Abstract
The existing public key-based en-route filtering schemes are vulnerable to report disruption attacks or selective forwarding attacks, and they fail to consider any measure to detect and punish the malicious nodes. The authors propose a series of public key-based security mechanisms for wireless sensor networks (WSNs) in this paper, including a mechanism for verifying the partial signatures, a substitution mechanism, an effective report forwarding protocol, and a trust value-based mechanism to identify and punish the malicious nodes. Finally, the authors develop a public key-based authentication and en-route filtering scheme (PKAEF), which can resist false data injection attacks, report disruption attacks and selective forwarding attacks, and can mitigate the impact of malicious nodes. Detailed performance analysis and evaluation show that, in most cases, PKAEF outperforms previous works in terms of safety, filtering efficiency, and data availability.
Highlights
Wireless sensor networks (WSNs) have attracted a lot of attention recently, and have been applied in various applications, such as military sensing and tracking, traffic flow measuring, environmental monitoring, and real-time accident reporting etc. [1,2,3]
A trust value-based mechanism for detecting and punishing the malicious nodes is proposed, which can mitigate the impact of malicious nodes
The authors will compare the security performance of digital signature assisted end-to-end data authentication scheme (DSEDA), PDF, and public key-based authentication and en-route filtering scheme (PKAEF) according to the following aspects: (1) security of private key; (2) resilience to false report injection attacks; (3) resilience to report disruption attacks launched by a non-cluster head (CH) node; (4) resilience to report disruption attacks launched by a CH node; (5) resilience to selective forwarding attacks; (6) malicious nodes detection and isolation
Summary
Wireless sensor networks (WSNs) have attracted a lot of attention recently, and have been applied in various applications, such as military sensing and tracking, traffic flow measuring, environmental monitoring, and real-time accident reporting etc. [1,2,3]. The authentication and en-route filtering scheme [6] and the location-based threshold-endorsement scheme (LTE) [7] are resilient to the two aforementioned attacks to a certain extent, they have high communication overhead and the security vulnerability of LTE was pointed out in [14] None of these schemes consider detecting and punishing the malicious nodes, so the malicious nodes constantly can fool other nodes and consume the limited network resources. By integrating the aforementioned mechanisms, the authors develop a public key-based authentication and en-route filtering scheme (PKAEF) to resist false data injection attacks, and report disruption attacks, and selective forwarding attacks.
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call