A Novel En-route Filtering Scheme against False Data Injection Attacks in Cyber-Physical Systems

In Cyber-Physical System (CPS), attackers could inject false measurements to the controller through compromised sensor nodes, which not only threaten the security of the system, but also consumes significant network resources. To deal with this issue, a number of en-route filtering schemes have been designed for wireless sensor networks. However, these schemes either lack resilience to the number of compromised nodes or depend on the statically configured routes and node localization, which are not suitable for CPS. In this paper, we propose a Polynomialbased Compromised-Resilient En-route Filtering scheme (PCREF), which can filter false injected data effectively and achieve a high resilience to the number of compromised nodes without relying on static routes and node localization. Different from the existing schemes, PCREF uses polynomials instead of MACs for endorsing measurement reports to achieve the resilience to attacks. Each node stores two types of polynomials: authentication polynomial and check polynomial derived from the primitive polynomial, and used for endorsing and verifying the measurement reports. Through extensive theoretical analysis and simulation experiments, our data show that our scheme achieves better filtering capacity and resilience to the large number of compromised nodes in comparison with the existing schemes. Keywords—Cyber-Physical system, false measurement report, sensor node, polynomial-based en-route filtering