Analysis of Clone Detection Approaches in Static Wireless Sensor Networks

Wireless Sensor Networks (WSNs) are developing very fast in the wireless networks. The wireless sensor network has the characteristics of limited memory, small size and limited battery. WSNs are vulnerable to the different types of attacks due to its characteristics. One of the attacks is clone node attack in which attacker capture the nodes from the network and stoles the information from it and replicates it in the network. From the clone nodes, the attacker can easily launch the different type of attacks in the network. To detect the clone node, different methods has been implemented .Each method having advantages and limitations. In the this paper, we explain the different methods to detect the clone nodes in the static wireless sensor network and compare their performance based on the communication cost and memory. Article history Received: 21 July 2017 Accepted:08 August 2017

flood, Sniffing attack, Data integrity attack, Energy drain attack , Black hole attack, Denial of service, Physical attacks, Traffic analysis assault and clone Attacks 3 .One of the attacks is clone node attack in which attacker capture the nodes in the network and stoles the information from it and replicates it in the network.From the clone nodes, the attacker can easily launch the different type of attacks in the network 4 .
The main purpose of this paper to describe the different clone detection approaches in wireless sensor network.The rest of this paper is organized as follows.Section 2 describes about clone Attack.In section 3, we have discussed clone attack detection methods.In section 4, we summarize the existing Centralized and distributed detection protocols used to detect clone nodes in static sensor networks.We present a comparison between these protocols in section 5.

Clone Node Attack
To launch the clone node attacks, first the attacker captures the one or few of legitimate nodes from the network then attacker clones or replicates them in the network by using the secret information from the captured node.The attacker can easily launch the different type of attacks from the clone node and can decrease the performance of the network.The following are the causes of clone node attack:

•
It creates an in depth damage to the community due to the fact the replicated node also has the same identity because the legitimate member.

•
It is hard to detect replicated node and consequently authentication is hard 5 .

Clone Attack Detection
There are two types of wireless sensor networks: Static and Mobile.In static wireless sensor networks, the sensor nodes do not change their position after randomly deployment.The positions of sensor nodes are static in nature.In the second type (Mobile Wireless Sensor Network), the sensor nodes can change their position as per the requirement.So the sensor nodes are mobile in nature.There are different methods in static and mobile wireless sensor network to detect the clone node attacks.In the static WSN, there are two types of method to detect the clone nodes: Centralized and Distributed.
In a centralized method to detect the clone node, when a new sensor node wants to join the network, it first publicizes the message, which containing its location and identity, to the neighbors.The neighbors forward its location to the base station.With vicinity information from the nodes in the networks, the base station will find out the node which claims more than one location.If any node find out then the base node will broadcast the message in the network about the node and then that clone node will revoke from the network.The centralized method is easy but there are some drawbacks in this method.If base stations fail then the detection approach is also fails.If base station is compromised or blocked by attacker then attacker can upload any variety of replicas inside the network.The message/transmission cost is high in this method as all nodes broadcast the message towards the base station 5 .
The second method for detection of clone node is Distributed method in which detection of clone node is distributed among nodes.So the drawback of the centralized method is overcome by the distributed method.When a new node wants to join the network, its region claim is forwarded to the corresponding witness nodes.If any witness node gets two one-of-a-kind location claims for the identical node ID, then the position of clone node is detected 6 .

Clone Attack Detection in Static Sensor Nodes Centralized approach
There are following centralized method for detecting the clone nodes as:-

Straight forward Scheme
In this method, when a new sensor node wants to join the network, it first publicizes the message, which containing its location and identity, to the neighbors.The neighbors forward its location to the base station.With vicinity information from the nodes in the networks, the base station will find out the node which claims more than one location.If any node find out then the base node will broadcast the message in the network about the node and then that clone node will revoke from the network.
The centralized method is easy but there are some drawbacks in this method.If base stations fail then the detection approach is also fails.If base station is compromised or blocked by attacker then attacker can upload any variety of replicas inside the network.The message cost is high in this method as all nodes broadcast the message towards the base station 5 .

SeT Protocol
SET scheme is a centralized approach in which sub region are consisting by dividing the network.The network is divided such that node having one hop in the sub region.An elected node becomes a leader from a sub region.A tree is built up in such a way base station of the network become the root of it and leader become the node of the tree.To detect the clone node, the leader will send the identity of all the nodes from its sub region to its parent of tree.Then the parent node execute the intersection function of set on data receive from its child.If any non empty result comes then the clone node is detected and result is sent to the root node.Otherwise it forwards all information to its parent of tree 7 .

Pair wise Key Distribution
In this method, each node of the network is preloaded with random keys.These keys are used by node with certain pattern.The base station checks the key of each node when it receives the data from the nodes.It can detect the clone key by analyzing the authentication statics of the node 8 .

real Time Detection protocol
In this method, each node calculates its fingerprint based on S-disjoint code which is preloaded in each sensor node.After that node also calculate its neighbor fingerprint.The base station also computes the fingerprint of each node of the network.The node sends the data along with its finger print to the base station.The base station verifies the finger print of the node.Any false fingerprint of the node detected as clone node by the base station 9 .

Distributed approach
There are following distributed method for detecting the clone nodes in the static wireless sensor network.

Broadcast Protocol
This is a simple approach in which every node of the network broadcast its location with all its neighbors' ids.When any node gets this message, it will check the list with its neighbors.If any matching find, that clone node is revoked from the network 10 .

Deterministic Multicast (DM) Protocol
This method uses the claimer-reporter-witness approach.The node is called claimer when it broadcast its identity with its neighbor' ids.The reporters which perform the mapping function on claimer id.The neighbor of claimer sends its claim to the node called witness.If witness node obtains two different location claim of same node then clone node is detected 11 .

randomized Multicast (rM) Protocol
It is probabilistic algorithm which uses the claimerreporter-witness approach.In this method, the node location claim is randomly distributed among selected set of witness which is based on combination theory.If a node receives more than one claims of the same node with dissimilar locations, it uses these conflicting claims as indication for the node replication 12 .

Line Selected Multicast (LSM) Protocol
This method is similar to the RM method.The only difference between the RM and LSM is that LSM method forwards the location claim to addition witness node which is selected on base of routing topology.Clone node is detected through the intersection of paths generated of nodes with two unique node claims of equal ID and coming from distinct nodes 13 .

Localized multicast Single Deterministic Cell (SDC)
SDC method is based on localized multicast and variation of DM method.In this method, network is divided into small cells.The location claim of the node is sent to its cells reporter.The node pronounces its locality to each neighbor, which first checks the validity of the signature of the claimer.
Then each neighbor decides itself whether forwards the request to witness or not.If a neighbor wants to forward the request then it executes a geographic hash function to decide the destination location.
When the witness gets a location declare with the equal identification but a specific area compared to a formerly saved declares, it forwards each location claims to the base station.The base station revokes the clone nodes from the network by broadcasting the message.

Parallel Multiple Probabilistic Cells (P-MPC)
This method is similar to the SDC.In this method, the claimer message is forward to multiple deterministic cell reporters.When a node declares its location, each neighbor independently makes a decision whether to forward the request or not in the same manner as in SDC scheme 14 .

randomized efficient and Distributed (reD) Protocol
This method is combination of DM and RM.The location claim of the node is sent to its cells reporter.
The node pronounces its locality to each neighbor, which first checks the validity of the signature of the claimer.The witness node checks the request based on a pseudo random function of node's ID.Location claims with the equal node ID will be moved forward to identical witness nodes in the each detection section 15 .

Memory efficient Multicast Protocols Memory efficient Multicast using Bloom filters (B-MeM)
In this method, claimer request is randomly forwarded on a line segments.All the halfway nodes in the path serve as watchers even as the primary and ultimate node function witnesses.When the node receives the region claim, it plays the 2-section conflict check to discover warfare claims.

Memory efficient Multicast using Bloom filters and Cell forwarding (BC-MeM)
In this method, the network region is split into virtual cells.An anchor point is assigned for every node in each cell.The node close by to the anchor factor is referred to as anchor node.The claimer request forwarded to the anchor factor of the respective cell.
The message transmitted from one anchor node to every other till it reaches on the last mobile 16 .
hierarchical Distributed Algorithm (hDA) This method works in three steps.In first step, Clusters are consisting by dividing the network.
The network is divided such that node having one hop in the sub region.An elected node becomes a cluster head in a cluster.A tree is built up in such a way base station of the network become the root of it and cluster head become the node of the tree.Each transmission of the message is done through this tree.The clone node detection is completed by the cluster nodes by using of a Bloom filter mechanism 17 .
random Walk Based Protocols random Walk (rAWL) In the RAWL, each node publicizes a signed area claim.The neighbors of claimer probabilistically transmit the claim to randomly selected nodes.Each randomly selected node transmits the message containing the claim to start a random walk inside the community.If any witness gets specific location claims for a identical node ID.This will bring the detection of the cloned node.

Table Assisted random walk (TrAWL)
In this method, when a randomly selected node begins a random walk, all the surpassed nodes will nonetheless become witness nodes.They do now not surely save the place claim, as an alternative, they save the place declare independently.When receiving vicinity claim of a node will first discover the entries that have the same node ID in its table.
Then if any entry is located, the node will compute the digest of the claim and evaluate the digest.When digest are specific, the node detects a replicate node 18 .

Detection of Node Capture Attack (DNCA)
This method uses the idea that the bodily captured nodes aren't contributed inside the community from the captured duration to the redeployment period.The captured nodes no longer take part in any community operation during this era.This method measures the absence term of a sensor node and compares it to a predefined threshold.If it is more than to the threshold value, the sensor node taken into consideration as a captured node 19 .

Cell based identification of Node replication Attack (CiNOrA)
The network is divided into geographical cells similar to the cellular network.The location claimer of the node is dispensed among the subset of

Comparision Of Protocols
In this section, we will compare all the protocols of clone detection according to the type, type of approach, Computation overhead and type of scheme used.The Table 1 shows the comparison of the protocols.

Table 2 represents communication Table 1 : Comparison of Protocols
From the tables, we find out that SDC protocol has the low communication value than other protocols and RED protocol has the minimum communication overhead for large community.The SDC protocol has decrease memory overhead than other protocols.The RED and BC-MEM protocols have better detection probability than other protocols.The P-MPC protocol has greater resilience in opposition to node compromise than other protocols.