A Neighbor Information and One-way Hash Chain Based Filtering Scheme in Wireless Sensor Networks
Zhixiong Liu and Huafu Liu
False data filtering is an important issue in wireless sensor networks. In this paper, we consider a new type of false report injection attacks called collaborative false report injection. In collaborative false report injection attacks, multiple compromised nodes from different geographical areas collaboratively inject a forged report into the network. This type of attacks is hard to defend with existing approaches, because they only verify a fixed number of message authentication codes (MACs) carried in the report, while the adversary can easily obtain enough secret information by compromising nodes and thus to break their security designs. Furthermore, without checking the freshness of the reports during en-route filtering, these schemes also can not detect and filter out replayed reports injected by compromised nodes, leading to the quick depletion of energy. In this paper, we propose a Neighbor information and one-way Hash chain-based Filtering Scheme (NHFS) that can cope with these problems. In NHFS, we bind the keys of sensor nodes to their geographical locations, and verify the legitimacy of a report by checking whether the locations of the sensors endorsing the report are logical (e.g., the sensors should be close enough to sense the same stimulus). We also pre-load each node with a one-way hash chain and a distinct key. When a report is generated for an observed event, it must carry the MACs and hash values from t detecting nodes. During the process of forwarding, each intermediate node checks the correctness of the MACs, hash values, and the freshness of these hash values, respectively. Theoretical analysis and simulation results show that NHFS can defend collaborative false report injection attacks efficiently, e.g., when there are ten compromised nodes in a network including totally 400 nodes, the detecting probability of collaborative false report injection attacks is higher than 97 percent in NHFS, but is less than 7 percent in traditional false data filtering approaches such as SEF; moreover, NHFS is able to filter out replayed reports with a high probability.
Keywords: wireless sensor network, compromised node; false report injection, replayed reports, relative positions