Silence is Golden: A Source Location Privacy Scheme for Wireless Sensor Networks Based on Silent Nodes

Source location privacy (SLP) is an important property for security-critical wireless sensor network applications such as monitoring and tracking. However, cryptology-based schemes cannot protect the SLP efectively since an adversary can capture the source node regardless of the contents of messages. Most techniques use fake sources or message delay to provide SLP, but at the cost of high energy consumption or high message delivery latency. In this paper, we present a new technique to address SLP by selecting sets of nodes that are to be silent for a short period, forcing an attacker to either be delayed or to trace back to the source along a longer route. As such, we make a number of important contributions: (i) we formalise the silent nodes selection (SiNS) problem, (ii) we prove it to be NP-complete, and (iii) to circumvent the high complexity of SiNS, we propose a novel SLP-aware routing protocol. Results from extensive simulations show that our proposed routing protocol provides a high level of SLP under appropriate parameterization at the expense of only negligible latency and messages overhead.


Introduction
A sensor node equipped with a low-powered CPU and limited RAM can sense the surrounding environment such as temperature and pressure. A wireless sensor network (WSN) consists of many such nodes and enables many practical applications ranging from animal behavior and habitat monitoring [1,2], military [3], medical services [4], and other applications [5]. Due to the distributed nature of the WSN, data are often originally produced and sent from a sensor node called source to be received by a sensor node called sink through many intermediate sensor nodes in the network over a wireless broadcast medium and the communication protocol. In this case, the location privacy of nodes is crucial to be protected in many applications.
Privacy in WSN can be classifed into content-based privacy and context-based privacy. Specifcally, contentbased privacy refers to protecting the contents of broadcast messages from not being revealed to an eavesdropping attacker. Tere has been much research addressing the issue of providing content privacy using encryption [6]. On the other hand, context-based privacy protects the contextual information of messages not observed or inferred by attackers when messages are transmitted across the network. It is often desirable to keep the location private where the messages are originally from. For example, in the military scenario, a soldier who broadcasts information to neighboring soldiers may disclose its location even though messages are all encrypted. Moreover, in the animal protection application, poachers may be tempted to infer the location of the endangered animal when it broadcasts messages via the equipped sensors. Other real-world examples include monitoring badgers [7] and the WWF's Wildlife Crime Technology Report [8], both of which would beneft from the protection of context privacy. In this paper, we work on protecting context privacy and focus on the source location.
Protecting source location privacy (SLP) is important in many application domains, especially in security-critical situations. Te main idea is to delay the attacker from fnding the source location as long as possible via SLProuting protocols. It has been shown that in a non-SLP protected network, even a weak attacker such as a distributed eavesdropping attacker can backtrack along message paths through the network to fnd the source location and capture the asset [9]. Tus, diferent classes of SLP-aware routing algorithms are proposed to address the SLP issue. Te phantom routing is proposed to protect the SLP by altering a fooding routing protocol to consist of an initial directed random walk followed by fooding [10]. Although the random walk-based schemes can protect the SLP in theory, they encounter the issue of link failure and messages cannot be successfully delivered to the sink (i.e., low data delivery). Te technique of fake source applies sensor nodes in the network as fake sources to broadcast fake messages, such that an adversary cannot identify which source is the real one. It has been shown that this class technique can efectively protect the SLP but at the expense of extremely high energy consumption of sensor nodes. Another technique applicable in delay-tolerant networks adopts a message delay technique to achieve near-optimal SLP, but at the expense of delivery latency [11]. Tus, most state-of-the-art routing protocols incur high overheads (temporal or spatial) to provide SLP.
To solve SLP while reducing the induced overhead, in this paper, we focus on bounding the message overhead (thus, indirect energy). To achieve this, we propose a novel technique where nodes are chosen to become silent, i.e., they drop and do not respond to a received message. Specifcally, we adopt an idea contrary to fake sources, but which achieves the same objective of getting an attacker to take a longer route, rather than sending fake messages to force an attacker into taking a diversionary route, we now "turn of" nodes on the main route. Tis is analogous to putting no entry signs on the original path, rather than putting diversion signs on the road. Besides, unlike existing SLP solutions that actively use diversifed transmission paths to protect the SLP, our solution passively forces messages transmitted through a long route to the sink. In this case, the main beneft is that a sensor does not need to identify the neighboring sensor nodes in the WSN and thus there is no extra setup phase for the WSN deployment. As a result, an attacker eavesdrops fewer data transmissions within its reception range and either has to fnd a longer route to the source, or will be temporarily delayed, thereby potentially increasing the level of SLP provided. As such, the main contributions of this paper are as follows: (i) We propose a novel problem, namely the silent node selection (SiNS), which is the study of the selection of nodes that are to be silent.
(ii) We prove that SiNS is NP-complete.
(iii) We develop a novel routing protocol, based on a simple solution to the SiNS problem.
(iv) We perform experiments of the routing protocol using TOSSIM. Simulation results show that under certain parameterization, it is possible to obtain high level of SLP at the expense of negligible overhead.
Te remainder of this paper is organized as follows: Section 2 surveys related work in SLP and Section 3 presents the models assumed. In Section 4 we present the formalization of SiNS problem, and the silent nodes selection protocol (or heuristics) is shown in Section 5. Section 6 presents the results of the experiments conducted. Finally, We conclude the paper with a summary of contributions in Section 7.

Related Work
Ozturk et al. frst introduced and formalized the panda hunter game to describe the problem of SLP in WSNs [12]. Te scenario involves poachers using network trafc fows to track the location of a panda being monitored in its habitat. It has shown that certain routing techniques, such as fooding, provided no SLP since the attacker can fnd the source location by simply following the shortest path from the sink to the source of messages. Later several techniques such as random walk-based technique and fake source-based technique have been used to protect the SLP in the literature.

Random Walk-Based Solutions.
Te authors proposed a technique called phantom routing [12], where messages are frst sent to randomly chosen phantom node in the network via a directed random walk, followed by fooding in order to deliver the message to the sink (shown in Figure 1(a)). Tere has been much work proposing improvements to phantom routing. A variant was proposed in [10], where messages were routed along a single path from the phantom node to the sink instead of fooding to decrease the energy cost by reducing the number of messages sent. Phantom walkabouts [14] uses a mixture of long and short directed random walks to provide higher protection level of SLP than the phantom routing scheme with a low message overhead. However, it does not provide a high packet delivery rate. Other algorithms use random walk techniques to provide SLP such as forward random walk [15] and two-level phantom routing using a second phantom node [16]. However, this class of solution has a number of weaknesses that can lead to a low level of SLP due to the reuse of routing paths and exposure of direction information [17].

Fake Source-Based Solutions.
Instead of altering the message routes, fake source-based techniques typically add fake messages sent from fake sources to provide SLP. Tis is achieved by having fake messages obfuscate the real trafc and lure the attacker towards the fake sources instead of the real source as shown in Figure 1(b). Te work in [18] examined SLP using fake sources where a short-lived fake source sends dummy messages based on a given probability when it receives a message. However, It has been shown that the performance was poor. Other schemes have also been proposed to address SLP using fake message techniques. In [19] a solution used fake hotspots and fake branches in the network to improve SLP using multiple sinks. K-means cluster is applied to create clusters and fake packets [20]. Fake messages are sent based on the lightweight message sharing scheme in [21]. However, the signifcant drawback of this class of techniques is increased energy consumption and message collision, both of which lead to a decrease in the WSN's lifetime [22,23].

Other Solutions.
Tere are some routing protocols that can provide SLP based on other techniques. In [11] a routing protocol was developed based on an integer linear programming (ILP) modeling of SLP to obtain an optimal broadcast schedule. In ILP routing protocol, nodes group received messages together and use delay technique to reduce the progress an attacker can make towards the source (see Figure 1(c)). Besides, the concept of pseudopacket scheduling was used to protect the SLP. Tis protocol regulates the process of pseudopacket generation to interfere with the adversary's tracking to the data source [24]. Instead of relying on message routing to protect SLP, authors [25] used the MAC layer to provide SLP. Specifcally, this scheme set up a TDMA slot assignment that would trap the attacker with following messages and lead it far away from the source. Others include using dynamic routing [26] and virtual sources [27] to address the SLP problem. Tese solutions tend to either make a trade-of in terms of high latency or a high number of messages sent.

Models
In this section we describe models applied in this paper. Tese models are intentionally the same as previous work in [11,28,29] in order to perform a like-for-like comparison in Section 6.

Network Model.
Te WSN is modeled as a graph G � (V, E) where V is the nodes and E represent bidirectional links between nodes. Te nodes m and n are regarded as neighbors when a link exists between them. Neighboring nodes are able to communicate directly with each other. In practice we do not assume that links are reliable, they may become unidirectional or not be present intermittently. Te network is assumed as event-triggered. Te source node begins sending messages when it senses an assert. Te sink receives all routed messages from WSN and enables to further deliver them to the external world. Intermediate nodes route messages starting from the source to the sink through multiple hops. Te messages sent are encrypted so the attacker is unable to identify the source location by the message content.

Attacker Model.
In this paper, we assume a patient distributed eavesdropper [10] in the WSN, which is able to change its location. Tis attacker is equipped with directional antennas in order to determine the direction a message originated from within a limited range. Te attacker is always originally starting at the same location as the sink, because all messages must be delivered to the sink. When the attacker detects a new message that has not been received before, the attacker will physically move to the location of the neighboring node that sent the message. By repeating this movement, the attacker is able to move closer and closer to the source by following unique messages. Once the source location has been found, the attacker captures it and will cease moving in the network.

Safety Period Model.
Te aim of a routing protocol that provides SLP is to make sure that an asset (at a specifc location in the WSN) is not captured using the context information that is leaked. However, the attacker does not necessarily need to use this information and can instead perform an exhaustive search of the network to fnd the source of messages and the asset. Here, SLP techniques are irrelevant as the attacker has captured the asset via its search, however, the adversary would use the context information if doing so reveals the location in less time. Tis means that the SLP problem can only be considered with an upper bound on the search time.
Te literature uses two diferent terminologies for the key principle of safety period. One defnition is the amount of time before capture [10], hence, measuring the privacy that is provided. However, this evaluation is not performed under a bounded amount of time. So an alternative Sink Node (d) Figure 1: SLP technique attacker movement patterns [13]. Te red line starting from the sink node presents the movement of an attacker. Te wavy lines denote the messages fooding. In (a) and (b) the attacker zigzags between phantom nodes and fake sources, respectively. Te attacker is slowed down on his path to fnd the source as messages are delayed in transmission shown in (c). In (d), the attacker has to fnd a long route to catch the source as some nodes (grey color nodes) are in the silent state. defnition (which we adopt in this paper) is that the safety period is the duration an adversary needs to be prevented from capturing an asset [6]. We calculate the safety period sp(P) as follows: where T flooding (P) denotes the time taken of fooding routing protocol that provides no SLP protection under some parameterization P and ϕ is a safety factor (ϕ > 1). Te effectiveness of algorithms is evaluated by capture ratio, which is the number of runs in which an adversary captured the source within the safety period. A lower capture ratio than 100% means improved privacy due to the alternate SLP technique.

The SiNS Problem: Formalisation and Complexity
Several solutions to the SLP problem exist. However, all of the solutions sufer from high overhead, e.g., high message complexity or high latency. To address this issue, we pursue the design of a solution whereby the overhead is bounded while maintaining a high privacy level. As such, our solution is based upon the following design decisions: (i) To bound the number of messages generated, a suitable solution should limit the use of control and/ or dummy messages. As such, decisions need to be based on application messages and/or timing. (ii) A suitable solution needs to be able to force the attacker to follow diferent (and possibly longer) paths. (iii) To bound message delivery latency, the solution should not force application messages on long paths in the network.
As such, we introduce the SiNS (silent nodes selection) problem. Te SiNS problem is informally defned as the selection of nodes that are to remain silent (do not send messages) for a certain amount of time. When nodes remain silent, they do not introduce further messages into the network (satisfying requirement 1), while forcing the attacker to follow diferent routes, as the attacker hears from a diferent node (satisfying requirement 2). Also, by carefully choosing the silent nodes, such that at least one shortest path does not contain silent nodes, message latency will be almost unafected (satisfying requirement 3). Please observe that the higher the number of silent nodes in the network, the lower the data yield is likely to be. On the other hand, the lower the number of silent nodes, the lower is the SLP level provided.
We now formally defne the SiNS problem and show that it is NP-complete.

Defnition 1 (Silent Nodes Selection). Given a network
Te frst condition captures the fact that silent nodes are not far apart, with the intention of providing a high level of SLP. Te second condition bounds the number of such silent nodes so that data yield is not adversely afected.
Please observe that there are some types of networks for which no SiNS solution exist, such as line networks. In such a network, when a node becomes silent (for any duration), it will drop all messages that it receives. Te attacker is delayed, thereby reducing the chance of capturing the asset (hence, increasing SLP) however at the expense of poor data yield.
We now prove that SiNS is NP-complete.

Lemma 1 (SiNS and NP class). SiNS is in NP.
Proof. To prove this, we need to verify the correctness of the set Q in polynomial time. So, given an instance of SiNS and solution set Q, we can verify whether Q satisfes the following two conditions: (1) For the frst condition, we choose a node n ∉ Q and using n as root, we build a spanning tree of depth δ. If there exists a node m in the spanning tree, then the condition is satisfed. Else, choose diferent node k ∉ Q, and repeat the same process. After exhausting all possibilities, if no such node is found, then Q is not a solution for SiNS. Tis evaluation can be performed in O(|V|). (2) Te fnal condition can be trivially evaluated.

Lemma 2 (SiNS and NP-hardness). SiNS is NP-hard.
Proof. To prove this, we frst map and then reduce the problem of minimum dominating sets (MDS) to that of SiNS.
We frst provide the defnition of the MDS problem. □ Now, the mapping is as follows: A solution to SiNS exists if a solution to MDS exists and this is trivial to see.

Theorem 1 (SiNS and NP-complete). SiNS is NP-complete.
Te proof follows straightforwardly from the two previous lemmas.

Heuristics
We have showed that the SiNS problem is intractable. To circumvent this limitation, there are various avenues one can pursue. For example, one can investigate a special case of the SiNS problem that can be solved in polynomial time. Another example is to develop heuristics that can provide good solutions to the SiNS problem, which we focus on in this paper. In this section, we develop a novel routing protocol (heuristics) that can provide good SLP under specifc parameterization. Table 1 summarizes the most commonly used symbols in the paper.

Overview.
Derived from the SiNS defnition, the heuristics should satisfy that (i) silent nodes are not far apart to provide a high level of SLP, and (ii) the number of such silent nodes are bounded so that data yield is not adversely affected. Now we briefy explain the procedure of the routing protocol based on silent nodes selection, which is shown in Figure 2. Initially a node is selected as the sink to receive data. If a node detects an asset, it becomes the source and periodically sends data to the sink through baseline protocol fooding. Apart from the source and the sink, a node frst needs to be selected as either a silent or nonsilent node. Silent nodes can enter the silent state whereas nonsilent nodes will never enter silent state. If silent nodes meet certain criteria, they enter the silent state for a small duration. In the silent state, they will not forward received messages. When the silent state duration expires, silent nodes enter the awake state and resume forwarding messages. Note that our protocol does not require having redundant nodes which may increase additional monetary costs in the network deployment. Silent nodes can still transmit messages when they are in the awake state. An example of silent nodes to be the silent state is shown in Figure 3. We present that the silent nodes selection undergo through 3 stages.
(1) Node Selection: How nodes in the network are selected to be SilentNode or NonSilentNode. (2) Nodes State Transition: When the chosen silent nodes are decided to change their state to silent. (3) Silent Nodes Duration: How long the silent state lasts.

Node Selection to be Silent.
For the frst stage, nodes need to be selected as silent nodes or nonsilent nodes. A silent node has two states: (i) awake state and (ii) silent state, whereas the nonsilent node can only be awake to route messages. Given a network G � (V, E), the state of a node n ∈ V is determined based on three parameters: (i) D Src : Te hop distance of a node to the source.
(ii) D Sink : Te hop distance of a node to the sink. (iii) η: Te hop distance from nodes along the shortest route between the sink and the source that enter silent nodes.
Intuitively, as messages are routed from the source to the sink, nodes close to source and sink are not chosen to be silent nodes depending on the specifc network confguration. For instance, those nodes are not selected to be silent when only a few nodes are close to the source or the sink. In this case, a node n is not selected to be a silent node if Δ n Src ≤ D Src or Δ n Sink ≤ D Sink . We also use η to select if a node is silent or not, which is based on the following analysis: since an attacker can catch the asset through the shortest route from the sink, we assume that there is a shortest route R min � 〈Src, σ 1 , σ 2 , . . . , σ k , Sink〉 (route length is |R min |) and a node σ i fulflling: σ i ∉ Src ∧ σ i ∉ Sink ∧ σ i ∈ R min . Tus, we have the following equation: Tere is another node σ j , which is not in the R min and the distance to any σ i , where σ i ∈ R min is denoted by η. We also denote the distance between σ j and source by Δ σ j Src , and distance between σ j and sink by Δ σ j Sink . So we have the following equations: From above two equations, we obtain the following equation: Derived from equations (2) and (4), fnally we have the following equation:

Security and Communication Networks
Equation (5) is used to decide whether a node should be a silent node or not, when the distance to any node in R min is less than η. Tese nodes are chosen to be silent since they are very close to the shortest route R min . Te value of η defnes the number of nodes to be selected to be silent nodes, which will be investigated in the results section. Since the value of |R min | is equal to Δ Src Sink where the minimum distance from the source to the sink, we select nodes to be silent or nonsilent as per equation (6), respectively.  Security and Communication Networks An example selection of silent nodes is shown in Figure 4 for two networks with diferent values of η. Figure 4(a) shows the case in which a small value of η is used for silent node selection, so that a small number of nodes are selected, whereas a large number of nodes are selected as silent nodes with a large value of η in Figure 4(b). However, in both cases, the source, the sink, and the nodes near them (nodes in dashed/solid circles) are not selected to be silent nodes.

Nodes State Transition.
When nodes are classifed into silent nodes, they route messages when in the awake state. Tere is a need to decide when they should be transformed into silent state. Nodes in the silent state will not be involved in transmitting messages. Te state transformation from awake state to be silent can be decided by the following: Only if both two conditions are satisfed, should a silent node be put into silent state. In this paper, we consider four diferent approaches shown in Figure 5.
(i) Sink to Source: Silent nodes enter the silent state starting from the sink to the source. When the silent state of a silent node which is closest to the source expires, then the procedure repeats from the sink (see Figure 5(a)). (ii) Sink to Source and Back: Silent nodes enter the silent state starting from the sink to the source. Te procedure then works backwards to the sink (see Figure 5(b)). (iii) Source to Sink: Diferent from Figure 5(a), in this approach silent nodes enter the silent state starting from the source to the sink. When the silent state of a silent node which is closest to the sink expires, then the procedure repeats from the source (see Figure 5(c)). (iv) Source to Sink and Back: Silent nodes enter the silent state starting from the source to the sink. Te procedure then works backwards to the source (see Figure 5(d)).
Te time when a silent node changes to silent state is decided when it receives a message. Each message contains information, such as message sequence number (SeqNo). If the silent node meets the appropriate constraints, it changes to silent state. Otherwise, the decision will be conducted when receiving the next incoming message. Te algorithms are presented in Algorithms 1 and 2.

Silent Nodes Duration.
A silent node in the silent state will need to wake up after a fnite duration in order to prevent low packet delivery. Here, we consider the worst case: assume an attacker is located 1 hop from a silent node σ i which is awake and closer to the source than the attacker, the attacker can reach the location of σ i by moving 1 hop, i.e., the attacker hears the next message from the σ i . Te time between two interval messages that σ i receives is P src . To stop the attacker making further moves, the minimum silent state duration of σ i should be at least P src . Terefore, the silent state duration of node n is defned as follows: where α is a parameter and P src is the constant source period in the network.  [11] was adopted where the source is in the corner and the sink is located in the centre. Te time between messages being sent (the source period) was set to 1.0 seconds per message, meaning 1 message was sent per second. Te wireless radio links were generated using the low-asymmetry model provided by LinkLayerModel (LinkLayerModel is a tool provided by the TOSSIM to calculate wireless link strengths between sensor nodes) with parameters from [30]. TOSSIM simulates noise on the wireless links, to do so we provided the frst 2500 lines of casino-lab.txt (casino-lab.txt provided by the TOSSIM contains sample noises collected from the real environment). Nodes were positioned 4.5 meters apart from neighboring nodes. Results were generated from at least 2000 repeats for each combination of parameters. In this work the safety factor is set to 1.3 based on the safety period model. Tis factor value ensures that the attacker has enough time to capture the source and potentially makes bad moves. Table 2 shows the time taken to capture the source under protectionless fooding (T flooding ) for each network size when the source period is 1.0 second per message. Tus, the safety period can be calculated using these results via equation (1). Te parameters we used in the following sections are shown in Table 3.

Experimental
In this section we will use a metric called capture ratio to evaluate the SLP level. Te capture ratio is the percentage of runs in which the source was captured. For example, if the attacker captures the source 20 times within the given safety period out of 100 simulation repeats, the capture ratio is 20%. Te lower the capture ratio is, the higher the source location privacy level. Besides, we will also analyze other three key metrics: (i) receive ratio: the percentage of Security and Communication Networks 7 messages sent by the source and received at the sink, (ii) latency: the time it takes a message sent by the source to be received at the sink, and (iii) messages sent per second: the number of messages sent by all nodes in the network per second. We will frst show the results of fooding, and then present the results of our quiet nodes-based protocol. Finally, we add state-of-art SLP-aware routing protocols for comparison.

Simulation Results of Proposed Routing Protocol.
In this results section, we discuss the impact of (i) nodes classifcation, (ii) state transformation, and (iii) silent duration separately. Rather than showing all the results generated by using parameters in Table 3, for each section we choose one result under specifc parameters for evaluation. Te parameters we used in the following sections are shown in Table 4. Figure 6 shows the results when varying distance (η). One major observation is that the receive ratio decreases as distance increases (see Figure 6(b)). Tis decrease is due to the fact that there is an increase in the number of silent nodes that are not involving in forwarding messages. As a consequence, the capture ratio decreases (i.e., SLP level increases). However, as the distance increases from 2 hops to 3 hops, the receive ratio decreases from 80% to 70%, whereas the capture ratio does not decrease correspondingly. Tis suggests that an excessive distance will not beneft the SLP level but impair the data yield.

Impact of Classifcation.
For latency, as more nodes are classifed into silent nodes, messages have to route from the source to the sink through a longer path, hence increasing the latency. On the other hand, messages sent decreases is due to more nodes being silent. However, the impact of latency and message overhead is negligible compared to the baseline results.
(1) receive Normal 〈SeqNo, SDB, . . .〉 ⟶ ► SeqNo generating from the source starts from 1. ► SBI is the hop distance of silent nodes from the source to the sink.

Impact of Nodes State Transition.
Te procedure for silent nodes to be put into the silent state is due to approach and probability. For approach, we choose a fxed 0.5 (i.e., 50%) probability and vary four approaches introduced in Section 5.3. For probability, the approach of Sink to source and back is selected and probabilities are varied as 0.5, 0.6, 0.7, 0.8, and 0.9.
(a) Approach: Figure 7 contains all the results. Te receive ratio between 75% and 95% is observed (see Figure 7(b)). Fewer messages were delivered with larger networks. Tis suggests that the attacker was hearing most of the source messages, meaning that the privacy level imparted by the algorithm is due to the efciency of the protocol and not due to the unreliability of the network. From Figure 7(a), the approaches of Sink to source and Sink to source and back performs better SLP level than others. It suggests that approaches which silent state of nodes starts from the sink side preserve much higher levels of SLP than the approaches which silent state starts from the source side, especially in the case of small network size. (b) Probability: Results are presented in Figure 8. Te receive ratio is still at a high level, over 75%. Meanwhile, high levels of SLP are obtained with the increase of the probability. Te reason is that the nodes are likely to be selected as silent nodes when IsReverse ⟵ False ► Whether the direction is backwards (1) function SINKTOSOURCE(SeqNo, SDB).
Tere is little impact on latency and messages sent when varying approaches and probabilities.

Impact of Silent Nodes Duration.
Te durations are α × P src (α ∈ 1, 2, 3, 4 { }) and results are shown in Figure 9. We observe that a high level of SLP obtained with an increase in duration. Te increase of the time duration forces attacker fnding a long route to trace back to capture the source, hence the SLP improves. For instance, less than 10% the capture ratio is observed when the duration is 4 × P src while the receive ratio remains at a high level. Furthermore, latency and message sent are still not adversely afected.

Performance Comparison with Other SLP Schemes.
Previous results have shown that our proposed routing protocol can achieve less than 10% capture ratio (see Figure 9(a)) and little overheads. In this section, to further investigate the performance of our solution, we add other  three state-of-art protocols that can also achieve SLP for comparison: (i) phantom walkabouts [14], (ii) dynamicSPR [28], and (iii) ILP routing [11].
(i) Phantom Walkabouts: Phantom walkabouts is an algorithm using a mix of short and long random walks to achieve a higher level of SLP than phantom routing. We apply PW(1, 1) and PW(1, 2) which denote a repeating sequence of 1 short random walk followed by 1 long random walk and 2 long random walk, respectively. (ii) DynamicSPR: DynamicSPR uses fake source technique where fake sources are allocated away from the real source and determines parameters online to be able to adjust to a dynamic network. Te parameter Rnd determining how many fake messages are set to either 1 or 2 messages randomly during the simulation. (iii) ILP Routing: ILP Routing allows messages that are delayed and grouped at the same sensor node, such that the attacker receives few messages. It also tries to maximize the path from the source to the sink to improve the SLP level. We follow the simulation setup in [11] so that the maximum walk length is 100 hops, the number of messages to group is 1 message, the bufer size is set to 10 messages, and the probability is 20%.
Tese techniques are chosen because they have each made diferent trade-ofs that we wish to evaluate against. Phantom Walkabouts uses random walk, DynamicSPR uses fake sources, and ILP Routing uses message delay. Te results are generated under the simulation environment as same as our solution. Te results of our proposed solution is from Figure 8 when the probability is 80%. We also show results of the fooding protocol because it provides no SLP. We make observations from Figure 10 for performance of the techniques.
(i) Results for Phantom Walkabouts show a capture ratio of less than 20%, which decreases as the network size increases. Tere are low costs in terms of the number of messages sent and message latency. However, the receive ratio is poor. Results show 60% or lower receive ratio can be achieved and  the ratio signifcantly decreases with larger network sizes. Tis indicates that messages are lost during transmission and a large amount of messages cannot be successfully delivered to the sink as shown in Figure 10(b). Tis also means that the low capture ratio and low messages sent are due to the low receive ratio (see Figures 10(a) and 10(d)).
(ii) Te results show both DynamicSPR and ILP routing can achieve near-optimal SLP (see Figure 10(a)). Meanwhile, the receive ratio between 80% and 95% is observed (see Figure 10(b)). It means that the SLP level is due to the efciency of the protocol and not due to the unreliability of the network. However, the weaknesses of both algorithms are to introduce much overheads to achieve such high level of SLP. Specifcally, for DynamicSPR the messages sent are higher than our solution and increase greatly with larger network size (see Figure 10(d)); latency in ILP routing is near 10 times higher than that in our solution (see Figure 10(c)).
(iii) Results for protectionless fooding show that it indeed provides no SLP, as the capture ratio is 100%. Te receive ratio shown in Figure 10(b) is also 100%, as all messages sent from the source are all successfully delivered to the sink. For the latency and messages sent per second, both values in each metric increase with larger network sizes but not signifcantly as these messages are sent along the shortest path.
(iv) Our proposed solution maintains both a low latency and low number of messages sent per second while keeping a high percentage of messages successfully delivered. While DynamicSPR and Flooding have lower latency, and ILP Routing and Phantom Walkabouts have a lower number of messages sent, we do not select one metric to make a very high trade-of in.
Tese three algorithms being compared have made trade-ofs to achieve high levels of SLP, and their overheads may potentially limit their practical applications. For example, DynamicSPR algorithm will need to be deployed in networks where nodes have a large energy store or perform energy harvesting, and ILP Routing is only suitable for deployment when applications are delay-tolerant. Our proposed routing protocol, instead makes small trade-ofs across multiple metrics.

Multiple Attackers.
We have assumed a commonly used attacker model in the paper, where a single distributed eavesdropper in the network enables to backtrack on the network trafc fow to fnd the source location. On the other hand, multiple attackers physically present in the WSN are likely to prove more efective against SLP techniques because of their wider combined visible area. However, there are a number of practical issues that the multiple attacker model has. Having cooperating attackers either entail communication on a different channel for the attackers or the location of attackers can be detected by network nodes or network administrators. For example, nodes in WSN could route messages through areas in which the attackers have not been detected. In this case, the situation is diferent from a single attacker, which changes our system model and attacker model. To our knowledge, few work deals with multiple attackers [31] and that are the reasons why work on multiple attackers has been rare.

Choice of Parameters.
Te performance of silent nodes-based protocol relies on the choice of parameters. For example, more nodes can be classifed into the silent nodes with a large value of η. A poor choice of parameters may cause the WSN to be disrupted. However, the parameters in the protocol can be generated and fnely tuned by the application developers or system administrators for practical scenarios. For example, in other network confguration that   the source locates in the centre and the sink is in the corner of the network, the parameters vary to ft the specifc network environment.

Conclusion
In this paper we have focused on bounding the overhead issue and proposed a novel SLP-routing protocol by choosing a number of nodes that will be silent. We frst formalized silent nodes selection (SiNS) problem and showed that SiNS is NP-complete. Ten, a novel routing protocol was proposed for solving the SLP problem and demonstrated their efciency through extensive simulation.
Our results showed that a high level of SLP is achieved under certain parameterization. In future work it would be desirable to develop new heuristics to address the SLP problem for diferent network confgurations. It would also be informative to consider alternative attacker models.

Data Availability
Te code used to generate these results can be found at https://github.com/Chen-Gu/slp, and the data presented in this paper can be found at [32].

Conflicts of Interest
Te authors declare that they have no conficts of interest.