1. Introduction
Location information of sensor nodes in a wireless sensor network (WSN) is considered important due to several factors. For example, the data gathered by the sensor nodes must be labeled with the coordinates of the geographic location from where these are collected. Without location information, the data may not make much sense ^{[1]}. Examples of such applications where position information is significant include area surveillance ^{[2]}, habitat monitoring ^{[3]}, agricultural monitoring ^{[4]}, and rescue operations ^{[5]}. Position information also enables the WSN to make route decisions in the case of certain routing protocols. Using such routing decisions, the data may be routed, for example, to the closest sink ^{[6]}. Transmission and communication costs are reduced in this way and the network is energy efficient. Location information also enables the sensor nodes to self organize and form an optimized WSN ^{[7]}.
Due to aforementioned significance of location information, unknown sensor nodes, i.e., the sensor nodes which do not know their positions, employ a localization algorithm to estimate their position coordinates in the sensor network ^{[8]}. By using a localization algorithm, the unknown sensor nodes usually estimate their positions with the help of a few beacon nodes ^{[9]}. The beacon nodes, also called anchor nodes, reference nodes, or landmark nodes, know their position coordinates a priori either because these are deployed at known positions or are equipped with a location finding device, such as a global navigation satellite system (GNSS) receiver. A number of localization algorithms for WSNs have been proposed in the literature. A localization scheme for WSN proposed in ^{[10]} relies on Voronoi diagrambased grouping tests. This approach involves dividing the sensor nodes in a WSN into several groups and utilizing the closest corresponding Voronoi cells to determine location information. A localization method for WSN which does not need anchor nodes and instead uses cross technology for communication has been proposed in ^{[11]}. Instead of using anchor nodes, the method exploits the position information of wireless fidelity (WiFi) access points (APs) for range estimation. Once an unknown node has ascertained its position, it helps other unknown nodes to estimate their positions. A localization algorithm based upon a selection strategy of appropriate beacon nodes has been proposed in ^{[12]}. The algorithm uses the signal strength information between the nodes for the selection strategy. With the help of signal strength information topology diagram of a set of nodes is formed. This diagram is then further exploited for position estimation. Localization in WSN is an active area of research and many other location estimation algorithms have also been proposed, such as ^{[13]}^{[14]}^{[15]}^{[16]}^{[17]}^{[18]}^{[19]}.
The majority of these localization algorithms do not take security into consideration. Therefore, these algorithms are prone to various types of security attacks. As a result of these attacks, different types of problems may arise in the localization process. The positions estimated by some of the sensor nodes may have large errors. It is also possible that some nodes are not able to estimate their positions at all due to a security attack. To counter these problems, security measures and secure localization algorithms are being proposed. Two secure localization algorithm against different types of security attacks have been presented in ^{[20]}. The first algorithm, named improved randomized consistency position algorithm, exploits position information of beacon nodes and particle swarm optimization (PSO) for localization of unknown nodes. The second algorithm, referred to as the enhanced attackresistant secure localization algorithm, utilizes a combination of methods, including a voting system, location optimization, and PSO, to estimate the positions of sensor nodes whose locations are unknown. The method proposed in ^{[21]} utilizes a blockchain based trust management model to combat malicious nodes in a sensor network. The trust evaluation is composite and involves behavior and data for this purpose. Different parameters, such as honesty, closeness, frequency of interaction, and intimacy, are used for the evaluation of behaviorbased trust of the beacon nodes. Honesty is measured using the number of successful and unsuccessful interactions among sensor nodes. The number of sensor nodes covered by a beacon node in one hop neighborhood determines the closeness factor. The frequency of interaction is dependent upon total number of interactions between beacon nodes. Intimacy is quantified by the time of interaction. The beacon nodes with the least trust values are discarded to ensure localization reliability. A received signal strengthbased localization algorithm for a WSN with malicious nodes has been proposed in ^{[22]}. The algorithm uses different localization techniques, i.e., weighted least square, secure weighted least square, and two normbased techniques. The different techniques are meant to counter different types of security attacks.
Traditionally, cryptography is used to counter different types of security attacks in various categories of networks. However, conventional cryptography may not be used in resource constrained networks, such as WSN. Therefore, lightweight cryptography techniques have been proposed for such networks. A lightweight public key infrastructure (PKI) has been proposed in ^{[23]} for networks with limited resources, such as the Internet of things (IoT) and WSN. PKI is a security system that uses encryption to authenticate the identity of devices and secure the communication between them. However, the PKI was not designed for devices with constrained resources. Therefore, the conventional PKI system may also not be deployed in networks, such as WSN and IoT, where the devices have small energy resource in the form of a battery, limited memory and storage, and small processing power. The work in ^{[23]} has developed a lightweight public key infrastructure (PKI) for registration and distribution of digital certificates in networks with highly constrained devices. The proposed lightweight PKI can be used to secure IoT and WSN devices in a variety of industries, such as healthcare, industrial, transportation, and smart cities. An aggregate signature technique based on a linearly homomorphic signature for resource constrained electronic healthcare system has been proposed in ^{[24]}. By combining the advantages of aggregate signature and linearly homomorphic signature, this method offers benefits from both. Under the security model, an aggregate signature is considered valid only if each individual signature utilized to construct the aggregate signature is also valid. Lightweight security algorithms have been used in ^{[25]} for reliable data collection from healthcare WSN and to improve security efficiency. The scheme uses elliptic curve digital signature algorithm with BLAKE2bp for the security. Privacy of the patients is ensured by masking the sensor identifications with pseudonyms. Similar works, such as ^{[26]}^{[27]}^{[28]}^{[29]}^{[30]} have proposed lightweight cryptography techniques for WSN and IoT.
2. Related Work
The work in ^{[31]} proposed to secure the DVHop localization algorithm against wormhole attacks. The wormhole attack is usually carried out by more than one node in the network. One of the malicious nodes collects and forwards data from the compromised nodes through a tunnel to another malicious node located somewhere else in the network. The secondary malicious node then may transmit the data to the destination while masquerading the identity of the compromised nodes. In this way, the receiving node may be lead to believe that the sender is located at a different hop count other than the actual value. As a result, the localization process may be severely disrupted and the reported positions may have large errors.
Chen et al. analyzed the impact of the wormhole attack and thereby proposed a labelbased secure DVHop scheme to mitigate this attack in ^{[31]}. The proposed method consists of three phases. In the first phase, the beacon nodes are labeled according to their geographic locations. Next, in the second phase, the sensor nodes are differentiated and labeled according to beacon node labeling results. By exploiting these labels, malicious wormhole communication links between the nodes can be prevented. In the final and third phase, the localization process may be completed by using the DVHop. This scheme, however, does not take packet loss into consideration. Moreover, it assumes that all nodes have the same transmission radii and does not consider the scenario where different nodes may have different transmission coverage.
Another secure localization algorithm, which is based on DVHop and provides defense against the wormhole attack was presented in ^{[32]}. This considers the default wormhole attack with an out of band hidden channel and without data modification. All the nodes in the network are aware of their identification numbers except for the attack nodes. The proposed scheme comprises three stages, i.e., detection of the wormhole attack, resistance against the wormhole attack, and error sources analysis. At first, the proposed scheme establishes a neighbor node relationship list through a broadcast mechanism. The suspect nodes are then identified by comparing the actual number with the theoretical number of nodes. Further, to isolate the actually attacked beacon nodes, the suspect nodes estimate distances from other nodes in their neighbor node relationship list. After the victim nodes have been identified, the attacked nodes mark themselves as either type 1 or type 2 depending upon the attacker node and assuming that there are only two types of attacker nodes in the network. Next, the unknown nodes also mark themselves as either type 1 or type 2 according to their neighbor nodes relationship list. Finally, the nodes marked as type 1 disconnect from nodes marked as type 2 and vice versa to mitigate the wormhole attack. After the attack has been mitigated the localization can be performed. The main limitation of this proposed scheme is that the attack model considers only two attacker nodes. Information modification is also not considered in the attack model.
Prashar et al. proposed a secure localization algorithm for WSN using digital signatures in ^{[33]}. At first, the private and public key pair for each node are created. Next, digital signatures for the nodes are generated so that the nodes can authenticate each other. After this, secure localization is performed based upon a procedure derived from DVHop. In the DVHop localization algorithm, the essential steps for node localization are, hop count determination, average hop size calculation, distance estimation and position determination using trilateration. However, the method proposed in ^{[33]}, uses a scheme called hyperbolic and midperpendicular with centroid to estimate the node positions. If the unknown node is an immediate neighbor of an anchor node, then the mid perpendicular with centroid method is used. Otherwise, hyperbolic scheme is leveraged for position determination.
Another secure localization algorithm for WSN was presented in ^{[34]}. The work proposes a malicious node detection algorithm and also presents its extended version. The proposed algorithm, which is rangebased, has four stages. In the first stage, the location data of an unknown are obtained using trilateration. In the second stage, the location data are divided into normal and abnormal clusters using selfadaptive densitybased spatial clustering of applications with noise. Next, in the third stage, the reference error interval is calculated for the difference between two separate distance measurements based on time of arrival and received signal strength of the reference node. In the final fourth stage, a sequential probability ratio test is performed to test the difference between two measured distances of the suspected malicious node. After all these four stages have been completed, the malicious nodes are detected and the information provided by these malicious nodes can be discarded and the locations of the unknown nodes can be estimated through multilateration.
A secure localization algorithm against the Sybil attack was proposed in ^{[35]}. In the Sybil attack, a malicious node may monitor, listen, capture, and modify the data in a network. As a result, the malicious node is able to forge and present multiple identities to the other nodes in the network. This is accomplished by either generating false identities or by simply stealing and spoofing identities of other legitimate nodes on the network. The nodes with forged identities are usually referred to as the Sybil nodes ^{[36]}. The Sybil nodes communicate with other nodes in the network using the forged identities and propagate false information. As a result, the integrity of the data in the network is compromised and network functions based upon this false information are severely damaged. The work in ^{[35]} proposed a defense against the Sybil attack which is based upon number allocation and neighbor nodes guarantee. Each node in the network is allotted a number by guaranteed nodes. The number acts as the identity of the node and is verified by its guaranteed node. As a result, any malicious nodes which are not able to present a valid number can be identified and isolated thereby securing the network and the localization process.
Another work in ^{[37]} has proposed secure localization using DVHop against the Sybil attack. In this proposed method, the beacon nodes broadcast test information. The replies from the neighbor nodes are monitored and a neighbor list is established. If a node has a different neighbor list, then it is concluded that the node is under Sybil attack. If the node has the same neighbor list, then the hop difference between the nodes in the neighbor list is determined. If the hop difference is zero, then it is concluded that the node is under Sybil attack. All the nodes which are found to be under the attack are added to a black list. All the remaining nodes then estimate their positions using the DVHop localization algorithm. This proposed method provides protection against only Sybil attack and does not provide defense against other types of attacks on the confidentiality, integrity, and availability of information.
3. Network Model
Two types of nodes are deployed in the WSN. The beacon nodes, also known as anchor, landmark or reference nodes, are fixed nodes which know their exact position coordinates. This is possible because these beacon nodes are equipped with navigation devices, such as a global positioning system (GPS), which is a type of global navigation satellite system (GNSS) or because the beacon nodes are deployed at known position coordinates. The other type of nodes in the sensor field are the sensor nodes which perform the sensing and collect the required data. These nodes are not aware of their location. Therefore, these nodes are usually termed as unknown nodes. Alternatively, some literature may refer to these nodes with less plausible names, such as dumb nodes or blind nodes. The unknown nodes estimate their positions with the help of the beacon nodes using a localization algorithm.
The localization algorithm to be used by the unknown nodes is DVHop ad hoc positioning system. An assumption is made that all nodes in the network have the same radio range. However, the radio range of the unknown nodes is greater than their sensing range. This results in a higher sensing granularity of the WSN, allowing the transmission of sensed data over longer distances. Additionally, all nodes are outfitted with omnidirectional antennas, enabling them to communicate equally well in all directions.
where
Bi∈B={B1,B2,B3,⋯,BL}. So,
Bi is a member of
B, where the number of beacon nodes in the set is
L. The position of a beacon node
Bi is given by
(xBi,yBi). Similarly, researchers represent an arbitrary unknown sensor node as
Ui, where
Ui∈U={U1,U2,U3,⋯,UN}. Therefore, there are
N unknown sensor nodes in the set
U which are deployed in the sensor field. The actual position of an unknown node
Ui is represented using
(xUi,yUi), whereas the estimated position is denoted by
(x^Ui,y^Ui). Each node in the network is preinstalled with a secret key
K for encryption and decryption using secret key cryptography. Each node also generates a public and private key pair using an asymmetric encryption algorithm. The network also operates a lightweight public key infrastructure (PKI) for secure management and distribution of the public keys. Secret key encryption is used to ensure confidentiality whereas public key encryption is employed for authentication of hash values only as the latter encryption technique is computationally expensive
^{[38]}. The cryptographic keys are stored using a secure storage mechanism
^{[39]}^{[40]}^{[41]}^{[42]}^{[43]}^{[44]}, such as a hardware security module.
The malicious nodes can launch one or a combination of security attacks to disrupt the network operations and localization system. It is considered that the malicious nodes are able to use different types of attacks, including wormhole, tampering, Sybil, traffic replay, and selective forwarding attacks. In the wormhole attack, the malicious nodes create a tunnel between two points in the network. Packets are captured at one point and tunneled to the other point. In the tampering attack, a malicious node modifies the contents of the intercepted packets, such as changing of beacon node position coordinates in the beacon message. Consequently, the position estimated by the unknown nodes is not correct. In the Sybil attack, a malicious nodes uses forged identities to spread false information and disrupt localization system and network operations. A malicious node can intercept and capture packets in a network communication and then later replay the packets to impersonate the identity of one of the nodes involved in the original communication. This type of attack falls in the category of traffic replay attack. In the selective forwarding attack, a malicious node selectively forwards some of the packets while dropping the other packets.
4. Distance Vector Hop Localization
The DVHop algorithm uses distributed processing. To estimate its location, each unknown node calculates its distance from three or more beacon nodes and then uses multilateration to calculate position coordinates. In a multihop sensor network, an unknown node may not have direct communication link with three beacon nodes. In other words, the unknown node may be more than one hop away from the beacon nodes. To address this problem, the DVHop localization algorithm leverages the connectivity information and the hop count to estimate the distance of an unknown node which may be at a multihop distance from the beacon node. Similar to the nature of operation of distance vector (DV) routing protocols, the DVHop localization algorithm uses flooding to propagate information in the multihop sensor network ^{[45]}. Beginning with the beacon nodes, each of the nodes propagates information only to its immediate first hop neighbors. Leaving out the next hop nodes saves bandwidth and power making the approach suitable for WSNs with limited resources. The signaling complexity of this scheme depends upon the number of beacon nodes in the sensor field and average degree of each node, i.e., the number of single hop neighbors of a node.
All the unknown and the beacon nodes in the WSN maintain a table with an entry corresponding to each of the beacon nodes from which it receives messages. The entry is of the form {xBi,yBi,hi}, where (xBi,yBi) are the position coordinates of the beacon node Bi and hi is the hop count of the node maintaining the table from the beacon node Bi. To obtain the hop count, the hop count field in the beacon message is incremented as the message is transmitted from the beacon node to its nearest neighbor nodes and so on. The beacon nodes in the WSN also maintain this table. After a beacon node Bi has obtained position information and hop count of all other beacon nodes Bj from which it receives messages, it proceeds to ascertain the average size of a hop ^{[46]} as follows,
$$\begin{array}{c}{c}_{i}=\frac{\sum \sqrt{{({x}_{Bi}{x}_{Bj})}^{2}+{({y}_{Bi}{y}_{Bj})}^{2}}}{\sum {h}_{j}},\end{array}$$
for all beacon nodes
Bj and
Bj≠Bi. The numerator of Equation (
1) is the sum of the distances between a beacon node
Bi and other beacon nodes
Bj. The denominator is the sum of hop counts between the beacon node
Bi and other beacon nodes
Bj. Therefore, Equation (
1) gives average size of a hop as the sum of distances divided by the sum of hop counts. The DVHop algorithm terms this average size of the hop
ci, calculated by the beacon node
Bi
, as the correction factor. Using controlled flooding, this correction factor is propagated through the network as described earlier. After receiving the correction factor and with the knowledge of position coordinates of at least three beacon nodes, an unknown node performs multilateration to estimate its own position information. The steps involved in the position estimation using the DVHop ad hoc positioning system are summarized as follows:

At the beginning of the algorithm, the beacon nodes transmit their location data to their nearest neighbor nodes in the first hop.

All the other nodes in the network receive and propagate the beacon node position coordinates using the same method as the distance vector routing protocol. The intermediate nodes increment the hop count field as they propagate the information to the next hop neighbor. Eventually, all the nodes in the network obtain the position coordinates of all the beacon nodes along with the hop count to these beacon nodes.

After a beacon node has obtained position coordinates of other beacon nodes and the hop count to them, it computes the average hop size using Equation (
1).

A beacon node propagates its computed average hop size as correction factor throughout the network using the controlled flooding approach of the DV protocol.

Once an unknown node receives the correction factor, it calculates the distance to the beacon node from which it received the correction factor. The distance is calculated by multiplying the hop count to the correction factor, i.e., hi×ci. After knowing the position coordinates of at least three beacon nodes and distance estimates to them, the unknown node performs multilateration to estimate its position.
It should be noted that the correction factor calculated by one beacon node may differ from the correction factor computed by another beacon node. Moreover, each unknown node will receive different correction factors from different beacon nodes. The DVHop ad hoc positioning system ^{[46]}^{[47]} suggests that, for position estimation, an unknown node should store and utilize the initial correction factor it receives and disregard any other correction factors received subsequently.