Adaptive Security Provision for Increased Energy Efficiency in Wireless Sensor Networks

Mohamed Younis and Nick Krajewski

Department of Computer Science and Electrical Engineering University of Maryland, Baltimore County

Baltimore, Maryland, USA { younis, nkraje1}@cs.umbc.edu

Osama Farrag The Johns Hopkins University, Applied Physics Lab.

Laurel, Maryland, USA Osama.Farrag@jhuapl.edu

Abstract—This paper introduces a novel optimization strategy for increasing the resource efficiency and security of data routing in a wireless sensor network. Most secure routing schemes found in the literature provision security at the highest level by involving sophisticated data encryption with a large key. This imposes lots of overhead both in computation, while performing the encryption and decryption, and in communication due to bit padding. The proposed optimization approach strives to adapt the security measures to the trust level on the nodes on the path and factors in the security-related overhead in the link cost. In addition, a novel path rotation scheme is proposed to enable the use of resource-efficient security measures without risking an increase in vulnerability. The applicability of the proposed optimization is validated using the Ad hoc On-Demand Multipath Distance Vector (AOMDV) routing protocol and its performance advantage is confirmed via ns2 simulation experiments.

I. INTRODUCTION Wireless Sensor Networks (WSNs) have lots of potential in a variety of applications including infrastructure monitoring, target tracking, homeland security, and military systems [1][2]. Given the criticality of these applications the network operation has to be secured in order to ensure the integrity and preserve the confidentiality of the transmitted data. However, this is especially difficult in WSN environments due to the wireless transmission medium, and the restricted resources of sensor nodes, in addition to the fact that their physical security often cannot be ensured [3]. Adversaries may attempt to attack individual nodes by active means, e.g., node capture, or passive means, eavesdropping.

Previous research has generally studied the routing problem in a non-adversarial setting, assuming a trusted environment [4]. These may be sufficient for normal applications but for applications such as military exercises and disaster relief, a secure and a more reliable communication is required. Several routing protocols have been proposed to address the issue of security, but they are not efficient, in the sense that they use the same kind of encryption algorithms (mostly high level) for every packet they pass from one intermediate node to another in the routing path [5][6]. This consumes significant amounts of energy and time.

This paper proposes a novel optimization strategy that avoids the unnecessary overhead imposed on the individual nodes. The idea is to adapt the security provision to the need of the application and the trust level of the involved nodes. Basically, candidate routes from a source to a destination are

picked using energy based link cost. Then, the trust level of the nodes on the nominated paths is factored in order to qualify the overall cost of every candidate route. The trust level on each path, which is determined by the least trusted node on the path, decides what level of encryption is applied to the data at the source node. In other words, above a certain level of trust, there is no need for the source node to perform sophisticated encryption on the data since the route to the destination consists of highly trusted nodes.

The proposed Adaptive Security Provision (ASP) conserves the node’s energy by avoiding unnecessary encryption, saves bandwidth by cutting down on padding overhead when large encryption keys are used, and saves on packet processing time, which can be very valuable in cases of emergency where the information is as valuable as the time. As an added measure, the use of paths is rotated in order to make it more difficult for an adversary to gain insight into the encryption scheme. This also balances the traffic load and extends the network lifetime. The effectiveness of the ASP approach is validated through simulation. The performance results have confirmed the advantage of the proposed scheme in reducing the security related overhead.

The remainder of this paper is structured as follows: Section II describes the system model and assumptions for this work; Section III gives an overview of related work on energy-aware and trust-based routing; Section IV discusses the optimization strategy and explains the ASP approach in detail; Section V describes the validation experiments and analyzes the simulation results; and finally Section VI gives some concluding remarks.

II. SYSTEM MODEL We consider a network of a set of sensors that collaborate in tracking an event in an area of interest. The network is deployed in a harsh environment to serve multiple in-situ mobile users as well as remote command centers. The network is interfaced to distant centers through local base-stations. Depending on the proximity of the users and base-stations some sensors act as access points to the network. Queries and data are disseminated to and from access points. Figure 1 shows an articulation of the considered network model. Access points are not fixed since the users change their positions and thus the traffic pattern changes over time.

Since the sensors operate in an inhospitable environment, they run the risk of being captured and compromised. An

999978-1-4244-4487-8/09/$25.00 ©2009 IEEE

The 9th IEEE International Workshop on Wireless Local Networks (WLN 2009)Zürich, Switzerland; 20-23 October 2009

Figure 1: An articulation of a sensor network serving multiple in-situmobile users where some nodes become access points for receivingqueries and delivering data.

RemoteCommand

Node

Mobile User

Base-station

Command Node

Mobile User

Mobile user

Base-station

Access point

Access point

Access point

Access point

Access point

RemoteCommand

Node

Mobile User

Base-station

Command Node

Mobile User

Mobile user

Base-station

Access point

Access point

Access point

Access point

Access point

adversary would manipulate captured nodes to disrupt the network operation [7]. Therefore, it is assumed that the behavior of nodes is monitored by their neighbors and a level of trust is assessed and adjusted throughout the lifetime of the network. Numerous behavioral parameters can be factored in the trust model. Examples of these parameters include the packet drop rate, medium access collision, increased errors in the reported data, etc. This paper does not address trust management and relies on existing approaches in the literature, such as [8][9][10], for formulating the trust model and updating the trust level of the individual nodes.

In addition, the wireless nature of the communication makes the network vulnerable to eavesdropping. An adversary would strive to break the confidentiality and integrity of the data by accessing and tampering with the transmitted packets, and to analyze the traffic to identify key players that can be targeted with more aggressive attacks. As a countermeasure, the nodes employ encryption schemes to protect the transmitted data. Upon establishing a data path the source and destination node agree on an encryption key for the session. As indicated earlier, nodes pursue large keys in order to make it difficult for an adversary to attack the data integrity or confidentiality using contemporary cryptanalysis techniques.

III. RELATED WORK Given the resource constrained nature of sensor nodes, energy awareness has been the most popular design metric for network-layer protocols. Routing protocols found in the literature can be generally classified into three main categories, data-centric, hierarchical and location-based [4]. Most of these protocols are geared for reducing the communication energy in order to maximize the network lifetime. While energy has been the main focus for most of the published work, some considered additional metrics like quality of service and security [3][11]. In principle, the

proposed ASP optimization strategy can be integrated with most of these energy-aware routing techniques. Although, the path rotation strategy has been recommended in some of the prior work, e.g., [12], unlike ASP, the motive is mostly to avoid the use of the shortest path all the time so that the nodes on such path would have a longer battery lifespan.

Routing in WSNs can be susceptible to a myriad of security attacks. Karlof and Wagner [7] have enumerated these attacks and analyzed their applicability. Such work has motivated numerous security solutions. Most notable among the published secure routing protocols is SPINS [13]. SPINS has two security components, namely, SNEP (Sensor Network Encryption Protocol) and µTesla. SNEP provides confidentiality, authentication and freshness whereas µTesla provides authenticated broadcast. SNEP is in essence a key establishment protocol for inter-sensor communication. Actually, most published work on secure routing either focuses on key management issues [14][15][16] or on countering possible attacks on the topology [17][18]. Data confidentially is handled by establishing a session key for encrypting all data packets. None of these published approaches considered the optimization that ASP promotes by factoring the node’s trust in determining the size of encryption keys

Modeling and managing node trust in the context of WSNs has recently started to gain some attention from the research community [8][9][10]. Yao et al. [8] have focused on the trust management problem with little emphasis on how to use it in optimizing the route selection. In addition, they have not investigated the vulnerability that a trust-based metric introduces by making a path more exposed to an aggressive eavesdropper. The focus of the work of Sheikh et al. [9] is on the efficiency of establishing and maintaining a trust model. They argue that centralized approaches are impractical in WSNs while distributed approaches introduce prohibitive overhead. Instead they promote a group based trust model and argue that it suits the scale of WSNs and the strategies that are often pursued in managing the network operation. Meanwhile, Hur et al. [10] consider the semantics of the data readings when building the trust model. They argue that contemporary authentication schemes are targeting intruders and cannot prevent the transmission of bogus data from a compromised network member. Their model opts to reflect such a malicious behavior in assessing the node trust. The proposed ASP approach does not address trust management and leverages all these modeling schemes.

Few trust based routing schemes have been in proposed in the literature for ad-hoc networks. Pissinou et al. [19] has extended the Ad hoc On-Demand Distance Vector (AODV) protocol [20] to select the data path based on the trust of the individual nodes. The main objective is to find the most energy efficient route that has no malicious entity. A similar approach is pursued in [21] using a more sophisticated trust management methodology. Unlike these extensions which are geared mostly for security, the motive of Li et al. [22] is to save on overhead. They rely on the mutual trust relationship among the nodes in order to avoid the exchange and the

1000

verification of certificates all the time. Again, none of these schemes have considered the optimization proposed in the ASP approach.

IV. ADAPTIVE SECURITY PROVISION The security provision proposed in this paper is twofold. First, the data being transmitted among the nodes is encrypted at varying levels according to the trust of the path. This helps save communication, computation and energy resources while sustaining the confidentiality and integrity of the data. Second, the data route is rotated among multiple paths so that an adversary would have a difficult time discerning the encryption scheme in use. Path rotation also helps in minimizing the impact of wormhole and black-hole attacks where a more frequently used route to a particular node could be singled out. These two measures are described in details in the balance of this section.

A. Trust and Energy aware Route Setup Data routes in WSNs are conventionally set based on a link cost that favors energy conservation while employing a unified security measure regardless of the vulnerability in using a particular path [18]. Such an approach ends up imposing computational overhead in encryption and decryption using large keys and wasting communication bandwidth due to the bit padding needed to align the small-size sensor reading with the large encryption key. This extra cautious approach is clearly inefficient and may contradict the energy conservation goal of route setup. In general, the energy factor in the link cost function used in conventional methods is:

lijij distcCost )(= ………...……………… (1)

where distij is the distance between the nodes i and j, c is a constant and the parameter l depends on the environment, and typically equals to 2. This factor reflects the cost of the wireless transmission power, which is directly proportional to the link length. It is important to note that other energy related cost functions, e.g., the remaining battery energy, are equally applicable and could be included. The total cost on a path is the sum of the cost of all links on the path, i.e.,

∑∈

=pathij

lijpath distcCost )( ………..………………… (2)

The proposed ASP approach opts to avoid the inefficiency of such cautious approach without risking the data confidentiality requirements. Basically, the trust level of the individual nodes is factored in the path selection and the security provision. If all nodes on the route are trusted, there would be no need to encrypt with a large key and thus the route becomes an attractive choice. As mentioned earlier, nodes will track the behavior of their neighbors and maintain a level of trust throughout the lifetime of the network. Thus, routes are set based on link costs that favor energy conservation and trusted nodes. Different security measures are employed depending on the level of node trust on the data path. The link cost function used in ASP stays the same, while

the trust is factored in at the path level. The cost of a path is given as follows:

∑∈∈

+=pathij

liji

pathipath distcTrustEnergyCost )())(min( 0

............… (3)

where the function Energy() reflects the energy consumed in encrypting packets. The encryption cost depends on the key size and is set based on the minimum trust level of the nodes on the path, denoted as )(min i

pathiTrust

∈

.

The ASP based path selection strategy can be easily integrated with most routing protocols for WSNs. The cost function in (3) can be extended to factor in other parameters such as error rate, bandwidth capacity, etc. While the implementation of ASP is straight forward using a centralized trust management process, a distributed or localized trust model makes the implementation more difficult. The issue is the level of trust of a node i may be inconsistent among the neighbors of i. Therefore, ASP best fits source routing, whether dynamic or static, since the source node selects the data path and reinforces it. Thus, the source can become aware of the difference in trust assessment of the same node when evaluating the function )(min i

pathiTrust

∈

. One possible strategy is

to assume the value of Trusti to be the lowest assessment made by the neighbors of node i. Other strategies include taking the average of the neighbors’ trusts rather than picking the minimum, and using transitive trusts, i.e., factoring in the trust of a neighbor j of node i in the acceptance of j’s assessment of i. Once a path is established, the source and the destination follow a key agreement protocol to establish a session key based on )(min i

pathiTrust

∈

. As discussed in section V, AOMDV is

used for validating the proposed ASP approach.

B. Rotation of Selected Data Paths As explained above, ASP favors less stringent security measures along a path of trusted nodes in order to lower the computational overhead in encrypting/decrypting with large keys and to minimize the bandwidth wastage due to bit padding when large keys are used to encrypt the small-sized sensors’ data. However, such a strategy may introduce some vulnerability since an attacker may concentrate on analyzing the picked path and break the light encryption scheme. Eavesdropping close to the destination will be ineffective since multiple data flows are arriving at the destination from multiple sources. The same applies at the source since it transmits to multiple access points. We argue that the intermediate nodes on a data path are the most vulnerable, especially as close to source as possible since multiple paths from distinct sources may be merging close to the destination. This issue becomes particularly more serious when the session lasts for a long time, e.g. the destination is an access point for a stationary base-station, allowing cryptanalysis to be effective.

To counter such vulnerability, the data forwarding is rotated among multiple paths between the sender and the receiver. The goal is to confuse the adversary. The data will

1001

be encrypted differently on these paths given the changes in the trust level of the involved nodes. An attacker would not be able to concentrate on analyzing any single path since multiple paths and encryption levels will be used. It should be noted that multiple paths can be pursued simultaneously or simply rotated one at a time. The latter is simpler to manage and is favored for resource efficiency.

Applying formula (3) enables the selection of the least cost route. To enable path rotation, multiple routes need to be identified. Three questions apply. The first is how many routes the source should employ. The second question is what selection criteria the source applies. Given that resource efficiency is the main objective of ASP, the least cost routes are favored. Therefore, ASP picks the best x routes based on applying (3). The value of x depends on the difference in the path cost relative to all other feasible paths. All feasible routes from the source to the destination are found and sorted in a list, Psort, according to their cost. To form Psort, a k least-cost path algorithm can be employed [23][24]. If the cost of the best path is Ctop, i.e., cost of the top entry in Psort, the paths in Psort whose cost is no more than 10% of Ctop are picked. In case the cost of the paths is close, a maximum on the number of paths is imposed.

The third issue is for what frequency the picked x routes are used. While the cost is the base for selecting the paths, the level of trust is used for determining the frequency of using a particular path. We define the trust of a path as the minimal trust level of a node on that path. The rotation among the x routes occurs based on the ratio of a path trust to the total trust of all x paths, thus the algorithm would favor relatively more trusted paths. The rationale is that trusted paths should be more reliable. In addition, such a rotation mechanism balances the interest in security and resource efficiency given that the x paths are picked based on cumulative link costs. The following formally define the trust and usage frequency of a path, pathi:

)(min)( ipathi

j TrustpathTrustj∈

= ..............… (4)

∑=

= x

kk

jpath

pathTrust

pathTrustFrequency

j

1)(

)( ..............… (5)

In the simple example given in Figure 2, the cost formula in (3) is employed to identify the best choices for data paths from the source node 0 to the destination node 1. In this example the top three paths, i.e., (0-2-8-6-1), (0-4-5-1) and (0-3-9-7-1) are picked. Each of the intermediate nodes (2, 3, 4, 5, 6, 7, 8, 9) has a trust level ranging from one (least trusted) to six (most trusted). For simplicity, assume that the trust views are consistent throughout the network. Rotation among these three paths occurs based on the ratio of the path trust to the total trust of all of the three paths. In Figure 2, the middle path (0-4-5-1) has a high trust level, so the source node 0 would encrypt the data using a 64-bit key before sending it over that path. The middle path would be used most (40%) of the time. The top path (0-2-8-6-1) has a lower trust so the source node will encrypt with a 96-bit key and use this path

33% of the time. The bottom path (0-3-9-7-1) is the least trusted hence the source node will encrypt the data with a 128-bit key and use this path 28% of the time.

The path rotation is also invaluable for balancing the traffic load among the nodes. It has been shown that the use of multiple paths evens the rate of energy consumption among the nodes and boosts the network lifetime [12][25]. If only a single path exists, the source may alternate from time to time between short and long key values to confuse potential adversaries.

V. PERORMANCE ANALYSIS The proposed ASP approach is validated through simulation. This section discusses the simulation environment, performance metrics and experimental results.

A. Simulation Environment ASP is validated using the ns2 simulator. Several of the very popular routing protocols, such as Dynamic Source Routing (DSR), Ad-hoc On-Demand Distance Vector Routing (AODV), and Destination-Sequenced Distance-Vector (DSDV), have been implemented in ns2 and the source code is freely available. All of these protocols set up a single path between a sender and a receiver. In principle ASP can be integrated with any of these protocols. However, since ASP employs a rotation among multiple routes, it needs a multipath protocol to provide routing infrastructure. The AOMDV protocol extends AODV to provide multiple routes [26]. The source code for the ns2 implementation of AOMDV is readily available as well. Therefore, AOMDV is picked to provide routing services for ASP in the validation experiments, with AODV serving as a baseline for comparison.

The trust level of a node is assessed on a scale of 1 to 5 and is randomly assigned at the time of generating a network topology. The trust values do not change during the simulation. Each trust level is associated with a distinct key size. The sizes of the used encryption keys are 32, 48, 64, 96, and 128 bits corresponding to trust levels 5, 4, 3, 2, and 1, respectively. For the simulations, RC5 [28] is assumed to be

Fig. 2: An illustration for the path rotation pursued by the ASP approach in order to mitigate any vulnerability that may result from the use of lightweight encryption over a trusted path.

1002

the encryption scheme. Table 1 lists the consumed energy and the processing time corresponding to the various key sizes considered in the simulation experiments. The values in Table 1 are based on the measurements reported in [5] for the RC5 implementation on a 7.3728 MHz ATmega128L microcontroller. Before sending each data packet the energy reserve of the source node is decremented by the corresponding energy value defined in Table 1. Similarly, the receiver’s energy is decremented with the same value after decrypting the packet. It is also assumed that the delay associated with decryption is the same as for encryption.

B. Performance Metrics and Experiments Setup The goal of the simulation is to validate that ASP indeed yields lower energy consumption and incurs less delay when sending the data. Two baselines for comparison are pursued. The first is the use of AODV while encrypting with the largest, 128 bit, key without any optimization. The second baseline is a version of ASP without the path rotation. The latter helps quantify the effect of the path rotation on the performance. The following metrics are used to measure the performance of ASP: • Average energy per packet: calculated by adding the

energy consumed by all nodes, i.e., source, destination and intermediate nodes, until the message is successfully decrypted at the destination, and then averaging the sum over all packets generated by the source.

• Remaining energy at the source: calculated by decrementing the energy consumed by the source node in processing, encrypting, and transmitting all generated packets from the initial battery supply that the node has.

• Throughput: calculated by dividing the number of data bits sent by the total delay of each packet and then averaging that over all packets.

• Average delay per packet: calculated by dividing the sum of the delays that the individual packets experienced by the number of packets transmitted from the source.

In the experiments, topologies are generated using random placement of 50, 100, 200, 350 and 500 nodes. The communication range is set high enough to ensure strong connectivity. For each of these topologies, three simulation runs are conducted; one using ASP and the others for the baselines. When using ASP, the best 3 paths identified by AOMDV, according to the cost function of formula (3), are used in the path rotation. The Constant Bit Rate traffic generator of ns2 is used to form 512 byte UDP packets at the rate of 488 Kbps. The free space propagation channel model

is assumed [27] with the capacity set to 2 Mbps. The initial energy reserve of all nodes is set to 5 Joules. The source and destination nodes would take the biggest hit in energy consumption since they perform the encryption and decryption of packets. The intermediate nodes are simply forwarding the encrypted packets. The transmission Etx and reception Erx energy are calculated as follows:

Etx = (αt1 + αt2 d2) × τ, Erx = αr × τ

Where αt1 and αr are the power consumption rate of the transmitter and receiver electronics, αt2 is the power consumption rate per meter for the output amplifier when the radio is transmitting, d is the distance in meters, and τ is the active time for transmitting or receiving and depends on the packet length and channel capacity. In the simulation, the values of αt1, αt2 and αr are 282, 282 and 1 m Watt, respectively.

C. Simulation Results We have simulated multiple configurations, each of which has a different number of nodes. For each experiment a topology is generated and a source and destination are picked at random among the nodes. The results of the individual experiments are averaged over 15 runs. According to the simulation clock, a run lasts for 5 seconds in which about 417 packets get transmitted by the source. All results are subjected to 90% confidence interval analysis and stays within 10% of the sample mean.

Figure 3 reports the average energy consumed per packet transmission. The ASP approach provides an improvement of about 33% for sparse network configuration, i.e., 50 nodes. That performance advantage is sustained, though at a lower rate, as the network grows. The path rotation seems to limits the energy gain somewhat. As indicated in Figure 3, the lack of path rotation reduced the average energy per packet by about 25% for small networks. However, as the number of nodes increases, the effect of rotation on the ASP performance diminishes. The same observations can be made about Figure 4 for the remaining energy at the source nodes. Clearly the

Fig. 3: Applying the ASP approach yields a significant gain in the average energy per packet across a data path.

0.004

0.005

0.006

0.007

0.008

0.009

0.01

0.011

0.012

0.013

50 Nodes 100 Nodes 200 Nodes 350 Nodes 500 Nodes

Number of Nodes

Ener

gy C

onsu

med

per

Pac

ket

(Jou

les)

ASPAODVASP w/o rotation

Table 1: Assumed average consumed energy and processing delay for encrypting and decrypting 512 bytes with a specific key size.

Encryption key size Energy consumed (µJ) Time (s) 32-bit 485 0.01 48-bit 725 0.02 64-bit 970 0.04 96-bit 1455 0.06 128-bit 1940 0.08

1003

proposed ASP approach achieves big energy savings by cutting down on the encryption overhead with an average gain of about 29%.

Figure 5 shows the achieved throughput during the experiments. The advantage of the ASP approach is evident for small networks. However, the gain in throughput diminishes with increased node density. The reason for that is the increase in the number of hops on a data path. The energy cost component in formula (3) aggressively favors node proximity. With the availability of more nodes the length of data paths grows, increasing the delivery delay and effectively reducing the throughput. It is interesting to note the effect of path rotation on the throughput. While the node count is small, the path rotation seems to limit the throughout that is achievable by the trust-based key size optimization. The impact is as much as 120% for a network of 50 nodes. As the node density grows, the effect of rotation becomes minimal. However, path rotation becomes a positive aspect for highly dense networks, i.e., 350 nodes or more, since ASP tends to pick longer paths than AODV and slows down packet transmission. Rotation in that case limits the effect of increased path length in dense configurations.

Figure 6 reports the average delay per packet. The results also support the observations made about Figure 5. For low density networks, ASP reduces the size of the packet and the processing time yielding better average delay per packet, and higher throughput as pointed out in Figure 5 above. The lack of rotation increases the average delay even more. As the network grows, the data paths involve more hops. The longer paths increase the relaying delay so much that it dominates the savings achieved by ASP. Again path rotation helps in limiting the effect of prolonged data paths in dense networks.

VI. CONCLUSION In recent years there has been a growing interest in the use of wireless sensor networks (WSNs) in security-sensitive applications such as digital battlefields, situational awareness, and border protection. Given the wireless transmission and the

sensitivity of the exchanged data, confidentiality and integrity of the transmitted data top the security goals of these applications. Conventional approaches for securing the routed data in WSNs are typically inefficient because they encrypt data with a large key regardless the level of vulnerability. This paper has proposed a novel optimization strategy that is based on Adaptive Security Provision (ASP). The ASP approach strives to limit the imposed overhead by adjusting the level of protection according to threats. ASP determines the size of the encryption key consistent with the level of trust placed in the nodes that serve on the routing path. A fully trusted set of nodes would not warrant hefty encryption. ASP factors in the node trust in the path selection so that the encryption overhead is included in the path cost. In order to counter attacks by an external eavesdropper, ASP employs a path rotation methodology to prevent the adversary from defeating the cryptosystem used on a trusted path. The simulation results have confirmed the effectiveness of the ASP approach and the positive impact it has on the network performance. The experiments have shown significant growth in throughput and reduction in energy consumption, especially when node density is low.

Fig. 6: Average delivery per packet grows with increased nodedensity due to the increased path length.

0

0.05

0.1

0.15

0.2

0.25

0.3

50 Nodes 100 Nodes 200 Nodes 350 Nodes 500 Nodes

Number of Nodes

Ave

rage

Del

ay p

er P

acke

t (se

c)

ASP

AODV

ASP w/o rotation

Fig. 4: The ASP approach boosts the energy reserve at the source node with path rotation limiting the gain in sparse network configurations.

2.5

2.7

2.9

3.1

3.3

3.5

3.7

3.9

4.1

50 Nodes 100 Nodes 200 Nodes 350 Nodes 500 NodesNumber of Nodes

Rem

aing

Ene

rgy

at S

ourc

e N

ode

(Jou

les)

ASPAODVASP w/o rotation

Fig. 5: The high throughput advantage of ASP diminishes withincreased node density due to the longer data paths pursued.

0

20

40

60

80

100

120

140

50 Nodes 100 Nodes 200 Nodes 350 Nodes 500 Nodes

Number of Nodes

Thro

ughp

ut (K

bps

)

ASP

AODV

ASP w/o rotation

1004

REFERENCES [1] I. F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E Cayirci,

“Wireless sensor networks: a survey,” Computer Networks, Vol. 38, No. 4, pp. 393-422, March 2002.

[2] C-Y. Chong and S.P. Kumar, “Sensor networks: Evolution, opportunities, and challenges,” Proceedings of the IEEE, Vol. 91, No. 8, pp. 1247- 1256, August 2003.

[3] D. Liu and P. Ning, Security for Wireless Sensor Networks, Springer, Netherlands, 2007.

[4] K. Akkaya and M. Younis, “A Survey on Routing Protocols for Wireless Sensor Networks,” Elsevier Journal of Ad Hoc Networks, Vol. 3, No. 3, pp. 325-349, May 2005.

[5] G. Guimarães, E. Souto, D. Sadok, and J. Kelner, “Evaluation of Security Mechanisms in Wireless Sensor Networks”, in the Proceedings of the Systems Communications Conf., Montreal, Canada , August 2005.

[6] T. Zia, A. Zomaya, and, N. Ababneh, “Evaluation of Overheads in Security Mechanisms in Wireless Sensor Networks,” in the Proceedings of the international Conference on Sensor Technologies and Applications (SENSORCOMM’07), Valencia, Spain, October 2007.

[7] C. Karlof and D.Wagner. “Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures,” Journal of Ad-hoc Networks, Special Issue on Sensor Network Applications and Protocols, Vol. 1, No. 2–3, pp. 293–315, September 2003.

[8] Z. Yao, D. Kim, Y. Doh, “PLUS: Parameterised Localised Trust Management-based Security Framework for Sensor Networks,” Int’l Journal of Sensor Networks, Vol. 3, No.4, pp. 224 - 236, 2008.

[9] R. Shaikh, et al., “Group-Based Trust Management Scheme for Clustered Wireless Sensor Networks,” IEEE Transactions on Parallel and Distributed Systems, to appear (a pre-publication version is available at http://doi.ieeecomputersociety.org/10.1109/TPDS.2008.258).

[10] J. Hur, Y. Lee, S.-M. Hong and H. Yoon, “Trust Management for Resilient Wireless Sensor Networks,” in the Proceedings of the 8th International Conference on Information Security and Cryptology (ICISC’05), Lecture Notes in Computer Science, Vol. 3935 pp. 56-68, Korea, December 2005.

[11] K. Akkaya and M. Younis, “Energy and QoS aware Routing for Wireless Sensor Networks,” Cluster Computing, Vol. 8, No. 2-3, pp. 179-188, July 2005.

[12] R. Shah and J. Rabaey, "Energy Aware Routing for Low Energy Ad Hoc Sensor Networks", in the Proceedings of the IEEE Wireless Communications and Networking Conference (WCNC), Orlando, FL, March 2002.

[13] Perrig, R. Szewczyk, V. Wen, D. Culler and J. D. Tygar, “SPINS: Security Protocols for Sensor Networks”, in the Proceedings of 7th annual International Conference on Mobile Computing and Networking (MobiCom’01), Rome, Italy, August 2001.

[14] C. Karlof, N. Sastry, and D. Wagner, “TinySec: a Link Layer Security Architecture for Wireless Sensor networks”, in the Proceedings of the 2nd International Conference on Embedded Networked Sensor systems (SenSys’04), Baltimore, MD, USA, November 2004.

[15] M.G. Zapata and N. Asokan, “Securing Ad hoc Routing Protocols,” in the Proceedings of the ACM Workshop on Wireless Security (WiSe’02), Atlanta, GA, September 2002.

[16] T. Park and K. G. Shin, “LiSP: A Lightweight Security Protocol for Wireless Sensor Networks”, ACM Transactions on Embedded Computing Systems, Vol. 3, No. 3, pp. 634–660, August 2004.

[17] Y.-C. Hu, A. Perrig, D. B. Johnson, “Ariadne: A Secure On-Demand Routing Protocol for Ad hoc Networks,” in the Proceedings of 7th annual International Conference on Mobile Computing and Networking (MobiCom’02), Atlanta, GA, September 23-28, 2002.

[18] H. Yih-Chun, A. Perrig, “A Survey of Secure Wireless Ad Hoc Routing,” IEEE Security & Privacy, Vol. 2, No. 3, pp. 28 – 39, May-June 2004.

[19] N. Pissinou, T. Ghosh, and K. Makki, “Collaborative Trust-based Secure Routing in Multihop Ad hoc Networks,” in the Proceedings of IFIP Networking Conference (NETWORKING’04), Lecture Notes in Computer Science, Vol. 3042, Athènes, Greece, May 2004.

[20] C. E. Perkins and E. M. Royer. “Ad hoc On-Demand Distance Vector Routing,” In the Proceedings of the 2nd IEEE Workshop on Mobile Computing Systems and Applications, New Orleans, LA, February 1999.

[21] K. Meka, M. Virendra, and S. Upadhyaya, “Trust based routing decisions in mobile ad-hoc networks,” in the Proceedings of the Workshop on Secure Knowledge Management (SKM’06), New York, September 2006.

[22] X. Li, M. Lyu, and J. Liu, “A Trust Model based Routing Protocol for Secure Ad hoc Networks,” in the Proceedings of the IEEE Aerospace Conference, Big Sky, MT, March 2004.

[23] E. Q. V. Martins, M. M. B. Pascoal, and J. L. E. dos Santos, “The K shortest paths problem,” Research Report, Dept. of Math., Univ. of Coimbra, Portugal, June 1998.

[24] D. Eppstein, “Finding the k Shortest Paths,” SIAM Journal on Computing, Vol. 28, No. 2, pp. 652-673 , February 1999.

[25] Y. Chen, and N. Nasser, “Energy-balancing Multipath Routing Protocol for Wireless Sensor Networks,” in the Proceedings of the 3rd international Conference on Quality of Service in Heterogeneous Wired/Wireless Networks (QShine '06), Waterloo, Canada, August 2006.

[26] M. K. Marina and S. R. Das, “On-demand Multipath Distance Vector Routing in Ad Hoc Networks,” in the Proceedings of IEEE International Conference on Network Protocols (ICNP), Riverside, California, November 2001.

[27] J. Andresen, T. Rappaport, S. Yoshida, “Propagation Measurements and Models for Wireless Communications Channels,” IEEE Communications Magazine, Vol. 33, No. 1, pp. 42-49, January1995.

[28] R. L. Rivest, “The RC5 Encryption Algorithm,” in the Proceedings of the Leuven Workshop on Fast Software Encryption, Lecture Notes in Computer Science 1008, Leuven, Belgium, December 1994.

1005