Interleaved hop-by-hop authentication against false data injection attacks in sensor networks

Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects false data into the network with the goal of deceiving the base station or depleting the resources of the relaying nodes. Standard authentication mechanisms cannot prevent this attack if the adversary has compromised one or a small number of sensor nodes. We present three interleaved hop-by-hop authentication schemes that guarantee that the base station can detect injected false data immediately when no more than t nodes are compromised, where t is a system design parameter. Moreover, these schemes enable an intermediate forwarding node to detect and discard false data packets as early as possible. Our performance analysis shows that our scheme is efficient with respect to the security it provides, and it also allows a tradeoff between security and performance. A prototype implementation of our scheme indicates that our scheme is practical and can be deployed on the current generation of sensor nodes.

[1]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[2]  Rolf Blom,et al.  An Optimal Class of Symmetric Key Generation Systems , 1985, EUROCRYPT.

[3]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[4]  Moti Yung,et al.  Perfectly Secure Key Distribution for Dynamic Conferences , 1992, Inf. Comput..

[5]  Ronald L. Rivest,et al.  The RC5 Encryption Algorithm , 1994, FSE.

[6]  Mihir Bellare,et al.  XOR MACs: New Methods for Message Authentication Using Finite Pseudorandom Functions , 1995, CRYPTO.

[7]  Robert Szewczyk,et al.  System architecture directions for networked sensors , 2000, ASPLOS IX.

[8]  David E. Culler,et al.  SPINS: security protocols for sensor networks , 2001, MobiCom '01.

[9]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[10]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[11]  Deborah Estrin,et al.  GHT: a geographic hash table for data-centric storage , 2002, WSNA '02.

[12]  Sencun Zhu,et al.  LEAP: efficient security mechanisms for large-scale distributed sensor networks , 2003, CCS '03.

[13]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[14]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[15]  Shouhuai Xu,et al.  Establishing pairwise keys for secure communication in ad hoc networks: a probabilistic approach , 2003, 11th IEEE International Conference on Network Protocols, 2003. Proceedings..

[16]  Donggang Liu,et al.  Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks , 2002, NDSS.

[17]  Dawn Xiaodong Song,et al.  SIA: secure information aggregation in sensor networks , 2003, SenSys '03.

[18]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[19]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.

[20]  Shivakant Mishra,et al.  Security support for in-network processing in Wireless Sensor Networks , 2003, SASN '03.

[21]  Lingxuan Hu,et al.  Secure aggregation for wireless networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..

[22]  Haiyun Luo,et al.  Statistical En-route Detection and Filtering of Injected False Data in Sensor Networks , 2004, INFOCOM 2004.

[23]  Shivakant Mishra,et al.  Intrusion tolerance and anti-traffic analysis strategies for wireless sensor networks , 2004, International Conference on Dependable Systems and Networks, 2004.

[24]  Ross J. Anderson,et al.  Key infection: smart trust for smart dust , 2004, Proceedings of the 12th IEEE International Conference on Network Protocols, 2004. ICNP 2004..

[25]  Adrian Perrig,et al.  PIKE: peer intermediaries for key establishment in sensor networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[26]  Sencun Zhu,et al.  SDAP: a secure hop-by-Hop data aggregation protocol for sensor networks , 2006, MobiHoc '06.

[27]  O. Spaniol,et al.  Establishing Pair-wise Keys for Secure Communication in Ad-Hoc Networks Seminar: Pervasive Computing SS 2004 , 2022 .