DETECTION OF MALICIOUS NODES IN WIRELESS SENSOR NETWORK

Sharvari Gaikwad1, Saurabh Ghewande2, Rushikesh Sumbe3, Uday Kale4, Shubhangi Chiwade5
1,2,3,4,5Department of Computer Engineering, Pimpri Chinchwad College of Engineering. Pune, Maharashtra, India.
---------------------------------------------------------------------***---------------------------------------------------------------------
ABSTRACT: In this work, we focus on two types of attacks:
HELLO flood attacks and wormhole attacks. Both the
Today data is the biggest asset of the tech-world. HELLO flood attack and the wormhole attack are typically
The increasing scale of data and information make the carried out to compromise route establishment in a
system vulnerable to serious security threats, especially network. Most of these protocols rely on the assumption
when the attacks of malicious nodes exist in these that a node A is within the radio transmission range of
networks. The node which modifies data before, during or another node B if A is able to receive messages from B.
after transmission is known as a malicious node. Being
abnormal in nature, it passively observes and misuses Wormhole attacks can destabilize or disable
network data. Network security plays a crucial role in this wireless sensor networks. The main aim here is to
as the traditional way of protecting the networks through forward the data from one compromised node to another
firewalls and encryption software is no longer effective malicious node at the other end of the network through a
and sufficient. This work provides a solution to identify tunnel, just as the name suggests it forms a worm hole for
malicious nodes in wireless sensor networks. We provide itself to attack the network. As shown in fig 1(a), it is a
an algorithm to detect the presence of suspicious nodes grave attack in which two attackers A and B locate
using the received signal power from all the nodes. themselves strategically in the network. Then the attackers
keep on listening to the network, and record the wireless
information.

INTRODUCTION:
Wireless Sensor Networks (WSNs) is a self-
configured and infrastructure-less set of nodes deployed in
an area to monitor physical or environmental conditions,
such as temperature, sound, vibration and pressure to
cooperatively pass their data through the network to a
main location or sink where the data can be observed and
analyzed. A malicious node is node seeking to deny service
to other nodes in the network. The node which modifies
data before, during or after transmission is known A B
as malicious node. Fig. 1 attacker in network
The growth in the use of wireless communications A tunnels a message to B, B then retransmits the
over the last few years is quite substantial and as message exactly as received to the nodes in its
compared to other technologies, it’s huge. The primary neighborhood. An immediate result of a wormhole attack
advantage of a wireless network is the ability of the is that nodes that hear the transmission from B are tricked
wireless nodes to communicate with the rest of the world into thinking that they are neighbors of whichever node
while being mobile. originated the message (this node is most likely located in
a distant part of the network).
Spoofing, tampering, re-transmission and
discarding are some of the most common ways of attacking Hello flood attack is the main attack in network
WSNs. For example, one can spoof the various fields of a layer. Hello messages are broadcast to a large number of
message while it is in transit, in such a way that what the nodes in a big area of the network. These nodes are then
recipient receives is an altered copy of the original convinced that the attacker node is their neighbor, so that
message. One can also tamper with a node so as to alter its all the nodes will respond to the HELLO message and
behavior. Different types of attacks will require different waste their energy. Consequently the network is left in a
types of solutions. state of confusion
 Nodes with abnormally high power or the nodes with
power less than the threshold power are the malicious
ones. Hence they are immediately set to zero. Once the
energy of a node is set to zero, it cannot participate in the
network. In this way, we detect the malicious nodes.

We have considered certain parameters that help

optimize our algorithm in the abnormal node detection.

• Pt - Transmission power

• Gt - Transmitter antenna gain

• Gr - Receiver antenna gain

• Ht - Transmitter antenna height

• Hr - Receiver antenna height

Fig. 2 Attack in WSN
• Pm - Received signal power threshold
As shown in fig 2 (a), Attacker sends a hello packet
with abnormally high power. In fig 2 (b), the nodes are • L – System loss constant, L=1
tricked into believing that the attacker is its neighbor.
Even those sensor nodes that are far away in the network
PROPOSED ALGORITHM:
choose the attacker as the parent node and reply back to it.
Step 1: Set the parameters:

PROPOSED WORK: Pt = 5 watts

As we know in WSN, it is roughly divided into two Gt = 1

parts, clustering and routing. Firstly, we plot sensors in a
specific area. The sensors sense and collect the required Gr = 1
information. Further the sensor nodes are clustered and a
cluster head is elected. The data is then transmitted from a Ht = 0.05 meter
sensor node to a cluster-head and then finally to the base
station for output. In this process, even if a single malicious Hr = 0.05 meter
manages to enter, it can very easily destabilize the entire
network. The malicious nodes can attack via any of the two Step 2: Compute max distance:
ways – Wormhole or Hello packet attack. Here, we provide
an utmost optimal solution for the same. dmax = 50*sqrt(2);

Some of the very basic assumptions made here are

that the message exchanges in the network are attacked Step 3: Calculate received power Pr using
either by wormhole or hello packet attack only. WSN here
is homogeneous and symmetric in nature.

Now to overcome these two attacks and secure

our network, we propose a solution in the form an Step 4: Compute the threshold power:
algorithm. Considering the fact that malicious nodes that pth = pr_max*0.75;
try to enter the network have very high energy and the
only way they can affect the network is when we allow Step 5: check for malicious node in network
them to participate in the transmission. To give a
countermeasure, firstly the transmission power, for every node in network
transmitter and receiver antenna gain and height is set. check if (pr < pth) OR (pr > pr_max)
Then the sensor nodes are deployed and their energies of
the nodes i.e; the power received from the nodes is Enode=0
computed. To detect the abnormal nodes, this received
power of each node is compared to the threshold power. Make it as dead node so it won’t participate in network
SIMULATION:

Matlab is a programming and numeric computing

platform used to analyze data, develop algorithms, create
models and simulate them. Here, we have used MATLAB
R2020b to deploy nodes and detect the malicious ones.
Simulation is performed on the following cases:

Number of nodes (n) 100 Nodes

Number of rounds (rmax) 200 rounds

Initial energy (Eo) 0.02 J

Threshold power (pth) 0.937500 watts

Table 1: Assumptions in network

Protocol used for implementation is LEACH (Low Energy

Adaptive Clustering Hierarchy). The goal of LEACH is to Figure 3.b clustering and routing in network
lower the energy consumption required to create and
maintain clusters in order to improve the life time of Figure (3.b) shows the completion of simulations. All the
a wireless sensor network. We embed our algorithm into nodes are finally dead. Even in the presence of abnormal
the LEACH protocol to verify if it can sense the suspicious nodes the network works fine.
nodes.

CONCLUSION AND FUTURE WORK:

Our detection scheme detects HELLO flooding
attacks as well as wormhole attacks with a very high
accuracy. The MATLAB simulation shown in the diagrams
proves how well our algorithm works in detecting the
malicious nodes. Our proposed scheme can be easily
integrated into other protocols. It would interface with the
rest of the system through an API that provides
information about whether a node or a message is
regarded as suspicious.

As a part of future work, we tend to find

countermeasures for few more attacks in the field of cyber
security. Apart from this, we look upon to explore different
arenas of the wireless sensor networks like the concerns
with the massive energy consumption, clustering, routing
techniques and so on.
Figure 3.a detected malicious nodes in network
REFERENCES:
Figure (3.a) depicts how as the simulation begins, nodes in
red are detected as the malicious nodes. [1] P Padmaja, G. Maruteshwar, “Detection of Malicious
Node in Wireless Sensor Network”, 2017 IEEE

[2] S. Gomathi, C. Gopal Krishnana, “Malicious Node

Detection in Wireless Sensor Networks Using an Efficient
Secure Data Aggregation Protocol”, 2020 springer

[3] Revathi A, Dr. S.G.Santhi, “A Novel Malicious Node

Detection in Wireless Sensor Network Based on Reliable
Cluster Head”, 2020 IJSTR