Preserving data authenticity inwireless sensor networks: Attacks and countermeasures

Preserving data authenticity in a hostile environment, where the sensor nodes may be compromised, is a critical security issue for wireless sensor networks. In such networks, once a real event is detected, nearby sensors generate data reports which are subsequently forwarded to the data collection point. However, the subverted sensors, which have access to the stored secret keys, can launch attacks to compromise data authenticity. They can act as sources for forged reports and inject an unlimited number of bogus reports that fabricate false events "happening" at arbitrary locations in the field. Such false reports may exhaust network energy and bandwidth resources, trigger false alarms and undesired reactions. In this chapter, we explain such attacks and critically examine more than a dozen state-of-the-art countermeasures proposed in the past several years. We look into both passive and proactive approaches for the defense mechanisms. For the passive defenses, we describe the basic en-route filtering framework and examine the cons and pros of both uniform and route-specific key sharing schemes. For the active defenses, we examine the merits and constraints of the group re-keying scheme and the log-based traceback scheme. Finally, we identify future research directions for comprehensive protection of data authenticity in sensor networks.