Robust detection of false data injection attacks for data aggregation in an Internet of Things-based environmental surveillance

摘要

AbstractData aggregation is an important technology for environmental surveillance based on the Internet of Things (IoT) in the process of compressing redundant data collected from small devices that are distributed over a wide area in a network. However, since most IoT devices work in an unattended manner with limited security guarantees, they are extremely vulnerable to node compromise. Once adversaries take charge of compromised nodes, they can launch false data injection (FDI) attacks, which are known to be destructive for data aggregation. To minimize the damage caused by an FDI attack, we adopt a Hierarchical Bayesian Spatial-Temporal (HBST) model to describe the statistical characteristics of sensory data in an aggregation-based communication mode and propose an anomaly detection-based scheme to detect compromised nodes in the early stage. The basic idea behind our scheme is using state estimation techniques based on divided difference filtering (DDF) to detect false aggregated data and determining the nodes that are suspected of injecting false data using sequential hypothesis testing (SHT). Additionally, we model the problem of FDI attack detection using a quantitative two-player game theory analysis, derive the optimal strategies for both the adversaries and defenders, and demonstrate that the adversaries’ gain from the attack is greatly limited by the defenders, even in the worst case when both players follow their respective optimal strategies. Moreover, we present theoretical and simulation analyses to evaluate the performance of the proposed scheme in terms of the effectiveness, efficiency and overhead. The analytical results show that the proposed scheme achieves a high detection rate and low false positive rate with a small amount of detection samples.