1 / 37

Secure In-Network Aggregation for Wireless Sensor Networks

Secure In-Network Aggregation for Wireless Sensor Networks. Bo Sun Department of Computer Science Lamar University. Research Supported by Texas Advanced Research Program under Grant 003581-0006-2006. Outline of Presentation. Introduction and Motivation Assumptions and Network Model

nevada-mcfarland
Download Presentation

Secure In-Network Aggregation for Wireless Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced Research Program under Grant 003581-0006-2006

  2. Outline of Presentation • Introduction and Motivation • Assumptions and Network Model • Local Detection • Challenges • Extended Kalman Filter based Monitoring • CUSUM GLR based Monitoring • Collaboration between Intrusion Detection Module (IDM) and System Monitoring Module (SMM) • Performance Evaluation • Conclusions and Future work

  3. Introduction and Motivation

  4. Wireless Sensor Networks (WSNs) • Many simple nodes with sensors deployed throughout an environmentSensing + CPU +Radio = Thousands of Potential Applications

  5. 1 2 3 4 5 Why do we need Aggregation in WSNs? • Example Query: • What is the maximum temperature in area A between 10am and 11am? • Redundancy in the event data • Solution: Combine the data coming from different sources • Eliminate redundancy • Minimize the number of transmissions

  6. Secure In-Network Aggregation Problem

  7. Observation • There is very little work that aims at addressing secure in-network aggregation problem from the intrusion detection perspective • Our Work • We set up the normal range of the neighbor’s future transmitted values • We propose the integration between System Monitoring Modules and Intrusion Detection Modules

  8. Why do we need IDSs? Intrusion Detection Systems (IDSs) • Goal: Highly secured Information Systems

  9. Intrusion Detection Systems

  10. Challenges • It is difficult to achieve the real aggregated values • High packet loss rate • Individual sensor readings are subject to environmental noise • Uncertainty of the aggregation function • Sensor nodes suffer from stringent resources

  11. Challenges

  12. Assumptions and Network Models

  13. Assumptions • The majority of nodes around some unusual events are not compromised • Falsified data inserted by compromised nodes are significantly different from real values

  14. Network Models

  15. Local Detection

  16. Kalman Filter • Aset of mathematical equations • Recursively estimate the state of a process • Time Update: Project the current state estimate ahead of time • Measurement Update: Adjust the projected estimate by an actual measurement

  17. Extended Kalman Filter based Monitoring

  18. Extended Kalman Filter based Monitoring – System Dynamic Model • Process Model • Measurement Model

  19. Extended Kalman Filter based Monitoring – System Equations • Time Update • State Estimate Equations: • Error Project Equations: • Measurement Update • Kalman Gain Equation: • Estimate Update with Measurement: • Error Covariance Update Equation:

  20. EKF based Local Detection Algorithm

  21. CUSUM GLR based Location Detection • EKF based solution ignores the information given by the entire data sequence • EKF based solution is not suitable if an attacker continuously forge values with small deviations • Solution • Cumulative Summation (CUSUM)Generalized Likelihood Ratio (GLR)

  22. An Example of CUSUM • Cumulative sum: Source: D.C. Montgomery (2004).

  23. CUSUM GLR based Location Detection

  24. Collaboration between IDM and SMM to Differentiate Malicious Events from Emergency Events

  25. Performance Evaluation

  26. Simulation Setup • Aggregation Function • Average, Sum, Min, and Max • Simulation • Different packet loss ratio: 0.1, 0.25, 0.5 • D: Attack Intensity • The difference between attack data and normal data • Performance Metric • False Positive Rate • Detection Rate

  27. Performance Evaluation – Average of EKF

  28. Performance Evaluation – Average of CUSUM GLR

  29. Performance Evaluation – Sum of EKF

  30. Performance of Evaluation – Sum of CUSUM GLR

  31. Performance Evaluation – Min of EKF

  32. Performance Evaluation – Min of CUSUM GLR

  33. Performance Evaluation – Max of EKF

  34. Performance Evaluation – Max of CUSUM GLR

  35. Related Work • Hu and Evans’ secure Aggregation • Secure Information Aggregation • Secure Hierarchical In-Network Aggregation • Secure hop-by-hop data aggregation • Topological Constraints based Aggregation • Resilient Aggregation

  36. Conclusions and Future Work • Conclusions • Extended Kalman Filter based approach can provide an effective local detection algorithm • Intrusion Detection Module and System Monitoring Modules should work together to provide intrusion detection capabilities • Future Work • Large scale test of the proposed approach • Further elaboration of interactions between IDM and SMM

  37. Thank You !

More Related