在感測網路中，被破解的感測器會造成數種攻擊。而最簡單的方式為假冒某個並沒有真實發生的事件報告或影響真實報告之傳送。若沒有機制來偵測這樣的攻擊行為，不但會造成錯誤的報告而影響整體感測網路感測之正確性，還會使得中繼感測器浪費電力轉送報告。目前有多項技術被提出以改善此一問題。其中主要的作法為事件報告由數個同時感測到此事件的感測器共同背書以取信於基地台。然而，在這種防護機制下，被破解的感測器可以對於真實的事件給予錯誤的背書，而造成真實事件被當成錯誤報告而被過濾掉。在本論文中，對於相關攻擊，我們提出了一個過濾方法。另外，我們亦針對我們方法過濾的有效性、承受度、儲存量與電力節省做分析。最後我們利用模擬來論證我們的方法的各種效能均優於目前現有的方法。

Compromised nodes could launch several attacks in wireless sensor network. The easiest way is to fabricate a report that doesn’t happen actually or to send incorrect data. If undetected, the report could be forwarded to the sink. Such attack will result in not only false alarm but also the energy consumption of intermediate nodes to forward this report. There are many schemes proposed to solve this problem. They use the idea that a legitimate report must consist of several endorsements given by multiple surrounding nodes that also sense the same event. However, the compromised node also can give false endorsement on real event. Such attack will cause the real report to be thought as a false data and be filtered out. In this thesis, we proposed a filtering scheme to counter some related attacks. Moreover, we analyze the filtering effectiveness, the resiliency, storage and energy saving of our scheme. Finally, we also use simulation to demonstrate that the proposed scheme is more efficient than the other solutions.

Contents	I
List of Figures	III
List of Table	IV
Chapter 1 Introduction	1
Chapter 2 Related works	3
2.1 Review of SEF	4
2.1.1 Notations	4
2.1.2 SEF scheme	5
2.2 Review of PVBS	7
2.2.1 Notations	7
2.2.2 PVBS scheme	7
Chapter 3 Preliminaries	11
3.1 Assumption and the network model	11
3.2 The attacker model	12
3.3 The design objectives	12
Chapter 4 The proposed scheme	13
4.1 Notations	13
4.2 Basic idea	13
4.3 Blom’s scheme	14
4.4 Proposed scheme	15
Chapter 5 Analysis	25
5.1 Filtering effectiveness	25
5.2 Resiliency	26
5.3 Key storage	28
Chapter 6 Simulations	29
6.1 Filtering effectiveness	30
6.1.1 Case A	30
6.1.2 Case B	32
6.1.3 Case C	33
6.1.4 Case D	34
6.2 Resiliency	35
6.3 Energy saving	37
Chapter 7 Conclusions and future work	39
Reference	40
Appendix	42

List of Figures
Fig. 1 Report generation phase - A ..................................................................... 20
Fig. 2 Report generation phase - B ..................................................................... 20
Fig. 3 The flowchart of en-route filtering ........................................................... 23
Fig. 4 The distribution of verifiers ...................................................................... 26
Fig. 5 The filtering effectiveness (sufficient energy and Tf = 1).......................... 31
Fig. 6 The filtering effectiveness (middle energy and Tf = 1).............................. 33
Fig. 7 The filtering effectiveness (different Tf and sufficient energy)................ 34
Fig. 8 The filtering effectiveness (different Tf and middle energy) .................... 35
Fig. 9 Resiliency (worst case) .............................................................................. 36
Fig. 10 Resiliency (average case) ......................................................................... 37
Fig. 11 Energy saving (for communication) ....................................................... 38

List of Table
Table 1. Notations of SEF...................................................................................... 4
Table 2. Notations of PVBS ................................................................................... 7
Table 3. Notations ................................................................................................ 13
Table 4. Parameter setting................................................................................... 29
Table 5. The simulation of filtering effectiveness ............................................... 30
Table 6. Parameter setting in energy................................................................... 32

[1]   R. Blom, “An optimal class of symmetric key generation system,” in Eurocrypt’84, Lecture Notes in Computer Science, VOL. 209, Springer-Verlag, pp. 335-338, 1985.
[2]   W. Du, J. Deng, Y. S. Han, P. K. Varshney , “A Key Predistribution Scheme for Sensor Networks Using Deployment Knowledge” IEEE Transactions on Dependable and Secure Computing, VOL. 3, NO. 1, pp.62-77, 2006. 
[3]   W. Du, J. Deng, Y. S. Han, P. K. Varshney, J. Katz, A. Khalili, “A Pairwise Key Predistribution Scheme for Wireless Sensor Networks,” ACM Transaction on Information and System Security, VOL. 8, NO. 2, pp. 228-258, 2005.
[4]   W.R. Heinzelman, A. Chandrakasan, H. Balakrishnan, “An Application- Specific Protocol Architecture for Wireless Microsensor Networks,” IEEE Transactions on Wireless Communications, VOL. 1, NO. 4, pp. 660-670, 2002.
[5]   D. Johnson, D.A. Maltz, J. Broch, “The dynamic source routing protocol for mobile ad hoc networks (Internet-Draft),” mobile ad hoc network (MANET) working group, IEFT (1999).
[6]   V. Kawadia, P. R. Kumar, “Power Control and Clustering in Ad Hoc Networks,” In INFOCOM, 2003.
[7]   S. Kumar, T. H. Lai, J. Balogh, “On k-coverage in a mostly sleeping sensor network,” International Conference on Mobile Computing and Networking, pp.144-158, 2004.
[8]   F. Li, J. Wu, “A probabilistic voting-based filtering scheme in wireless sensor network,” International Wireless Communications & Mobile Computing Conference, pp.27-32, 2006.
[9]   M. Ma, “Resilience of sink filtering scheme in wireless sensor networks,” Computer Communications, VOL. 30, NO. 1, pp. 55-65, 2006.
[10]  F. J. MacWilliams, N. J. A. Sloane, “The Theory of Error-Correcting Codes.” Elsevier Science, New York. 1977.
[11]  H. Yang, F. Ye, Y. Yuan, S. Lu, W. Arbaugh, “Toward resilient security in wireless sensor networks,” Proceedings of the 6th ACM International Symposium on Mobile ad hoc Networking and Computing (MobiHoc), pp. 34-45, 2005.
[12]  F. Ye, H. Luo, S. Lu, L. Zhang, “Statistical En-route Filtering of Injected False Data in Sensor Networks,” IEEE Journal on Selected Areas in Communications, VOL. 23, NO. 4, pp.839-850, 2005.
[13]  O. Younis, S. Fahmy, “Distributed Clustering in Ad-hoc Sensor Networks: A Hybrid, Energy-Efficient Approach,” In INFOCOM, 2004.
[14]  Y. Zhang, W. Liu, W. Lou, Y. Fang, “Location-Based Compromise-Tolerant Security Mechanisms for Wireless Sensor Networks,” IEEE Journal on Selected Areas in Communications, VOL. 24, NO. 2, pp. 247-260, 2006.
[15]  Y. Zhang, J. Yang , L. Jin, W. Li, “ Locating Compromised Sensor Nodes through Incremental Hashing Authentication,” International Conference on Distributed Computing in Sensor Systems, pp.321-337, 2006.
[16]  S. Zhu, S. Setia, S. Jajodia, P. Ning, “An Interleaved Hop-by-Hop Authentication Scheme for Filtering False Data in Sensor Networks,” in IEEE Proceedings of Symposium on Security and Privacy, pp.259-271, 2004.