Investigation on jamming detection in WSN using optimal decision rule

Abstract

A jamming attack is a special case of a Denial of Service (DoS) attack that completely blocks the data transmission in Wireless Sensor Networks (WSNs). When sensor nodes are distributed in the field, numerous attacks, such as collision, black hole, selective forwarding, jamming, etc., caused by the presence of malicious nodes have the potential to cause network damage. Jamming is a highly risky attack that completely blocks data transmission within the wireless network. The existing technique for detecting jamming attacks are based on predetermined hopping-sequence, cryptographic, or random frequency hopping techniques. However, these mechanisms are more complex and frequently have energy constraints and high overhead. A novel jamming detection method based on a statistical approach that provides high network performance measures is proposed. It is a technique that uses energy-based clustering with a Received Signal Strength Indicator (RSSI). The selection of thresholds used for the detection of jamming is analyzed. The proposed approach employs three detection performance metrics for investigating the jamming attack, namely, Packet to Delivery Ratio (PDR), ENERGY, and RSSI. The jamming node is identified using the Optimal Decision Rule (ODR), which is determined by the hypothesis rule. If the hypothesis is not satisfied, then jamming exists; otherwise, there is no jamming. The novel technique is implemented using a Network Simulator, and various performance metrics such as PDR, Energy consumption, Network throughput, Routing overhead, network, and node lifetime are evaluated to conclude that the statistical approach outperforms the timestamp and IEWMA approaches.

Keywords

Statistical hypothesis WSN

1 Introduction

Wireless Sensor Networks (WSNs) are a collection of sensor nodes that are distributed, easily reusable, or rechargeable networks that can sense, monitor, or process various data such as sound, temperature, mobility, etc. [1]. Despite many innovative technologies and advancements in WSNs, security is a prime concern. They play an important part in numerous applications, including those related to the military, medicine, object tracking, nuclear power plants, and environmental monitoring. Due to resource limitations, they lack security in many applications, such as military sensing and tracking. To apply the WSNs in various fields, it is mandatory to supply high-level security to the networks in various forms using efficient security frameworks or proactive protocols. The sensor nodes work in a rapidly evolving infrastructure and direct the collected data to the sink node for further analysis [2].

Sensor nodes can be well-organized in nature as clusters or as planes. The flat networks are highly secure, and investigating the effects of jamming is also easier. But, the clustering type of network is not highly secure. Besides, if the identity of a cluster is known, the entire nodes under the cluster are blocked. The clustering is done using a sophisticated methodology to select the Cluster Head (CH) and Cluster Members (CM). The clustering follows a hierarchy between two layers. The higher layer formed is the CH, and the lower layers formed are known as CM. Each CH will have several CMs in each group, as illustrated in Fig. 1. Each CM communicates with other members in the different clusters through the CH, and the CH gets the other CH’s information through the Base Station (BS). Once the clustering is done, no new nodes can join the network or leave the network, as it is static. This achieves higher clustering energy efficiency, decreases collision, and increases throughput.

Fig. 1

Clustered network mode.

The clustering algorithm plays a vital role in the selection of CH. There are many optimized clustering algorithms for WSNs based on Machine Learning and Computational Intelligence concepts. Some existing algorithms are Cluster-Head Election using Fuzzy Logic (FCH), LEACH-FL, and Energy-Aware in Unequal Clustering (EAUC). All these techniques commonly have advantages like high network lifetime and ease of access. But, they may suffer from high energy consumption and low selectivity. In the proposed methodology, enhanced techniques are developed for selecting CH based on ENERGY and RSSI to increase the stability of the link.

The communication between the source node and the CH/BS (sink) is usually minimal. Hence the sensor nodes operate at low radio power. Often, the transmitted power is a few milliwatts, and the transmission range is limited to tens of meters, so they are highly vulnerable to jamming attacks on the physical and data link levels [3].

The ultimate aim is to detect and localize the jamming attack. Commonly, RSSI, carrier-sensing time, Bad Packet Ratio (BPR), and PDR are used in the detection metric. Most of the research focuses on security issues in WSNs. The following points motivated the research work:

Due to the vast applications of WSNs in the military, there are some implementation problems. Therefore, the existing countermeasures against the detection of jamming attacks lack efficiency, and utilization is difficult.

There are commonly several types of attacks in WSN, the jamming attack is the most prevalent. This attack prevents the network from functioning, posing significant challenges, and detection is challenging in cluster-based network structures.

It is undeniable that the existing approaches consume more energy, and the probability of jamming detection is low.

Though the Internet of Things (IoT) is now predominant in research, WSN is scalable and the IoT system uses WSN only with the router of the network to gather the data. These reasons promote the WSN in the market even with the advent of IoT. With the rapid growth in communication technology, sensor network has been envisioned as a key component of the emerging Internet of Things (IoT) technology.

The presence of jamming is calculated in the existing systems by comparing the observed jamming detection metric value with their corresponding jamming detection metric threshold value. The system restricts the existence of jamming based on the threshold used for detecting the jamming. False results can occur if the obtained jamming detection metric is incredibly near the edge of the threshold jamming detection metrics. These points help us to motivate and develop a technique. The proposed work’s major objectives are to detect jamming with less overhead, less energy consumption amount, and better node and network lifetime. Therefore, the decision rule requires a process to optimize the jamming detection metrics and to access precisely the existence of jamming. To accomplish this, the jamming detection algorithm based on a statistical approach is developed and evaluated.

Table 1

Comparison of Various methodologies and the metrics

Author	Technique used	Metric used	Disadvantage
K.P. Vijayakumar, et al. [5]	Cluster-based jamming detection	PDR	PDR is not up to the extent when the number of nodes increases
Hymlin Rose et al. [6]	Timestamp	Time limit	Methodology for clustering takes more time, as it depends on the Node Coverage Range (NCR)
Carolina Del-Valle-Soto [17]	Optimization technique	Energy consumption	High overhead
Rajani et al. (2009)	Swarm intelligence and ant system	Probability of selecting a link between nodes	It involves fixing the threshold of the decision parameter for each node under different conditions, which is fraught with pitfalls
Pradeep Mohan Kumar [18]	Fuzzy logic	PDR, PLR	It imposes the avoidable burden of acknowledgments.
Strasser et al. (2014)		Received Signal Strength (RSS) and Bit Error Rate (BER)	Computational and memory-space resources.
Said Saif et al. (2016)	–	PDR, PSR, and RSSI	Increase in power

The paper is structured as follows. Section 1 represents the introductory part and the objective of the paper. Section 2 analyzes the various methodologies used to detect the jamming attack and the inference from various techniques. Section 3 demonstrates the methodology used for investigating the jamming attack and the system model. Section 4 illustrates the performance metrics and the comparative analysis of the proposed statistical methodology to the timestamp and IEWMA technique. Finally, the conclusion is explained in Section 5.

2 Related works

Due to its broadcasting nature and need to be accessible from outside the world during data transmission, WSN must overcome numerous obstacles. Jamming is one of the most critical problems encountered. Physical, data link, and network layers are affected by the jamming attack, which prevents the node from receiving data by preventing the signal from being transmitted. [4]. Jamming overrides the transferred signal by sending a high level of noise, This lowers the Signal-to-Noise Ratio (SNR), which means fewer packets can be sent successfully.

K.P. Vijayakumar et al. [5] formulated an idea for node jamming detection in the cluster-based sensor network for protecting the WSNs from jamming attacks. The proposed framework uses PDR to detect the maliciousness of the nodes. First, the network defends against the external nodes, which are already considered jammers. Secondly, it identifies the nodes, which are present internally. The simulation results show that the system very well detects jamming at a high detection rate for maliciousness and a low false detection rate for the jammer. But, the PDR is not up to the extent when the number of nodes increases.

Hymlin Rose et al. [6] proposed a timestamp method for jamming detection, which suits a clustered network, involving two main contributions as suggested. The major contribution is the Node Coverage Range (NCR) technique for clustering the nodes and timestamp for detection of jamming. The jamming is detected when the encrypted acknowledgment does not reach the receiver within the timestamp. Also, the signature is mismatched in the receiver. The transmission then stops and is re-diffused along a different path. The clustering method is more time-consuming because it depends on the Node Coverage Range (NCR), which causes a delay.

Nejla Rouissi et al. [7] formulated a new smart algorithm for avoiding jamming, a kind of Denial of Service (DoS). The proposed algorithm combines the direct sequence spread spectrum, time-hopping spectrum, and frequency-hopping spread spectrum techniques. The authors attempted to optimize their characteristics by combining them in order to address each individual’s flaws. While safety has been improved to defend against DoS attacks, the efficiency of this algorithm has still not been proven.

There are many existing countermeasures for the jamming attack, but they have certain drawbacks in detection when the network is clustered. Such issues are critical because of severe resource constraints like energy utilization, the lifetime of the network, and drastic environmental conditions in WSNs. The clustering technique can increase the lifetime of the network, eventually. After the rigorous theoretical and practical analysis of innumerable security challenges, attacks and a detailed literature survey, we have introduced an efficient statistical approach based on the decision rule to investigate jamming and supply secure and efficient transmission in clustered wireless sensor environments.

The commonly used metrics as per the literature, are PDR, PSR, BPR, and RSSI. The comparative study of the metrics used in some of the jamming detection techniques so far proposed is given in Table 1.

Table 2
List of symbols used in the paper

Symbols Definition

Xi Coordinate of the sensor node

A Area of the sensor node

E(r,d) Energy consumption with respect to data bit and distance

d Data bit

r Distance

ɛ Attenuation mode

E _residual Residual energy

E _initial Initial energy

M Mobile node

I Sender node

D Destination node

S Intrusion prevention node

Xo Location of the node

P (xi) noise-free signal received at the ith sensor node

E₀ Signal Power

do Reference distance

di Euclidean distance between the ith sensor node and the attacker.

Ho Null hypothesis

Hi Alternate hypothesis

n (x_i) white Gaussian noise at the sensor node.

s (x_i) sensor node located at (x_i,y_i)

r_i receiver located at (x_i,y_i)

ɛ_i Relative error

$\hat{d_{i}}$ , Estimated distance

P _i Received power in dbm

P _o received power in dBm in the reference distance do

pl Path loss exponent

γ Decision threshold

I (xi) Sender ode binary local decision

P_d (x_i) probability of jamming detection

Ec energy consumption

Q Probability function

E energy enhancement of nodes

p Transmitted power

τ Random number

n Number of nodes

Λ_{m
_i} Decision metric

Λ_DR Log Likelihood Ratio

P (Λ_{m,H_i}) likelihood of the decision metric

Γ Network throughput

δt Packet Delivery Ratio

P(s) Packets transmitted over the specified time

Lv_xT Lifetime of a node

LN_t Network lifetime

P _r Resilience

T Simulation time

m(j) Number of nodes compromised

Symbols	Definition
Xi	Coordinate of the sensor node
A	Area of the sensor node
E(r,d)	Energy consumption with respect to data bit and distance
d	Data bit
r	Distance
ɛ	Attenuation mode
E _residual	Residual energy
E _initial	Initial energy
M	Mobile node
I	Sender node
D	Destination node
S	Intrusion prevention node
Xo	Location of the node
P (xi)	noise-free signal received at the ith sensor node
E₀	Signal Power
do	Reference distance
di	Euclidean distance between the ith sensor node and the attacker.
Ho	Null hypothesis
Hi	Alternate hypothesis
n (x_i)	white Gaussian noise at the sensor node.
s (x_i)	sensor node located at (x_i,y_i)
r_i	receiver located at (x_i,y_i)
ɛ_i	Relative error
$\hat{d_{i}}$ ,	Estimated distance
P _i	Received power in dbm
P _o	received power in dBm in the reference distance do
pl	Path loss exponent
γ	Decision threshold
I (xi)	Sender ode binary local decision
P_d (x_i)	probability of jamming detection
Ec	energy consumption
Q	Probability function
E	energy enhancement of nodes
p	Transmitted power
τ	Random number
n	Number of nodes
Λ_{m _i}	Decision metric
Λ_DR	Log Likelihood Ratio
P (Λ_{m,H_i})	likelihood of the decision metric
Γ	Network throughput
δt	Packet Delivery Ratio
P(s)	Packets transmitted over the specified time
Lv_xT	Lifetime of a node
LN_t	Network lifetime
P _r	Resilience
T	Simulation time
m(j)	Number of nodes compromised

The recommended work is based on a statistical approach employing a decision rule for choosing or selecting the route to the destination with the optimal value of the link and energy. The proposed work is thus visualized to pick out precisely the statistical approach, which effectively determines and selects the most effective path supporting the optimum value of the reference. The standard jamming detection technique should have high-energy performance, low probability detection, and high resistance to anti-jamming techniques that disturb communication to a high degree and reduce the detection probability. It is extremely resistant to anti-jamming techniques and communication interferences. Other than that, the security level is examined based on the resilience of the network. Resilience is the maximum-security level obtained by the network even though some malicious nodes are present. Resilience is directly related to link establishment. When the link is stable, connectivity is maintained in the network, which reduces the security level.

3 Proposed system

3.1 System model

A system model for sensing the sensor network and communication within the WSN is presented in this section. Additionally, a stochastic geometry model is given for the WSN. The network is tasked with detecting any malicious node entering the field. The sensor nodes are randomly distributed within the area, A ∈ R × R, where area A is assumed to be significantly large. The location of the nodes is also randomly selected and is clustered uniformly. Clustering is done by combining Energy and RSSI, as discussed in section 3.2. The coordinate of the sensor node is X_i = (x_i, y_i) ^T, i = 1,2,3, … ..n, which is uniformly distributed. These nodes send information to all the sensor nodes that need to interconnect in their location. Consistent with the intensity of this signal, the sensor node can estimate the space between them. Among the several models proposed for estimating the space between two sensor nodes, the foremost realistic and commonly used metric is the Received Signal Strength Indicator model (RSSI). The flowchart describes the detailed technique in Fig. 2.

Fig. 2

Flowchart of a statistical method.

The metric RSSI is the ratio of the received signal strength to the reference power. The lower signal strength denotes the presence of jamming. However, the signal strength becomes low when the link is not stable. Upon using RSSI, it is difficult to differentiate the normal scenario in some instances. Therefore, RSSI alone cannot be used to detect the presence of jamming. Thus, the RSSI can be combined with other metrics to detect the presence of all types of jamming attacks at the physical layer. As per the discussion in the literature, PDR and RSSI are the commonly used metrics, but for better detection, ENERGY is also included as a metric.

It is presumed that the sensor nodes within the field are distributed randomly and remain unchanged during this network model, as shown in Fig. 2. The Cluster Head (CH) plays a major role in the detection of jamming because it only evaluates the metrics employed in the detection of jamming. The Cluster Members (CM) are optimized to possess a threshold value of MPDR, MENERGY, and MRSSI so that their energy cannot be drained. All sensor nodes are equipped with a non-directional antenna to maintain the identical transmit power to each of them. The information packet is sent through the CH and arrives at its destination after several hops. Each node uses its routing table to send the information from one node to its neighbours using Optimized Link State Routing (OLSR). The routing table includes a list of the neighbor’s position and, therefore, the number of hops required for transmission.

3.2 Energy and RSSI-based clustering

In this methodology, the clustering of nodes in the network is based on their energy. The sensor nodes are organized in the form of clusters. The clustering algorithm is employed to group all of the network’s nodes. Each node is allotted a certain amount of energy. The autocorrelation of the node’s energy is evaluated to employ self-access [15]. The energy-efficient homogeneous clustering persists throughout the lifetime of the sensor networks. The grouping is finished with the assistance of the node’s energy.

With the high-energy node, the CH is chosen; therefore the remaining nodes within the group are identified as CMs, as shown in Fig. 3. The selection of CH is based on the value of residual energy and the link quality of the sensor nodes. These cluster heads collect sensor data from other nodes in the vicinity and transfer the aggregated data to the base station. Since data transmission to the base station dissipates much energy, the CH has to be altered. This rotation of cluster heads leads to the balanced energy consumption of all the nodes.

Fig. 3

Flowchart for the clustering algorithm.

Energy consumption E(r,d) depends on the amount of data transmitted. For ‘n’ bit data with a distance ‘r’ meters and ɛ be the attenuation mode, energy consumption is given as, $E (r, d) = d \times E_{data} + d \times ɛ \times r^{4}$ (3.1)

The remaining energy present in the node after the consumption is residual energy (E_residual). It is also defined as the difference between the initial amount of energy (E_initial) and energy consumption. $E_{residual} = E_{initial} - E (r, d)$ (3.2)

The mobility factor is a prime key for selecting the cluster head. It is evaluated based on the autocorrelation mobility model since it is directly related to energy, and the link quality is obtained. Let’s assume that the concept of remoteness and the transition count is used to calculate the mobility factor. These bits of information allow each cluster head to create a cluster of members with low node mobility. The node with minimum mobility factor and highly stable link quality is chosen by the CH. The novelty in this approach is the Energy and RSSI-based clustering. It is the first and foremost technique used with these two combinations.

3.3 Jamming detection technique

The proposed statistical approach for jamming detection measures the behavior of the node within the network and is administrated by the present nodes and the new node activity using the parameters of the jamming evaluation like PDR, ENERGY, and RSSI, which defines the existence of jamming from the calculated value. The optimum rate or threshold is added to the jamming evaluation parameters (PDR, ENERGY, and RSSI) to determine whether the jamming is in the correct form. All nodes have the same amount of energy available at the start of the simulation. This assumption is focused on considering the network’s operation from the beginning when all nodes have new batteries with the same energy level. Figure 4 depicts the block diagram of the methodology, which consists of the steps outlined below.

Fig. 4

Block diagram of the statistical method.

Step 1: The statistical approach calculates the very best or peak values of the jamming evaluation parameters using the statistically calculated jamming evaluation parameters (PDR, ENERGY, and RSSI). The assessed metric values are maximum and found to have more than the threshold value, which are then fed to the system as input.

Step 2: The inputs are defined as threshold values, and the output threshold is given to the inference element. This part transforms the threshold input into the threshold output using the appropriate Decision Rule (DR). The DR considers PDR, ENERGY, and RSSI’s various probabilistic possibilities of a choice, thus formulating the first moment. Meanwhile, the DR chooses the maximum value based on probabilistic decisions.

Step 3: The CH translates the threshold output into the default value, detecting jamming within the cluster in the area. The sensor node is found to be jammed if it does not.

The threshold value is chosen because the reference value is stored already in CMs, CHs, and BS memory. The CH plays a role in detecting the presence of jamming at the CM, and the BS plays a vital role in detecting the presence of jamming at the CH within the WSN. Once the jamming node is found, the CH selects the most effective path supported by available information using Optimized Link State Routing (OLSR).

3.3.1 Pseudocode for OLSR routing

The Pseudocode for OLSR routing is given below:

M ← mobile node

S ← Sender node // S ɛ M

D ← Destination Node // D ɛ M

Begin

If (node n updated routing packet || node n not forward data to destination)

Next hop = intermediate node

S create table all misroute node n;

Send reply packet to source node about misbehav ior node n;

node S block the misbehavior node n;

recompute_path ();

Else

{

Establish a secure path;

}

9. recompute_path (sender, destination, route-pkt)

{

if (node m in radio range & neighbor

node is not malicious)

{

create route table ();

Receives route packet destination;

}

Else {node out of range or destination

unreachable;

Return

}

endif

end

3.3.2 Methodology

The WSN is functionally divided into three sections, as explained in the block diagram depicted in Fig. 4. The first section presents the sensing model of the three parameters PDR, ENERGY, and RSSI. The average values obtained are compared with existing peak values, and the jammed node is tracked if the value is adequately small. Secondly, sensing based on the threshold value is mathematically formulated. Finally, the decision that the jamming node is present or not is based on the hypothesis rule.

The operating steps of the statistical approach are proposed as follows:

Both sensor nodes are in sleep mode until the timer matures periodically.

Estimate each CM’s PDR, ENERGY, and RSSI in the cluster.

Deduce the common PDR, ENERGY, and RSSI.

Choose mathematically the threshold MPDR, MENERGY, and MRSSI from the common PDR, ENERGY, and RSSI.

Join the threshold deducted (MPDR, MENERGY, and MRSSI) because it is the output to the clustered network.

The statistical approach calculates the optimal value supporting the DR.

Finish the CM as jammed or not from the statistically determined standard value.

If the attacker at a location x_o € A is identified, then the RSSI of the signal transmitted varies with distance in accordance with the relationship between signal strength, power, and range. The noise-free signal received at the ith sensor node has the subsequent form $P (xi) = \frac{\sqrt{E_{0}}}{\max (d_{0, d_{i}})}$ (3.3)

Where E₀ is the signal power, do is the reference distance, d_i is the Euclidean distance between the ith sensor node and the attacker. Each sensor node samples the environment to decide whether an intruder is present. The collected data at the ith sensor node under the null and alternative hypotheses, H₀ and H₁, respectively, take the following form: $H_{1} : s (x_{i}) = p (x_{i}) + n (x_{i})$ (3.4) $H_{o} : s (x_{i}) = n (x_{i})$ (3.5)

The sensor node decides based on the hypothesis

H_o: if jamming and

H₁: if no jamming where n (x_i) is white Gaussian noise at the sensor node.

Let r_i be a receiver located at (x_i, y_i) and s_i be the sensor node located at (x_i, y_i). We define the relative error ɛ_i about s_i as follows. Suppose that s_i reads a distance $\hat{d_{i}}$ , While the actual distance is d_i. The relative error is $\in_{i} = \frac{\hat{d_{i}}}{d_{i}} - 1$ (3.6)

The RSSI can be expressed as the received power in dBm, and it is formulated as, $P_{i} = P_{o} + 10 pl * \log (\frac{d_{i}}{d_{o}})$ (3.7) where Po is the received power in dBm in the reference distance, do, and pl is the path loss exponent, which is a constant and varies from 2 to 4. Each sensor nodes compute its binary local decision threshold γ i.e. $I (x_{i}) = {∥ \begin{matrix} 1, p (x_{i} ⩾ γ \\ 0, p (x_{i} < γ \end{matrix} ∥}$ (3.8)

In each cluster, the cluster head collects the local decisions of the sensor nodes and sends the sum to the cluster members. From the obtained RSSI, the local probability of jamming detection is given as, $P_{d} (x_{i}) = Q (\frac{γ - p (x_{i})}{σ_{m}})$ (3.9)

Where σ_m is the variance and Q(.) is the Gaussian Q-function given by $Q (x) = \int_{x}^{\infty} \frac{1}{\sqrt{2 π}} e^{- \frac{t^{2}}{2}} dt$ (3.10)

Variance is given by the customized value as $σ_{m} = \sqrt{\sum_{i = 1}^{m} ({(P (x_{i}) - \bar{p (x})}^{2}}$ (3.11)

Where $\bar{P (x)} = \frac{1}{m} \sum_{i = 1}^{m} P (x_{i})$ . Note that the probability of detection depends on the target parameters P (x_i) γ. Using the stochastic process, the DR is evaluated, which is the weighted sum of all the decisions of the sensor nodes. If m represents the number of clusters, then the decision metric for all clusters is given as $Λ_{m_{i}} = \sum I (x_{i})$ (3.12)

The Log-Likelihood Ratio (LLR) based on the decision metric is expressed as $Λ_{DR = \sum_{m = 1}^{M} \log (\frac{P (Λ_{m), H_{1}}}{P (Λ_{m)}, H_{0}})}$ (3.13) where P (Λ_{m,H_i}) is the likelihood of the decision metric, evaluated in Equation 3.12. Based on the equation, the probability of detection is evaluated, which is solely looking at the received signal power. Eventually, the choice rule maximizes the expected payoff. In this case, RSSI is chosen among all the alternatives. Such a rule is termed as Optimal Decision Rule (ODR), which is described within Equation 3.13.

The PDR counts the number of packets successfully sent or the number of acknowledgments received respectively. Jamming is identified when the probability of the receiver power falls below a specified threshold. Jamming may also be investigated if the ratio of successfully transmitted packets in percentage falls below a certain threshold. Table 1 shows symbols used throughout the paper and their corresponding definition.

4 Results and discussion

The effectiveness of the proposed jamming detection method is demonstrated and accessed with the NS-2 simulation. A regular field of random node deployment is taken into account. Totally 50 wireless sensor nodes were located over a part of 500×500 m. In this paper, we have implemented a jammer using a TelosB mote that uses a CC2420 radio chip. The experiments are carried out using a source node and a sink node. The nodes are randomly deployed and grouped based on the energy of the individual nodes. The OLSR routing has high energy savings compared to AODV and DSR, so the data is transmitted through the OLSR method. The MAC layer has been selected for the IEEE 802.15.4 protocol and the physical layer parameters should be the threshold for PDR and RSSI. Each simulation assumes that the sensor network operates proactively, or in other words, that all sensor nodes submit periodic reports to the sink node. The configuration details of the simulation are shown in Table 3.

Table 3
Simulation parameter configuration

Type of parameter Value

Packet Size 64

Initial Time Value 0.05

No. of nodes 50

Simulation Area 500×500

Simulation Time 100 secs

Channel Wireless

Propagation model Two ray model

Communication Range 250m

Routing Protocol OLSR

Total Packet size 1024 bytes

Initial Energy 100Joules

Frequency 914MHz

Type of parameter	Value
Packet Size	64
Initial Time Value	0.05
No. of nodes	50
Simulation Area	500×500
Simulation Time	100 secs
Channel	Wireless
Propagation model	Two ray model
Communication Range	250m
Routing Protocol	OLSR
Total Packet size	1024 bytes
Initial Energy	100Joules
Frequency	914MHz

Once the network is constructed, each node is equipped with its energy, and the nodes are grouped by their energy. Also, the one with the maximum energy within the network is selected as a CH. Additionally, every node has its routing table with its node ID, cluster number, neighbor node, no of hops to the neighbors, and every node will send its node ID to any or all network nodes, as shown in Fig. 5.

Fig. 5

Network model.

Fig. 6

Transmission of a Node ID.

Every node sends the control packet, and it depends on two crucial parameters, namely, RSSI and energy consumption by the node. These are sent along with a HELLO packet whenever a node wants to know its neighbor’s information for data transmission. The threshold of values MRSSI and MENERGY are mathematically calculated and stored in the node’s memory. It is compared with the present RSSI and ENERGY of the node. If the current value is below the threshold, it can be thought of as a node that will be jammed.

The ‘Node 0’ is to be chosen as the Data Center (source node), node 36 is the sink node, and node 37 is the jammer node, as shown in Fig. 5 and once clustering is done, every node starts to transmit its ID to all the nodes in the network.

4.1 Selection of threshold

Before demonstrating the performance analysis, the scheme evaluates the status of the link and makes an informed decision about the actual route breakage. Also, the optimal threshold value is chosen from the analysis shown in Figs. 7, 8 & 9, which presents the performance comparison of an average number of route breakage, average delay, and throughput with different values of γ.

Fig. 7

Average number of route breakage for various values of γ.

Fig. 8

Average delay for various values of γ.

Fig. 9

Throughput for various values of γ.

A fresh approach that looks at the spectrum of link break position thresholds in relation to network length is considered. To find the best option for the proposed work, these threshold ranges will be tested using network scenarios built for this study in NS2. Route breakage declares the route as broken if the DR is not satisfied. It depends on the binary local decision threshold γ, which accesses the link quality based on Equation 3.9. The constant defines the impact of reporting route breakage with respect to surrounding interference levels. The average number of route breakage concerning the data rate is illustrated in Fig. 7. From the presented results, it is observed that the lowest value of γ makes it sensitive and responsive to link failure notifications, resulting in a higher number of route maintenance.

Consequently, selecting the threshold value ought to be optimal, as y = 4 renders it unresponsive in a manner that a large number of link failure notifications are generated. γ=2 is selected for the rest of the simulation as it gives an optimized performance in terms of the average number of route breakage, average delay, and throughput.

The average delay for the various values of γ, as in Fig. 8 against the data rate, shows that the delay will remain constant for the low data rate as the low data traffic does not congest the network. But, when the data rate keeps increasing, the delay will become higher irrespective of the γ value. Similarly, the throughput analysis with respect to the data rate also impacted a high role in selecting the threshold value, as demonstrated in Fig. 9.

4.1.1 Analysis of relative error

The relative error (ɛ) described in Equation 3.6 measures the performance of the proposed technique. The number of nodes reflects the node density of the network, as the simulation area is assumed constant. The relative error decreases with the increase in the number of nodes, as shown in Fig. 10.

Fig. 10

Impact of node density.

4.1.2 Analysis of the impact of PDF and relative error

Based on the Probability Distribution Function (PDF), which solely depends on the constant γ with respect to the relative error, it can be computed and shown below. This calculates the probability of jamming detection, p_d(γ_i). In this section, the probability of jamming detection, besides the relative error by choosing the threshold γ= 2 is illustrated in Fig. 11.

Fig. 11

Analysis of the probability of jamming detection.

4.2 Performance analysis

This section presents the performance analysis of the proposed statistical approach regarding the extent of PDR, energy consumption amount, node lifetime, network lifetime, network throughput, and routing overhead. For comparison, the IEWMA numerical method and timestamp techniques are used. The performance analysis of the optimization algorithms concerning time is conducted. The analysis and their mathematical calculations are described in the next section. All the performance metrics play a significant role in deciding the characteristics of the network.

4.2.1 Analysis of energy consumption

It is demonstrated by considering the initial broadcast energy of 0.2 J, and the scientific model is articulated based on the network throughput as Γ > 0. The energy consumption calculation of WSN nodes is given as, $Ec = \sum_{p = o}^{T} p \times n \times (1 + P (p) . Q) \times \frac{P (p)}{(n + Q) \times}$ (4.1)

Where Q is the probability function s + τ, τ is the random number, e is the energy enhancement of nodes, P (p) = E_initial × (1 + e), E_initial is the initial energy, n is the number of nodes, p is the transmitted power.

Figure 12 depicts average energy consumption with a variable number of opponent nodes in an exceeding network, showing that the statistical approach outperforms IEMWA and timestamp. The most important reason for saving energy is by effectively clustering and detecting the jamming from the RSSI. The optimal decision rule makes it time effective, which does not drain the energy of the sensor nodes. It also helps detect the jamming node by making it more energy-intensive. The energy consumed is nearly 50% lesser than the timestamp technique. Since the routing overhead is reduced, the common energy consumed will get reduced.

Fig. 12

Analysis of average energy consumption.

4.2.2 Analysis of PDR

It is the sum of the number of data packets successfully received by the destinations and the number of data packets produced by the source. The packet delivery ratio depending on time, is given as, $PDR, δ_{t} = \sum_{s = 0}^{t} 1 - {(1 - \frac{m}{| n |})}^{s}$ (4.2) where the number of nodes is m and the interval of time is s

Figure 13 depicts the PDR analysis curve. It is noted that the PDR attains a maximum percentage with a time duration of 20 secs, which is 45 secs in the case of timestamp and 30 secs for the IEWMA approach. Indeed, there is a rapid improvement within the PDR by the rise in time, which eventually reduces the Packet Loss Rate (PLR). When the RSSI is less, PDR is low and the link quality is not good, which affects the clustering.

Fig. 13

Analysis of packet delivery ratio.

4.2.3 Analysis of network throughput

It is defined as the average number of packets received successfully from all clusters per unit of time. Throughput (bits/sec)=sum (number of successful packets) *(average packet size))/Total time sent in delivering that amount of data.

In some instances, the network throughput reduces to zero due to jamming. Let $r$ be the transmission range and t be the time in secs. Mathematically, the network throughput can be expressed as, $Γ = \sum_{t = o}^{T} δ_{t} (1 - \frac{r}{t}) / n$ (4.3)

The evaluation of network throughput is shown in Fig. 14, which shows that the network throughput is large since the proposed algorithm requires no additional information compared to the existing approaches for performing dynamic updates. Since packets routed along a compromised path cannot not reach the sink, this implies that the average delay per packet is infinite. In other words, routing attacks can result in a zero throughput and infinite delay without routing diversity.

Fig. 14

Analysis of network throughput.

4.2.4 Analysis of Routing Overhead

Routing overhead has been calculated by transmitting the data packet with a certain time interval, and it is expressed as, $Γ = \sum_{s = 0}^{T} \frac{P (s)}{1 - P (s) \times ⌊ n, round (\frac{1}{p (s)} ⌋}$ (4.4)

Initially P (s) =0 . P (s) denotes the packets transmitted over the specified time duration.

Figure 15 shows that the proposed method has a minimum amount of routing overhead compared to the other two approaches. The routing overhead is reduced to 40%, i.e., the overhead is reduced to half that of the IEWMA technique. This is because of the calculated RSSI in the cluster head. Since ENERGY and RSSI are to be evaluated at the CH, it has less overhead, which remains constant although the amount of nodes increases. Besides, in the clustering algorithm itself, the RSSI is evaluated, and in the jamming detection, it helps to avoid the unstable link from the CH to CM and thus preventing the jammed node from acting as the CH.

Fig. 15

Analysis of routing overhead.

4.2.5 Analysis of node lifetime

The lifetime of a node V_x, at time t, Lv_xT, is expressed as the ratio of the residual energy (E_residual) to the initial energy content of the node (E_init) and is expressed as a percentage value. $L v_{xT}, = \frac{E_{residual}}{E_{initial}} * 100 %$ (4.5)

The node lifetime of the sensor nodes for the proposed method is longer than the other two approaches, as shown in Fig. 16. The sensor nodes are in the sleeper state because the CH initially distributes the threshold PDR and RSSI to all or any of the cluster members. Therefore, energy does not deplete as quickly, and as a result, the sensor node’s lifetime is increased by 15% compared to the timestamp method.

Fig. 16

Analysis of node lifetime.

4.2.6 Analysis of network lifetime

It evaluates the network breakage status and the link between the nodes. It can also be related to the probability based on the number of effective nodes. Network lifetime is obtained by calculating the total lifetime of every node, and it is expressed as, $L N_{t} = \frac{\sum_{i = 1}^{n} L_{V_{it}}}{E_{init}} * 100 % .$ (4.6)

Once the node lifetime increases, the standard life of the network increases in proportionality, as illustrated in Fig. 17. The lifespan of the network increases by a maximum amount of 35% from the timestamp approach.

Fig. 17

Analysis of Network lifetime.

4.3 Resilience analysis

Resilience is the critical parameter that gives the security level of the network connection. The ultimate aim of resilience is its ability to regain its original status. There is a difference between robustness and survivability. If the network is highly connected, network resilience is more. Resilience is given by

$\begin{matrix} P_{r} = & [(\frac{facto (i)}{facto (m (j) \times facto (i - m (j)}) \\ (\frac{T}{γ}) m (j) {(\frac{1 - T}{γ})}^{(1 - m (j)}] \end{matrix}$ (4.7)

Where T is the simulation time, γ represents the threshold, i denotes the no. of Nodes compromised, and m(j) represents the no. of nodes being compromised after a certain no of nodes is compromised.As shown in Fig. 18, the lower the resilience, the more difficult it is for attackers to use the information stored in the captured nodes to attack other parts of the network.

Fig. 18

Resilience analysis.

4.4 Comparison result

In this section, we first describe the experiments on the WSN clustered model using NS-2. In this simulation, the packet traffic for the simulation is 10,000 packets /min for the entire simulation. It is taken into account that one of the main effects of attacks on WSNs is the increase in consumption in the attacked nodes, which reduces the useful lifetime of the nodes and the network. Therefore, estimating the consumption impact of both the attacks and the strategies adopted to improve system security is essential. Table 4 shows a comparison of all the performance metrics described in section 4.2.

5 Conclusion & future scope

The proposed statistical approach uses many output parameters of the network, like PDR, ENERGY, and RSSI, as threshold values. They are used as detection metrics to detect the occurrence of jamming within the WSN. The decision principle is built from these numerical values and the threshold is selected based on the analysis. The proposed statistical approach distinguishes the present nodes and the new node activity by calculating the jamming detection metrics for detecting the existence of jamming, namely PDR, ENERGY, and RSSI. The clustering of the network is done by an algorithm based on RSSI and energy. The proposed jamming detection approach is simulated using the NS-2 network simulator. The performance analysis and the selection of threshold based on the analysis are described. The simulation results show that, when compared to the other two approaches, the proposed method can effectively detect the presence of a jamming node with low or no overhead in WSN, a lower rate of packet loss and a lower amount of energy consumption, and a high node and network lifetime. The simulation results show that the proposed method can effectively detect the presence of a jamming node with low or no overhead in WSN, a lower rate of packet loss and a lower amount of energy consumption, high node and network lifetime compared to the other two approaches.

Table 4

Performance analysis of various techniques

Algorithm	Time duration(sec)	Energy consumption (J)	PDR (%)	Routing overhead (%)	Network throughput (%)	Node lifetime (%)	Network lifetime (%)
Timestamp	100	1300	96.7%	70%	10%	75%	50%
IEWMA	100	1100	98.6%	75%	45%	85%	65%
Statistical	100	500	99.5%	40%	65%	90%	78%

References

Huang

, Li

and Guizani

, Secure and Efficient Data Transmission for Cluster-based Wireless Sensor Networks, IEEE Trans Parallel and Distri Syst, 2012.

Shi

and Perrig

, Designing secure sensor networks, IEEE Wireless Communications 11(6) (2004), 38–43.

Misra

Sudip

, Singh

Ranjit

and Mohan

S.V. Rohith

, Information Warfare-Worthy Jamming Attack Detection Mechanism for Wireless Sensor Networks Using a Fuzzy Inference System, Journal of Sensors, pp. 3444–3479, 2010.

Yasin

Mariam

, Yasin

Adwan

Prof , Amjad

Abu Jazar

Dr. and Mohammad

Hamarsheh

Dr. , A Novel Wireless Sensor Networks Anti-jamming Technique Based on a Hybrid DS-CDMA/OFDM/FH, International Journal of Applied Engineering Research, ISSN 0973-4562 13(14) (2018), 11454–11460.

Vijayakumar

K.P.

, Ganeshkumar

and Anandaraj

, Jamming Detection System in Wireless Sensor Networks, International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) 3(4) (2014), 1369–1372.

Rose

S.G. Hymlin

and Jayasree

, Detection of jamming attack using the timestamp for WSN, Journal of Adhoc Networks, Elsevier, 2019.

Rouissi

, Gharsellaoui

and Bouamama

, A hybrid DS-FH-THSS approach anti-jamming in Wireless Sensor Networks, In Software Engineering Research, Management and Applications (SERA), 2016 IEEE 14th International Conference on, (2016), (pp. 133–139).

Bhavathankar

, Sarkar

and Misra

, Optimal decision rule-based ex-ante frequency hopping for jamming avoidance in wireless sensor networks, , Computer Networks 128 (2017), 172–185.

Kaushal

and Sahni

, Early Detection of DDoS Attack in WSN, International Journal of Computer Applications 134(13) (2016), 0975–8887.

10.

, Ma

, Trappe

and Zhang

, Jamming sensor networks: attack and defense strategies, IEEE Network 20(3) (2006), 41–47.

11.

, Trappe

, Zhang

and Wood

, The feasibility of launching and detecting jamming attacks in wireless networks. MobiHoc ’05; Proceedings of the Sixth ACM International Symposium on Mobile ad hoc Networking and Computing; Alexandria, VA, USA. 07–07 November 2005; pp. 46–57.

12.

Rajani

and Lisa

A.O.

, Jamming attack detection and countermeasures in wireless sensor network using ant system. Available online: http://www.cognitiveintelligence.com/documents/SPIEpdf/

13.

Çakiroğlu

and Özcerit

A.T.

, Jamming detection mechanisms for wireless sensor networks, Proceedings of the 3rd International Conference on Scalable Information Systems; Vico Equense, Italy. 04–06 June 2008.

14.

Gupta

, Riordan

and Sampalli

, Cluster-head election using fuzzy logic for wireless sensor networks; Proceedings of the 3rd Annual Communication Networks and Services Research Conference; Halifax, NS, Canada. 16–18 May 2005.

15.

Kim

J.S.

, Park

and Han

T.C.

, CHEF: Cluster Head Election mechanism using Fuzzy logic in Wireless Sensor Networks, Adv Commun Technol ICACT 654–659 (2008), 17–20.

16.

Ran

, Zhang

and Shulan

, Improving on LEACH Protocol of Wireless Sensor using Fuzzy Logic, Inf Comput Sci 3 (2010), 767–775. DOI: 10.1109/SENSORCOMM.2007.21.

17.

Del-Valle-Soto

Carolina

and Mex-Perera

Carlos

, A Low-Cost Jamming Detection Approach Using Performance Metrics in Cluster-Based Wireless Sensor Networks, Journal of Sensors 21 (2021), 1179.

18.

Kumar

Pradeep Mohan

, Rapid jamming detection approach based on fuzzy in WSN, International Journal of Communication Systems, Wiley, 2019. DOI: https://doi.org/10.1002/dac.4205