Kashif Saghar

Formal modelling of a robust Wireless Sensor Network routing protocol

Because of their low cost, small size, low resources and self-organizing nature a Wireless Sensor Network (WSN) is a potential solution in hostile environments including military applications. However, the broadcasting nature of radio transmission; their limited computing, power and communication resources; unattended and potentially hostile nature of the environment they operate in make WSNs prone to Denial of Service (DoS) attacks. Although many schemes have been proposed to address DoS attacks their effectiveness is yet to be proven. The traditional methods used (i.e. visual inspection, computer simulations and hardware implementations) can only detect errors but cannot verify that the whole system is error free. Therefore, new techniques to automatically determine the worst cases and hidden errors in WSNs are much desired. After an initial investigation using a formal verification which clearly shows that Arrive routing protocol is vulnerable to different DoS attacks, this paper proposes a method for its security. The finding contradicts the claim of the developers of Arrive that it is immune to black hole attacks. Several other DoS attacks were also found to be successful in Arrive routing protocol. The formal model generates the trace to confirm how an attack is possible in the protocol. However, it was found that INA attacks are addressed by Arrive protocol. To our best knowledge the results discussed in this paper have not been presented, proved or published before.

Vulnerability of insens to denial of service attacks

Wireless Sensor Networks (WSNs) may be deployed in hostile or inaccessible environments and are often unattended. In these conditions securing a WSN against malicious attacks is a particular challenge. This paper proposes to use formal methods to investigate the security of the INSENS protocol, in respect of its capability to withstand several denial of service attacks. The paper is an extension to our previous work where we proposed a formal framework to verify some wireless routing protocols. We have confirmed that the bidirectional verification employed by INSENS prevents attacks such as hello flood. However, INSENS is shown to be vulnerable to invisible node, wormhole and black hole attacks, even in a network of only a few nodes communicating over ideal channels. Packet loss in the presence of these attacks has been demonstrated and quantified using the TOSSIM wireless simulator.

Analysis of LEACH protocol(s) using formal verification

WSN nodes operate in an unattended environment and thus have irreplaceable batteries. Thus an important concern is the network lifetime; we need to utilize their energy for a longer time otherwise nodes run out of power. For this purpose various protocols have been established and the subject of our matter is the LEACH protocol. The LEACH protocol is self-organizing and is characterized as an adaptive clustering protocol which uses randomly distributes energy load among nodes. By using cluster heads and data aggregation excessive energy consumption is avoided. In this paper we analyzed LEACH and its extensions like LEACH-C and LEACH-F using Formal modeling techniques. Formal modeling is often used by researchers these days to verify a variety of routing protocols. By using formal verification one can precisely confirm the authenticity of results and worst case scenarios, a solution not possible using computer simulations and hardware implementation. In this paper, we have applied formal verification to compare how efficient LEACH is as compared to its extensions in various WSN topologies. The paper is not about design improvement of LEACH but to formally verify its correctness, efficiency and performance as already stated. This work is novel as LEACH and its extensions according to our knowledge have not been analyzed using formal verification techniques.

Evaluation of a sensor network node communication using formal verification

Sensor networks are low power and low cost embedded system they have limitations like speed and memory. Most sensor networks communicate wirelessly and have variety of applications. One application of sensor networks is discussed in this paper which is to sense temperature remotely. It was observed after computer simulations that the base station was not able to receive temperature data of all nodes i.e. throughput is not 100%. We verified embedded code of sensor networks by implementing it using formal modeling techniques. We modeled multiple concurrent node and an event generator to sense temperature from the environment. Throughput was checked by applying properties using UPAAL model checker. The properties failed indicating why throughput was not 100%. The trace confirmed that the main culprit was the FIFO used in nodes. We then formally modeled FIFO of motes and it was found FIFO overflows in certain cases when data traffic is too high. The FIFO is remodeled by adjusting its size and verified using formal modeling until we were able to satisfy the 100% throughput property. We thus have proved that formal modeling can detect and remove bugs and worst cases which are not evident using computer simulations. This paper discusses this innovative methods of finding bugs in sensor networks by using formal verification and share the results with research community.

Gossip routing protocol for forest fire detection using wireless sensor networks

Multicast routing protocols such as flooding are inefficient for large scale wireless sensor networks. The Gossip protocol provides a better approach with less retransmissions for the routing of data from sensors to the base station. In this paper we propose an implementation of the Gossip protocol on TinyOS. We produce simulation results for the protocol. We also do formal verification of the Gossip protocol for WSNs. In this way hidden vulnerabilities in the protocol are exposed.

RAEED: A solution for hello flood attack

Hello flood attack has long been a problem in ad-hoc and wireless networks during data routing. Although numerous solutions have been proposed, they all have drawbacks. The main reason is that formal modeling techniques have not been employed to confirm whether the solutions are immune from DoS attacks. We have earlier shown how formal modeling can be utilized efficiently to detect the vulnerabilities of existing routing protocols against DoS attacks. In this paper we propose a new protocol, RAEED (Robust formally Analysed protocol for wirEless sEnsor networks Deployment), which is able to address the problem of Hello flood attacks. Using formal modeling we prove that RAEED avoids these types of attack. Finally computer simulations were carried out to support our findings. RAEED employs an improved bidirectional verification and the key exchange characteristics of the INSENS and the LEAP. RAEED preserves the security and reduces traffic. The improvements in RAEED were the less number of messages exchanged, less percentage of messages lost and reduction in time to complete key setup phase.

Achieving energy efficiency through load balancing: A comparison through formal verification of two WSN routing protocols

Network lifetime is one of the most crucial factors that affect the performance of a Wireless Sensor Network (WSN). In order to maximize the network lifetime, it is essential that a routing protocol is designed from the purpose of energy efficiency. One way through which energy efficiency can be achieved in a protocol is by evenly distributing load among all the nodes in the network. This paper introduces Robust Formally Analysed Protocol for Wireless Sensor Networks Deployment with Load Balancing (RAEED-LB). This protocol takes the decision of selecting the next node on the basis of load balancing. The performance of RAEED-LB and RAEED is compared through formal verification. The formal verification results show that RAEED-LB achieves network lifetime gain in the range of 10% to 35% over RAEED.

Application of formal modeling to detect black hole attacks in wireless sensor network routing protocols

Black hole attack has long been a problem in wireless in data routing. Although numerous solutions have been proposed, they all have drawbacks. The main reason is that formal modeling techniques have not been employed to confirm whether the solutions are immune from black hole attacks. We have earlier shown how formal modeling can be utilized efficiently to detect the vulnerabilities of existing routing protocols against black hole attacks. In this paper we propose a new protocol, RAEED (Robust formally Analyzed protocol for wirEless sEnsor networks Deployment), which is able to address the problem of black hole attacks. Using formal modeling we prove that RAEED avoids this type of attack. Finally computer simulations were carried out to support our findings.

Formal modeling and verification of Rumor Routing protocol

Wireless sensor networks (WSNs) employ small power constrained nodes. The communication protocols used to route data in these networks is a decisive factor in determining the efficiency and the life of the networks. The Rumor Routing (RR) protocol is a variant of directed diffusion family of routing protocols used in WSNs which lack location awareness. Formal modeling is used by researchers these days for the comprehensive testing of different communication protocols. The results from formal verification are valid for all possible scenarios facing the model, making this technique better than other testing techniques. Automated verification of properties is done using computer-based tools such as the SPIN model checker. Based on formal modeling, we have developed a formal framework which can automatically verify different wireless routing protocols against multiple factors like security attacks, efficiency, network life, energy conservation etc. Our framework is a combination of formal methods and computer simulations to exhaustively test any given protocol. In this paper, we apply our formal framework to the RR protocol. The RR protocol has been converted to finite state models using model checking tools and then verified by applying LTL properties. The framework has confirmed to us the existence or absence of errors. Traces were generated showing the reason(s) as to why and how if any of these properties had failed. These traces are then simulated using simulators for analysis of the reason(s) of failure. This work to our knowledge is novel and the RR protocol has not been verified earlier for energy efficiency before using this methodology.

Evaluation of model checkers SPIN AND UPPAAL for testing wireless sensor network routing protocols

Formal modeling and verification has been under consid-erable attraction of researchers these days. Using formal methods one can find bugs and hidden errors in different systems, codes and protocols. As formal models can detect worst case scenarios which are not possible in computer simulations and other testing techniques, they are often employed by researchers to detect flaws in security protocols. A lot of hidden errors have been detected in encryption techniques and secure routing protocols by analyzing them using formal modeling and verification. Although many tools have been developed to perform formal verification; but SPIN and UP-PAAL are most frequently used by researchers to demonstrate some previously unreported weaknesses. This paper analyzes these two model checkers in terms of learning time, ease of use and their features of modeling and verification. We later annotate our findings by applying these tools against a wire-less sensor network routing protocol. We claim that our paper can help future researchers to decide which formal modeling tool is best in a particular scenario thus saving a lot of time in decision making.