In wireless sensor networks, the adversary may inject false reports to exhaust network energy or trigger false alarms with compromised sensor nodes. In response to the problems of existing schemes on the security resiliency, applicability and filtering effectiveness, this Project proposes a scheme, referred to as Grouping-enhanced Resilient Probabilistic En-route Filtering (GRPEF). In GRPEF, an efficient distributed algorithm is proposed to group nodes without incurring extra groups, and a multiaxis division based approach for deriving location-aware keys is used to overcome the threshold problem and remove the dependence on the sink immobility and routing protocols. Compared to the existing schemes, GRPEF significantly improves the effectiveness of the en-route filtering and can be applied to the sensor networks with mobile sinks while reserving the resiliency.
These schemes adopt a general en-route filtering framework to protect data authenticity, detect and filter out false reports. This framework assumes that an event can be detected by more than T sensors. To protect the report authenticity, a legitimate report is collaboratively endorsed with T (T > 1) distinct Message Authentication Codes (MACs) from the nodes detecting the event simultaneously. To filter the false reports, the nodes in the routing path share the authentication keys for the report endorsement. As a result, an invalid report that has less than T MACs or any incorrect MAC can be detected and dropped by the forwarding nodes or the sinks. There are two ways to share the authentication keys for the report endorsement, that are, routing-specific way and probabilistic way.
In the routing-specific key sharing schemes such as IHA, DEFS, and LEDS, the authentication keys of sensor nodes are shared with the forwarding nodes in the routing path by pairwise key establishment or key dissemination.
Since the probabilistic key sharing schemes do not need periodic node association and key dissemination, they are superior to the routing-specific key sharing schemes and are preferred by the resource-constrained WSNs. However, the existing probabilistic schemes have their shortages.
In the probabilistic key sharing schemes such as SEF and LBRS , the sensor nodes are divided into n(n > T) groups according to the key distribution before deployment. The nodes in the same group share common authentication keys with a probability. A legitimate report is endorsed with T MACs each of which is generated by a detecting node from different group, which is referred to as T-group authentication. The extra n _ T groups are introduced to enable T-group authentication to work for events in as large area as possible. A random key predistribution approach is adopted in SEF . A global key pool is evenly divided into n partitions. Each node randomly picks k keys from one partition and the nodes holding keys from the same partition form a group. In LBRS, each node is preloaded with one of n master secrets, and the nodes having the same master secret form a group. The authentication keys are derived based on the locations of cells in the terrain. All the nodes in the routing paths to the sink shares the authentication keys with a probability.
- Sensor node
- Mobile Sink
- Monitoring and Reporting Phase
- False Data Injection
- En-Route Filtering
||C#.Net with ASP.NET 3.5