RAS: A Robust Authentication Scheme for Filtering False Data in Wireless Sensor Networks

Abstract

False data injection attacks not only cause user to receive incorrect reports so that make wrong decisions, but also drain out the significant sensor network energy resources. Previous filtering schemes mainly relying on pairwise key based schemes for endorsing the report. In wireless sensor networks, sharing pairwise key with other sensor nodes may be vulnerable as an intermediate node can be compromised and hence keys will be disclosed. As a result, those compromised forwarding nodes can be easily manipulated to inject false data reports by the inside attacker. Based on a pre-designed partition-overlapping key pool scheme, we propose a new robust authentication scheme (RAS) for filtering false data. In RAS, each big event is divided into several small event chunks, every one of which is endorsed by witness nodes both with dynamic authentication tokens from one-way hash chain and their secret keys pre-loaded from the key pool. This way, compromised nodes, even in possession of all endorsement keys for the data reports, will not able to fabricate or modify the reports. Analytical and simulation results show that RAS can filter false reports earlier while maintaining stronger protection against various insider attacks.