Replica Node Detection Using Enhanced Single Hop Detection with Clonal Selection Algorithm in Mobile Wireless Sensor Networks

. Security of Mobile Wireless Sensor Networks is a vital challenge as the sensor nodes are deployed in unattended environment and they are prone to various attacks. One among them is the node replication attack. In this, the physically insecure nodes are acquired by the adversary to clone them by having the same identity of the captured node, and the adversary deploys an unpredictable number of replicas throughout the network. Hence replica node detection is an important challenge in Mobile Wireless Sensor Networks.Variousreplicanodedetectiontechniqueshavebeenproposedtodetectthesereplicanodes.Thesemethodsincurcontrol overheadsandthedetectionaccuracyislowwhenthereplicaisselectedasawitnessnode.Thispaperproposestosolvetheseissues byenhancingtheSingleHopDetection(SHD)methodusingtheClonalSelectionalgorithmtodetecttheclonesbyselectingthe appropriatewitnessnodes.Theadvantagesoftheproposedmethodinclude(i)increaseinthedetectionratio,(ii)decreaseinthe controloverhead,and(iii)increaseinthroughput.Theperformanceoftheproposedworkismeasuredusingdetectionratio,false detectionratio,packetdeliveryratio,averagedelay,controloverheads,andthroughput.Theimplementationisdoneusingns-2to exhibittheactualityoftheproposedwork.


Introduction
Wireless Sensor Network (WSN) comprises a group of wireless sensor nodes that form a communication network.These nodes collect the sensitive information from the region and send these contents as a message to the base station where it checks the data and ID sent by the sensor nodes.These sensor nodes are normally low priced hardware components with constraints on memory size and computation capabilities.The Mobile Wireless Sensor Networks are similar to WSN except that the sensor nodes are mobile in nature.The various applications of Mobile Wireless Sensor Networks include robotics, transportation system, surveillance, and tracking.Researchers focus to integrate Mobile Wireless Sensor Networks into "the Internet of Things (IoT)" [1].However, a huge amount of security issue arises in the form of attacks due to lack of hardware support and insecure sensor nodes.One such attack is the node replication attack.
In sensor networks, attackers capture and compromise nodes to inject fake data into the network that affect the network communication and operations.Such type of attack is known as replica node attack [2][3][4][5].The adversary captures secret keys from the compromised nodes and spreads them as replicas in the network.Replicas are reflected as honest by its neighbors and normal nodes are not aware of replicas present as their neighbors.It also colludes and acts as legitimate node that provides firmness to the network.
The replica nodes are controlled by the adversary.The problem is the replica nodes also contain the key that is required for secured communication in the network.In addition to these problems, mobility of nodes, the collusion of replica, and sideway attacks are the main difficulty while detecting and controlling these replica nodes.When the replicas are not detected, then the network will be open to attackers and the network becomes more vulnerable.
The detection of replica node in the Mobile Wireless Sensor Networks is a crucial task.So far, only few detection schemes have been proposed [6][7][8][9].Since the adversary distributes replica nodes everywhere in the network, the mobility-assisted detection scheme is required to detect the replicas in the network.
In the earlier works, mobility assisted technique, Single Hop Detection (SHD), was proposed.In SHD, each node broadcasts its location claim to its single hop neighbors and selects the witness node.The selected witness node detects replicas by performing the verification process.As a result, it reduces communication overhead.However, when the replicas collude with each other, they select replica as a witness node.Hence, the detection accuracy is low.
The main objective of the proposed work is to improve the detection accuracy by selecting the appropriate witness node with reduced overheads during the detection of replica nodes in the mobile wireless sensor networks.To meet the objective, SHD is enhanced using the Artificial Immune System.
Artificial Immune System (AIS) is a branch of Artificial Intelligence based on the principles of Human Immune System.It provides various solutions to the real world problems due to its characteristic features.The characteristic features include learning ability to the new conditions, adaptability and distributed nature to the diverse environment, limited resources, survivability even in the harsh environments.The enhancement of SHD with AIS improves the detection accuracy.
The contribution of the paper includes the enhancement of the SHD method by applying the Clonal Selection algorithm for selecting the witness nodes that is another contribution.Due to this, the detection ratio is increased by selecting the appropriate witness nodes and thereby, the replica node detection process incurs minimum control overheads.
This paper is organized as follows: In Section 2, various related works towards this technique implemented by different authors are discussed.In Section 3, the system model is discussed.In Section 4, proposed CSSHD method is briefly explained and in Section 5, the performance of the proposed technique is compared with the existing technique based on certain performance metrics and finally Section 6 concludes the paper.

Previous Works
Identifying the replicas in mobile wireless sensor networks is an enforcing task under hostile environments.The existing node replication attack detection methods are either centralized or distributed [6][7][8][9][10][11][12].The centralized detection method has distinct points where it can fail and also can be captured by the adversary.As a result, distributed detection methods are proposed in the literature.The distributed replica detection methods are of different types [13], namely, (i) information exchange based method, (ii) node meeting based method, (iii) mobility assisted based detection method.
Of the detection methods, only the distributed detection methods are discussed below.
Yu et al. [6,12] in 2013 present the eXtremely Efficient Detection (XED) method.This is a distributed detection algorithm for mobile networks in which the detection is based on the information exchanged between the nodes in the network.It detects the replica based on the random number exchanged between each other of the two nodes.The detection capability is degraded when the replicas exchange the exact random value.
Ho et al. [7] in 2009 presents the Sequential Probability Ratio Test (SPRT); at each periodic time, the sensor node travels to the new position; it signs the claim and sends this claim to its neighbors and to the base station.The base station calculates the speed depending on the probability ratio test and matches it with the observed speed.If the observed speed is higher than the computed maximum speed, then the detected node is a replica node.
Conti et al. [8] in 2008 introduced a clone detection mechanism called Simple and Co-operative Distributed Detection (SDD & CDD).To duplicate a node, it must be isolated from the network and then its information must be extracted.This information earns some periodic time and the Simple Distributed Detection [8] uses that time period for detecting the replica.The detection capability of Simple Distributed Detection (SDD) does not provide much accuracy to detect the replica nodes and thus improved to develop a Cooperative Distributed Detection (CDD) procedure.The CDD [8] use the nodes cooperation to improve the replica node detection rate.The nodes interchange the information when nodes are in the same communication radius.This method increases the detection probability.
Zhu et al. [9] in 2007 proposed an Efficient and Distributed Detection (EDD), a node meeting based distributed detection method.The EDD method computes the number of encountering times between nodes in a given time period "" with higher probability.If a node with a higher threshold value is encountered, then it is considered as a replica node.
Lou et al. [14] in 2012 proposed Single Hop Detection (SHD) method.It is a mobility assisted based distributed detection method.In SHD method, when a node appears at different neighborhood community, replica is detected.This method improves the communication overhead.
All the above methods discussed are compared and Table 1 presents the comparison.
The parameters used by various detection methods for evaluation are the number of claims, overheads, detection rate, and false detection rates.From the literature it is observed that SHD method is efficient when compared to other detection methods in terms of control overheads but the detection accuracy is low when the replica is selected as a witness node.Hence an attempt is made to enhance the SHD method using Artificial Immune System in terms of detection accuracy with minimum number of control overheads.The system model of the proposed work is explained in the next section.

System Model
Before the application of the enhanced SHD method for detecting node replication attack, the system model used by the study must be discussed.The system model is further discussed in terms of the network model and the threat model.

Network Model.
Mobile Wireless Sensor Network is built up of several sensor nodes which have distinct identity ID from 1 to .It uses symmetric routing that refers to the identical path of the data transfer between the source and the destination and vice versa.Every node sends beacon message periodically in the format (ID, neighbor ID) and supports equal time interval period.Each node in the network is considered to be mobile.It uses random way point (RWP) mobility model [15][16][17] for the mobility.The other mobility models available are Random Mobility model, Random Waypoint Mobility model, Random Direction Mobility model, a boundless simulation area mobility model, Gauss-Markov Mobility model, probabilistic random walk mobility model, and city section mobility model [18], out of which the random way point mobility model is very important for the problem area due to the flexibility and the reasonable patterns created to appear in real-life.Each node knows its own location and aims to reach the destination point with its velocity in a predefined interval randomly in the sensing field.When a node reaches the destination point in a network, it remains static for a random amount of time.Each time, the node uses the same mobility rule again.For minimizing the complexity in the mobility, each node has "k" average neighbors per each move in the network.The value of "k" varies within [1, 2, . . ., ] where  < ."" is the number of nodes in the Mobile Wireless Sensor Networks.The network uses identity-based public key system for data protection during packet transmission [15].Each node stores its own private key and a master public key.The private key is used to sign claim messages.
In consolidation, the following are the assumptions made in the creation of a network model: (i) Movement of nodes according to Random Waypoint Mobility model.(ii) Identity-based public key system that is used to protect the data.

Proposed Methodology
The proposed work is based on the mobility assisted distributed detection of replica node in mobile WSN.The replica detection method is done by enhancing SHD using Clonal Selection algorithm.The selection of witness nodes is based on the Clonal selection algorithm.The existing SHD method is explained below.

SHD.
The SHD method is a mobility assisted detection method.The SHD method [14] is based on the fact that at any occasion the node ID and private key of a node must not occur at other neighborhood communities.If it occurs, then there must be replicas in the network.The nodes that are present in the neighborhood community are defined by the list of one-hop neighbor nodes.Sensor nodes know their neighbors for communication.
The SHD method is composed of two main phases: (i) Fingerprint claim.

Fingerprint Claim.
Every node in the network signs its list of neighbor nodes.The signed neighbor node list is used as a fingerprint of its current neighborhood community.This is called fingerprint claim.The fingerprint claim is sent to all its one-hop neighborhoods.After receiving the fingerprint claim from a neighboring claim node, the receiving node will make the decision to become a witness node of the claim made or not.When the node decides to become a witness node, it verifies the fingerprint claim.

Fingerprint Verification.
The fingerprint verification consists of two steps, namely, the local verification process and the global verification process.The local verification process is performed when the receiving node accepts the fingerprint claim and decides to be the witness node.In the local verification process, the public key of the neighbor node is derived from the ID of the neighbor and the master public key is verified.The fingerprint claims are stored when the public key of the witnessed node and its fingerprint are the same.In the global verification phase, the nodes exchange the witness node when the relationship between the neighbors is built.When the private key of the node's ID shows two different locations, then they are detected as replica.SHD has low detection rate when the witness node becomes a replica.Hence, an attempt is made to enhance the SHD method in terms of detection accuracy and control overheads; thereby the replicas are not selected as witness nodes.The enhancement of SHD using Clonal Selection Algorithm of Artificial Immune System is the proposed work.
The proposed method provides a solution to the problem related to the selection of witness node in replica detection.The flow diagram of the proposed methodology is given in Figure 1.

Clonal Selection Algorithm.
The Clonal Selection algorithm is one of the Artificial Immune System algorithms.
The main consideration to propose the Clonal Selection algorithm for immunity includes safeguarding the specific memory set, selection and reproducing the most stimulated antibodies, affinity maturation, and reselection of the reproduce.
The Clonal Selection algorithm [19,20] is explained as follows.
When the antigens affect an animal, the antibodies are produced by B-lymphocytes.Each cell produces an antibody related to the specific variety of antigen.The antigens stimulate the B-cells to divide and mature into plasma cells (terminal antibody secreting cells).As a result of the cell division process, clones are generated.The lymphocytes in addition to cell division also discriminate into long lived Bmemory cells.These memory cells are circulated throughout the body.When the cells are stimulated by an antigen, large lymphocytes are produced.The large lymphocyte which generates high affinity antibodies is selected for particular antigen that triggers the primary response.

Enhanced Single Hop Detection Using Clonal Selection Algorithm (CSSHD).
The proposed enhanced SHD method makes use of the Clonal selection algorithm for the enhancement.The enhanced SHD is similar to SHD except that the selection of witness nodes is done by the Clonal Selection algorithm.
Randomly select an antigen An  and assign it to all antibodies in the Ab Determine the vector V  which contain affinity of antibodies  Select the  highest affinity antibodies from Ab Clone the selected antibodies ∑ The proposed CSSHD similar to SHD consists of fingerprint claim and fingerprint verification phases.In the fingerprint claim phase, the fingerprint of the node's neighbors is exchanged between the one-hop neighborhoods.The meeting time   of the two nodes "" and "" is computed [17] as follows: where  is transmission range of sensor nodes.The mathematical formula of expectation   is computed as E  .E  is the time taken to deliver message from node  to another node .
Upon receiving the fingerprint claim, the receiving node will decide to become a witness node based on the Clonal selection algorithm.

Selection of Witness Node Using Clonal Selection Algorithm.
The selection of witness node is based on the selection of large lymphocytes in the Clonal Selection algorithm.The node that has the maximum capability to forward data is selected as witness node.The maximum capability of the witness node is determined by its forwarding capability.The forwarding capability is determined by the trust value of the node.The trust value [18] is calculated based on the data packet forwarding ratio (DFR) and the control packet forwarding ratio (PFR).At time "", the trust value () of the node "" is measured by using node "" as follows: where  1 and  2 are respective weights and the sum of the weights is equal to 1.
When the trust value () is maximum for the node "" then the node "" is chosen as the witness node.The replica cannot claim them as witness node because the trust value is calculated by the node "" and not by the node "." The proposed Clonal Selection for witnessed node is given in Algorithm 1.
The enhanced SHD with Clonal Selection algorithm is specified by allowing antigens once from An that performs Algorithm 1.The  highest affinity antibodies were arranged in ascending order after selecting them from Ab, so that the number of clones for all these  selected antibodies is calculated [19] as where  cl is the sum of number of clones produced for each of the antigens,  is a multiple constant,  is the sum of number of antibodies, and round(⋅) is operator used to round its values.Each term of this sum corresponds to the clone size of each selected antibody.When a node becomes a witness node, it verifies the fingerprint claim.After successful verification process, fingerprint claims of the witnessed nodes are registered locally using Algorithm 2.
Upon successful verification and registration locally, the witness nodes undergo global verification process.

Global Fingerprint Verification.
In the global fingerprint verification process, when two nodes "" and "" meet each other, they communicate and exchange their witnessed node lists by piggybacking the Hello message.This is the first beacon message exchanged at the time of establishment of neighbor relationship.Soon after the establishment of neighbors, these nodes exchange the fingerprint claims of nodes with each other.Further, these nodes are verified for feasible fingerprint claim conflict with received claims.The group meeting time   [17] of the two node groups is defined as where   and   are the two groups of nodes.The mathematical formula of expectation   is calculated as E  .
In a fingerprint claim conflict process, if two fingerprint claims have same ID but private key claims have different neighborhood communities, then the replicas are detected using Algorithm 3.
The flow diagram of the proposed methodology is given in Figure 2.
The pseudocode of the proposed algorithm is given in Algorithm 4. The proposed CSSHD method helps in selecting the appropriate witness node.Hence, the detection accuracy can be improved by detecting the replicas with minimum control overheads.The above section clearly explained the proposed method.The next section explains the experimental setup and results.

Experimental Setup and Results
During experimentation, the characteristics of each node in the network and its performance are analyzed using the proposed CSSHD method.The proposed methodology is tested using NS-2 simulator, which is common and well known network simulator tool.The version of NS-2 is ns-2.34.This tool is mainly used in the simulation area of MANET, wireless sensor network, VANET, and so forth.Figure 3 shows the simulation methodology.
The simulation parameters are initialized while developing this concept and are shown in Table 2.These parameters are used for the construction of the network.
The simulation time varies from 500 seconds to 1000 seconds.During the simulation time, the statistics are collected.The statistics includes data packets received, control packets generated, sent packets, sum of all packets delay, total number of received packets, total number of replica nodes correctly found, total bytes received per second, and total number of kilobytes.Using the above statistics, the following metrics are defined: (vii) False alarm rate.
The performance of the proposed method is evaluated in terms of the above parameters.
Packet Delivery Ratio (PDR).PDR is defined as percentage of packets successfully received at the destinations and the total number of packets sent by the sources defined as follows:  Overhead.It is defined as the percentage of total numbers of control packets generated to the total number of data packets received during the simulation time given as follows: Average Delay.The average delay is computed by sum of every data packet delay to the total number of received packets as defined below in (7).The parameter is measured only when the data transmission has been successful: Figure 4 shows the graph for packet delivery ratio, in which the proposed method has higher packet delivery ratio compared to the existing method.The packet delivery ratio is represented by percentage (%).
Figure 5 shows the graph for control overhead where the proposed method has lower routing overhead compared to the existing method.
Figure 6 shows the graph for average packet delay wherein the proposed method has low packet delay compared to the existing method.The average delay is represented by milliseconds (s).
Figure 7 shows the graph for detection ratio where the proposed method has higher detection rate compared to the existing method.It is represented by percentage (%).
Figure 8 shows the graph for false detection ratio, in which the proposed method has low false detection ratio compared to the existing method.It is represented by percentage (%).
Figure 9 shows the graph for message drops, wherein the proposed method has lower message drop rate than the existing method.It is represented by percentage (%).
Figure 10 shows the graph for throughput where the proposed method has higher throughput when compared to the existing method.It is represented by kbps.
The overall comparison results of proposed work are shown in Tables 3 and 4. In both Tables 3 and 4, proposed method is specified as CSSHD in short.
From Table 3, it is observed that the proposed method shows a better result when compared to the existing method in terms of control overhead, message drops, PDR, average delay, and throughput.
The performance of the proposed method with that of the existing method by varying the number of replica nodes is given in Table 4.
From Table 4, it is observed that the detection ratio of the proposed method is improved whereas the false alarm rate has reduced to a greater extent when compared to the existing method.
The overall comparison results of proposed work are shown in Table 5.
Table 5 clearly shows the percentage of improvement achieved for various performance metrics of the proposed method.The proposed work improves its performance in all the metrics; particularly, the detection ratio is improved much better than the existing method.

Conclusion
In mobile WSN, node replication attack is a crucial one.The various replica detection methods are information exchanged based detection, node meeting based detection, and the mobility based detection.Out of these three replica detection methods, the proposed work concentrates on the mobility assisted based detection method.The proposed work  enhances the SHD method using Clonal Selection algorithm of AIS to improve the detection ratio by selecting the best witness node.The proposed CSSHD method is used in a fully distributed environment where communication occurs among single hop neighbors, highly strong against node collusion and efficient in protecting against multiple  replica nodes.The experiment is conducted using the ns-2 simulator.The proposed method has high throughput, less overhead, and low false alarm rate.The results of the proposed approach are compared with existing method which shows that the average delay, control overhead, and message drops are minimized with higher packet delivery ratio value and higher detection ratio.This proves that the proposed method is efficient towards detecting clones that are not resilient against collusive replicas with minimum control overheads.

Figure 1 :
Figure 1: Flow diagram of the proposed methodology.

Algorithm 3 :
If (local verification) { If (check (public key of neighbor node, fingerprint claim of neighbor node) ̸ = 1) Set signature = false Else claimed neighbors fl extract neighbor list from fingerprint claim of a neighbor node If (Node id not in claimed neighbors) Set signature = false Else Set signature = true } Algorithm 2: Local verification.If (globalverification) { Replica list = 0 For each ID in the list of witnessed nodes of this node  1 ∩ list of witnessed nodes of the meeting node  2 { Local claim = fetch local claim of id from local stored claims Compare claim = fetch claim of id from meeting node If (neighbor list of local claim ̸ = neighbor list in compare claim) { Set replica = true Add id to replica list } } } Global verification.
Add node to witness list L 1 and claim to = 1 if

Figure 2 :
Figure 2: Flow diagram of the proposed CSSHD method.

Table 1 :
Comparison of node replication attack detection techniques in Mobile Wireless Sensor Networks.
Model.Nodes in the Mobile Wireless Sensor Networks are not resistant proof.An active adversary may compromise sensor nodes and may use those nodes to create attacks in Mobile Wireless Sensor Networks.Due to this threat in mobile wireless sensor network model, the proposed method Enhanced SHD using Clonal Selection algorithm of AIS (CSSHD) is developed.
to frustrate the Single Hop Detection (SHD).The replica nodes may collude with each other that lead to corruption of the detection protocol at zero delay.While running node replication attack detection protocol, an adversary can cause the routing protocol to selectively jam the path or damage few nodes in the network.
=1   Produce the number of clones   for each of the   selected antibodies Assign   to an affinity maturation process Produce a population   * of matured clones Determine the affinity V *  of the matured clones   * Among mature clones, Elect witness node by choosing best highest affinity one (Ab *  ) from the mature clones in the group Replace the  lowest affinity antibodies from Ab{}, with relation to Ag  , by new individuals Algorithm 1: Selection of witness node.

Table 2 :
Simulation parameters.False Alarm Rate.False alarm rate is defined as number of replica nodes correctly found by total number of replica node.It is represented by percentage (%):

Table 3 :
Performance of proposed method and the existing method based on the number of nodes.

Table 4 :
Performance of proposed and the existing based on the number of replicas.