Secure localization against malicious attacks on wireless sensor network

ISSN 2354-0575 Journal of Science and Technology54 Khoa học & Công nghệ - Số 27/Tháng 9 - 2020 SECURE LOCALIZATION AGAINST MALICIOUS ATTACKS ON WIRELESS SENSOR NETWORK Vinh V. Le1,*, Dang Van Anh2, Nguyen Thi Thanh Hue2, Tran Do Thu Ha2 1 National Kaohsiung University of Science and Technology, Kaohsiung City 807618, Taiwan 2 Hung Yen University of Technology and Education * Corresponding author: vinhlv.utehy@gmail.com Received: 05/05/2020 Revised: 20/08/2020 Accepted for publication: 15/09/2020 Abstract: Wireless sensor networks (WSN) are very susceptible to location errors due to malicious attacks on sensor nodes that distort the position of the sensor nodes, which will lead to an error during unknown node localization. In this paper, we propose a localization algorithm to defend against independent attacks and collusion attacks. In the algorithm, we first select three random reference nodes, then use the trilateral detection method and the confidence interval to get rid of the malicious nodes. We then use the PSO optimization algorithm to locate the unknown node, is called (Secure localization algorithm against advanced attacks-SL4A). Through the simulation results, we prove that our proposed algorithm outperforms the existing algorithms, in terms of the variability of malicious nodes and noise, average localization error and degree computational complexity. Keywords: Wireless sensor network (WSNs), Secure Location, Independent Attack, Collusion Attack. 1. Introduction In recent years, a number of algorithms have been proposed for the secure localization of sensor nodes, determining safe locations that are widely used in health care, environmental monitoring, and smart homes, IoT, and other commercial applications [1], [2]. All of these WSN localization algorithms have the same feature that they estimate the actual location of nodes (anchors or beacons) with location node (unknown or target). The proposed PSO localization algorithms do not take into account malicious attacks [3], [4]. When the beacon nodes are affected by the attacks have a bad purpose, malicious nodes deliberately enhance or weaken signal strength and affect the accuracy of localization. Current localization algorithms take into account anti-attack [5], [6]. In [6], the localization algorithm based on minimum mean square estimation and voting based is proposed. In WSNs, the common attack methods in localization are independent attack and collusion attack [7], [8]. In [8], two methods are used based on the exploration of beacon node locations that are interfered with by malicious attack nodes: The first method filters out malicious beacons signals on the basis of the consistency among beacons signals, the second method accepts malicious beacon signals by using the voting method to remove malicious nodes. Propose combining clustering technique in attack- resistant localization method [7]. The localization method is to measure the received signal strength (RSS) of any three points to make location estimates and combine with the K-means clustering method to eliminate malicious location. Based on the clustering effect of localization results from not attacked access points and based on the localization results of attacked access points, it is divided into two separate groups and achieve effective filtering of toxic point locations. In this paper, we design a localization algorithm against malicious attacks in two independent attack and collusion attack environments: First, we randomly select a set of three reference nodes and use it with PSO position estimation algorithm. Next, we use the confidence interval method to get rid of the malicious nodes. Finally, we use the PSO optimization algorithm to estimate the location of the unknown node with the nodes within confidence intervals. ISSN 2354-0575 Khoa học & Công nghệ - Số 27/Tháng 9 - 2020 Journal of Science and Technology 55 2. Network Model and Problem In this section, we first introduce the WSNs node model. Next, we then introduced two independent and collusion attack. Finally, we investigate the effects of attacks on beacon nodes in localization. 2.1. WSN Network Node Model Figure 1. WSN network node model Figure 1 shows our WSN nodes model consisting of three types of nodes: 1) M is an unknown node, 2) A, B and C are beacon or anchor nodes, and 3) A’ is a malicious node. Where B and C are benign nodes that have not been attacked, node A is attacked by malicious node A’. Therefore, the check node will assume that the position of node A is at the position of node A’. The distance from nodes A, B and C to the unknown node is called the measurement distance. Normally, when the beacon nodes sends location information to an unknown node, the unknown node receives a signal from the beacon nodes and based on the signal strength, it converts the measurement distance between the beacon nodes and unknown node. Therefore, when the beacon nodes are attacked by malicious nodes, will lead to unknown node localization error. 2.2. Model Attack Location and Noise In the presence of malicious attacks, location deviation measurements from compromised beacon nodes can fool sensors with unknown coordinates. Malicious measurements that are injected into the system by the attackers are the exception. The solution of benign position estimates is generally largely affected by malicious attacks. We allow many independent and collusive attacks to transmit misleading location information without restriction. A) Collusion attack method: In Figure 2, the beacon nodes B, C, and D signals send location information to node A, because the node B, C, and D are affected by the attack leading to the RSSI signal wrong, so the beacon node A will be positioned to the A’ beacon node position for incorrect positioning results. Figure 2. CollusionAttack model B) Independent attack method: In Figure 3, the node B, C, and D signals send location information to node A, since node B, C, and D can be affected in part by independent attacks, credits RSSI signal is stronger or weaker than the original signal, leading to position A can be placed in different positions A’, A’’ and A’’’ form big position errors, independent attack model [10], using α and β parameters to control and enhance RSSI signals. Figure 3. Independent Attack model 2.3. Position Estimation Unknown Node with Presence of Attacks In the WSN network, the correct localization of the network node will help routing, save energy, and then maintain the life of the node and the entire network. But it poses challenges because the appearance of an exception attacker changes the position of benign nodes, or increases and decreases the signal strength. Therefore, methods of location estimation and location measurements from beacon nodes to unknown nodes position will lead to localization errors. The issue of estimating the location in the presence of malicious attackers is as follows: ISSN 2354-0575 Journal of Science and Technology56 Khoa học & Công nghệ - Số 27/Tháng 9 - 2020 Consider a WSN with N anchor nodes and an unknown node. The location coordinates of the anchor nodes i can be expressed as Zi = [xi yi] T, 1, 2, ..., N, and the position of the unknown node is Z 0 = [x 0 y 0 ]T . 2 2 0 0 0( ) ( ) , 1, 2, , (1) i i i id Z Z x x y y i N = − = − + − =  Where di is the estimated distance between Zi and Z 0 .  id is the measured distance between Zi and Z0 according to RSSI. Since the actual distance  id is not known, the objective of localization is to minimize the difference between di and  id . Therefore, the  0 0( , )x y of unknown node is estimated by the following equation:    0 2 0 10 0 arg min ( , ) ( ) (2) , y N i i i x y d d x = = −∑ where N is the number of anchor nodes used to estimate the position of an unknown node. Equation (2) uses the (Least Square-LS) method, which is a mathematical optimization method [9], [10]. The applied LS is to minimize the total square of the location error. Due to location estimation error, the position   0 0( , )x y in Equation (2) is often a multimodal function. Therefore, we use the PSO optimization algorithm to estimate the error location, then use the CI confidence interval method or the PSO group method with the smaller value group. Then calculate the average position from the benign position estimates (not attacked by malicious nodes) obtained from the confidence interval method and the PSO group. Average position is the estimated position of unknown node. 3. Particle swarm optimization algorithm (PSO) Our idea throughout the paper is to develop the localization estimation algorithm based on the PSO optimization paradigm. In this section, we first present details of how to implement the PSO paradigm to estimate the unknown node’s location. In PSO, all individuals in a population are seen as particles in a N-dimensional solution space, the fitness value is determined by its location in the search space. Assume, in an N-dimensional objective search space. Three N-dimensional vectors are used to describe a particle i: (1) current location Xi = [xi1, xi2, xiN]; (2) the previous location Pbesti = [pi1, pi2, , piN] of the best fitness; and (3) current velocity Vi = [Vi1, Vi2, , ViN] . Besides, Gbest = [G1, G2, , GN] denotes the position of the best particle so far (ie, Gbestd is the smallest of all Pbestid). At each iteration k, the velocity vid and position Xid of each particle are updated according to the following equations. 1 1 2 2( 1) ( ) ( ) ( )id id id id d idV k V k c r Pbest X c r Gbest Xw (3) ( 1) ( ) ( 1)id id idX k X k V k (4) where, d =1,2, , N; i=1, 2, , K; and K is the size of the swarm population, it is denotes iteration number, r 1 and r 2 are random numbers between [0,1], and c 1 =c 2 =2 are respectively the cognitive and social learning parameters, ω is the inertia weight. The inertial weight is added to element w of the original PSO algorithm as in Eq. (5). The bigger value of ω is beneficial for particles to jump out of local minimum points, the smaller value of ω is favor the algorithm convergence. As originally developed, ω often decreases linearly with the number of iterations. Therefore, ω can be set according to the following equation. max max ( ) (5)ini end end T t T w ww w where iniw is the initial weigh. endw is the final weight value, maxT is the total number of iterations, and t is the current number of iterations. In previous experimental studies, ω was often set from 0.9 reducing linearly to 0.4. 4. Secure Localization Algorithm Against Advanced Attacks (SL4A) Existing algorithms for estimating attack resistance positions often use as many beacon nodes as possible to estimate unknown node coordinates [12], [8]. The idea behind the algorithm LS4A is that we select three random points for an initial subset, using the trilateral detection paradigm and the PSO optimization algorithm to identify measurements in confidence intervals. To find the coordinates of a node requires at least 3 distance measurements. Therefore, to estimate the position of an unknown node from a randomly chosen subset of 3 nodes, Ωi (Step 4). In ISSN 2354-0575 Khoa học & Công nghệ - Số 27/Tháng 9 - 2020 Journal of Science and Technology 57 an attack network model, any node can be attacked, so that to detect an attack beacon node, (Step 5) uses the trilateral detection method to detect whether a set Ωi has been maliciously attacked. If the set Ωi is not attacked (Step 6) use the PSO algorithm to find the location estimate. Next (Step 7), calculate the K value by the Equations (7), of all cases falling into the confidence interval e. When K = N, the estimated location ofc 0Z is within the confidence interval of all the beacons, and its coordinates are completely removed by malicious attacks. 1 ( 1.96 1.96),1 where (7) ,0 N i i i i if e K u u otherwise=  − ≤ ≤ = = =     ∑ If the value of K is greater than the threshold value of t given (Step 8). Once a consistency set has been identified, the algorithm uses all points in the confidence interval set to form the final estimate ofc  0Z and it terminates (Steps 9). In our experiments, we use the PSO optimization algorithm to calculate the initial estimate from the Zi subset and for the final estimate obtained from the set within the confidence interval. If the algorithm performs all iterations and does not find the confidence interval have a minimum size t. Then it will either declare a failure or give an 0Z position estimate acceptable from the largest confidence interval (Steps 13). Algorithm Secure Localization Algorithm Against Advanced Attacks (SL4A) 1: Input: unknown node Z 0 , maximum number of interations imax, Set L, confidence interval CI, threshold t; 2: Ouput: estimated positionc 0Z  0 0( , )x y ; 3: for iter=0 to imax do 4: Randomly select a subset Ωi of size 3 from L; 5: if TriEdgeCheck(Ωi) then 6: Call PSO-Based Localization Algorithm; 7: Calculate K, the number of points in the confidence interval with to the estimatedc  0Z in e; 8: if K > t then 9: return  0 0( , )x y ; 10: end if 11: end if 12: end for 13: return  0 0( , )x y ; 4.1. The Trilateral Detection Method: [13] is derived from a beacon node detection method developed from the theorem of a triangle. The total 2 sides of the triangle are larger than the third side, and the subtraction of 2 sides of the triangle is smaller than the third side. Given a triangle ∆ABC and the corresponding edges are a, b, c, the three sides must satisfy a + b > c, a + c > b, b + c > a, a − b < c, a − c < b and b − c< a. Figure 4. The trilateral detection method For example, in Figure 4 M is called an unknown node or a measured node, A and B are anchor nodes that provide positioning information. M node is measured uses RSSI signal strength to convert the distance between A and B anchor nodes into dAM distance and dBM, and then use the known distance dAB to perform trilateral detection, then assess whether or not to meet the principles of a triangle. 4.2. Confidence Interval (CI): We assume that not all beacon nodes are attacked by malicious nodes, meaning that non-toxic distance measurement errors are Gaussian random variables distributed according to N(0,σ2), error variance is the RSSI distance measurement technique in this paper. The distance measurement error e computes the distance between the actual position of with the reference position (xi , yi) according to the Equations (8).  2 2 0 0( ) ( ) (8)i i ie d x x y y= − − + − In statistics, the confidence interval of the probability sample means estimating the interval of some of the overall parameters of the sample [17]. The confidence interval is a distance estimation method that uses a range to estimate a parameter. This shows that the true value of this parameter is likely to fall into the measurement result, the ISSN 2354-0575 Journal of Science and Technology58 Khoa học & Công nghệ - Số 27/Tháng 9 - 2020 probability is called the level of Confidence 1 - α, α is the probability of not falling into the range. For example, as shown in Figure 5 we apply the confidence interval method to measure errors in the estimated position coordinates, 95% CI are a given level taken from the Normal distribution N(0,σ2), be within the standard deviation [-1.96e, 1.96e], of which 1 - α = 95%; α = 5%. In other words, e is in the CI confidence interval with a probability of more than 95%. Figure 5. Example of 95% confidence interval 5. Simulation Evaluations Two types of the simulation scenario with network environment are 50x50. Total of 15 beacon nodes including 3 to 7 malicious nodes; and 1 unknown node. Let α = 1.1 and β = - 10. Scenario 1, evaluates the influence of the collusion attacks by changing malicious nodes, and Scenario 2, evaluates the influence of the independent attacks by changing Gaussian noise intensity. The program is simulated for 10,000 times. We compare the performance of the new SL4A algorithm with current algorithms: LMS [16], RANLD [15], IDM [11] and Cluster-NLS [14]. First, compare the secure location in the collusion attack environment, in which the number of attack nodes in the environment ranges from 3 to 7 nodes. Next, compare the safe position in the collusion attack environment, where the noise variation is 1, the attack intensity Alpha varies from 0.6 to 1.4 and β = 0. With α have strength from 0.7 to 1 is a weakening attack, and α from 1 to 1.4 is a signal booster attack. 5.1. Collusion Attack: Figure 6(a), under the scenario of collusion attack by changing malicious nodes. The average localization error of the algorithm increases as the number of malicious nodes increases. Because the number of malicious nodes directly affects the power of collusion attacks. When the number of malicious nodes is 3 and 4, the Cluster-NLS algorithms have the smallest average localization error. When the number of malicious nodes is 5, 6 and 7, the SL4A and RANLD algorithms are best against collusion attacks. Based on the empirical results, it can be concluded that when the number of malicious nodes is small in collusion attack, the secure location algorithm using group combination shows better localization ability. Fig 6. Comparing secure localization algorithms against attacks: Fig. 6(a) is collusion attack and Fig. 6(b-f) are independent attacks ISSN 2354-0575 Khoa học & Công nghệ - Số 27/Tháng 9 - 2020 Journal of Science and Technology 59 5.2. Independent attack: Figure 6(b) to Figure 6(f) with the scenario of independent attacks by changing Gaussian noise intensity. In the cases of number of attack nodes changer from 3 to 7 nodes. We can see that when the attack intensity α = 0.9 and α = 1.1, all algorithms are affected by the worst attacks power. With different attack intensities, the SL4A and RANLD algorithms have the smallest average localization error. IDM algorithm randomly chooses 5 nodes to estimate position. Therefore, the average localization error in the middle. As the signal strength increased, the Cluster-NLS and LMS algorithms had average localization errors increased accordingly. 6. Conclusions In WSNs there is practically a lot of noise caused by malicious attacks on anchor nodes. Most localization algorithms are suffer from malicious attacks, resulting in a large difference between the estimated location and the actual location of an unknown node. However, there are a few localization algorithms that considers independent attack mechanisms, due to inappropriate algorithmic architectural design, the ability to resist malicious attacks is limited and the complexity of the algorithm is too high compared to hardware devices. In this paper, we have proposed a anti-attack security algorithms SL4A with stability and robustness, algorithm focused on combating independent attacks and collusion attacks. Compared to existing secure localization algorithms, our two algorithms resist malicious attacks and calculate the location coordinates of the unknown node more accurately. References [1]. Y.S.I.F.Akyildiz,W.SuandE.Cayirci,“Asurveyonsensornetworks,” IEEE Communications Magazine, 2002, vol. 40, no. 8, pp. 102–114. [2]. L.Doherty and K. Pister, “Convex position estimation in wireless sensor ne