Integrated Intelligent Research (IIR) International Journal of Communication and Networking System Volume: 05, Issue: 02, December 2016, Pages: 35 -39 ISSN: 2278-2427 35 OTBTA: An Optimized Trust Based Traffic Analyzer for Wireless Sensor Networks to Detect Malicious Activities Using Genetic Algorithm S.Vijayarangam 1 , A.Rajesh 2 1 Research Scholar,Department of Computer Science and Engineering,St.Peter’s University, Avadi, Chennai. 2 Professor & Head,Department of Computer Science and Engineering,C.Abdul Hakeem College of Engineering & Technology, Melvisharam, Vellore Dist. Email:skbvijay@yahoo.com,amrajesh73@gmail.com Abstract - Wireless sensor network is dynamic and follows multi-hop based communication, it is essential to provide an IDS software to avoid malicious behavior and data loss. The existing software like packet sniffer can sniff all or just parts of the traffic from a single node in the network. A few methods were proposed to avoid traffic narrowing using switches to gain access to traffic from other systems on the network but it is taking more time and cost. This paper discussed an Optimized Trust Based Traffic Analyzer (OOTBTA) for wireless sensor networks in order to provide an efficient intrusion detection system where the optimum trusted traffic is obtained by Genetic Algorithm. OOTBTA used as optimal intrusion detection system where it focuses on the packet sniffing and its working only for best trusted nodes in the network. OOTBTA observe the working behavior, packet format, timing and mainly optimally whether the nodes are trusted nodes or not. The simulation of OOTBTA is carried out in Network Simulation software and the results are compared with the existing IDS such as LBIDS and DAD results to evaluate the performance. Keywords - Intrusion Detection System, Packet Analyzing, Traffic Analyzer, Wireless Sensor Network, Trust Management. I. BACKGROUND STUDY Wireless sensor networks are classified into ad-hoc networks, cellular networks and hybrid networks. Ad-hoc networks are independent to infrastructure and use multi-hop communication, cellular networks are depending on infrastructure and uses single-hop links. While transmitting data through single-hop or multi-hop it is known that some of the un-known nodes are participating in the data transmission. Un-known nodes may change its behavior as malicious by itself or compromised by other malicious nodes occur in the network. WSN networks are applied in various serious areas such as military, ecology, building and industrial automation, surveillance monitoring and wild-life monitoring. In order to improve the efficiency of the WSNs as secured, the security aspects of the WSN should be considered. Because of the characteristics of the WSN, the available security methods are utilized only in traditional networks which cannot be applied directly into the network. This affects the research which aims to propose a novel high secured solution to WSN.The attacks in WSN are divided into external and internal attacks. The internal attacks performed from the devices inside the network, whereas the external attacks performed from the devices outside the network [1]. By applying authentication authorization, providing public key, private key these attacks can be controlled. Also the attacks can be classified into passive and active attacks [2]. Passive attacks are concentrating on collecting the sensitive information to destroy the data, whereas active attacks destroy the data directly. One of the main and important attacks behaves as active as well as passive is jamming attack [3, 4].Various research studies presented different mechanisms, techniques and IDS for providing secured data transmission in WSN. Some of the metrics decides the level of the software which decides the performance. According to the load of the system the grad of service (GoS) [5], performance metrics quality of service (QoS) [6, 7] is adopted to evaluate the systems.Most of the authors [8-10] concentrated on analyzing the data flow from source to destination instead of analyzing each individual node in the network. The behavior of the individual nodes can be analyzed by computing the attitude of the nodes. Leung et al [8] proposed a deterministic fluid model for analyzing the traffic of WSN. But this model avoids the behavior of the individual nodes and treats them as continuous fluid, and it takes more time only for analyzing process. Gribaudo et al. [9] proposed a method which monitors the behavior of large-scale WSN which is more complex to analyze, where the existing fluid approach finds difficult to analyze the traffic flow. Silvester et al. [11] proposed a slotted aloha protocol to employ the traffic flow among huge number of nodes in large-scale network. Franceschetti et al. [12] used a contention slot based data transmission to monitor the packets. Various studies discussed about the WSN deployment where those studies used for estimating the network lifetime [13-15]. Few existing studies also discussed about the network lifetime estimation [13, 16]. The works discussed in [13, 16] was extended for multi-hop communication described in [17]. The author in [18] set a lower bound and upper bound values to investigate the network lifetime. A duty cycle based WSN is investigated by the author in [19]. A new MAC protocol discussed in [20] analyzes the issues in terms of network lifetime in WSN. II. PROBLEM STATEMENT Several approaches were proposed as intrusion detection system, but all the systems so far are not completely flawless. So still finding a good solution for intrusion detection continues. In this searching, here it is aimed to propose a complete solution through a trust based IDS where nodes are completely converted as trusted nodes during the communication and then traffic data, function and participating nodes are analyzed among source and destination nodes. The existing GA based IDS [21] evaluate the parameters as optimum in order to filter only the traffic data with low complexity. But GA based IDS suites mainly for large scale networks and there is a need for a common solution suitable to all kind of networks (small scale to large scale).Some of the existing approaches use GA for deriving classification rules