Abstract

When a sensor network is deployed in hostile environments, the adversary may compromise some sensor nodes, and use the compromised nodes to inject false sensing reports or modify the reports sent by other nodes. In order to defend against the attacks with low cost, researchers have proposed symmetric group key-based en-route filtering schemes, such as SEF [F. Ye et al., March 2004] and I-LHAP [S. Zhu et al., 2004]. However, if the adversary has compromised a large number of nodes, many group keys can be captured, and the filtering schemes may become ineffective or even useless. To deal with node compromise, the compromised nodes should be identified and the innocent nodes should update their group keys. Some existing intruder identification schemes can be used to identify the compromised nodes, but most existing group rekeying schemes are not suitable for sensor networks since they have large overhead and are not scalable. To address the problem, we propose a family of predistribution and local collaboration-based group rekeying (PCGR) schemes. These schemes are designed based on the ideas that future group keys can be preloaded to the sensor nodes before deployment, and neighbors can collaborate to protect and appropriately use the preloaded keys. Extensive analyses and simulations are conducted to evaluate the proposed schemes, and the results show that the proposed schemes can achieve a good level of security, outperform most previous group rekeying schemes, and significantly improve the effectiveness of filtering false data.