Abstract-In wireless sensor networks, sensor nodes are vulnerable to node compromise attacks that threaten their security

and efcient utilization of resources. A compromised sensor node can inject false data during data for-warding and aggregation to forge the integrity of sensor data. It is highly desirable for sensor nodes to detect and drop false data as soon as possible in order to avoid misusing their limited resources such as battery power and bandwidth. In addition, the false data detection algorithms should be de-signed with data aggregation and condentiality in mind. Data aggregation is used to reduce the redundancy in transmitted Fig-1 data and to improve the data accuracy. This chapter reviews the existing false data detection, data aggregation, secure data aggregation, and key establishment schemes for wireless sensor networks. It also addresses how false data detection can be integrated with data aggregation and condentiality. For this purpose an algorithm called DAA data aggregation and authentication protocol is presented in this paper

prefers data to be encrypted at he source node and decrypted at the destination. The basic idea behind the false data detection theme in is to form pairs of sensor nodes, as shown in, such that one pair mate computes a message authentication code (MAC) of forwarded data and the other pair mate verifies later the data using the MAC. This scheme does not work if an intermediate node between the pair mates alters data incase of data aggregation. Thus, because data aggregation usually results in alterations in data, the false data detection scheme cannot be implemented when a data aggregator between two pair mates changes the data during aggregation.

An Example of forming pairs to authenticate the false data

Introduction
Recent advances in low-power computing and communication technologies have given rise to the proliferation of wireless sensor networks having low cost sensor nodes with limited processing capacity and battery power. Wireless sensor networks can be used in a wide range of applications such as environmental and patient monitoring, surveillance of critical areas and tructures,and target tracking. For these applications, network security is usually an essential requirement and, therefore, the lack of proper security can curtail the widespread deployment of sensor networks. However, wireless sensor networks are prone to many types of security attacks, some of which do not even occur in traditional networks. For example, in node compromise attacks intruders gain the control of sensor nodes and threaten the ecurity of the network by injecting false data, forging relayed data, or disturbing data transmission or eavesdropping. By injecting false data, compromised sensor nodes can distort data integrity, cause false alarms, and reduce the limited battery, computational and communication resources of sensor nodes. Data aggregation is employed to eliminate data redundancy, reduce the amount of data transmitted to the base station, and/or improve data reliabilit it is critical and challenging to provide secure data aggregation along with false data detection. In addition to secure data aggregation, data confidentiality is needed by many applications, including military and patient monitoring. But, data aggregation and confidentiality techniques unfortunately have conflicts in their implementation. Data confidentiality

In this paper a data aggregation and authentication protocol DAA to provide false data detection and secure data aggregation against up to T compromised sensor nodes ,for T>=1.the value of T depends upon security requirements ,node density ,packet size, amount of tolerable over head .it is assumed that some nodes are selected as aggregators , and the nodes between two aggregating nodes said to be forwarding nodes simply because they forward data. To detect false data injected by some neighboring nodes of the aggregator (called monitoring nodes)also performs data aggregation and calculates the MAC s for the aggregated data for the verification of the data later. To provide data confidentiality during data forwarding between aggregators ,the data is transmitted as encrypted and the false data detection is performed over encrypted data.

False Data Detection: Consider the scenario presented

in where compromised nodesinject false data about a fake border crossing in order to deplete the energy of sensor nodes and to mislead the border patrol. In general, it is not possible to prevent the injection of false data because sensor nodes are vulnerable to node compromise attacks. But, false data can be detected and dropped soon after its injection using message authentication codes (MACs) in data authentication schemes [4, 5, 6, 7]. For instance, the statistical en-route detection scheme [4],called SEF, enables relaying nodes and the base station to detect false datawith a certain probability. To detect and filter out forged messages, SEF relieson the collective decisions of multiple sensor nodes as follows: (i) when anevent occurs in an area of interest, the surrounding sensor nodes generatea legitimate report that carries multiple MACs, (ii) intermediate forwarding nodes detect incorrect MAC sand filter out false reports with some probability, and (iii) the base station verifies the correctness of each MAC and eliminates