Abstract-In wireless sensor networks, since a CH gathers data from members and delivers the gathered data to the sink, preventing a compromised node from being a CH is very important. Even though unveiling the CH election process enhances the security of network, it cannot prevent compromised nodes from declaring themselves as CHs without qualification. In this paper, we propose a scheme which identifies the compromised nodes by evaluating the trust level of members and excludes untrustworthy nodes every CH election round. Our analyses show that our scheme outperforms the scheme which only unveils the CH election process without filtering.Index Terms-Secure cluster head election, trust-based election, clustering, wireless sensor network.
I. INTRODUCTIONA cluster structure is generated by transforming a physical network into logical groups of nodes which are called clusters [1]. Wireless sensor networks frequently adopt the cluster structure to save energy consumption of nodes and to extend the network longevity. If a cluster needs a local coordinator which is called CH (Cluster Head), a node is selected as a CH among the members. Because a CH node not only gathers the data from the normal nodes but also sends the gathered data to the sink, it becomes a compromise target for attackers [1]. Even worse, if all CHs are compromised by attackers, the attackers get the whole control of the network. For such a reason, CHs should be changed as frequently as possible and it is desirable to elect a new CH in a periodic manner. That is why many secure CH election schemes [2]- [5] have been proposed up to now.Recently, Holczer et al. proposed an anonymous CH election scheme [5] where a member never knows which node is going to be a CH except the existence of a CH declaration node. However, this scheme unfortunately allows a compromised node to arbitrarily declare itself as a CH. This is because this scheme does not evaluate the trust level of members and does not evict the untrustworthy nodes from CH candidates. Even worse, if a node is compromised by an attacker, the compromised node can continuously declare itself as a CH in later election rounds. Gicheol Wang is with the Agency for Defense Development, Daejeon 305-152, Korea (e-mail: gcwang@ add.re.kr).Gihwan Cho is with the Div. of Computer Science and Engineering Cloud Open R&D Center, Chonbuk Nat'l University, Jeonbuk, Jeonju 561-756, Korea (e-mail: ghcho@chonbuk.ac.kr).In this paper, we try to resolve the problem as follows. First, our scheme evaluates the trust value of members by tallying their CH fulfillment frequency. Since the compromised nodes undoubtedly try to become a CH, their CH fulfillment frequency and trust value are going to become smaller with the lapse of time. For every CH election round, our scheme expels some untrustworthy members from CH candidates to mitigate the threat of compromised nodes.We organize our paper as follows. Section II briefly describes previous work dealing with secure CH election. In Section III, the network and threat model is ...