Professional Documents
Culture Documents
A - Three-Tier - Framework - For - Intruder - Information - Sharing - in - Sensor - Networks Srs
A - Three-Tier - Framework - For - Intruder - Information - Sharing - in - Sensor - Networks Srs
Intruder Information
Sharing in Sensor Networks
CONTENTS
Abstract
Organization Profile
Introduction
Object Oriented Analysis and Design (OOAD)
Requirement Analysis Document
1. Introduction
a. Purpose of the system
b. Scope of the system
c. Objectives and Success Criteria of the Project
d. Definitions, acronyms and abbreviations
2. Current System
3. Proposed System
a. Overview
b. Functional Requirements
c. Non Functional Requirements
i. Usability
ii. Reliability
iii. Performance
iv. Supportability
v. Implementation
vi. Interface
vii. Packaging
viii. Legal
d. System Models
i. Scenarios
ii. Use Case Model
iii. Object Model
ABSTRACT
In sensor networks, an intruder (i.e., compromised node) identified and isolated in one place can be
relocated and/or duplicated to other places to continue attacks; hence, detection and isolation of the same
intruder or its clones may have to be conducted repeatedly, wasting scarce network resources.
Therefore, once an intruder is identified, it should be known to all innocent nodes such that the
intruder or its clones can be recognized when appearing elsewhere. However, secure, efficient and scalable
sharing of intruder information remains a challenging and unsolved problem.
To address this problem, we propose a three-tier framework, consisting of a verifiable intruder
reporting (VIR) scheme, a quorum based caching (QBC) scheme for efficiently propagating intruder reports
to the whole network, and a collaborative Bloom Filter (CBF) scheme for handling intruder information
locally. Extensive analysis and evaluations are also conducted to verify the efficiency and scalability of the
proposed framework.
INTRODUCTION
Due to unattended deployment environment and absence of tamper resistance, sensor networks are
vulnerable to various attacks. In response, schemes have been proposed to identify intruders (i.e.,
compromised nodes) misbehaving in routing, localization, and other scenarios.
Once an intruder is identified, it is isolated by its detectors. However, this is inadequate. Nodes other
than these detectors should also be aware of the intruder; otherwise, the intruder can be relocated or
duplicated to other places to continue attacks.
To share intruder information with all sensor nodes, the detectors may generate and flood intruder
reports to the whole network, directly or through trusted membership servers; other nodes receive and
record the reports to maintain their knowledge of intruders. This approach, however, has following security
and performance issues:
I.1) Intruders may fake false reports to revoke innocent nodes or repeatedly broadcast false reports to
drain network resources; although trusted membership servers can be used to filter false reports, these
servers may become attractive targets of attacks.
I.2) If the network scale is large and/or the network needs to operate for a long time (e.g., the
network is deployed for long-term surveillance in a hostile area) and hence requires a large number of
sensor nodes be deployed to accomplish a long network lifetime, the potential number of compromised
nodes is also large, which may result in frequent flooding of intruder information even without fake reports.
I.3) If the number of intruders is large, maintaining an intruder list in each node may cause high
storage overhead. To the best of our knowledge, there has not been any secure, efficient and scalable
solution reported in the literature that can deal with all the above issues.
To address the intruder information sharing problem, we propose three schemes in this paper:
S.1) A verifiable intruder reporting (VIR) scheme, which distributedly generates intruder reports that
are verifiable by any node, and can prevent malicious nodes from arbitrarily accusing innocent nodes unless
the majority number of neighbors of an innocent node have been compromised;
S.2) A quorum-based caching (QBC) scheme, which efficiently propagates intruder information
through caching intruder information in selected nodes and infrequently updating the information
throughout the network;
S.3) A collaborative Bloom Filter (CBF) scheme, which consumes only small storage space at each
node and meanwhile leverages localized collaboration to enable accurate identification of intruders.
To facilitate the execution of the above three schemes and also to integrate them together, we further
propose a framework that contains three tiers of interacting entities: a dedicated membership server (DMS)
on the top tier, connecting to the network occasionally at random places to avoid being tracked and attacked;
a small number of sensor nodes on the second tier, acting as temporary intruder information caches (IICs);
and other ordinary sensor nodes on the bottom tier. Extensive analysis and simulations are conducted to
evaluate the efficiency and scalability of the proposed solution.
Object-oriented analysis and design (OAD) is often part of the development of large scale systems
and programs often using the Unified Modeling Language (UML). OAD applies object-modeling
techniques to analyze the requirements for a context for example, a system, a set of system modules, an
organization, or a business unit and to design a solution. Most modern object-oriented analysis and
design methodologies are use case driven across requirements, design, implementation, testing, and
deployment.
Use cases were invented with object oriented programming, but they're also very well suited for
systems that will be implemented in the procedural paradigm.
The Unified Modeling Language (UML) has become the standard modeling language used in objectoriented analysis and design to graphically illustrate system concepts.
Part of the reason for OAD is its use in developing programs that will have an extended lifetime.
Object Oriented Systems
An object-oriented system is composed of objects. The behavior of the system is achieved
through collaboration between these objects, and the state of the system is the combined state of all
the objects in it. Collaboration between objects involves those sending messages to each other. The
exact semantics of message sending between objects varies depending on what kind of system is
being modeled. In some systems, "sending a message" is the same as "invoking a method". In other
systems, "sending a message" might involve sending data via a socket.
Object Oriented Analysis
Object-Oriented Analysis (OOA) aims to model the problem domain, the problem we want
to solve by developing an object-oriented (OO) system.
The source of the analysis is a written requirement statements, and/or written use cases,
UML diagrams can be used to illustrate the statements.
An analysis model will not take into account implementation constraints, such as
concurrency, distribution, persistence, or inheritance, nor how the system will be built.
The model of a system can be divided into multiple domains each of which are separately
analyzed, and represent separate business, technological, or conceptual areas of interest.
The result of object-oriented analysis is a description of what is to be built, using concepts
and relationships between concepts, often expressed as a conceptual model. Any other
documentation that is needed to describe what is to be built, is also included in the result of the
analysis. That can include a detailed user interface mock-up document.
The implementation constraints are decided during the object-oriented design (OOD)
process.
Object Oriented Design
Object-Oriented Design (OOD) is an activity where the designers are looking for logical
solutions to solve a problem, using objects.
Object-oriented design takes the conceptual model that is the result of object-oriented
analysis, and adds implementation constraints imposed by the environment, the programming
language and the chosen tools, as well as architectural assumptions chosen as basis of design.
The concepts in the conceptual model are mapped to concrete classes, to abstract interfaces
in APIs and to roles that the objects take in various situations. The interfaces and their
implementations for stable concepts can be made available as reusable services. Concepts identified
as unstable in object-oriented analysis will form basis for policy classes that make decisions,
implement environment-specific or situation specific logic or algorithms.
The result of the object-oriented design is a detail description how the system can be built,
using objects.
The methodology part of OOSE has since evolved into the Rational Unified
Process (RUP).
The OOSE tools have been replaced by tools supporting UML and RUP.
OOSE has been largely replaced by the UML notation and by the RUP methodology.
SOFTWARE PROFILE
Part of the security issue are, denial of service (DoS): - which is able to waste scarce network
resources, false accusation: - an intruder may mis-accuse an innocent sensor node and
Fabrication/Dropping Attack. Its made by the intruder, someone who intrudes on the privacy or
property of another without permission.
So, to prevent the sensor node not even one the whole network from this kind of attack, a
system needs to identify and do so. This is the need of this system.
b.
c.
d.
QBC
quorum-based caching
CBF
DMS
IIC
GPS
DoS
denial of service
DMS
VIR
ECC
SBF
2. Current System
The current system will be based on the traditional approaches which will not use any caching
mechanism, detection and reporting mechanism to the base station. Hence the performance of the
system is low compared to the proposed system.
3. Proposed System
a. Overview
The proposed framework is composed of the following three tiers of entities:
On the top tier is a dedicated membership server (DMS), which aggregates and
periodically disseminates intruder information to the whole network. Due to its critical role,
the DMS may become an attractive target of attacks. Specifically, the adversary may locate
the DMS and then either compromise the DMS directly or block the communication between
the DMS and the rest of the network. To protect the DMS, it is not connected to the network
all the time. Instead, it goes online every now and then at different places randomly. The
protection makes it hard for the adversary to trace, attack, or isolate the DMS.
On the middle tier are intruder information caches (IICs), which are a small number
of sensor nodes picked from all sensor nodes in the network. They temporarily cache new
intruder information when the DMS is offline. As ordinary sensor nodes, they could be
compromised by the adversary. If compromised, the intruder information cached by these
IICs may be removed or modified, which is addressed in our solution through
fabricating,
d. System Models
i. Use Case Model
ii. Object Model
iii. Dynamic Model
iv. User interface Navigational Paths and Screen Mockups
4. Glossary
i.
VIR
ii.
QBC
quorum-based caching
iii.
CBF
iv.
DMS
v.
IIC
vi.
GPS
vii.
DoS
denial of service
viii.
DMS
ix.
VIR
x.
ECC
xi.
SBF
Simulator Module: This module will deal with the simulation of sensor networks application. The
GUI is built in this module.
5. Glossary
IMPLEMENTATION SCREENS
TESTING
CONCLUSION
In this paper, we proposed a three-tier framework for intruder information sharing in sensor
networks. The framework consists of a verifiable intruder reporting (VIR) scheme, a quorum-based caching
(QBC) scheme for system-wide propagation of intruder information, and a collaborative Bloom Filter
(CBF) scheme for local management of intruder information.
Extensive analysis and simulation are also conducted to verify the efficiency of the proposed
framework as long as the system parameters are carefully chosen.
BIBILIOGRAPHY