Computer System and Communication, Faculty of
Computer Science and Information System, UTM and others who have provided
assistance at various occasions. Their views, comments and tips are very helpful.
Finally, I am also very grateful to all my family members for their continuous
encouragement and support.
v
ABSTRACT
Wireless ad hoc sensor networks (WSN) operate in the absence of a predeployed infrastructure, are self-configurable, low cost and can be rapidly deployed.
Hence, such networks enable a variety of consumer applications, such as emergency
rescue, disaster relief, smart homes and patient monitoring, industrial applications,
such as structural health monitoring and environmental control, and military
applications, such as target identification and tracking. WSN are prone to failure and
malicious user attack because any device within the frequency range can get access
to the data being transmitted. Thus, the project aims to provide a secure WSN
through frequency hopping at the network layer. In this work, Ad hoc On Demand
Distance Vector Routing algorithm is used to determine the route and un-Slotted
Carrier Sense Multiple Access / Collision Avoidance (slotted CSMA/CA) algorithm
is used to access the medium. The frequency hopping algorithm was tested in WSN
environment with and without malicious node. The results show tremendous
decreased of throughput from malicious node when the number of frequency hop is
increased. Therefore, WSN’s security is improved even though the throughput from
source is slightly decreased. Proposed future works are addition of frequency
synchronization with beacon using slotted CSMA-CA and addition of multiple
interfaces support for IEEE 802.15.4 standard.
vi
ABSTRAK
Rangkaian Sensor Tanpa Wayar (WSN) beroperasi dalam infrastruktur yang
segera,
boleh mengkonfigurasi sendiri, kos yang rendah dan sangat mudah
dirangkaikan. Oleh itu, rangkaian ini berupaya menyokong pelbagai aplikasi
pengguna seperti operasi menyelamat, bencana alam, pemantauan pesakit,
pemantauan rumah pintar, aplikasi industri seperti pemantauan keselamatan struktur,
pengawalan alam sekitar dan aplikasi ketenteraan seperti mengenalpasti dan
mengesan target. WSN sangat mudah menghadapi ketidakfungsian dan serangan
pengguna kerana sebarang peralatan yang berada di dalam julat frekuensi boleh
mencapai data yang sedang dihantar. Oleh itu, projek ini bertujuan untuk
menyediakan WSN yang selamat dengan menggunakan frequency hopping di aras
Rangkaian. Dalam projek ini, algoritma Ad hoc On Demand Distance Vector Routing
digunakan untuk mengenalpasti perjalanan data dan algoritma un-Slotted Carrier
Sense Multiple Access / Collision Avoidance (slotted CSMA/CA) digunakan untuk
mencapai medium penghantaran. Algoritma frequency hopping telah diuji dalam
WSN dengan dan tanpa kehadiran nod asing. Keputusan menunjukkan penurunan
truput yang sangat ketara daripada nod asing apabila bilangan frekuensi ditambah.
Oleh itu, keselamatan WSN telah dapat dipertingkatkan walaupun truput daripada
sumber juga mengalami sedikit penurunan. Cadangan sambungan kerja penyelidikan
ialah penambahan frekuensi segerak dengan beacon menggunakan slotted CSMA/CA
dan penambahan sokongan antaramuka yang banyak untuk standard IEEE 802.15.4.
vii
TABLE OF CONTENTS
CHAPTER
1
2
TITLE
PAGE
DECLARATION
ii
DEDICATION
iii
ACKNOWLEDGEMENT
iv
ABSTRACT
v
ABSTRAK
vi
TABLE OF CONTENTS
vii
LIST OF TABLES
x
LIST OF FIGURES
xi
LIST OF ABBREVIATIONS
xiii
LIST OF APPENDICES
xvi
INTRODUCTION
1.1 A Review of Wireless Sensor Network
1
1.2 Statement of the Problems
2
1.3 Objectives
3
1.4 Scopes
3
1.5 Importance of the Study
4
1.6 Thesis Outline
4
REVIEWS OF SYSTEM
2.1 Wireless Sensor Network (WSN)
6
viii
2.1.1
Sensor
7
2.1.2
The Physical Layer
9
2.1.3
Data Transfer Model
10
2.2 Security Attacks
11
2.2.1
Passive Attack
11
2.2.2
Active Attacks
12
2.3 Routing Algorithms
2.3.1 Ad Hoc On Demand Distance Vector Routing
2.4 Carrier Sense Multiple Access/Collision
13
13
15
Avoidance (CSMA/CA)
2.4.1 Un-Slotted CSMA/CA
3
15
2.5 Frequency Hopping
17
2.6 Fedora Core 6
18
2.7 Network Simulator 2 (NS2)
18
2.8 The Trace File
20
2.9 Summary
20
THE FLOW PROCESS OF PROJECT
3.1 Introduction
22
3.2 Getting Started by Installing Fedora Core 6
23
3.3 Getting Started by Installing NS2
23
3.4 Low Rate WPAN Function Modules
24
3.5 Frequency Hopping
26
3.6 Random Number Generator
27
3.7 Coding
28
ix
4
5
3.7.1
Packet Format
28
3.7.2
Common header
29
3.7.3
Changes in AODV
30
3.7.3.1 AODV::forward()
30
3.7.3.2 AODV::recvAODV()
31
3.8 Network Parameter Configuration
32
3.9 Analysis of Trace File
34
3.10 Summary
35
RESULT, ANALYSIS AND DISCUSSION
4.1 Animation Capture of WSN
36
4.2 Analysis of Trace Files
39
4.2.1
WSN without Malicious Node
39
4.2.2
WSN with Malicious Node
41
CONCLUSION AND PROPOSED FUTURE WORK
5.1 The conclusion
43
5.2 Proposed Future Works
44
REFERENCES
46
Appendices A-E
48-56
x
LIST OF TABLES
TABLE NO.
TITLE
PAGE
2.1
Comparison between Wireless Personal Area
Network (IEEE 802.15)
7
3.1
Network Parameter Definition
32
3.2
Available Options for Node Configuration
33-34
xi
LIST OF FIGURES
FIGURE NO.
TITLE
PAGE
1.1
Open System Interconnection Layer
2
2.1
A Typical Sensor Architecture
8
2.2
Actual Sensors
8
2.3
An Example of Communication in WSN
9
2.4
Channel Allocation in LR-WPAN
10
2.5
(a) Data Transfer Model: from device to
coordinator (b) Data Transfer Model: from coordinator
to device.
10
2.6
Diagram of AODV. (a) RREQ and RREP timing
diagram. (b) AODV broadcast to adjacent neighbor.
14
2.7
Timing Diagram for CSMA/CA
15
2.8
Un-Slotted CSMA/CA Flow Chart
17
2.9
Simplified User’s View of NS
19
2.10
Fields of Trace File
20
3.1
LR-WPAN (IEEE 802.15.4) Function Modules
25
3.2
Frequency Hopping at Transmitting Side
26
3.3
Frequency Hopping at Receiving Side
27
3.4
Packet Format
29
3.5
Common Header Declaration
29
3.6
Additional Code in Function AODV::forward()
30
xii
3.7
Additional Code in AODV::recvAODV()
31
4.1
Network Animation of Broadcasting AODV message
37
4.2
Network Animation of Data Transmission
37
4.3
Network Animation of Malicious Node Trying to
Get Into the WSN
38
4.4
Network Animation of Attack from Malicious
Node (Black Dot)
38
4.5
Throughput before Frequency Hopping is Applied
39
4.6
Throughput of Simulation versus Different Period
of Time
40
4.7
Throughput versus Time when Two Frequencies
being Hopped
40
4.8
Throughput when Frequency Hopping is Applied
(Two Frequency)
41
4.9
Throughput when Frequency Hopping is Applied
(Four Frequency)
42
4.10
Comparison of Throughput between Two
Frequency Hopping and Four Frequency Hopping
42
5.1
WPAN with PAN Coordinator, Coordinator and
Devices
44
5.2
Multiple Interfaces Support
45
xiii
LIST OF ABBREVIATIONS
ACK
-
Acknowledgement
AODV
-
Ad hoc On-demand Distance Vector
AWK
-
derived from surname of its author (Alfred Aho, Peter
Weinberger, and Brian Kernighan)
BE
-
Backoff Exponent
BP
-
Backoff Period
CAP
-
Contention Access Period
CBR
-
Continuous Bit Rate
CCA
-
Clear Channel Assessment
CFP
-
Contention Free Period
CTS
-
Clear-To-Send
CSMA/CA
-
Carrier Sense Multiple Access/ Collision Avoidance
CSMA/CD
-
Carrier Sense Multiple Access/ Collision Detection
CW
-
Contention Window
DARPA
-
Defense Advanced Research Project Agency
FC6
-
Fedora Core 6
FTP
-
File Transfer Protocol
GENOME
-
GNU Network Object Model Environment
GTS
-
Guaranteed Time Scale
GUI
-
Graphical User Interface
IEEE
-
Institute of Electrical and Electronic Engineering
xiv
IP
-
Internet Protocol
ISM
-
Industrial, Scientific and Medical
Kbps
-
Kilobits per Second
KDE
-
K Desktop Environment
LOS
-
Line of Sight
LQI
-
Link Quality Indication
LR-WPAN
-
Low Rate Wireless Personal Area Network
Mbps
-
Megabits per Second
MHz
-
Mega Hertz
NAM
-
Network Animation
NB
-
Number of Backoffs
NS
-
Network Simulator
OSI
-
Open System Interconnection
PTYPE
-
Packet Type
RREP
-
Route Reply
RREQ
-
Route Request
RTP
-
Real-time Transport Protocol
RTS
-
Request-To-Send
TCL
-
Tool Command Language
TCP
-
Transmission Control Protocol
TS_
-
Time Stamp
UDP
-
User Datagram Protocol
UID
-
Unique Identity
VINT
-
Virtual InterNetwork Test-bed
WPAN
-
Wireless Personal Area Network
xv
WSN
-
Wireless Sensor Network
xvi
LIST OF APPENDICES
APPENDIX
TITLE
PAGE
A
Planning & Execution
48
B
TCL Programming – sw8.tcl
50
C
TCL Programming – sw8b1600.tcl
54
D
AWK Programming – Myawk2.awk
59
E
AWK Programming – Myawk4.awk
60
CHAPTER 1
INTRODUCTION
1.1
A Review of Wireless Sensor Network
Wireless Sensor Network is a set of large number of sensors which provide a
smart environment surrounding us, the sensors respond to its particular sensing
characteristic changes around them and send the information to centre of processing
unit. SmartDust program which is sponsored by DARPA defined sensor networks as:
“A sensor network is a deployment of massive numbers of small,
inexpensive, self-powered devices that can sense, compute and
communicate with other devices for the purpose of gathering local
information to make global
decisions about a physical
environment.” (Olariu, 2006)
Sensor is a device which is very small, using low power to process or compute,
use within short range of distance, got energy budget (battery) and got micro-sensor
technology. Usually, it is link by wireless medium such as radio, infrared, ultrasound,
laser and many more but the most popular medium is radio because it can operate
without line of sight (LOS). Types of sensor are pressure sensor, temperature sensor,
humidity sensor, seismic sensor, light sensor, chemical sensor and many more.
WSN was initially developed for military and disaster rescue purposes but
because the availability of ISM band (2.4 GHz), the technology are now emerging in
public applications.
The salient features in Wireless Sensor Network makes it different from other
network (self-organize, low power, self configure, wireless, infrastructure-less).
2
Therefore, WSN design must encounter these features in order to provide a reliable
network. One more thing to be considered is the fact that WSN are prone to failure
and malicious user attack. This is because any device within the frequency range can
get access to the data. So, we need a secure way to protect the network. Wireless
communication only affects the physical, data link and network layers of the OSI
layer.
1. Application
2. Presentation
3. Session
Algorithm used
4. Transport
AODV
un-Slotted CSMA/CA
5. Network
6. Data Link
Working at this
layer
7. Physical
Figure 1.1: Open System Interconnection Layer
1.2
Statement of the Problems
Security attacks are consists of passive attacks and active attacks (William,
2003).
When there is an observer who trying to obtain any information being
transmitted, it is considered passive attack. Eavesdropping or monitoring of
transmission is an example of passive attacks. When there is an attack to modify the
data stream, it is considered an active attack such as denial of services.
In order to achieve secure routing in WSN, the frequencies used need to be
change within a short period of time. If there is any malicious node trying to send
3
information or retrieve information inside the WSN, the attempt can be prevent if the
node can’t detect the frequencies that changes very quickly. Therefore, by using
frequency hopping, we can prevent any intruder to reach the frequency. Thus,
applying frequency hopping will secured the network.
1.3
Objectives
There are many kinds of security mechanism exists. The most common
mechanism is encryption techniques (William, 2003). The techniques require security
keys in the algorithm which consume the memory storage space inside the device. So,
in wireless sensor network which aims to use as minimal space as they can in order to
save energy, frequency hopping techniques was chosen.
In order to know the performance of the system, the throughput at destination
was analyzed. Source and malicious node are sending the same amount of packets to
the same destination. The throughput before the used of frequency hopping is
examine first and then, the throughput after the used of frequency hopping is
compared. After that, throughput from source and from malicious node is compared
and the network performance can be seen.
In short, the objectives of this project are:
•
To develop security in Wireless Sensor Network using frequency hopping method,
•
To analyze the throughput before and after the implementation of frequency
hopping.
1.4
Scopes
The simulation environment and testing parameter are based on Wireless
Sensor Network according to IEEE 802.15.4 standard. 25 nodes are created in NS2
which runs on Linux Operating System. The nodes are assumed to be static and no
hidden nodes between each other (all nodes within the signal range of the network).
The security is base on frequency that hops randomly and the frequency is set during
4
routing at Network layer. The frequency hopping algorithm was programmed using
C++ and inserted into AODV functions, while the WSN environment was
programmed using TCL. Then, analysis of the trace files were done by using AWK
programming. Simulations of the nodes are automatically demonstrated using NAM
which has been set inside the TCL programming.
1.5
Importance of the Study
Wireless Sensor Network is categorized in IEEE 802.15.4 task group which is
in Low Rate Wireless Personal Area Network. The standard was just released in 2003
and the up grade version was released in 2006. Since this is a new research area, there
are lots of arguments to be discussed and solved such as power consumption because
the sensors depends on battery which only remains for a short period of time,
topology because sensors can be static or mobile; and the topology is ever changing
not only because of sensor mobility but also because of sleep-and-wake cycles of the
sensors, bandwidth because usable bandwidth in WSN are limited compared to wired
network, contribute by multi-path fading, noise and interference; and security because
wireless is too vulnerable whether to insider user or outsider users attack. Therefore,
one of topic of discussion (security) is chosen to be focused on this project.
1.6
Thesis Outline
The thesis consists of five chapters which include Introduction; Reviews of
System; The Flow Process of Project; Results, Analysis and Discussion and finally
Conclusion and Proposed Future Works. Besides these, there are preliminary pages
which help the reader to understand the whole thesis outline such as table of contents
and the listing of table, figures, abbreviations and appendices. There are also
additional pages (appendices) at the end after the list of reference. The appendices
show project planning and programming code listings.
5
Chapter 1 describes Wireless Sensor Network in general and then follows by
problem statements, the project’s objectives, the scopes which guide the project
boundary, the importance of the study and finally the whole thesis outline.
Chapter 2 elaborates the ideas from Chapter 1 in more details. This chapter
was written based on various readings from IEEE website, journals, books and also
the internet. All the references can be found at the list of References after the final
chapter.
Chapter 3 explains the process of the whole project from installing the
operating system until testing procedure and testing process.
Chapter 4 shows the results of simulation and testing in NS2 and NAM. There
are animation captures in NAM and analysis results of the trace files.
The final chapter, Chapter 5 summarized the work that has been done and two
proposals of future works that can be developed to enrich the test bed environment.
CHAPTER 2
REVIEWS OF SYSTEM
2.1
Wireless Sensor Network (WSN)
Wireless Sensor Network (WSN) applications are suite with IEEE 802.15.4
standards. IEEE 802.15.4 standard is for low rate Wireless Personal Area Network
(WPAN) and the standard was defines for wireless Medium Access Control layer and
Physical layer. WSN characteristics which meet the standards are wireless medium,
low power consumption, low cost and low data rate. Other WSN characteristics are
large numbers of sensors, collaborative signal processing, easily deployed, selfconfigurable, and self-organize and infrastructure-less. Whereas, IEEE 802.15.4 (low
rate Wireless Personal Area Network – LR WPAN) characteristics are data rates of
250 kb/s, 40 kb/s, and 20 kb/s, star or peer-to-peer operation, allocated 16 bit short or
64 bit extended addresses, allocation of guaranteed time slots (GTSs), carrier sense
multiple access with collision avoidance (CSMA-CA) channel access, fully
acknowledged protocol for transfer reliability, low power consumption, energy
detection (ED), link quality indication (LQI) and 16 channels in the 2450 MHz band,
10 channels in the 915 MHz band, and 1 channel in the 868 MHz band. Refer to Table
2.1 below for comparison between each task group in IEEE 802.15.
7
Table 2.1: Comparison between Wireless Personal Area Networks (IEEE 802.15)
It can be seen that LR-WPAN use the slowest data rate, far from the task
group 3 and 4. The signal range is also in near distance and use battery to live. The
number of devices can be thousands, a huge number compared to Bluetooth and HRWPAN.
2.1.1
Sensor
WSN is a network with densely deployed sensor which can communicate with
each other to carry a specific task given. It has no central controller and can randomly
deploy in a specific area. So, what is a sensor? A sensor is a miniature device that has
a micro-sensor technology, low power signal processing, low power computation and
a short-range communications capability. Figure 2.1 shows a typical sensor diagram
which consist of a short-range transceiver (around 3m-10m), limited memory storage
(4-8 KB), low power sensor which hold a specific task (such as seismic sensor), an 8
bit slow embedded processor with frequency of 5 to 10 MHz and a multi-month life
battery. There are many kinds of sensors such as pressure sensor, humidity sensor,
thermal sensor, seismic sensor, level sensor, weight sensor and light sensor. Each of it
will alert us with different data which suite its name.
8
1Kbps--10Kbs
transmission
range
3-10m
Transceiver
Transceiver
Limited storage
4-8Kb
Memory
Memory
Embedded
Embedded
Processor
Slow processor
8bit, 5-10 MHz
Processor
Low-power
special-purpose
Sensor
Battery
Battery
Nonrenewable
Figure 2.1: A Typical Sensor Architecture [Olariu]
Figure 2.2 show the pictures of the actual sensors available in the market.
Notice the size of the sensors is very small as a size of a shilling but there are also
various types of sensors with different sizes that meet its specific operation. Sensors
are produce in a mass production with a huge number of outputs because with that
amount it can reduce the total sensor cost.
Figure 2.2: Actual Sensors
9
Figure 2.3 demonstrate a group of sensors sending information that has been
requested by a laptop. A laptop requests a data from a sensor. The laptop sends
request through the WSN and the message is pass from one sensor to another until it
reach the destination. Then, the destination replies through its adjacent neighbors and
the replies also pass through the WSN until it reached the laptop. The information was
finally reach printer which acts as a sink.
Sink
Path of the query
Path of the reply
Figure 2.3: An Example of Communication in WSN
2.1.2
The Physical Layer
Physical layer of Low Rate Wireless Personal Area Network consists of 27
channel altogether. The channels available are divided in three different bands:
•
2.4 GHz ISM band (worldwide)
•
915 MHz band (US)
•
868 MHz band (Europe)
There are 16 channels with data rates of 250 Kbps in 2.4 GHz band, 10 channels with
data rates of 40 Kbps in 915 MHz band and 1 channel with data rates of 20 Kbps in
868 MHz band. The data rates are very low compared to other types of WPAN as
seen in Table 2.1 (above).
10
868MHz/
915MHz
PHY
Channel 0
868.3
2.4 GHz
PHY
Channels 1-10
2
902
928
5
Channels 11-26
2.4
2.4835
Figure 2.4: Channel Allocation in LR-WPAN
2.1.3
Data Transfer Model
For un-slotted CSMA/CA, the algorithm use non-beacon mode for data
transfer model. Below (Figure 2.4) is a model of data transfer, one is for data transfer
from device to coordinator and the other one is for data transfer from coordinator to
device.
(a)
(b)
11
Figure 2.5: (a) Data Transfer Model: from device to coordinator (b) Data Transfer
Model: from coordinator to device.
Data transfer model from device to coordinator, the device just transmit the
data using un-slotted CSMA/CA. For data transfer model from coordinator to device,
the device which requests the data will send MAC command request using un-slotted
CSMA/CA. If the coordinator has the data, it will transmit it also using un-slotted
CSMA/CA.
2.2
Security Attacks
Security attacks are any action that exposes the security of information owned
by a constitution. There are passive attacks and active attacks as classify in ITU-T
Recommendation X.800.
2.2.1
Passive Attack
Passive attacks are attempts to reach the owner data and make use of it without
the owner realize it. It is hard to detect this kind of attack because it does not modify
the data. So, the prevention of the attack is more useful rather than struggle for
detection. The types of passive attacks are:
1.
Release of message contents: Any information transferred through telephone
conversation or electronic mail can be release to opponent which data may contains
confidential information.
2.
Traffic Analysis: Opponent can observe the frequency and length of data
being transmitted and this information can be analyzed to get the nature of
communication taking place. The attacker also may know the location of base stations,
and the type of protocol being used in the transmission.
12
Eavesdropping is an example of passive attack. An attacker that monitors
traffic can read the data transmitted and gather information by examining the source
of a packet, its destination, size, number, and time of transmission.
2.2.2
Active Attack
Actives attacks are involving alteration of information which may disastrous
to the organization. Oppose to passive attack, active attack is more likely to be
detected rather than to prevent. Furthermore, the detection has a preventive effect
which may contribute to prevention as well. There are four types of active attacks:
1.
Masquerade: Impersonation of an identity that pretends to be an authorized
identity.
2.
Replay: A passive capture of information to produce an unauthorized effect.
3.
Modification of Message: The sequence of message has been jumble-up or
the message has been delayed or even worst the meaning of message has been
modified.
4.
Denial of Service (DoS): DoS may disrupt the network and degrade its
performance. This type of attack can be grouped into three categories:
a.
disabling of service (e.g., sinkhole, HELLO flood attack),
b.
exhaustion, and
c.
service degradation (e.g., selective forwarding attack)
Man-in-the-middle is an example of active attack which establishes a rogue
intermediary pretending to be a valid sensor.
13
2.3
Routing Algorithms
Routing is a process of determining a path between source and destination
upon request of data transmission. The routing protocols are divided into two
categories; proactive protocols and reactive protocols [Liza]. Proactive protocols are
protocols which updates its network routes from time to time. The data can be
transmitted right away because the route is already known but one of the drawbacks is
wasted energy because the device will continuously update the route even there is no
demand. The examples of proactive protocols are Destination-Sequence Distance
Vector (DSDV) routing and Wireless Routing Protocol (WRP). In contrast to
proactive protocols, reactive protocols only compute its network route when there is a
demand for it. The examples of reactive protocols are Ad hoc On-Demand Distance
Vector (AODV), Dynamic Source Routing (DSR), Temporally Ordered Routing
Algorithm (TORA) and Signal Stability-based Routing (SSR).
This project chose AODV because it is a loop-free routes that can use even
when there is broken link, less bandwidth usage because it does not periodically
updates its route and it suite for a dynamic network like WSN.
2.3.1
Ad hoc On Demand Distance Vector Routing (AODV Routing)
AODV routing is an algorithm use for finding a route for peer-to-peer
connection between sensors. Basically, in AODV, sensors will send Route Request
(RREQ) packet and receive Route Reply (RREP) packet to transmit and receive
packets of data. Each sensor acts as router and routes are obtained only when needed.
AODV will broadcast RREQ to all and whoever in the range of the frequency being
transmitted and awake, they can receive the RREQ. Any sensor which meets the
information in the RREQ will answer the RREQ with RREP. After the sender gets the
RREP, it now has the peer-to-peer connection and ready to send. Refer to Figure 2.6
for the scenario.
14
Source
Destination
RREQ
nodes
RREP
Tx
(a)
(b)
Figure 2.6: Diagram of AODV. (a) RREQ and RREP timing diagram. (b) AODV
broadcast to adjacent neighbors.
AODV do not maintain any routing information but totally depends on
needs to communicate with its neighborhood. There are several techniques for local
connection between nodes neighborhood and one of it is through local broadcast
known hello messages. The routing tables of the nodes were organized to optimize the
response time of communication. AODV primary objectives are:
1.
To broadcast discovery packets only when necessary,
2.
To distinguish between local connectivity management (neighborhood
detection) and general topology maintenance,
3.
To disseminate information about changes in local connectivity to those
neighboring mobiles nodes that are likely to need the information.[Charles]
AODV is the simplest and widely used algorithm either for wired or wireless
network. The advantages of bandwidth efficiency, loop-free routing and act as a
reactive protocols makes it worth to apply within the network.
15
2.4
Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA)
CSMA/CA gives solution of hidden node problem in CSMA/CD which a node
cannot detect another node which also wants to transmit packet resulting a collision.
CSMA/CA protocol use four-way handshake. The node will listen (sense a voltage
level) before transmit any packet. If it detects there is a signal, it’ll waits for a random
period before listens to the network again. If no signal is detected, the node will send
ready-to-send message (RTS) to all nodes. The RTS contains destination address and
period of the transmission. The destination will reply with clear-to-send message
(CTS) which denotes that the node can send message without collision. The
destination/receiver will send acknowledgement for every packet it received. If ACK
is not received, the packet is assumed lost or corrupted and will resend the packet
until ACK is received.
Source
Destination
RTS
CTS
Tx
ACK
Figure 2.7: Timing Diagram for CSMA/CA
2.4.1
Un-Slotted CSMA/CA
This project uses un-Slotted CSMA/CA because the project does not cater for
synchronization which need beacon for data transmission. Un-Slotted CSMA/CA is a
16
method of accessing channel before data can be transmits. The algorithm is explained
in details in Chapter 3. This algorithm is working at Layer 2.
The Un-slotted CSMA/CA is based on basic time unit called Backoff Period
(BP). BP is equal to 0.32 ms which refer to aUnitBackoffPeriod (80 bits) [Anis and
Y.C Tseng]. The Un-slotted CSMA/CA backoff algorithm is depends on two
variables:
1.
The BE enables the computation of the backoff delay, which is the time before
performing CCAs. The backoff delay is a random variable between 0 and (2BE
– 1).
2.
The NB represents the number of times the un-slotted CSMA/CA algorithm
was required to backoff while attempting to access the channel. This value is
initialized to zero (NB = 0) before each new transmission attempt.
First step of Un-slotted CSMA/CA is initializing NB=0 and BE=2 (depends on
Battery Life Extension which is by default value is 3). Then, second step is counting
down the random number of BPs which uniformly generated between 0 to (2BE – 1).
Take note that the counting must start at the boundary of a BP. The third step is
performing CCA at the boundary of the BP to access channel activity. Then, if the
channel is idle, channel access is allowed. Therefore, un-slotted CSMA/CA will be
performed to send the packet. If the channel is busy, the flow will go to fourth step.
The fourth step will increment NB and BE. BE can’t exceed the setting maximum
value. Incrementing the BE makes the probability of backoff delays becomes big.
Then, if the NB exceeds the maximum number of allowed backoffs, the transmission
is fail. If NB hasn’t reached the maximum value, it will repeat the second step. The
un-slotted CSMA/CA will be activated each time transmission of a new packet. Refer
to Figure 3.4 as description in flow chart:
17
Figure 2.8: Un-Slotted CSMA/CA Flow Chart
2.5
Frequency Hopping
Frequency hopping is a method to make the channel difficult to be access by
intruder. The frequency used within the environment/system will be hopped to
different frequency/channel frequently. Therefore, it is hard for the intruder to track
the data being transmitted. Details are explained in Chapter 3.
18
2.6
Fedora Core 6
Fedora Core is a free operating system base on Linux. The development of
Fedora is sponsored by Red Hat and being developed by the open source community
and the Red Hat engineers.
Fedora Core 6 (FC6) is the latest release of the Fedora Project currently. Some
primary features of FC6 are extensive performance improvements, support for Intelbased Macs and a new GUI virtualization manager. The variety of additional features
that capture the user interest are introduction of a new theme, DejaVu default font
which increases Fedora’s support for many languages that use Latin, Greek and
Cyrillic alphabet, GNOME 2.16, KDE 3.5.4, The performance of the Fedora's default
ext3 filesystem has been boosted in recent versions of the 2.6 Linux kernel.
It has been argued that the most useful new feature in FC6 is the Fedora
installer called Anaconda. Anaconda enable the user to specify third-party repositories
and pull additional packages during installation time. Anaconda also support IPv6.
FC6 applies 2.6.18 Linux kernel and it is now a single kernel (which detects either
multi-processor or single-processor architecture) that can automatically detects the
processor.
2.7
Network Simulator 2 (NS2)
NS started as one variety of REAL network simulator projects in 1989 and
was developed at University of California at Berkeley, USA with cooperation of
several organizations. Now, it is a VINT project supported by DARPA. NS is not a
finished tool that can manage all kinds of network model. It is actually still an ongoing effort of research and development. The users are responsible to verify that
their network model simulation does not contain any bugs and the community should
share their discovery with all. There is a manual called NS manual for user guidance.
19
NS is a discrete event network simulator where the timing of events is
maintained by a scheduler and able to simulate various types of network such as LAN
and WPAN according to the programming scripts written by the user. Besides that, it
also implements variety of applications, protocols such as TCP and UDP, network
elements such as signal strength, traffic models such as FTP and CBR, router queue
management mechanisms such as Drop Tail and many more [Eitan, Jae Jung].
There are two languages used in NS-2; C++ and OTcl (an object oriented
extension of Tcl). The compiled C++ programming hierarchy makes the simulation
efficient and execution times faster. The OTcl script which written by the users the
network models with their own specific topology, protocols and all requirements
need. The form of output produce by the simulator also can be set using OTcl. The
OTcl script is written which creating an event scheduler objects and network
component object with network setup helping modules. The simulation results
produce after running the scripts can be use either for simulation analysis or as an
input to graphical software called Network Animation (NAM). Refer to Figure 2.9 for
a simple user view of NS-2.
Figure 2.9: Simplified User's View of NS
20
2.8
The Trace File
The trace file is an ASCII code files and the trace is organized in 12 fields as
in Figure 2.10 below.
Event Time From To
Pkt
node node type
Pkt
size
Flags Fid
Src
Dst
Seq
addrs addrs num
Pkt
id
Figure 2.10: Fields of Trace File
The first field is the event type and given by one of four available symbols r,
+, - and d which correspond respectively to receive, enqueued, dequequed and
dropped. The second field is telling the time which the event occurs.
The third and fourth fields are the input and output node of the link at which
the events takes place. The fifth is the packet type such as cbr or tcp. The sixth is the
size of the packet and the next field is some kind of flags.
The eighth field is the flow identity of IPv6 which can specify stream color of
the NAM display and can be use for further analyze purposes. The ninth and tenth
fields are the source and destination address in the form of “node.port”.
The eleventh is the network layer protocol’s packet sequence number. NS
keeps track of UDP packet sequence number for the analysis purposes. The twelfth
which is the last field is the unique identity of the packet.
2.9
Summary
The early part of the chapter describes about characteristic of WSN which
suite IEEE 802.15.4 standard, overview of sensor with some description of its
21
implementation, the physical layer of LR-WPAN and the data transfer model of nonbeacon mode. Then, the types of security attacks were elaborates. Brief discussion
regarding routing algorithm was describe and focus to AODV routing. Further
elaborates the CSMA/CA algorithm.
The latter part of the chapter discuss about the operating system platform
(Linux Fedora Core 6) used and the simulation test bed (NS2). Finally, the trace file
for analysis purpose was discussed.
CHAPTER 3
THE FLOW PROCESS OF PROJECT
3.1
Introduction
Wireless Sensor Network will definitely be a highly demand applications in
the near future. It can be self-deploy anywhere one can imagine and in a short time,
the network is already established. Other advantages includes the low cost production,
small in size and its collaborative capabilities makes it easy for everyday life. WSN
applications includes animal tracking, vehicle parking availability, in military
purposes, cracks in building, humidity senses in humid-sensitive place and many
more.
WSN is a resource-constraint-type of network due to its low power
consumption, minimal memory storage and low data rate. The system throughput is
one of the issues to be discussed. Normally, everyone preferred the highest and fastest
output as the system can support, and, if there is a way to prevent any intruder to get
into the system, we must try as hard as we could to protect our network from any
vulnerable situation. Frequency hopping is a solution to prevent any malicious node in
WSN from entering into the system. Because of this, the performance of system
throughput may experience a decreased.
This chapter will discuss regarding the flow of the project from installation of
the operating system until the description of trace files to determine the throughput
performance.
23
3.2
Getting Started by Installing Fedora Core 6
Fedora Core 6 installation is now becomes easy with the help of Anaconda
team. FC6 is a free operating system that can be installed in laptops, desktops and
servers. The steps of installation can be easily understood even if one does not has any
knowledge about Linux or computer networks before.
The first thing to check is the computer architecture whether it is i386 systems,
ppc system or x86_64 systems. The i386 systems consist of Intel x86-compatible
processors, including Intel Pentium and Pentium-MMX, Pentium Pro, Pentium-II,
Pentium-III, Celeron, Pentium 4, Xeon, Core Duo, and Centrino/Centrino Duo; VIA
C3/C3-m and Eden/Eden-N; and AMD Athlon, AthlonXP, Duron, AthlonMP,
Sempron, and Turion. While the ppc systems is a group of PowerPC processors, such
as those found in Apple Power Macintosh, G3, G4, and G5, and IBM pSeries systems.
The last one is x86_64 systems includes 64-bit AMD processors such as
Athlon64/FX/X2, Turion64, Opteron; and Intel 64-bit processors such as EM64T.
Make sure that the installation media is ready, the installation manual is on hand and
the information of network configuration is known.
The command line system needs at least 700 MB of storage while the desktop
system requires 3 GB of storage capacity. It is recommended that the installation
media is using a CD or DVD as it makes things easier. Five CDs are needed or only
one DVD for storing the installation files. If everything is ready, just insert the media
(eg. DVD) then, turn on the desktop. Just follow the instruction until the end of
installation.
3.3
Getting Started by Installing NS-2
NS-2 is an event driven network simulator which can be implements in Linuxbased platform. This report will explain on how to install NS-2 in Fedora Core
platform.
The NS-2 files (recommended to download a piece of file which includes all
the needed files called ns-allinone-2.xx) must be downloaded into any media storage,
24
most preferred is inside the computer itself where the NS-2 is going to be installed. It
is not recommend to log in as a root because installation at root may interfere with
any important Linux files. Log in FC6 as any users except root and store NS-2 in usr
folder. Open the terminal and type the path of ns-2.30 (if you’re using NS-2 version
2.30). For example:
> /usr/ns-allinone-2.30/ns-2.30
Then, type:
>./install
After the installation was done, there will be a message at the terminal to make
a path environment setting in bash_profile. Follow the instruction by editing the
bash_profile file. Then, type:
>./validate
It will take some time to validate the programs. After validation process was done, to
check whether the NS-2 is successfully installed, type ‘ns’ (without apostrophe) at the
command prompt. There will be ‘%’ sign appear at the command prompt.
3.4
Low Rate WPAN Function Modules
The LR-WPAN function modules were developed by Jianliang Zheng and
Myung J. Lee (2006) at The City University, New York. The work was done specially
for a newly defined standard; IEEE 802.15.4. They had study and developed several
features such as beacon enabled mode and non-beacon enabled mode, association,
tree formation and network auto-configuration, orphaning and coordination relocation,
CSMA/CA for both slotted and un-slotted and direct, indirect and GTS data
transmissions (Jianliang, 2006).
A brief description about the modules as in Figure 3.1 is:
•
Wireless Scenario Definition: It selects the routing protocol; defines the
network topology; and schedules events such as initializations of PAN coordinator,
25
coordinators and devices, and starting (stopping) applications. It defines radiopropagation model, antenna model, interface queue, traffic pattern, link error model,
link and node failures, super-frame structure in beacon enabled mode, radio
transmission range, and animation configuration.
•
Service Specific Convergence Sub-layer (SSCS): This is the interface between
802.15.4 MAC and upper layers. It provides a way to access all the MAC primitives,
but it can also serve as a wrapper of those primitives for convenient operations. It is
an implementation specific module and its function should be tailored to the
requirements of specific applications.
• 802.15.4 PHY: It implements all 14 PHY primitives.
• 802.15.4 MAC: This is the main module. It implements all the 35 MAC sub-layer
primitives.
Figure 3.1: LR-WPAN (IEEE 802.15.4) Function Modules
This project is working on the routing layer by modifying the C++ files of
AODV. The rest is not changed.
26
3.5
Frequency Hopping
Frequency hopping is one of varies way to provide security in wireless data
transmission. Say there are 20 frequencies are hopping in a limited time set earlier, if
intruders get access to the channel and jammed the channel, it will only affect the
particular channel only. There will be 19 channels still available for data transmission.
If the number of frequency used are increase or/and time set of each frequency is
random, the probability of intruder accessing the channels and jamming the frequency
will be small.
For this project, the time for each frequency is depends on a random function
which will be explained later. Figure 3.2 shows a flow chart of additional coding add
inside the AODV function modules that will forward the AODV message. The
frequency holds by a packet was set according to the random number generated.
Frequency Hoping
Set the random number [0.0~1.0]
Set the frequency either 0 or 1 according to the
random number
Transmit the packet as
AODV message
Figure 3.2: Frequency Hopping at Transmitting Side
27
Figure 3.3 shows a flow chart of additional coding add inside the AODV
function modules that will received the AODV message.
Frequency Hoping
Set the random number [0.0~1.0]
Set the frequency either 0 or 1 according to the
random number
no
Freq same with
packet’s freq?
yes
Drop the packet
Accept the packet
Figure 3.3: Frequency Hopping at Receiving Side
3.6
Random Number Generator
Almost all module functions depends on the basic function random(), which
generates a random float uniformly in the semi-open range [0.0, 1.0). Python uses the
Mersenne Twister as the core generator. It produces 53-bit precision floats and has a
period of 219937-1. The underlying implementation in C is both fast and thread-safe.
The Mersenne Twister is one of the most extensively tested random number
generators in existence developed by M. Matsumoto and T. Nishimura. However,
being completely deterministic, it is not suitable for all purposes, and especially in
cryptographic purposes.
28
A brief description of random() function is given below:
random(): return the next random floating point number in the range of [0.0, 1.0).
This uniform pseudo-random number generator was implemented in portable
C-code. It passed several stringent statistical tests, including diehard and its speed is
comparable to other modern generators. Its merits are due to the efficient algorithms
that are unique to polynomial calculations.
3.7
Coding
This subtopic will explain some coding involves in C++ files in NS-2. After
each change, ‘make clean’ and ‘make’ command must be run at the terminal under ns2.30 folder to compile the codes, so that the changes will take action. But before the
discussion of modifying the codes, the packet format of NS-2 must be understood
because the changes made was in the common header which is one of the field in the
packet header.
3.7.1
Packet Format
Packet format consist of headers and data. There are many types of header
available such as common header, IP header, TCP header, RTP header and Trace
header. One can add their own header too by creating a new header in ns~/common/packet.h file in NS2.
The type of header used in this project is common header. Common header
has many fields such as uid, ptype, size and ts_. Refer to Figure 3.4 for the diagram of
Packet Format.
29
Figure 3.4: Packet Format
3.7.2 Common header
As mentioned before, common header is one type of header in NS packet
format. The common header declaration can be found in ns-~/common/packet.h.
Refer to Figure 3.5 for details of the common header’s fields which are declared in
packet.h file.
struct hdr_cmn {
enum dir_t { DOWN= -1, NONE= 0, UP= 1 };
packet_t ptype_;
int size_;
int uid_;
int error_;
int
errbitcnt_;
int
fecsize_;
double ts_;
int iface_;
Figure 3.5: Common Header Declaration
Field errbitcnt was chosen to be used to set the frequency since the field was
not in used. See Figure 3.6 and 3.7 explained later for the usage of errbitcnt.
30
3.7.3
Changes in AODV
AODV files located in ns-~/aodv/ folder. The file which has been changed is
aodv.cc.
The
functions/
methods
involves
are
AODV::forward()
and
AODV::recvAODV().AODV::forward() is a function used to forward AODV packet
while AODV::recvAODV() is a function used to receive any AODV packet.
3.7.3.1 AODV::forward()
Upon transmitting a packet, AODV::forward() function will set the frequency
either ‘0’ or ‘1’. Variable x which has double data type will hold the pseudo-random
number generated. Since, the errbitcnt has a data type of integer; the random value is
modified to be an integer. If the random value is more than 0.5, the frequency will be
set to 1; and if the random value is less than 0.5, the frequency will be set to 0. Refer
to Figure 3.6 for the code addition in aodv.cc.
void
AODV::forward(aodv_rt_entry *rt, Packet *p, double
delay) {
struct hdr_cmn *ch = HDR_CMN(p);
struct hdr_ip *ih = HDR_IP(p);
// add this:
double x; //create a variable
x = Random::uniform(); //set random value
//set ‘frequency’
if(x>=0.5) {ch->errbitcnt()=1;}
else ch->errbitcnt() = 0;
//until here.
Figure 3.6: Additional Code in Function AODV::forward()
31
3.7.3.2 AODV::recvAODV()
Upon receiving a packet, AODV::recvAODV() function will check the
incoming frequency whether it is ‘0’ or ‘1’. If the frequency is not the same as its
current frequency, then, the packet will be drop. If the frequency is the same as its
current frequency, the packet will be accepted. Variable y (double data type) was
declared to hold the pseudo-random number. Variable freq also declared to hold the
modified value (integer data type) of y. Then, y will be compared to errbitcnt value
which has been set before when the packet is transmitted. Refer to Figure 3.7 for the
code addition in aodv.cc.
void
AODV::recvAODV(Packet *p) {
struct hdr_aodv *ah = HDR_AODV(p);
struct hdr_cmn *ch = HDR_CMN(p);
assert(HDR_IP (p)->sport() == RT_PORT);
assert(HDR_IP (p)->dport() == RT_PORT);
//add this:
double y;
int freq;
//set the ‘frequency’
y = Random::uniform();
if(y>=0.5) {freq=1;}
else {freq=0;}
//code to check if the freq is same or not
if(ch->errbitcnt()!=freq) {
drop(p);
return;
}
else
//until here.
Figure 3.7: Additional Code in AODV::recvAODV()
32
3.8
Network Parameter Configuration
The simplest and usually the first thing to setup a network is creating a node.
A network is build up from its layers components such as Link layer, MAC layer and
PHY layer. The components have to be defined before a node can be configured. See
Table 3.1 for an example of network parameter definition:
Table 3.1: Network Parameter Definition
Parameter
Suggested Value
Description
set val (chan)
Channel/Wireless Channel
Channel type
set val (prop)
Propagation/TwoRayGround Radio propagation model
set val (netif)
Phy/WirelessPhy/802_15_4
Network interface
set val (mac)
Mac/802_15_4
IEEE standard
set val (ifq)
Queue/DropTail/PriQueue
Interface queue type
set val (ll)
LL
Link layer type
set val (ant)
Antenna/OmniAntenna
Antenna model
set val (ifqlen)
50
Maximum packet in IFQ
set val (nn)
25
Number of nodes
set val (rp)
AODV
Routing protocol
set val (x)
50
Setup topography object
set val (y)
50
Setup topography object
set val (stop)
200.0
Simulation time
set val (traffic)
cbr
Traffic type
We must also define and configure the node API before creating a node. The
node API configuration is as follows:
$ns node-config -adhocRouting $val(rp) \
-llType $val(ll) \
-macType $val(mac) \
-ifqType $val(ifq) \
-ifqLen $val(ifqlen) \
-antType $val(ant) \
-propType $val(prop) \
-phyType $val(netif) \
33
-topoInstance $topo \
-agentTrace ON \
-routerTrace ON \
-macTrace OFF \
-movementTrace OFF \
-channel $chan_1_ \
There are other options of configuration that can be found in tcl/lib/ns-lin.tcl
inside NS-2. Refer to Table 3.2 for the available options.
Table 3.2: Available Options for Node Configuration
Option
Available Values
Default
general
addressType
flat, hierarchical
Flat
MPLS
ON, OFF
OFF
both satellite- and wireless-oriented
wiredRouting
ON, OFF
""
llType
LL, LL/Sat
""
macType
Mac/802_11, Mac/Csma/Ca,
Mac/Sat,
Mac/Sat/UnslottedAloha,
""
Mac/Tdma
ifqType
Queue/DropTail,
""
Queue/DropTail/PriQueue
phyType
Phy/WirelessPhy, Phy/Sat
""
wireless-oriented
adhocRouting
DIFFUSION/RATE,
""
DIFFUSION/PROB, DSDV,
DSR,
FLOODING,
OMNIMCAST,
AODV,
TORA
propType
Propagation/TwoRayGround, ""
Propagation/Shadowing
propInstance
Propagation/TwoRayGround, ""
Propagation/Shadowing
antType
Antenna/OmniAntenna
""
channel
Channel/WirelessChannel,
""
34
Channel/Sat
topoInstance
<topology file>
""
mobileIP
ON, OFF
OFF
energyModel
EnergyModel
""
initialEnergy
<values in Joules>
""
rxPower
<values in W>
""
txPower
<values in W>
""
idlePower
<values in W>
""
agentTrace
ON, OFF
OFF
routerTrace
ON, OFF
OFF
macTrace
ON, OFF
OFF
movementTrace
ON, OFF
OFF
errProc
UniformErrorProc
""
FECProc
?
?
toraDebug
ON, OFF
OFF
satellite-oriented
satNodeType
Polar, geo, terminal, geo- ""
repeater
downlinkBW
<bandwidth
value,
e.g. ""
“2Mb”>
3.9
Analysis of Trace File
Results of simulation are stored into trace file (*.tr). AWK programming was
used to analyze the trace file. Examples of lines in trace file as follow:
s 0.100000000 _20_ AGT
--- 0 cbr 70 [0 0 0 0] ------- [20:0 4:0 32
0] [0] 0 0
r 0.100000000 _20_ RTR
0] [0] 0 0
--- 0 cbr 70 [0 0 0 0] ------- [20:0 4:0 32
35
There are two AWK programming used in this project, Myawk2.awk and
Myawk4.awk. Myawk2.awk will count total number of data packet transmitted by
source and received by destination. Then, it will calculate and print the throughput at
the screen. Myawk4.awk will count total number of data packet transmitted by source
and malicious node; and total number of data packet received by destination from
source and from malicious node separately. The number of packets being transmitted
and received will be printed on screen. Then, it will calculate and print the throughput
from each sender at the screen. Result on screen as presented in Chapter 4. Listings of
AWK programming can be found at Appendix D & E.
The AWK programming is run in the terminal command prompt. The
command to run the AWK programming is:
>awk –f myawk2.awk sw8.tr
The file named myawk2.awk is the AWK programming file, while the file named
sw8.tr is the trace file to be analyze or input to myawk2.awk.
3.10
Summary
This chapter has discussed the whole process of the project from the installing
of the operating system (Fedora Core 6) until the analysis of the trace file. The earlier
subtopics was discussing in brief on how to install Fedora Core 6 which is a platform
of this project. Then, the chapter continues with a short and simple explanation of NS2 installation.
LR-WPAN functions modules was explained to show an idea of which layer
the project was done. After that, the frequency hopping flow chart was described and
continues with the coding elaboration.
The network parameter was explained and also some API network
configuration. Finally, the trace file analysis was discussed.
CHAPTER 4
RESULTS, ANALYSIS AND DISCUSSION
This chapter shows animation captures in NAM, explains analysis of result of
trace files (*.tr) by AWK programming with some charts. The scripts of the network
animation was saved in *.nam. and run by a software called NAM.
.
4.1
Animation Capture of WSN
NAM is a build-in program inside NS2. The simulation of nodes in WSN can
be seen through the animation played by NAM. Once the TCL programming was
running without error, it will invokes or execute the animation (provided it has been
set inside the TCL programming) of the WSN. Figure 4.1 and 4.2 are animation
capture of WSN without malicious node. Figure 4.1 is a scenario where the source
(node 20) is broadcasting RREQ message to all its neighbors. Node 4 is the
destination node (red circle). The nodes with the same frequency will receive the
message and forward it to its neighbor, while the nodes with different frequency will
drop the packet. Figure 4.2 is a scenario where a packet is on transmission from the
source (node 20) to the destination (node 4). The red dot is a packet of data.
37
source
RREQ message
broadcast
is
from the source
destination
Figure 4.1: Network Animation of Broadcasting AODV message
source
A packet is on transmission
to the destination
destination
Figure 4.2: Network Animation of Data Transmission
38
Figure 4.3 and 4.4 are animation capture of WSN with malicious node (node
25). Figure 4.3 shows the malicious node trying to get into the WSN.
source
RREQ message from
malicious node
A packet from the source
destination
Figure 4.3: Network Animation of Malicious Node Trying to Get Into the WSN
Figure 4.4 is showing an attack from the malicious node. Red dots are packets
from source while a black dot is a packet from malicious node.
source
An attack from malicious node
destination
Figure 4.4: Network Animation of Attack from Malicious Node (Black Dot)
39
4.2
Analysis of Trace Files
Figure 4.5, 4.6, 4.7 and 4.8 are showing results when trace files (*.tr) have
been processed by AWK programming (myawk2.awk & myawk4.awk). The *.awk
files explanation can be found in Chapter 3.
4.2.1
WSN without Malicious Node
When frequency hopping is not applied, the throughput is 100% as shown in
Figure 4.5. The high throughput is expected because all nodes are using the same
frequency. Thus, each node is reachable between one and another.
Figure 4.5: Throughput before Frequency Hopping is Applied
When two frequencies being hopped with different period of simulation time,
we can see varies of throughput percentage. Refer to Figure 4.6 as appear on the
screen when analysis is done and Figure 4.7 which presented in graph. The
throughput is increased when period of simulation becomes longer. When simulation
time is 200s, the throughput is 0.8% but increased and stabilized at 1600s. The
stabilized throughput is 85%. Therefore, time of simulation is set to 1600s when
malicious node is added.
40
Figure 4.6: Throughput of Simulation versus Different Period of Time
Throughput over Time when Frequency Hopping
is Applied
90
80
Troughput (%)
70
60
50
40
30
20
10
0
200
400
800
1600
3200
6400
Time (s)
Figure 4.7: Throughput versus Time when Two Frequencies being Hopped
41
4.2.2
WSN with Malicious Node
Figure 4.8 shows results of sw8b1600’s trace file. This file is result of
simulation with malicious node attack and two frequencies being hopped. Total
packets are 8000 packets each, sending from source and malicious node. Destination
receives 7265 packets from source which gives 91% of throughput and 6405 packets
from malicious node which gives 80% of throughput.
Figure 4.8: Throughput when Frequency Hopping is Applied (Two Frequency)
The number of frequency being hopped is added to four frequencies. The
result can be seen in Figure 4.9. Total packets are 8000 packets each (same as two
frequencies hopped), sending from source and malicious node. Destination receives
6593 packets from source which gives 82% of throughput and 2149 packets from
malicious node which gives 27% of throughput.
42
Figure 4.9: Throughput when Frequency Hopping is Applied (Four Frequency)
Analysis was done by comparing results of throughput between two
frequencies and four frequencies. Refer to Figure 4.10 as shown on next page. The
blue bar is from source and the orange bar is from malicious node. When using two
frequencies, throughput from source is 91% while from malicious node is 80%. But
when four frequencies are used, throughput from malicious node decreased rapidly to
27%. Even though throughput from source also decreased to 82% but the amount is
small compared to throughput from malicious node. Therefore, WSN’s security is
improved.
Throughput at Destination (Node 4)
100
Throughput
80
60
from source
(node 20)
40
from malicious
node (node 25)
20
0
1
2 frequency
2
and
4 frequency
Figure 4.10: Comparison of Throughput between Two Frequency Hopping and
Four Frequency Hopping.
CHAPTER 5
CONCLUSION AND PROPOSED FUTURE WORKS
This chapter will conclude all and recommend two future works that can be
further investigate. First recommendation is on types of mode setting in MAC layer
and the latter recommendation is on network model itself.
4.1
The Conclusion
The project focus is on provisioning security in AODV based WSN using
frequency hopping. The frequency hopping algorithm was added in AODV routing
algorithm.
Initially, two frequencies are used. The throughput at the destination node was
analyzed before and after the implementation of frequency hopping to compare the
network performance. Without frequency hopping the WSN network is open to
malicious attack, thus allowing high throughput.
Then, the network was tested with the existence of a malicious node. The
purpose of the testing is to analyze network performance (after security is applied
using frequency hopping) in terms of throughput at the destination during attack. The
throughput from source and from malicious node is compared. With frequency
hopping, the security of the WSN against malicious attack is achieved at the expand
of less throughput.
44
4.2
Proposed Future Works
For future research, one can add synchronization of frequency hopping with
beacon enabled mode using slotted CSMA/CA. PAN Coordinator are using beacon to
synchronize data transmission of all coordinators and devices. Coordinators awaits
beacon signal from PAN coordinator and devices awaits the signal from coordinator.
Refer to Figure 5.1 for the idea of suggestion [J. Zheng].
Figure 5.1: WPAN with PAN Coordinator, Coordinator and Devices.
Another suggestion is to add multiple interfaces support for IEEE 802.15.4
standard in NS2. This support is already available for IEEE 802.11 standard. Multiple
interfaces can enable a node to have more than one channel at the same time. Thus,
frequency hopping can be applied at the Physical layer itself. Refer to Figure 5.2
regarding the idea [Ramon Aguero Calvo].
45
Figure 5.2: Multiple Interfaces Support
46
REFERENCES
Abbas Jamlipour (2003). The Wireless Mobile Internet – Architectures, Protocols &
Services: Wiley & Sons. 187.
Anis Koubaa, Mario ALVES, Bilel NEFZI, Ye-Qiong SONG. Improving the IEEE
802.15.4 Slotted CSMA/CA MAC for Time-Critical Events in Wireless Sensor
Network.
Anis Koubaa, Mario ALVES, Eduardo TOVAR. A Comprehensive Simulation Study
of Slotted CSMA/CA for IEEE 802.15.4 Wireless Sensor Network.
Awk. http://www.grymoire.com/Unix/Awk.html
Charles E.Perkins. Ad-hoc On-Demand Distance Vector Routing.
Eitan Altman and Tania Jimenez (2003). Ns Simulator for Beginners.
Elizabeth M. Royer, Charles E.Perkins. An Implementation of the AODV Routing
Protocols.
Fedora website. http://docs.fedoraproject.org/install-guide/fc6/en/
Feng Zhao, Leonidas Guibas (2004). Wireless Sensor Networks- An Information
Processing Approach.: Morgan Kaufman Publishers.
Holger Karl, Andreas Willig (2005). Protocols and Architectures for Wireless Sensor
Network: John Wiley & Sons Ltd.
IEEE
802.15.4
WPAN-LR
Task
http://www.ieee802.org/15/pub/TG4.html
Group
Website:
Jae Jung, Mark Claypool. NS by Example. http://nile.wpi.edu/NS/packet.html
Jose A’ Gutirez et al. IEEE 802.15.4: A Developing for Low Rate Wireless Personal
Area Network.
J. Zheng and Myung J. Lee (2006). A comprehensive performance study of IEEE
802.15.4 – Sensor Network Operations: Wiley Interscience. IEEE Press
Chapter 4. 218-237.
47
Kevin Fall, Kannan Varadhan, and the VINT project. The ns manual.
Laurent Parqueque (2006). A Module Based Wireless Node for NS2.
Liza Abdul Latif, Norsheila Fisal. Routing Protocols in Wireless Mobile Ad Hoc
Network – A Review.
Marc Greis. Ns Tutorial. http://www.isi.edu/nsnam/ns/tutorial/index.html
M. Matsumoto and T. Nishimura. Mersenne Twister: A 623-dimensionally
equidistributed uniform pseudorandom number generator. ACM Transactions
on Modeling and Computer Simulation Vol. 8, No. 1, January pp.3-30 1998.
Prof. Stephen Olariu (2006). Sensor Networks – A Short Course. Old Dominion
University
Ramon Aguero Calvo (2007). Adding Multiple Interface Support in NS-2.
S. McCanne and S. Floyd. Network Simulator. http://www.isi.edu/nsnam/ns/
Soo-Hwan Choi et.al. An Implementation of Wireless Sensor Network for Security
using Bluetooth.
TCL Tutorial. http://www.tcl.tk/man/tcl8.5/tutorial/tcltutorial.html
William Stallings (2003). 3rd Ed. Cryptography and Network Security – Principles
and Practices. Pearson Education Inc. New Jersey.
Y.C. Tseng. Overview of ZigBee/802.15.4
48
APPENDIX A
Planning & Execution
49
50
APPENDIX B
TCL Programming – sw8.tcl
#
# sw.tcl
# Projek Sarjana Kejuruteraan Elektrik (Elektronik & Telekomunikasi)
# Sesi 2006/2007/2
# Raja Zahilah Raja Mohd. Radzi (ME051219)
#
# 2 freq hop
#
=====================================================================
=
# Define options
#
=====================================================================
=
global val
set val(chan)
Channel/WirelessChannel
;#Channel Type
set val(prop)
Propagation/TwoRayGround
;# radiopropagation model
set val(netif)
Phy/WirelessPhy/802_15_4
;# network
interface type
set val(mac)
Mac/802_15_4
;# MAC type
set val(ifq)
Queue/DropTail/PriQueue
;# interface queue
type
set val(ll)
LL
;# link layer type
set val(ant)
Antenna/OmniAntenna
;# antenna model
set val(ifqlen)
50
;# max packet in
ifq
set val(nn)
25
;# number of nodes
set val(rp)
AODV
;# routing
protocol
set val(x)
50
;# X dimension of
topography
set val(y)
50
;# Y dimension of
topography
set val(Time1)
0.0
;# in seconds
set val(Time2)
0.3
;# in seconds
set val(Time3)
0.7
;# in seconds
set val(stop)
200.0
;# stop time
set val(traffic)
cbr
;# udp/cbr
#
=====================================================================
=
# Main Program
51
=====================================================================
=
# Main Program
#
=====================================================================
=
#
# Initialize Global Variables
#
# Create simulator object
set ns [new Simulator]
# Open writing file for trace data
set tf0 [open sw8.tr w]
$ns trace-all $tf0
# Open writing file for nam data
set nf [open sw8.nam w]
$ns namtrace-all-wireless $nf $val(x) $val(y)
$ns puts-nam-traceall {# nam4wpan #}
;# inform nam that
this is a trace file for wpan (special handling needed)
Mac/802_15_4 wpanNam namStatus on
;# default = off (should be
turned on before other 'wpanNam' commands can work)
# Create a topology boundary
set topo [new Topography]
# Define area of topology: x=50m,y=50m
$topo load_flatgrid $val(x) $val(y)
# Create object god
create-god $val(nn)
set chan_1_ [new $val(chan)]
# Configure node
$ns node-config -adhocRouting $val(rp) \
-llType $val(ll) \
-macType $val(mac) \
-ifqType $val(ifq) \
-ifqLen $val(ifqlen) \
-antType $val(ant) \
-propType $val(prop) \
-phyType $val(netif) \
-topoInstance $topo \
-agentTrace ON \
-routerTrace ON \
-macTrace OFF \
-movementTrace OFF \
-channel $chan_1_ \
52
for {set i 0} {$i < $val(nn) } {incr i} {
set node_($i) [$ns node]
$node_($i) random-motion 0
;# disable random
motion
}
# Configure node position - assume static node
set k 5
for {set j 0} {$j < 5} {incr j} {
$node_($j) set X_ $k
$node_($j) set Y_ 5.0
$node_($j) set Z_ 0.0
incr k 10
}
set l 5
for {set j 5} {$j < 10} {incr j} {
$node_($j) set X_ $l
$node_($j) set Y_ 15.0
$node_($j) set Z_ 0.0
incr l 10
}
set m 5
for {set j 10} {$j < 15} {incr j} {
$node_($j) set X_ $m
$node_($j) set Y_ 25.0
$node_($j) set Z_ 0.0
incr m 10
}
set n 5
for {set j 15} {$j < 20} {incr j} {
$node_($j) set X_ $n
$node_($j) set Y_ 35.0
$node_($j) set Z_ 0.0
incr n 10
}
set o 5
for {set j 20} {$j < $val(nn)} {incr j} {
$node_($j) set X_ $o
$node_($j) set Y_ 45.0
$node_($j) set Z_ 0.0
incr o 10
}
for {set i 0} {$i < $val(nn) } {incr i} {
$ns initial_node_pos $node_($i) 3
}
#Setup a CBR over UDP connection
proc cbrtraffic {src dst interval starttime} {
global ns node_
set udp($src) [new Agent/UDP]
eval $ns attach-agent \$node_($src) \$udp($src)
set null($dst) [new Agent/Null]
eval $ns attach-agent \$node_($dst) \$null($dst)
set cbr($src) [new Application/Traffic/CBR]
eval \$cbr($src) set packetSize_ 70
53
eval \$cbr($src) set interval_ $interval
eval \$cbr($src) set random_ 0
#eval \$cbr($src) ser rate_ 250kb
eval \$cbr($src) attach-agent \$udp($src)
eval $ns connect \$udp($src) \$null($dst)
$ns at $starttime "$cbr($src) start"
}
if { ("$val(traffic)" == "cbr")} {
puts "\nTraffic: $val(traffic)"
puts [format "Acknowledgement for data: %s" [Mac/802_15_4 wpanCmd
ack4data]]
set lowSpeed 0.5ms
set highSpeed 1.5ms
Mac/802_15_4 wpanNam PlaybackRate $lowSpeed
$ns at [expr $val(Time1)+0.1] "Mac/802_15_4 wpanNam PlaybackRate
$highSpeed"
$ns at $val(Time2) "Mac/802_15_4 wpanNam PlaybackRate $lowSpeed"
$ns at [expr $val(Time2)+0.1] "Mac/802_15_4 wpanNam PlaybackRate
$highSpeed"
$ns at $val(Time3) "Mac/802_15_4 wpanNam PlaybackRate $lowSpeed"
$ns at [expr $val(Time3)+0.1] "Mac/802_15_4 wpanNam PlaybackRate
$highSpeed"
eval $val(traffic)traffic 20 4 0.2 0.1
Mac/802_15_4 wpanNam FlowClr -p AODV -c tomato
Mac/802_15_4 wpanNam FlowClr -p ARP -c green
if { "$val(traffic)" == "cbr" } {
set pktType cbr
} else {
set pktType exp
}
Mac/802_15_4 wpanNam FlowClr -p $pktType -s 20 -d 4 -c red
$ns at 0.1 "$node_(20) NodeClr red"
$ns at 0.1 "$node_(4) NodeClr red"
$ns at 0.1 "$ns trace-annotate \"(at 0.1) $val(traffic) traffic from
node 20 to node 4\""
}
for {set i 0} {$i < $val(nn)} {incr i} {
$ns at $val(stop) "$node_($i) reset";
}
$ns at $val(stop) "finish"
$ns at $val(stop) "puts \"NS Exiting...\"; $ns halt"
proc finish {} {
global ns tf0 nf
$ns flush-trace
close $tf0
close $nf
exec nam sw8.nam &
exit 0
}
# Start simulation
puts "Start Simulation..."
$ns run
54
APPENDIX C
TCL Programming: malicious node – sw8b1600.tcl
#
# sw.tcl
# Projek Sarjana Kejuruteraan Elektrik (Elektronik & Telekomunikasi)
# Sesi 2006/2007/2
# Raja Zahilah Raja Mohd. Radzi (ME051219)
#
# 2 freq hop
#
=====================================================================
=
# Define options
#
=====================================================================
=
global val
set val(chan)
Channel/WirelessChannel
;#Channel Type
set val(prop)
Propagation/TwoRayGround
;# radiopropagation model
set val(netif)
Phy/WirelessPhy/802_15_4
;# network
interface type
set val(mac)
Mac/802_15_4
;# MAC type
set val(ifq)
Queue/DropTail/PriQueue
;# interface queue
type
set val(ll)
LL
;# link layer type
set val(ant)
Antenna/OmniAntenna
;# antenna model
set val(ifqlen)
50
;# max packet in
ifq
set val(nn)
25
;# number of nodes
set val(rp)
AODV
;# routing
protocol
set val(x)
50
;# X dimension of
topography
set val(y)
50
;# Y dimension of
topography
set val(Time1)
0.0
;# in seconds
set val(Time2)
0.3
;# in seconds
set val(Time3)
0.7
;# in seconds
set val(stop)
1600.0
;# stop time
set val(traffic)
cbr
;# udp/cbr
#
=====================================================================
=
# Main Program
#====================================================================
=
55
#
# Initialize Global Variables
#
# Create simulator object
set ns [new Simulator]
# Open writing file for trace data
set tf0 [open sw8.tr w]
$ns trace-all $tf0
# Open writing file for nam data
set nf [open sw8.nam w]
$ns namtrace-all-wireless $nf $val(x) $val(y)
$ns puts-nam-traceall {# nam4wpan #}
;# inform nam that
this is a trace file for wpan (special handling needed)
Mac/802_15_4 wpanNam namStatus on
;# default = off (should be
turned on before other 'wpanNam' commands can work)
# Create a topology boundary
set topo [new Topography]
# Define area of topology: x=50m,y=50m
$topo load_flatgrid $val(x) $val(y)
# Create object god
create-god $val(nn)
set chan_1_ [new $val(chan)]
# Configure node
$ns node-config -adhocRouting $val(rp) \
-llType $val(ll) \
-macType $val(mac) \
-ifqType $val(ifq) \
-ifqLen $val(ifqlen) \
-antType $val(ant) \
-propType $val(prop) \
-phyType $val(netif) \
-topoInstance $topo \
-agentTrace ON \
-routerTrace ON \
-macTrace OFF \
-movementTrace OFF \
-channel $chan_1_ \
for {set i 0} {$i < $val(nn) } {incr i} {
set node_($i) [$ns node]
$node_($i) random-motion 0
;# disable random motion
}
56
# Create malicious node
set node_(25) [$ns node]
$ns at 0.0 "$node_(25) NodeLabel \"malicious node\""
$ns at 0.0 "$node_(25) NodeClr red"
$ns at 0.0 "$node_(25) add-mark m1 blue circle"
$node_(25) random-motion 0
;# disable random motion
$node_(25) set X_ -10.0
$node_(25) set Y_ 25.0
$node_(25) set Z_ 0.0
$ns initial_node_pos $node_(25) 3
$ns at $val(stop) "$node_(25) reset";
# Configure node position - assume static node
set k 5
for {set j 0} {$j < 5} {incr j} {
$node_($j) set X_ $k
$node_($j) set Y_ 5.0
$node_($j) set Z_ 0.0
incr k 10
}
set l 5
for {set j 5} {$j < 10} {incr j} {
$node_($j) set X_ $l
$node_($j) set Y_ 15.0
$node_($j) set Z_ 0.0
incr l 10
}
set m 5
for {set j 10} {$j < 15} {incr j} {
$node_($j) set X_ $m
$node_($j) set Y_ 25.0
$node_($j) set Z_ 0.0
incr m 10
}
set n 5
for {set j 15} {$j < 20} {incr j} {
$node_($j) set X_ $n
$node_($j) set Y_ 35.0
$node_($j) set Z_ 0.0
incr n 10
}
set o 5
for {set j 20} {$j < $val(nn)} {incr j} {
$node_($j) set X_ $o
$node_($j) set Y_ 45.0
$node_($j) set Z_ 0.0
incr o 10
}
for {set i 0} {$i < $val(nn) } {incr i} {
$ns initial_node_pos $node_($i) 3
}
57
#Setup a CBR over UDP connection
proc cbrtraffic {src dst interval starttime} {
global ns node_
set udp($src) [new Agent/UDP]
eval $ns attach-agent \$node_($src) \$udp($src)
set null($dst) [new Agent/Null]
eval $ns attach-agent \$node_($dst) \$null($dst)
set cbr($src) [new Application/Traffic/CBR]
eval \$cbr($src) set packetSize_ 70
eval \$cbr($src) set interval_ $interval
eval \$cbr($src) set random_ 0
#eval \$cbr($src) ser rate_ 250kb
eval \$cbr($src) attach-agent \$udp($src)
eval $ns connect \$udp($src) \$null($dst)
$ns at $starttime "$cbr($src) start"
}
if { ("$val(traffic)" == "cbr")} {
puts "\nTraffic: $val(traffic)"
puts [format "Acknowledgement for data: %s" [Mac/802_15_4 wpanCmd
ack4data]]
set lowSpeed 0.5ms
set highSpeed 1.5ms
Mac/802_15_4 wpanNam PlaybackRate $lowSpeed
$ns at [expr $val(Time1)+0.1] "Mac/802_15_4 wpanNam PlaybackRate
$highSpeed"
$ns at $val(Time2) "Mac/802_15_4 wpanNam PlaybackRate $lowSpeed"
$ns at [expr $val(Time2)+0.1] "Mac/802_15_4 wpanNam PlaybackRate
$highSpeed"
$ns at $val(Time3) "Mac/802_15_4 wpanNam PlaybackRate $lowSpeed"
$ns at [expr $val(Time3)+0.1] "Mac/802_15_4 wpanNam PlaybackRate
$highSpeed"
eval $val(traffic)traffic 20 4 0.2 0.1
Mac/802_15_4 wpanNam FlowClr -p AODV -c tomato
Mac/802_15_4 wpanNam FlowClr -p ARP -c green
if { "$val(traffic)" == "cbr" } {
set pktType cbr
} else {
set pktType exp
}
Mac/802_15_4 wpanNam FlowClr -p $pktType -s 20 -d 4 -c red
$ns at 0.1 "$node_(20) NodeClr red"
$ns at 0.1 "$node_(4) NodeClr red"
$ns at 0.1 "$ns trace-annotate \"(at 0.1) $val(traffic) traffic from
node 20 to node 4\""
}
for {set i 0} {$i < $val(nn)} {incr i} {
$ns at $val(stop) "$node_($i) reset";
}
$ns at $val(stop) "finish"
$ns at $val(stop) "puts \"NS Exiting...\"; $ns halt"
58
proc finish {} {
global ns tf0 nf
$ns flush-trace
close $tf0
close $nf
exec nam sw8.nam &
exit 0
}
# Start simulation
puts "Start Simulation..."
$ns run
59
APPENDIX D
AWK Programming – Myawk2.awk
BEGIN { count_s
count_r =
{
if ($1 ==
if ($1 ==
}
= 0
0 }
"s" && $4== "AGT") count_s++
"r" && $4 == "AGT") count_r++
END {
print count_r/count_s*100, "%"
}
60
APPENDIX E
AWK Programming – Myawk4.awk
BEGIN { count_s20 = 0
count_s25 = 0
count_r20 = 0
count_r25 = 0 }
{
if ($3 == "_20_") {
if ($1 == "s" && $4== "AGT") count_s20++ }
if ($3 == "_25_") {
if ($1 == "s" && $4== "AGT") count_s25++ }
if ($3 == "_4_" && $14 == "[20:0") {
if ($1 == "r" && $4 == "AGT") count_r20++ }
if ($3 == "_4_" && $14 == "[25:0") {
if ($1 == "r" && $4 == "AGT") count_r25++ }
}
END { print
print
print
print
print
print
print
print
}
"Receiving at Node 4:"
"from Node 20 =",count_r20
"from Node 25 (malicious) =",count_r25
"Sending from:"
"Node 20 =",count_s20
"Node 25 =",count_s25
"20:4->", count_r20/count_s20*100,"%"
"25:4->", count_r25/count_s25*100,"%"