False Data Detection in Wireless Sensor Networks

Abstract

En-Route filtering is a method to detect and filter false reports in Wireless Sensor Networks (WSNs). The radio capabilities of sensor nodes are very limited. Thus the reports have to be forwarded through intermediate nodes to be collected at a central facility. In En-Route filtering, the intermediate nodes do an authenticity check of all the reports before they are forwarded to next hop. In recent times, many En-Route filtering schemes have been proposed. Each of these schemes use different cryptographic methods to filter false reports from the WSNs. However, the majority of these techniques can handle only limited compromised nodes or either needs node localization or statically configured routes for sending reports. Furthermore, the majority of En-Route filtering techniques are vulnerable to various Denial of Service (DoS) attacks. Though, the contemporary techniques proposed in the field of En-Route filtering have evolved with the time, but still, the majority of them are prone to selective forwarding and report disruption attacks. This research work focuses on handling the problems and limitations of En-Route filtering to device new techniques which are resilient to various DoS attacks. We in our work will try to reduce communication overhead and reduce the effect of various DoS attacks (Report Disruption Attack and Selective Forwarding Attack) in WSNs. The basic idea of En-Route filtering is checking of reports by intermediate nodes. This helps to decrease the processing and checking overhead of sink and thus false reports can be removed from the network within some nodes from the origin, saving energy and bandwidth. In this approach, each report is attached to Message Authentication Codes (MACs) or signatures. Whenever these reports are being forwarded over the network, intermediate nodes can authenticate these MACs or signatures and if any fault is found, reports are dropped. For creation and verification of MACs in the network, sensor nodes exchange secret keys with other sensor nodes in the network. Thus, this research work mainly focuses on proposing new key pre-distribution schemes andthen to extend the proposed key pre-distribution schemes to propose new En-Route filtering schemes. In this thesis, secure key pre-distribution mechanisms are studied. The first study is based on improvements in combinatorial design based key pre-distribution mechanism. We developed three combinatorial design based key pre-distribution schemes which improved the resiliency of the network against compromised sensor nodes without alarmingly increasing the key storage overhead in the network. Second study is devoted to propose a new hybrid key pre-distribution scheme which uses both pair-wise keys and combinatorial design based keys. This helped to ensure high resiliency against compromised sensor nodes in the network while maintaining very low key storage overhead when compared to existing schemes. The last study focused on extending the proposed key pre-distribution schemes to propose novel En-Route filtering schemes. Use of combinatorial design based keys provided a deterministic mechanism for verification of forwarded reports. Thus, the filtering efficiency of the proposed schemes is excellent. For the proposed schemes, a novel report endorsement and verification mechanism is also proposed for robust data authentication and availability in the network. This helped to provide better tolerance against Report Disruption Attack and Selective Forwarding Attack in WSNs. With thorough analysis and simulation results, we have claimed that the network performances of our key pre-distribution and En-Route filtering schemes are much better as compared to those for the existing schemes.