DOI:10.21884/IJMTER.2016.3115.MPSX2 293 ESTIMATION BASED FRAMEWORK FOR IDENTIFYING MALICIOUS DATA INJECTIONS IN WIRELESS SENSOR NETWORKS Sailaja Gokavarapu, M.Tech 1 and Md. Abdul Azeem, Associate Professor 2 1, 2 Department of CSE, MVSR Engineering College, Nadergul, Hyderabad Abstract— Wireless Sensor Networks are widely advocated to monitor environmental parameters, structural integrity of the built environment and use of urban spaces, services and utilities. However, embedded sensors are vulnerable to compromise by external actors through malware but also through their wireless and physical interfaces. Compromised sensors can be made to report false measurements with the aim to produce inappropriate and potentially dangerous responses. Such malicious data injections can be particularly difficult to detect if multiple sensors have been compromised as they could emulate plausible sensor behaviour such as failures or detection of events where none occur. A novel algorithm is proposed to identify malicious data injections and build measurement estimates that are resistant to several compromised sensors even when they collude in the attack. A methodology is also proposed to apply this algorithm in different application contexts and evaluate its results. The algorithm consists of three phases viz., Estimation, similarity check and characterization. In similarity check, there are two tests that capture the characteristics of most event detection criteria. The magnitude test verifies that reported measurements are close in magnitude to their estimates. The shape test verifies that the estimate and reported signal have a similar shape. Base work only concentrated on the detection of malicious data injections, the entire process is centralized and is being carried out at the base station. The base work is enhanced to distributed architecture. As it is an in-network process, the process of detection of malicious injections is evenly distributed in the network. In order to avoid transmission of malicious data through the network nodes and to curtail the energy wastage in network, the detection is done at the cluster head level itself by maintaining the accuracy using the LEACH characteristic. Keywords—security management; adhoc and sensor networks; statistical methods; Malicious data injections; measurements analysis I. INTRODUCTION wireless Sensor Networks are spatially distributed autonomous sensors to monitor physical or environmental condition, such as temperature, sound, pressure, etc and to co-operatively pass their data through the network to a main location. They are often used to detect events occurring in the physical space across different applications such as military surveillance[1], health[2], and environment (e.g. Volcano)[3] monitoring etc. Although these applications have different tasks, they all collect sensor measurements and interpret them to identify events, i.e., particular conditions of interest followed by a remedial response. Such response may have significant consequences and cost. Therefore, the measurements leading to the event detection, become a critical resource to secure. When the measurements are somehow replaced or modified by an attacker, we deal with malicious data injections. The attacker may make use of the injected data to elicit an event response, such as evacuation in case of fire, when no event has occurred, or mask the occurance of a true event, such as the trigger for an intrusion alarm. Different means for obtaining control over the measurements are possible. A wireless sensor network (WSN) consists of sensor nodes capable of collecting information from the environment and communicating with each other via wireless transceivers. The collected data will be delivered to one or more sinks, generally via multi-hop communication. The sensor nodes are typically expected to operate with batteries and are often deployed to not-easily-