An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks

Sencun Zhu; Sanjeev Setia; Sushil Jajodia; Peng Ning

An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks

Sencun Zhu, Sanjeev Setia, Sushil Jajodia, Peng Ning

Computer Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

434 Scopus citations

Abstract

Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects false data into the network with the goal of deceiving the base station or depleting the resources of the relaying nodes. Standard authentication mechanisms cannot prevent this attack if the adversary has compromised one or a small number of sensor nodes. In this paper, we present an interleaved hop-by-hop authentication scheme that guarantees that the base station will detect any injected false data packets when no more than a certain number t nodes are compromised. Further, our scheme provides an upper bound B for the number of hops that a false data packet could be forwarded before it is detected and dropped, given that there are up to t colluding compromised nodes. We show that in the worst case B is O(t ²). Through performance analysis, we show that our scheme is efficient with respect to the security it provides, and it also allows a tradeoff between security and performance.

Original language	English (US)
Title of host publication	Proceedings - IEEE Symposium on Security and Privacy
Pages	259-271
Number of pages	13
State	Published - 2004
Event	Proceedings - 2004 IEEE Symposium on Security and Privacy - Berkeley, CA, United States Duration: May 9 2004 → May 12 2004

Publication series

Name	Proceedings - IEEE Symposium on Security and Privacy
Volume	2004

Other

Other	Proceedings - 2004 IEEE Symposium on Security and Privacy
Country/Territory	United States
City	Berkeley, CA
Period	5/9/04 → 5/12/04

All Science Journal Classification (ASJC) codes

General Engineering

Cite this

@inproceedings{9250fbec3a0447879e4ebd5b0e8a9832,

title = "An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks",

abstract = "Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects false data into the network with the goal of deceiving the base station or depleting the resources of the relaying nodes. Standard authentication mechanisms cannot prevent this attack if the adversary has compromised one or a small number of sensor nodes. In this paper, we present an interleaved hop-by-hop authentication scheme that guarantees that the base station will detect any injected false data packets when no more than a certain number t nodes are compromised. Further, our scheme provides an upper bound B for the number of hops that a false data packet could be forwarded before it is detected and dropped, given that there are up to t colluding compromised nodes. We show that in the worst case B is O(t 2). Through performance analysis, we show that our scheme is efficient with respect to the security it provides, and it also allows a tradeoff between security and performance.",

author = "Sencun Zhu and Sanjeev Setia and Sushil Jajodia and Peng Ning",

year = "2004",

language = "English (US)",

isbn = "0769521363",

series = "Proceedings - IEEE Symposium on Security and Privacy",

pages = "259--271",

booktitle = "Proceedings - IEEE Symposium on Security and Privacy",

note = "Proceedings - 2004 IEEE Symposium on Security and Privacy ; Conference date: 09-05-2004 Through 12-05-2004",

}

Zhu, S, Setia, S, Jajodia, S & Ning, P 2004, An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks. in Proceedings - IEEE Symposium on Security and Privacy. Proceedings - IEEE Symposium on Security and Privacy, vol. 2004, pp. 259-271, Proceedings - 2004 IEEE Symposium on Security and Privacy, Berkeley, CA, United States, 5/9/04.

An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks. / Zhu, Sencun; Setia, Sanjeev; Jajodia, Sushil et al.
Proceedings - IEEE Symposium on Security and Privacy. 2004. p. 259-271 (Proceedings - IEEE Symposium on Security and Privacy; Vol. 2004).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks

AU - Zhu, Sencun

AU - Setia, Sanjeev

AU - Jajodia, Sushil

AU - Ning, Peng

PY - 2004

Y1 - 2004

N2 - Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects false data into the network with the goal of deceiving the base station or depleting the resources of the relaying nodes. Standard authentication mechanisms cannot prevent this attack if the adversary has compromised one or a small number of sensor nodes. In this paper, we present an interleaved hop-by-hop authentication scheme that guarantees that the base station will detect any injected false data packets when no more than a certain number t nodes are compromised. Further, our scheme provides an upper bound B for the number of hops that a false data packet could be forwarded before it is detected and dropped, given that there are up to t colluding compromised nodes. We show that in the worst case B is O(t 2). Through performance analysis, we show that our scheme is efficient with respect to the security it provides, and it also allows a tradeoff between security and performance.

AB - Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects false data into the network with the goal of deceiving the base station or depleting the resources of the relaying nodes. Standard authentication mechanisms cannot prevent this attack if the adversary has compromised one or a small number of sensor nodes. In this paper, we present an interleaved hop-by-hop authentication scheme that guarantees that the base station will detect any injected false data packets when no more than a certain number t nodes are compromised. Further, our scheme provides an upper bound B for the number of hops that a false data packet could be forwarded before it is detected and dropped, given that there are up to t colluding compromised nodes. We show that in the worst case B is O(t 2). Through performance analysis, we show that our scheme is efficient with respect to the security it provides, and it also allows a tradeoff between security and performance.

UR - http://www.scopus.com/inward/record.url?scp=3543056512&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=3543056512&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:3543056512

SN - 0769521363

SN - 9780769521367

T3 - Proceedings - IEEE Symposium on Security and Privacy

SP - 259

EP - 271

BT - Proceedings - IEEE Symposium on Security and Privacy

T2 - Proceedings - 2004 IEEE Symposium on Security and Privacy

Y2 - 9 May 2004 through 12 May 2004

ER -

An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Other files and links

Fingerprint

Cite this