 Advances in Technology Innovation, vol. 2, no. 4, 2017, pp. 113 - 118 113 Securing Ad Hoc Wireless Sensor Networks under Byzantine Attacks by Implementing Non-Cryptographic Methods Shabir-Sofi 1,* , Roohie-Naaz 2 1 Department of Information Technology, National Institute of Technology Srinagar, India. 2 Department of Computer Sciences & Engineering, National Institute of Technology Srinagar, India . Received 10 December 2016; received in revised form 16 February 2016; accept ed 08 March 2017 Abstract Ad Hoc wire less sensor network (WSN) is a collection of nodes that do not need to rely on predefined infra - structure to keep the network connected. The level of security and performance are always somehow re lated to each other, therefore due to limited resources in WSN, cryptographic methods for securing the network against attacks is not feasible. By zantine attacks disrupt the communicat ion between nodes in the network without regard to its own resource consumption. This paper dis- cusses the performance of cluster based WSN co mparing LEA CH with Advanced node based clusters under byza n- tine attacks. This paper also proposes an algorithm for detection and isolation of the compromised nodes to mit - igate the attacks by non-cryptographic means. The throughput increases after using the algorithm for isolation of the ma licious nodes, 33% in case of Gray Hole attack and 62% in case of Black Hole attack. Ke ywor ds : byzantine attacks, cluster based wire less sensor network, advanced node, gray hole, black hole, non-cryptographic 1. Introduction Wireless Sensor Network (WSN) is a type of Ad Hoc networks having la rge nu mber of the nodes. The nodes of the WSN may be static or mobile as in case of other Ad Hoc networks. The wire less sensor networks pose unique challenges as the sensor nodes are limited in their energy, computation and communicat ion capabilities. A lso, the sensor nodes are deployed in inaccessible areas t o monitor physical environ ment. The sensor nodes may be thousands in nu mber to co llect ively mon itor an a rea. As a result, the e xisting security mechanisms are inadequate [1]. Since a ll the nodes in an area usually detect common phenomenon, this leads to high data redundancy. To save energy and prolong network lifetime , an effic ient way is to aggregate the raw data before they are transmitted to the base station as the sensor nodes are resource limited and energy co n- strained. Data aggregation is an essential paradigm to eliminate data redundancy and reduce energy consumption [2-3]. The leve l of security and performance are somewhat related to each other. A WSN applicat ion usually requires diffe rent functionalities, sensing, storing data, and data communicat ion. Sensing usually require a large number of nodes to ensure coverage and few resources on each node. In contrast, data transmission and data storage require more system resources . Data aggregation is an essential parad ig m to e liminate data redundancy and reduce energy consumption. The data ag-gregation is used in WSN to reduce the communication overhead and prolong the network lifetime. However, an adversary may co mpro mise some nodes and use them to forge fa lse values as the aggregation result. For securing data aggregation, we need to detect the malic ious nodes which add to overhead due to encryption, decryption and sharing of keys . Tiered network design with functional partit ion pro- longs network lifet ime instead of homogeneous network. Clustering in WSN, where groups of sensor nodes select their c luster head depending on the energy level [4 , 14] or in some applications the cluster can be fixed at the time of deployment [5]. Whether the cluster head is pre-decided or selected by the individual nodes of the group the network will be ad hoc in either case. For many applicat ions, the sensed readings are sens i- tive and thus demand for data security, confidentiality, integrity and freshness. However, the tight resource co n- straints of wire less sensors restrict the adoption of trad i- tional co mputation intensive algorith ms. A co mpro mised storage agent may reveal its saved readings, drop im- portant readings, compose forged data readings and reply old data readings. Without carefully designed security enhancements, the above attacks can leave the network useless in a hostile environment. There is no secure boundary in Ad Hoc networ ks, ma king the network sus- ceptible to attacks, since Ad Hoc networks suffer fro m all-weather attacks which may come fro m any node in the network. The re are other lin k attacks also which can jeopardize the Ad Hoc network [6]. These include eave s- dropping, active interfe ring and leakage of secret info r- mat ion, data tampering, message reply, message conta m- ination and denial of service attacks . The attacks where aim is to gain control over WSN nodes by some unrighteous means and then using these compro mised nodes to execute further malic ious actions. The threats of such attacks are usually fro m inside the network and these threats are more dangerous than the threats from outside the network. These attacks are diff i- cult to detect as they come fro m co mpro mised nodes , which behave well before they are comp ro mised. A good e xa mple of this type of threats comes fro m the potential Byzantine fa ilures encountered in the routing protocol for the ad hoc networks. In a By zantine fa ilu re, a set of nodes are comp ro mised in such a way that the incorrect and ma licious behaviour cannot be directly detected because of the cooperation among these compro mised nodes when *Corresponding aut hor. Email: address:shabir@nitsri.net T el.: +91-9419009971 Advances in Technology Innovation, vol. 2, no. 4, 2017, pp. 113 - 118 114 Cop y right © TAETI Cop y right © TAETI Cop y right © TAETI Cop y right © TAETI Cop y right © TAETI they perform ma licious behaviours. The compro mised nodes may seemingly behave we ll; however they may actually make us e of the fla ws and inconsistencies in the routing protocol to undetectable destroy the routing fabric of the network, generate and advertise new routing in- formation that contain non-existent link, provide fake lin k state information, o r even flood other no des with routing traffic. It is co mmon in ad hoc networks that benign failures such as path breakages, transmission impairments and packet dropping, happen frequently. Hence ma lic ious failures will be mo re difficult to detect especially when adversaries change their attack pattern and their attack target in different periods of time. 1.1. Attack s in Ad Hoc Network s There are nu merous types of attacks in ad hoc network, which may be classified into two types, externa l attacks and internal attacks. External attack, in which the attacker aims to cause congestion propagate fake routing info r- mat ion or d isturb nodes from providing services. In in- ternal attack, in wh ich the adversary wants to gain access to the network act ivities, either by some impe rsonation or by directly co mpro mising a current node and using it as basis to conduct its ma licious behaviors [7]. In an internal attack adversary can capture some nodes in the network and ma ke them look like benign nodes, these nodes join the network as the norma l nodes and begin to conduct the ma licious behaviors like propagating fake routing info r- mat ion and begin inappropriate priority to access some confidential informat ion [22]. The internal attacks are sometimes more severe threat to the security than externa l attacks as they are difficult to detect at an early stage. 1.2. Routing Attack s Routing attacks are classified into two categories: a t- tacks on routing protocols and attacks on packet fo r- warding. The ma in influences brought by the attacks on routing include network partit ion, route loop, resource deprivation and route hijack. Because of the mobility and constantly changing topology of the mobile ad hoc ne t- works, it is very difficult to validate all the route messages as a result, impersonating another node to spoof route message, advertising false route metric to misrepresent topology, flooding route discovery, modifying route reply message, generating bogus route error to disrupt a working route, suppressing route error to mislead others may occur. In packet forwarding/delivery selfishness and den i- al-of-Serv ice are the two main strategies applied for the attack. 1.3. Byzantine Attack s When a network device suffers a byzantine fault it is assumed to be controlled by an adversary who uses the device to disrupt the network [16]. The goal of the By z- antine node is to disrupt the communicat ion of other nodes in the network, without regard to its own resource co n- sumption. These cause Byzantine failu res which include the omission failures and commission failures. As for instance in omission failures if a node fail to rece ive a request or fail to send a response and in commission fail- ures if a node process a request incorrectly or sending an incorrect or inconsistent response to a request. In Ad Hoc networks, the By zantine attacks are as: Blac k Hole attack, Gray Hole attack, Flood Rushing attack and Wormhole attack. Wireless sensor networks are favorite targets of Byzantine attacks because of their limited dynamic t o- pology etc. [21]. 1.4. Black Hole Attack It is a basic Byzantine attack [9] where adversary stops forwa rding data packets, but still partic ipates in the routing protocol correctly. As a result, whenever the adversarial node is selected as part of a path by the routing protocol, it prevents commun ication on that path. Most routing pro- tocols are disrupted by Black Hole attacks because they render the normal methods of route maintenance useless . 1.5. Gray Hole Attack It is a special case of black hole attack where an at- tacker could create a grey hole, in which it is selectively drops some packets but not others, for exa mp le forwarding some packets but not data packets[10]. 1.6. Wormhole Attack If more than one node is compromised, it is reasonable to assume that these nodes interact in order to ga in an additional advantage. This a llo ws the adversary to perform a more effective attack. One such attack is By zantine Wormhole where two adversaries tunnel packets between each other in order to create a shortcut (or Wormhole) in the network. The adversaries can send a rou te request and discover a route across the Ad Hoc network, then tunnel packets through the non-adversarial nodes to execute the attack. The adversaries can use the low cost appearance of the wormhole links in order to increase the probability of being elected as part of the route and then attempt to dis- rupt the network by dropping all of the data packets. The Wormhole attack is strong attack which can be performed even if only two nodes are compromised . 1.7. Flood Rushing Attack A flood rushing attack [12] e xplo its the flood duplicate suppression technique used by many routing protocols. This attack takes place during the propagation of legit i- mate flood and can be seen as a “race” between the le- gitimate flood and the adversarial variant of it. If an a d- versary successfully reaches some of its neighbors with its own version of the flood packet before they receive a version through a leg itimate route, then those nodes will ignore the legitimate version and will propagate the a d- versarial version. Th is may result in the continual ab ility to establish an adversarial-free route, even when authentica- tion techniques are used. When a node wants to send a packet, it will send route request packet and if it receives a route reply first fro m a norma l behaving node, then ev erything will work fine. However, if it gets reply fro m an attacker node, all the packets will not reach the destination or there may be selective dropping. In both the cases the delivery ratio will decrease. Therefore, identification of such nodes is the first step in preventing their partic ipation in the data transfer. Also, a route reply fro m an attacke r node can Advances in Technology Innovation, vol. 2, no. 4, 2017, pp. 113 - 118 115 Cop y right © TAETI reach the source node earlier than a norma l node if it is near to the source node. Since each node in a homogen e- ous WSN, acts as router, the data transmission fro m source to the gateway occurs via diffe rent sensor nodes, while in case of heterogeneous network the indiv idual nodes may or may not participate in the routing process . The homogenous WSN can be treated as a special case of ad hoc networks where the number o f nodes is very large as compared to the ad hoc network. The detection and isolation of an attacker node is difficult. Also, the packet delivery ratio will be lesser. In heterogeneous WSN the nodes are grouped in clusters and each no de in the cluster transmits its data via the c luster head (CH) [4, 14]. Since the nodes in cluster are fewer as compared to the nodes in a homogeneous WSN the chances of detection and isolation of the attacker node are more. Karlof et a l. [13] proposed selective forwa rding attack for the first time in wire less sensor networks and suggested that multipath forwa rding to counter the attack. But, the algorith m fails to suggest a method to isolate the attacking node. Marti et a l. [11] p roposed a technique called Watchdog, in which a node continuously monitors the neighboring nodes to which the packet is sent and to check whether the packet is fo rwa rded or not. But the algorith m fails to detect the attacker in the presence of selective forwarding attack. 2. Comparison LEACH and advanced node In Fig. 1, LEA CH vs. Advanced node based network the probability of sustaining the black hole or gray hole attack is more in the advanced node based network as compared to LEA CH based network. Also the life cyc le of the nodes in Advanced node based network is more than the LEACH based network. During the cluster head s e- lection process and after becoming cluster head the node consume a lmost n+1 times the energy consumed by an individual sensor node. Since data aggregation as well as the routing of the other informat ion fro m and to the nodes is carried through the cluster head, in addition to its own sensing and data transmission which leads to quicker e n- ergy depletion. Fig. 1 Advanced node based protocol vs. LEACH protocol. (Energy in mah and time in days with 1 hour operation for each sensor node) 3. Results and discussion In this work, we develop a non-cryptographic type of defense by checking the forwarding of the upstream nodes by overhearing their transmission. We consider Ad Hoc on demand vector routing protocol to imple ment these a t- tacks . In the Black Ho le attack, a node will part icipate in routing but will drop a ll the packets it receive [11]. The ma licious node will a lways advertise in the network that it has a fresher route to the destination by setting the s e- quence number to a large value and will reply to the broadcast route request packet before other nodes send a reply. Thus, the attacker node will attract all the traffic in its transmission range towards itself and then drop the packets. This type of situation will decrease the packet delivery rat io, but at the same time the energy of the black node will decrease rapidly resulting in self-immo lation of the node. However, during the time o f the data transmis- sion the other nodes which send the packet to the black node will result in decrease of their energy due to repeated transmissions for the same packet. Th is will decreas e their energy and result in reduced life cycle of the node. In Gray Hole attack, the attacker node drop selective packets a c- cording to some criteria or randomly [4]. This type of attack is difficult to detect, especially in wireless scenario where pac kets are dropped because of the congestion, channel capacity etc. This a lgorith m is based on the probability of attack which depends on the ratio of number of packets to the nu mber of packets transmitted. If the probability of attack is greater than the probab ility of blac k hole attack and it is true twice then the attack is black hole attack and if the probability of attack is greater than the probability of gray hole attack and it is true twice then the Advances in Technology Innovation, vol. 2, no. 4, 2017, pp. 113 - 118 116 Cop y right © TAETI Cop y right © TAETI Cop y right © TAETI Cop y right © TAETI Cop y right © TAETI attack is gray hole attack. After the detection of the attack all the nodes are sent a broadcast not to include the node in any future routing for transmission of packets. The co m- plete algorithm for different scenario is given as under: Scenario: (As shown in Fig. 2) Case 1: Homogeneous ad hoc or wireless sensor network Wireless sensor network is a large network of sensors which have the ability to communicate with each other. These sensor nodes are transmitting the data from one sensor to another for further transmission to the sink node. In ad hoc networks Ad Hoc on demand vector is a source initiated advanced on demand routing protocol. Each sensor node has a routing table that stores the information of the next hop node to route the destination. When a source node wants to route a packet to sink node, it uses the specified route if a fresh route to the sink is not available otherwise it will update its table for shortest route by the route discovery using route request message to its neighboring nodes. In Gray-Hole at- tack the malicious node selectivity or randomly forwards packets passing through it. Sink node after receiving packet from the source node, unicast (route reply) message en -route neighboring node from which it receives the packet. In Black-Hole attack, the malicious node pretends as if it has the shortest path to the sink node and drops all the packets. Case 2: Heterogeneous wireless sensor network with LEACH based cluster head The wireless sensor network is partitioned into clusters and each cluster consists of a group of sensor nodes which may or may not transmit data to the destination via the neighboring nodes. Mostly, the nodes communicate directly with the cluster head. The cluster head is chosen which is having the maximum energy level amongst the cluster nodes. As in LEACH the process of selecting or electing a cluster head is repeated after a certain interval of time. The number of nodes in a cluster is less as compared to the case 1 [14]. But the Gray-Hole and Black-hole attack is possible if the nodes communicate with the cluster head via intermediate or neighboring nodes. Also, the attacks are possible if the node which acts as cluster head is compromised. The severity of the attack may be manifold as all the data packets from each and every node will be dropped. Case 3: Heterogeneous wire less sensor networks with Advanced Node as cluster head The wireless sensor network is partitioned into clusters as in case of case 2 but the cluster head is predefined and the advanced node which acts as a cluster head is presumed to have higher energy, processing power and range [5] as compared to the normal sensor nodes. The possibility of Gray-Hole and Black-Hole attacks is less as compared to the case 1 or case 2. As it will be difficult to compromise the cluster head which is responsible for the transmission of the data from the nodes to the gateway. All the nodes will d i- rectly communicate with the cluster head, but as a special case the nodes may also communicate with the cluster head via the intermediate or neighboring nodes within that cluster. In the earlier case, the probability of compromising a node is lesser. Also, it is possible to use the cryptographic algorithms like key exchange mechanisms between the nodes and the cluster head during data transmission. 4. Algorithm for detection and isolation of Byzantine nodes by non-cryptographic methods In either case of By zantine attacks, Gray -Hole o r Black-Ho le attack, the detection of the type of attack is first step. After we know the type of attack our ne xt pr i- ority is to identify the comp ro mised nodes in the network. The algorith m detects these nodes by non -cryptographic methods, checking the forwarding o f the nodes by ove r- hearing their transmission and isolation of these nodes so that cannot take part in routing. The scenario is shown in Fig. 2. Fig. 2 Gray-hole and Blac k-hole attack detection and iso- lation scenario 4.1. Assumptions Before the imp le mentation of the algorithm we have taken certain assumption. Since there are many other fa c- tors which could cause the change in the throughput which we have ta ken as solely by the by zantine attacks. Like con-gestion due to buffer overflow is not insignificant, as we need to restrict the upstream node fro m delivering packets when the downstream node does not have suffi- cient space. (b) In p ractical cases black hole attack may not drop all the packets; it has its dependence on other factors as well. (c ) As the signal power decreases the range is also decreased, but in case of WSN, the nodes are at a very short distances for a decrease in energy is no t affected too much e xtend as compared to long distance communication. (d) In mu lti-hop communicat ion each node maintains the table of the routing informat ion during the transmission of packets, but here each node will be having additionally the attack table, this may add some overhead to the packets . a. No packet is dropped due to buffer overflow b. Black-Hole attack drops all the packets it receives c. Range is not getting affected by decrease in the en ergy level of a node d. Each node will maintain an attack table Notation and parameters nid Node identifier nt Total no. Of packets transmitted by a node nd Total no. Of packets dropped by a node nL Total packet loss nL= nt- nd Pa Probability of packets successfully received Pb Probability of presence of Black-Hole Pg Probability of presence of Gray-Hole Pa= nL/ nt Nr Reporter node NA Attacker node CH Cluster Head Cid Cluster id Advances in Technology Innovation, vol. 2, no. 4, 2017, pp. 113 - 118 117 Cop y right © TAETI 4.1.1. Algorithm for homogeneous network For a particular interval: 1. Calculate value ofnL nL = nL - nd; 2. Define values of Pb and Pg //Threshold values as per the scenario 3. Calculate Pa Pa = nL/ nt; 4. If (Pa >= 2Pb){ Then broadcast packets to all Ns and Rs with nid of both reporter node and attacker node. Type –of-attack = B;} else if (Pa >= 2Pg){ Broadcast packets to all Ns and Rs with nid of both reporter node and attacker node. Type-of-atack = G;} Else if (Pa>Pg and Pa >Pb){ Broadcast packets to all Ns and Rs with nid of both reporter node and attacker node. Type-of-attack = G;} Else{ Print(“No attacker node found”); and broadcast nid of sender node to all Ns and Rs”. Type-of-attack = nil;} 4.1.2. Algorithm dedicated cluster head Assumption is that cluster heads are pre assigned with identified cluster nodes . For a particula r cluster and for a particular interval: 1. Assign a node CID with maximu m power 2. Calculate value of nL for that particular cluster nL = nt – nL; 3. Define value of Pb and Pg for a cluster 4. Calculate Pa Pa = nL/nt; 5. If (Pa >= 2Pb){ Broadcast packets to all Ns, rs and CH with nid of both Nr and NA Type-of-attack = B;} Else if (Pa >= 2Pg){ Broadcast packets to all other Ns, Rs and CH with nid of both Nr and NA Type-of-attack = G;} Elseif (Pa >Pg and Pa >Pb){ Broadcast to all Ns, Rs and CHs of cluster with n id of both Nr and NA Type-of-attack = G;} Else{ Print (“No attack found”) 4.1.3. Algorithm Heterogeneous Network Assumption is that network is div ided into clusters <=100. For a part icula r c luster and for a part icular interval: 1. Choose a node randomly as CH and assign Cid 2. Calculate value of nL for that particular cluster nL = nt – nd; 3. Define value of Pb&Pg for a cluster. 4. Calculate Pa Pa = nL/nt; 5. If (Pa >= 2Pb){ If (attacker nid = Cid of CH){ Broadcast packets to all other CHs with Cid of at- tacker CH Type-of-attack = B;} Else { Broadcast packets to all Ns, Rs and CH with nid of both Nr& NA. Type-of-attack = B;} Elseif( Pa>= 2Pg){ if (attacker nid = Cid) { Broadcast packets to all CHs with Cid of attacker CH Type-of-attack = G;} Else{ Broadcast packets to all Ns and Rs and to CH of cluster with nid of both Nr and Na Type-of-attack = G;} } Else if (Pa>Pg and Pa>Pb){ If(attacker nid = Cid){ Broadcast packets to all other CHs with Cid of at- tacker CH Type-of-attack = G;} Else{ Broadcast packets to all Ns, Rs& CH with nid of both Nr and na Type-of-attack = G;} } Else{ Print(“No attack found”); and broadcast nid of sender node to all Ns, Rs and CHs Type-of-attack = Nil; } 5. Results based on the algorithm for dete c- tion and isolation Fro m the simu lation results as is evident from the Fig. 4 throughput vs. time. In itia lly, we simu late the network with no attack; the throughput is 90-95%. Then, as we introduce the black hole attack in the network, throughput decreases to 3%-5%. Now, as the network uses the isola- tion algorith m, throughput increases to 67%. Simila rly in Advances in Technology Innovation, vol. 2, no. 4, 2017, pp. 113 - 118 118 Cop y right © TAETI Cop y right © TAETI Cop y right © TAETI Cop y right © TAETI Cop y right © TAETI case of gray hole attack, initia lly we simu late the network without attack and the throughput is 90 -95% . Then, we introduce the gray hole attack and the throughput de- creases to 35%-50%. After using the isolation algorithm the throughput increases to 88%. Fig. 3 time(s) vs. throughput (%) Fig. 4 time vs. throughput (%) 6. Conclusion As shown in Fig. 3 and Fig. 4, there is re ma rkab le improve ment in the throughput after using the proposed al-gorithm for isolation of the ma lic ious nodes. The alg o- rith m will be mo re suited to the applications were we require to have energy e fficient design. Since the a lg o- rith m is a non-cryptographic one and purely depend on the probability of packets successfully received, there fore probability of presence of blac k hole nodes and probability of presence of gray ho le nodes may vary in some cases. But the a lgorith m will be useful for the sensor networks where we can't use the cryptograph ic algorith ms to tackle the security proble m due to the fact that increased pro- cessing and communication time will increase the energy consumption. If we part itioned the network into clusters then the gray hole or the b lack hole attack will re main confined to its own cluster only without affecting the other clusters in the network till the cluster head itself is not compro mised. But if we use the advanced node in the network as a cluster head then the probability of cluster head to be compro- mised will be lesser due to the fact that the node is pred e- fined cluster head and we can also use the cryptographic mechanis ms like the key e xchange etc. for secure trans- mission with the processing to be done centrally at the cluster head (Advanced node), as it is having higher pro- cessing, commun ication and energy as compared to the member nodes of the cluster. References [1] A. Perrig, J. Stankovic, and D. Wager, “Security in wireless sensor networks ,” Communication of the ACM, vol. 47, no. 6, pp. 53-57, June 2004. [2] D. Estrin, R. Govindan, and J. Heidemann, S. Kumar, “Next century challenges: scalable coordination in sen- sor networks ,” Proc. ACM International Conf. Mobile Computing and Networking, ACM Press , 1999, pp. 263-270. [3] Y. Yu, B. Krishnamachari, V. K. Prasanna, “Ener- gy-latency tradeoffs for data gathering in wireless sensor networks ,” Proc. IEEE Co mputer and Communication Societies, IEEE Press , 2004. [4] S. E. Khediri, N. Nasri, A. Wei, and A. Kachouri, “A new approach for clustering in wireless sensors networks based on LEACH,” Procedia Computer Science, vol. 32, pp. 1180-1185, 2014. [5] S. A. Sofi and R. Naa z, “ Energy efficient routing pro- tocol for structured deployment of wireless sensor net- works ,” International Conf. Next Generation Networks, IET Press, September 2010, p. 10. [6] S. Sofi, E. Malik, R. Baba, H. Baba, and R. Mir, “Analysis of byzantine attacks in ad hoc networks and their mitigation,” International Conf. Computing and Information Technology, February 2012, pp.794-799. [7] W. Li and A. Joshi, “Security issues in mobile ad hoc net works - a survey,” https://pdfs.semanticscholar.org/b221 /99c61df5445836c5f1bbd0ea6f02dabefd6b.pdf, 2007. [8] Y. C. Hu, A. Perrig, and D. B. Johnson, “Rushing attacks in wireless ad hoc network routing protocols ,” Proc. 2nd ACM workshop on Wireless security , ACM Press , 2003, pp. 30-40. [9] C. Karlof and D. Wagner, “Secure routing in wireless sensor networks: attacks and countermeasures ,” Ad hoc networks , vol. 1, no. 2, pp. 293-315, 2003. [10] S. Marti, T. J. Giuli, K. Lai, and M. Baker, “Mitigating routing misbehavior in mobile ad-hoc networks,” Proc. 6th Annual International Conf. Mobile Computing and Networking, pp. 255-265, August 2000. [11] H. Li, K. Li, W. Qu, and I. Stojmenovic, “Secure and energy efficient data aggregation with malicious aggre- gator identification in wireless sensor networks ,” Future Generation Computer Systems, vol. 37, pp. 108-116, 2014. [12] Y. Zhao, Y. Zhang, Z. Qin, and T. Znati, “A co-commitment based secure data collection scheme for tiered wireless sensor networks ,” Journal of Systems Architecture , vol. 57, no. 6, pp. 655-662, 2011. [13] Manju, S. Chand, and B. Kumar, “Improved-coverage preserving clustering protocol in wireless sensor net- works ,” International Journal of Engineering and Tech- nology of Innovation, vol. 6, no. 1, pp. 16-29, 2016. [14] R. Duche and N. Sawade, “Energy efficient fault tolerant sensor node failure detection in WSNS,” International Journal of Engineering and Technology of Innovation, vol. 6, no. 3, pp. 190-210, 2016. [15] M. Abdelhakim, L. E. Lightfoot, J. Ren, and T. Li, “Distributed detection in mobile access wireless sensor networks under byzantine attacks,” IEEE Transactions on Parallel and Distributed Systems , vol. 25, no. 4, pp. 950-959, April 2014. [16] M. Young and R. Boutaba, “Overcoming adversaries in sensor networks: a survey of theoritical models and al- gorithm approaches for tolerating malicious interfer- ences ,” IEEE Communications Survey and Tutorials, vol. 13, no. 4, 2011.