An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks

IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004 Pub Date : 2004-05-09 DOI:10.1109/SECPRI.2004.1301328

Sencun Zhu, Sanjeev Setia, S. Jajodia, P. Ning

{"title":"An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks","authors":"Sencun Zhu, Sanjeev Setia, S. Jajodia, P. Ning","doi":"10.1109/SECPRI.2004.1301328","DOIUrl":null,"url":null,"abstract":"Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects false data into the network with the goal of deceiving the base station or depleting the resources of the relaying nodes. Standard authentication mechanisms cannot prevent this attack if the adversary has compromised one or a small number of sensor nodes. In this paper, we present an interleaved hop-by-hop authentication scheme that guarantees that the base station will detect any injected false data packets when no more than a certain number t nodes are compromised. Further, our scheme provides an upper bound B for the number of hops that a false data packet could be forwarded before it is detected and dropped, given that there are up to t colluding compromised nodes. We show that in the worst case B is O(t/sup 2/). Through performance analysis, we show that our scheme is efficient with respect to the security it provides, and it also allows a tradeoff between security and performance.","PeriodicalId":447471,"journal":{"name":"IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"700","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECPRI.2004.1301328","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 700

Abstract

Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects false data into the network with the goal of deceiving the base station or depleting the resources of the relaying nodes. Standard authentication mechanisms cannot prevent this attack if the adversary has compromised one or a small number of sensor nodes. In this paper, we present an interleaved hop-by-hop authentication scheme that guarantees that the base station will detect any injected false data packets when no more than a certain number t nodes are compromised. Further, our scheme provides an upper bound B for the number of hops that a false data packet could be forwarded before it is detected and dropped, given that there are up to t colluding compromised nodes. We show that in the worst case B is O(t/sup 2/). Through performance analysis, we show that our scheme is efficient with respect to the security it provides, and it also allows a tradeoff between security and performance.

查看原文本刊更多论文

一种用于过滤传感器网络中注入的假数据的交错逐跳认证方案

传感器网络通常部署在无人值守的环境中，因此使这些网络容易受到虚假数据注入攻击，攻击者将虚假数据注入网络，目的是欺骗基站或耗尽中继节点的资源。如果攻击者已经破坏了一个或少数传感器节点，标准身份验证机制就无法阻止这种攻击。在本文中，我们提出了一种交错逐跳认证方案，保证在不超过一定数量的节点被破坏时，基站将检测到任何注入的假数据包。此外，我们的方案为在检测和丢弃错误数据包之前可以转发的跳数提供了上限B，假设有多达t个串连的受损节点。在最坏情况下，B等于0 (t/sup 2/)通过性能分析，我们证明了我们的方案就其提供的安全性而言是有效的，并且它还允许在安全性和性能之间进行权衡。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004

自引率

0.00%

发文量