Bloom Filter-Based Secure Data Forwarding in Large-Scale Cyber-Physical Systems

Cyber-physical systems (CPSs) connect with the physical world via communication networks, which significantly increases security risks of CPSs. To secure the sensitive data, secure forwarding is an essential component of CPSs. However, CPSs require high dimensional multiattribute and multilevel security requirements due to the significantly increased system scale and diversity, and hence impose high demand on the secure forwarding information query and storage. To tackle these challenges, we propose a practical secure data forwarding scheme for CPSs. Considering the limited storage capability and computational power of entities, we adopt bloom filter to store the secure forwarding information for each entity, which can achieve well balance between the storage consumption and query delay. Furthermore, a novel link-based bloom filter construction method is designed to reduce false positive rate during bloom filter construction. Finally, the effects of false positive rate on the performance of bloom filter-based secure forwarding with different routing policies are discussed.

[1]  Panagiotis Papadimitratos,et al.  Secure link state routing for mobile ad hoc networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..

[2]  Ning Lu,et al.  Smart-grid security issues , 2010, IEEE Security & Privacy.

[3]  Jie Wu,et al.  The Dynamic Bloom Filters , 2010, IEEE Transactions on Knowledge and Data Engineering.

[4]  Bharat K. Bhargava,et al.  A role-based access in a hierarchical sensor network architecture to provide multilevel security , 2008, Comput. Commun..

[5]  Abhishek Kumar,et al.  Efficient and scalable query routing for unstructured peer-to-peer networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[6]  Siddharth Sridhar,et al.  Cyber–Physical System Security for the Electric Power Grid , 2012, Proceedings of the IEEE.

[7]  Mohsen Guizani,et al.  A survey of secure mobile Ad Hoc routing protocols , 2008, IEEE Communications Surveys & Tutorials.

[8]  Robin Kravets,et al.  Security-aware ad hoc routing for wireless networks , 2001, MobiHoc '01.

[9]  H BloomBurton Space/time trade-offs in hash coding with allowable errors , 1970 .

[10]  Sasu Tarkoma,et al.  Theory and Practice of Bloom Filters for Distributed Systems , 2012, IEEE Communications Surveys & Tutorials.

[11]  Louise E. Moser,et al.  RMR: Reliability Map Routing for Tactical Mobile Ad Hoc Networks , 2011, IEEE Journal on Selected Areas in Communications.

[12]  Alhussein A. Abouzeid,et al.  Weak State Routing for Large-Scale Dynamic Networks , 2007, IEEE/ACM Transactions on Networking.

[13]  Minlan Yu,et al.  BUFFALO: bloom filter forwarding architecture for large organizations , 2009, CoNEXT '09.

[14]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[15]  Wolfgang Kellerer,et al.  Castor: Scalable Secure Routing for Ad Hoc Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[16]  Olaf Landsiedel,et al.  Let the tree Bloom: scalable opportunistic routing with ORPL , 2013, SenSys '13.

[17]  Yunhao Liu,et al.  On the Feasibility of Gradient-Based Data-Centric Routing Using Bloom Filters , 2014, IEEE Transactions on Parallel and Distributed Systems.

[18]  Deepinder Sidhu,et al.  Open shortest path first (OSPF) routing protocol simulation , 1993, SIGCOMM '93.

[19]  Ming Gu,et al.  USOR: An Unobservable Secure On-Demand Routing Protocol for Mobile Ad Hoc Networks , 2012, IEEE Transactions on Wireless Communications.

[20]  Edward A. Lee Cyber Physical Systems: Design Challenges , 2008, 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC).

[21]  O. Sami Saydjari Cyber defense: art to science , 2004, CACM.

[22]  Heejo Lee,et al.  This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. INVITED PAPER Cyber–Physical Security of a Smart Grid Infrastructure , 2022 .

[23]  Brad Karp,et al.  GPSR: greedy perimeter stateless routing for wireless networks , 2000, MobiCom '00.

[24]  Wenjing Lou,et al.  Multi-user Broadcast Authentication in Wireless Sensor Networks , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[25]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.

[26]  David E. Taylor,et al.  Longest prefix matching using bloom filters , 2006, TNET.

[27]  Bruno Sinopoli,et al.  Challenges for Securing Cyber Physical Systems , 2009 .

[28]  Yih-Chun Hu,et al.  SEAD: secure efficient distance vector routing for mobile wireless ad hoc networks , 2003, Ad Hoc Networks.

[29]  Emin Gün Sirer,et al.  A stateless approach to connection-oriented protocols , 2008, TOCS.

[30]  Deborah Estrin,et al.  Guest Editors' Introduction: Overview of Sensor Networks , 2004, Computer.

[31]  Kin K. Leung,et al.  A Trustworthiness-based QoS routing protocol for wireless ad hoc networks , 2009, IEEE Transactions on Wireless Communications.

[32]  Zhongcheng Li,et al.  Design and performance study of a Topology-Hiding Multipath Routing protocol for mobile ad hoc networks , 2012, 2012 Proceedings IEEE INFOCOM.

[33]  Andrei Broder,et al.  Network Applications of Bloom Filters: A Survey , 2004, Internet Math..

[34]  Shudong Jin,et al.  Exploiting dynamic querying like flooding techniques in unstructured peer-to-peer networks , 2005, 13TH IEEE International Conference on Network Protocols (ICNP'05).

[35]  Andreas Steffen Security in Embedded Systems , 2005, The Industrial Information Technology Handbook.

[36]  Srivaths Ravi,et al.  Security in embedded systems: Design challenges , 2004, TECS.

[37]  Baruch Awerbuch,et al.  Approximate distributed Bellman-Ford algorithms , 1994, IEEE Trans. Commun..

[38]  Haiyun Luo,et al.  Statistical en-route filtering of injected false data in sensor networks , 2005, IEEE J. Sel. Areas Commun..