sdap a secure hop by hop data aggregation protocol for sensor networks n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
SDAP: A Secure Hop-by-Hop Data Aggregation Protocol for Sensor Networks PowerPoint Presentation
Download Presentation
SDAP: A Secure Hop-by-Hop Data Aggregation Protocol for Sensor Networks

Loading in 2 Seconds...

play fullscreen
1 / 30

SDAP: A Secure Hop-by-Hop Data Aggregation Protocol for Sensor Networks - PowerPoint PPT Presentation


  • 131 Views
  • Uploaded on

SDAP: A Secure Hop-by-Hop Data Aggregation Protocol for Sensor Networks. Yi Yang, Xinran Wang, Sencun Zhu and Guohong Cao April 24, 2007 Presented by Nicky Mahilani CSC 774 In-class presentation. Acknowledgement: Based on slides provided by Author. Outline.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'SDAP: A Secure Hop-by-Hop Data Aggregation Protocol for Sensor Networks' - sonya-foley


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
sdap a secure hop by hop data aggregation protocol for sensor networks

SDAP: A Secure Hop-by-Hop Data Aggregation Protocol for Sensor Networks

Yi Yang, Xinran Wang, Sencun Zhu and Guohong Cao

April 24, 2007

Presented by Nicky Mahilani

CSC 774 In-class presentation

  • Acknowledgement: Based on slides provided by Author
outline
Outline

Data Aggregation in Sensor Networks

Security Challenges

SDAP Details

Performance Evaluation

Conclusion

Future Work

sensor networks
Sensor Networks
  • BS

Group of sensor nodes

report to a Base Station(BS)

Without data aggregation

  • Data redundancy
  • Communication cost
  • Energy expenditure

Reporting raw data is

inefficient

data aggregation in sensor networks
Data Aggregation in Sensor Networks
  • BS

With data aggregation

we can reduce

  • Data redundancy
  • Communication cost
  • Energy expenditure

A lossy data compression

process

outline1
Outline

Data Aggregation in Sensor Networks

Security Challenges

SDAP Details

Performance Evaluation

Conclusion

Future Work

security challenges in data aggregation 1
Security Challenges in Data Aggregation?(1)
  • BS

Compromised node

False Alarm

A compromised intermediate

node may change the

aggregated data

BS cannot verify the result

without knowing original

readings

security challenges in data aggregation 2
Security Challenges in Data Aggregation?(2)
  • Legitimate temperature (32F ~ 150F)
  • BS

Hop-by-hop aggregation

  • Aggregates computed by a

higher-level node are from

‘more’ low-level nodes

  • If a compromised node is

closer to BS, false value from

it has more impact on the final

result computed by BS

security challenges in data aggregation 3
Security Challenges in Data Aggregation?(3)
  • BS

Compromised node

False Alarm

Question:

Can the BS obtain a good

approximation of the fusion

result when a fraction of

nodes are compromised?

outline2
Outline

Data Aggregation in Sensor Networks

Security Challenges

SDAP Details

Performance Evaluation

Conclusion

Future Work

network model

BS

Network Model

- An unbalanced tree rooted at BS

- Data is aggregated hop by hop

- Each aggregate is a tuple (value, count)

- Every node only forwards one copy

attack model

Legitimate temperature (32F ~ 150F)

  • BS
  • (?, ?)

(100F, 50)

Attack Model

Goal: Inject false data without being detected by BS

Example:

  • Without modifying the

received aggregate

    • (98.7F~101F, 51)
  • Count change attack
    • (100F~150F, *)
  • Value change attack
    • (32F~150F, 51)
sdap secure hop by hop data aggregation protocol
SDAP: Secure Hop-by-hop Data Aggregation Protocol

Basic Principle

  • Divide and conquer
  • Commit and attest

Protocol Overview

  • Tree Construction & Query Dissemination
  • Probabilistic grouping
    • Partition nodes into logical groups of similar size
  • Hop-by-hop aggregation
    • Each group generates a commitment which cannot be denied later
  • Verification & attestation
    • BS identifies suspicious groups
    • Suspect groups attest correctness of commitments to BS
tree construction query dissemination

avg

  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
  • avg
Tree Construction & Query Dissemination
  • Legitimate temperature (32F ~ 150F)

Tree construction

Query dissemination

  • BS  * : Fagg, Sg
    • Fagg:

an aggregation function,

e.g., avg, count

    • Sg:

a random number as

grouping seed

probabilistic grouping data aggregation
Probabilistic grouping & data aggregation
  • Legitimate temperature (32F ~ 150F)
  • H(Ky, Sg|y) < Fg(c)
  • H(Kx, Sg|x) < Fg(15)
  • H(Kw’, Sg|w’) < Fg(8)
  • H(Kid, Sg|id) > Fg(1)

Probabilistic grouping is conducted through group leader selection

  • H(Kx, Sg|x) < Fg(c)
  • x : node id
  • Kx : master key of x
  • H : pseudorandom function,

uniform output in [0,1)

  • Sg : for security and load

balance

  • c : count
  • Fg : grouping function, [0,1)

output increasing with c

probabilistic grouping data aggregation1
Probabilistic grouping & data aggregation
  • Legitimate temperature (32F ~ 150F)

By choosing appropriate grouping functions, group sizes are roughly even with small deviation, providing good basis for attestation

Probabilistic grouping is conducted through group leader selection

  • H(Kx, Sg|x) < Fg(c)
  • x : node id
  • Kx : master key of x
  • H : pseudorandom function,

uniform output in [0,1)

  • Sg : for security and load

balance

  • c : count
  • Fg : grouping function, [0,1)

output increasing with c

group aggregation

Authenticated

id

flag

count

value

seed

MAC

  • Encrypted
Group Aggregation

Format of aggregates

Flag: initialized to 0, set to 1 after leadersfinish group aggregation, so that other nodes on the path just forward group commitments

Leaf node aggregation

  • uv : u, 0, E(Kuv ,1|Ru|Sg)|MACu
  • MACu=MAC(Ku, 0|1|u|Ru|Sg)
group aggregation 2
Group Aggregation (2)

Immediate node aggregation

  • vw : v, 0, E(Kvw ,3|Aggv|Sg)|MACv
  • Aggv=Fagg(Rv, Ru, Ru’)
  • MACv=MAC(Kv, 0|3|v|Aggv| MACu MACu’|Sg)

MAC is also computed hop by hop, thus representing authentication of all the nodes contributing to the data

H(Kv, Sg|v) > Fg(3)

group aggregation 3
Group Aggregation (3)

Leader node aggregation

  • xBS : x, 1, E(Kx ,15|Aggx|Sg)|MACx
  • Aggx=Fagg(Rx, Aggw, Aggw’)
  • MACx=MAC(Kx, 1|15|x|Aggx|MACw MACw’|Sg)
  • Default leader of leftover nodes

H(Kx, Sg|x) < Fg(15)

  • Tracking the forwarding path:
  • A forwarding table (incoming link, group id)
  • Group id is the id of group leader
  • Bloom filter may help scale up
verification attestation
Verification & attestation
  • (w’, 95F, 25)
  • (x, 142F, 50)
  • (y, 100F, 20)
  • (BS, 90F, 28)

BS identifies suspicious groups for attestation

Outlier detection by Grubbs’ Test

  • extensions: multiple outliers, bivariate
    • Pc * Pvalue <α? (significance level, e.g., 0.05)
  • Attackers tend to forge false values as well as large counts correspondingly, to make false values count for larger fraction in the final result
verification attestation 2
Verification & attestation (2)
  • Forwarding attestation requests from BS
  • Suppose group x is under suspicion

BS  y: x, Sa, Sg

Sa: a random number as attestation seed

Node y then forwards this request to leader x

verification attestation 3
Verification & attestation (3)
  • Group attestation
    • Probabilistic attestation path selection
      • From x, each parent sums up counts of all the children, then computes
      • picks up ith child on the path, if
verification attestation 4
Verification & attestation (4)
  • Attestation response from groups
  • Each node on the path sends back count and reading
  • Sibling node sends back count, aggregate

and MAC

(leaf only sends count and reading)

verification attestation 5
Verification & attestation (5)

Group response validation by BS

BS reconstructs Aggx and MACx based on responses

  • If both match the submitted values,

accepts them

  • Otherwise, rejects them
outline3
Outline

Data Aggregation in Sensor Networks

Security Challenges

SDAP Details

Performance Evaluation

Conclusion

Future Work

detection rate
Detection Rate
  • Detection Rate
  • m
  • Cv : Count value

m is the number of attestation paths

grouping function f g
Grouping Function (Fg)

Goal: small variations on group sizes

  • if c = 1, Fg(c) = 0
  • if c  infinite, Fg(c) = 1
  • increase slowly in the beginning, approach to 1 quickly after a certain value above the mean
communication overhead
Communication Overhead

Packet*hop: 3.4k~4.4K

in a non-secure aggregation scheme: 3k

in a no aggregation secure scheme: 21k

outline4
Outline

Data Aggregation in Sensor Networks

Security Challenges

SDAP Details

Performance Evaluation

Conclusion

Future Work

conclusion future work
Conclusion & Future Work

A probabilistic grouping based secure data aggregation protocol

  • Divide-and-conquer
  • Commit-and-attest
  • With adjustable detection rate
  • Low performance overhead

Challenges:

  • Max/Min
  • Content-based attestation
    • Readings from nodes in the same neighborhood should bear certain temporal/spatial correlations
thank you
Thank you !

Questions ???