Resilient False Data Detection Mechanisms In Wireless Sensor Networks

Tiny sensors integrated with various functionalities such as information collection, data processing and wireless communication have proliferated due to the development of MEMS (Micro-Electro-Mechanical System), computing and wireless communication technologies. Wireless sensor networks are made up of great amounts of low-cost sensor nodes deployed in the target sensing areas. These low power consuming sensors establish a multi-hop and ad-hoc network infrastructure to cooperatively sense, collect and process information of the covered sensing target. The final results are sent back to the observers for further processing. Wireless sensor networks have revolutionized the way we human interact with the nature and thus enhanced our ability to cognize the world. They have been widely deployed in areas such as military, healthcare and intelligent homes.It's recognized that wireless sensor networks are ad-hoc, data-centric and distributed. Severely constrained in computation, storage, bandwidth and energy resources, sensor nodes act not only as data generators but also routers for neighboring sensors. These unique features have brought new security threats to wireless sensor networks. It's a great challenge to design security mechanisms suitable for sensor networks.In many scenarios, wireless sensor networks are deployed in harsh even hostile environments. Adversaries could easily compromise sensor node due to its unattended nature. Large volume of bogus data could be injected into the network through the compromised sensors to maliciously change the topology/routing structures of the network and decrease the accuracy of the sensing data. Thus the normal operations of wireless sensor networks are severely disrupted. This thesis focuses on how to effectively and efficiently detect the false data injected by the adversaries and then eliminate the sources. The aim is to establish a basic security framework against false data injection for wireless sensor networks.Firstly, the importance of geographic location information is analyazed. To defend against the bogus control data containing forged location injected by the adversaries, the problem of location verification is proposed. Because of the inaccuracy of the location information obtained through localization, neighbor relationships among nearby sensors are influenced. A neighbor model is established by taking inaccuracies of location information into consideration. Based on this model, a basic scheme relying on trust among neighboring sensors is proposed. To further reduce the communication overhead, another improved scheme is proposed by utilizing a data structure called the Merkle hash tree.Then, the necessarity to detect and drop false event report as soon as possible to save the network bandwidth and energy resource is pointed out. A selective dropping resistance en-route filtering scheme is proposed to solve the disadvantage of the general en-route filtering framework. Basing on the so-called location-based security, trust and monitor are introduced into the process of event report verification to effectively deter the attackers from dropping normal data packet maliciously. The proposed fan model effectively solves the problem of sink mobility, which is a deficiency of the existing en-route filtering schemes. The influence of sensor compromises on location-based security is also analyzed.In the last, highly efficient traceback schemes for wireless sensor networks are proposed. The probabilistic packet marking (PPM) schemes for the Internet are thoroughly analyzed. Two improved schemes are then proposed to reduce the message complexity. By analysis, the lower bound for any PPM-based schemes is obtained. However, PPM hasn't considered the threat of sensor compromise. The various potential attacks that could be launched by the adversaries are analyzed in detail and a traceback scheme based on probabilistic chain marking is proposed. Due to the protection of message authentication code, not only the message per se but also any existing markers in the packet could remain intact. Thus robustness and accuracy are enhanced while communication overhead is reduced.