The Design of the En-route Filtering Mechanism with Immediately Lightweight Authentication for Wireless Sensor Networks

Abstract

Security is a critical issue when sensor networks are deployed in the military, homeland or other hostile environments. Recently, Deng et al. pointed out the Path-based Denial of Service (PDoS) attacks can cause serious damage in a resource constrained WSNs. In the PDoS attack, an adversary floods either replayed packets or injected spurious packets in a multi-hop end-to-end communication path, so that the adversary can exhaust the resource of sensor nodes located in this routing path. Perrig et al. proposed a loosely time synchronous mechanism called μTESLA to cope with the above attack. However, the time asynchronous problem causes that the sensor node cannot verify whether the messages are valid or not before the trusted party releases the trapdoor key. In our scheme, the sensor nodes can verify the transmitted packets immediately to see whether they are generated by the trusted party or an adversary. Finally, we analyze the security of the proposed scheme and show that our scheme can resist the above attacks with lightweight operations.