Interleaved hop-by-hop authentication against false data injection attacks in sensor networks

Sencun Zhu, Sanjeev Setia, Sushil Jajodia, Peng Ning

Research output: Contribution to journalArticle

45 Citations (Scopus)

Abstract

Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects false data into the network with the goal of deceiving the base station or depleting the resources of the relaying nodes. Standard authentication mechanisms cannot prevent this attack if the adversary has compromised one or a small number of sensor nodes. We present three interleaved hop-by-hop authentication schemes that guarantee that the base station can detect injected false data immediately when no more than t nodes are compromised, where t is a system design parameter. Moreover, these schemes enable an intermediate forwarding node to detect and discard false data packets as early as possible. Our performance analysis shows that our scheme is efficient with respect to the security it provides, and it also allows a tradeoff between security and performance. A prototype implementation of our scheme indicates that our scheme is practical and can be deployed on the current generation of sensor nodes.

Original languageEnglish (US)
Article number1267062
JournalACM Transactions on Sensor Networks
Volume3
Issue number3
DOIs
StatePublished - Aug 1 2007

Fingerprint

Sensor nodes
Base stations
Authentication
Sensor networks
Systems analysis

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications

Cite this

@article{fccd6e5526cc453d86b03faac6d16cdb,
title = "Interleaved hop-by-hop authentication against false data injection attacks in sensor networks",
abstract = "Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects false data into the network with the goal of deceiving the base station or depleting the resources of the relaying nodes. Standard authentication mechanisms cannot prevent this attack if the adversary has compromised one or a small number of sensor nodes. We present three interleaved hop-by-hop authentication schemes that guarantee that the base station can detect injected false data immediately when no more than t nodes are compromised, where t is a system design parameter. Moreover, these schemes enable an intermediate forwarding node to detect and discard false data packets as early as possible. Our performance analysis shows that our scheme is efficient with respect to the security it provides, and it also allows a tradeoff between security and performance. A prototype implementation of our scheme indicates that our scheme is practical and can be deployed on the current generation of sensor nodes.",
author = "Sencun Zhu and Sanjeev Setia and Sushil Jajodia and Peng Ning",
year = "2007",
month = "8",
day = "1",
doi = "10.1145/1267060.1267062",
language = "English (US)",
volume = "3",
journal = "ACM Transactions on Sensor Networks",
issn = "1550-4859",
publisher = "Association for Computing Machinery (ACM)",
number = "3",

}

Interleaved hop-by-hop authentication against false data injection attacks in sensor networks. / Zhu, Sencun; Setia, Sanjeev; Jajodia, Sushil; Ning, Peng.

In: ACM Transactions on Sensor Networks, Vol. 3, No. 3, 1267062, 01.08.2007.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Interleaved hop-by-hop authentication against false data injection attacks in sensor networks

AU - Zhu, Sencun

AU - Setia, Sanjeev

AU - Jajodia, Sushil

AU - Ning, Peng

PY - 2007/8/1

Y1 - 2007/8/1

N2 - Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects false data into the network with the goal of deceiving the base station or depleting the resources of the relaying nodes. Standard authentication mechanisms cannot prevent this attack if the adversary has compromised one or a small number of sensor nodes. We present three interleaved hop-by-hop authentication schemes that guarantee that the base station can detect injected false data immediately when no more than t nodes are compromised, where t is a system design parameter. Moreover, these schemes enable an intermediate forwarding node to detect and discard false data packets as early as possible. Our performance analysis shows that our scheme is efficient with respect to the security it provides, and it also allows a tradeoff between security and performance. A prototype implementation of our scheme indicates that our scheme is practical and can be deployed on the current generation of sensor nodes.

AB - Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects false data into the network with the goal of deceiving the base station or depleting the resources of the relaying nodes. Standard authentication mechanisms cannot prevent this attack if the adversary has compromised one or a small number of sensor nodes. We present three interleaved hop-by-hop authentication schemes that guarantee that the base station can detect injected false data immediately when no more than t nodes are compromised, where t is a system design parameter. Moreover, these schemes enable an intermediate forwarding node to detect and discard false data packets as early as possible. Our performance analysis shows that our scheme is efficient with respect to the security it provides, and it also allows a tradeoff between security and performance. A prototype implementation of our scheme indicates that our scheme is practical and can be deployed on the current generation of sensor nodes.

UR - http://www.scopus.com/inward/record.url?scp=34548390509&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34548390509&partnerID=8YFLogxK

U2 - 10.1145/1267060.1267062

DO - 10.1145/1267060.1267062

M3 - Article

VL - 3

JO - ACM Transactions on Sensor Networks

JF - ACM Transactions on Sensor Networks

SN - 1550-4859

IS - 3

M1 - 1267062

ER -