Statistical en-route filtering of injected false data in sensor networks

In a large-scale sensor network individual sensors are subject to security compromises. A compromised node can be used to inject bogus sensing reports. If undetected, these bogus reports would be forwarded to the data collection point (i.e., the sink). Such attacks by compromised nodes can result in...

Full description

Saved in:
Bibliographic Details
Published inIEEE journal on selected areas in communications Vol. 23; no. 4; pp. 839 - 850
Main Authors Fan Ye, Luo, H., Songwu Lu, Lixia Zhang
Format Journal Article
LanguageEnglish
Published New York IEEE 01.04.2005
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Analytical models
Batteries
Battery
Compromised nodes
Data collection
Data security
Decision making
Depletion
en-route filtering
Event detection
false data injection
Filtering
Filters
Filtration
Large-scale systems
Mathematical analysis
Message authentication
Networks
Performance analysis
Security
Sensors
Online AccessGet full text

Cover

More Information
Summary:In a large-scale sensor network individual sensors are subject to security compromises. A compromised node can be used to inject bogus sensing reports. If undetected, these bogus reports would be forwarded to the data collection point (i.e., the sink). Such attacks by compromised nodes can result in not only false alarms but also the depletion of the finite amount of energy in a battery powered network. In this paper, we present a statistical en-route filtering (SEF) mechanism to detect and drop false reports during the forwarding process. Assuming that the same event can be detected by multiple sensors, in SEF each of the detecting sensors generates a keyed message authentication code (MAC) and multiple MACs are attached to the event report. As the report is forwarded, each node along the way verifies the correctness of the MAC's probabilistically and drops those with invalid MACs. SEF exploits the network scale to filter out false reports through collective decision-making by multiple detecting nodes and collective false detection by multiple forwarding nodes. We have evaluated SEF's feasibility and performance through analysis, simulation, and implementation. Our results show that SEF can be implemented efficiently in sensor nodes as small as Mica2. It can drop up to 70% of bogus reports injected by a compromised node within five hops, and reduce energy consumption by 65% or more in many cases.
Bibliography:ObjectType-Article-2
SourceType-Scholarly Journals-1
ObjectType-Feature-1
content type line 14
content type line 23
ISSN:0733-8716
1558-0008
DOI:10.1109/JSAC.2005.843561