1 / 33

Location Cloaking for Location Safety Protection of Ad Hoc Networks

Location Cloaking for Location Safety Protection of Ad Hoc Networks. CS587x Lecture Department of Computer Science Iowa State University. Outline. What is location safety How to achieve location safety Stationary ad hoc networks Mobile ad hoc networks Performance evaluation

byron-buckner
Download Presentation

Location Cloaking for Location Safety Protection of Ad Hoc Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Location Cloaking for Location Safety Protection of Ad Hoc Networks CS587x Lecture Department of Computer Science Iowa State University

  2. Outline • What is location safety • How to achieve location safety • Stationary ad hoc networks • Mobile ad hoc networks • Performance evaluation • Closely related work • Conclusion

  3. Why disclosing location information • Location information adds a new dimension to ad hoc networking • Location-based routing • Leverage nodes’ location information in path discovery and packet forwarding • Much more efficient and scalable than topology-based routing • Location-oriented applications • e.g., enemy detection in battlefield

  4. Dilemma • Disclosing location information presents a major threat to network safety • Knowing the position of a node allows an adversary to locate and destroy it physically

  5. Location Safety Protection • Goal • Allow nodes to reveal their location • Yet make it practically infeasible for one to locate them based on such information

  6. Location Safety Protection • Goal • Allow nodes to reveal their location • Yet make it practically infeasible for one to locate them based on such information • Observation • An adversary can always comb through a whole region to locate all nodes inside it • However, if the region is too large, the cost can be prohibitively high

  7. Location Safety Protection • Key Idea • Instead of its exact position, a node can report it is inside some spatial region, called a cloaking box • Reducing location resolution to achieve a desired level of safety protection

  8. Location Safety Protection • Key Idea • Instead of its exact position, a node can report it is inside some spatial region, called a cloaking box • Reducing location resolution to achieve a desired level of safety protection

  9. Location Safety Protection • Key Idea • Instead of its exact position, a node can report it is inside some spatial region, called a cloaking box • Reducing location resolution to achieve a desired level of safety protection Lower node density • less attractive for the adversary to locate/destroy the nodes inside • higher safety level

  10. Safety Level • Safety level of a cloaking box • The ratio of the box’s area and the number of nodes inside

  11. Safety Level • Safety level of a cloaking box • The ratio of the box’s area and the number of nodes inside • Safety level of a network • A network is protected at a safety level θ, if the adversary cannot find any region whose safety level is less than θ based on nodes’ disclosed location

  12. How to compute cloaking box • For safety protection • Each cloaking box must satisfy the safety level requirement

  13. How to compute cloaking box • For safety protection • Each cloaking box must satisfy the safety level requirement • A sequence of cloaking boxes must not be correlated to identify an area with a safety level less than θ Correlation attack

  14. How to compute cloaking box • For safety protection • Each cloaking box must satisfy the safety level requirement • A sequence of cloaking boxes must not be correlated to identify an area with a safety level less than θ • For network performance • Each cloaking box needs to be as small as possible Correlation attack

  15. A Naïve approach • A node broadcasts to query its nearby nodes’ location, and then identify the smallest region that meets the safety requirement Problems 1. Require nodes to report their exact location 2. Difficult to determine the query broadcast region • The node actually reveals it is inside the broadcast region • What if the safety level of the region is not enough?

  16. Proposed Technique • Basic idea • Partition network domain recursively into a set of subdomains, each with a safety level at least θ • Each node uses its containing subdomain as its cloaking box

  17. Proposed Technique • Basic idea • Partition network domain recursively into a set of subdomains, each with a safety level at least θ • Each node uses its containing subdomain as its cloaking box Challenges 1. Partitioning needs to be done in a fully distributed manner 2. No node shall reveal its exact position

  18. Stationary Ad Hoc Networks • Nodes are deployed in a domain D • Area(D)/#Nodes is no less than θ • Nodes start to do partitioning at time t0 • Partitioning is done round by round • Each round has a fixed time duration D

  19. Partitioning Algorithm • Each node sets its partition P to D • Refine P round by round • Broadcast a packet PLUS(NID, P) within P • Collect the PLUS packets from nodes in P during a time period T • Calculate the safety level S(P) • If S(P)≥2θ • Divide P into two equal halves • Set P as the one containing the node’s current position • Go to the next round of partitioning • If S(P)<2θ • Take P as its cloaking box • Stop partitioning D

  20. Partitioning Algorithm • Each node sets its partition P to D • Refine P round by round • Broadcast a packet PLUS(NID, P) within P • Collect the PLUS packets from nodes in P during a time period T • Calculate the safety level S(P) • If S(P)≥2θ • Divide P into two equal halves • Set P as the one containing the node’s current position • Go to the next round of partitioning • If S(P)<2θ • Take P as its cloaking box • Stop partitioning D

  21. Partitioning Algorithm • Each node sets its partition P to D • Refine P round by round • Broadcast a packet PLUS(NID, P) within P • Collect the PLUS packets from nodes in P during a time period T • Calculate the safety level S(P) • If S(P)≥2θ • Divide P into two equal halves • Set P as the one containing the node’s current position • Go to the next round of partitioning • If S(P)<2θ • Take P as its cloaking box • Stop partitioning D

  22. Partitioning Algorithm • Each node sets its partition P to D • Refine P round by round • Broadcast a packet PLUS(NID, P) within P • Collect the PLUS packets from nodes in P during a time period T • Calculate the safety level S(P) • If S(P)≥2θ • Divide P into two equal halves • Set P as the one containing the node’s current position • Go to the next round of partitioning • If S(P)<2θ • Take P as its cloaking box • Stop partitioning D

  23. Partitioning Algorithm • Each node sets its partition P to D • Refine P round by round • Broadcast a packet PLUS(NID, P) within P • Collect the PLUS packets from nodes in P during a time period T • Calculate the safety level S(P) • If S(P)≥2θ • Divide P into two equal halves • Set P as the one containing the node’s current position • Go to the next round of partitioning • If S(P)<2θ • Take P as its cloaking box • Stop partitioning D

  24. Is Partitioning Safe? • A node reveals its location P when it broadcasts a PLUS packet in P • It is guaranteed P’s safety level is no less than θ • Recursive partitioning makes the correlation attack impossible • Any two partitions P1 and P2 • either do not overlap at all, or • one contains the other completely • Situation like never happens

  25. Some Concerns • A node may be compromised • Inject multiple PLUS packets to enlarge cloaking boxes • This attack can be prevented using authentication techniques • Add a certificate field in PLUS packet • Allow a node to verify the sender of a packet

  26. Mobile ad hoc networks • Initialization • Each node finds its cloaking box right after the deployment • Adjust partitioning when necessary • Each node monitors its movement against its current partition P • If a node moves into a new partition P’ • Broadcast a LEAVE packet in P • Broadcast a JOIN packet in P’ D

  27. Performance Study • Performance metrics • Cloaking area • Communication overhead • Simulate a mobile ad hoc network • Nodes initiate partitioning right after deployment. (overhead Cinit) • Nodes move following a random walk, and adjust partitioning when necessary (overhead Cupdate) • Node distribution follows a Normal distribution • Variance v is smaller, distribution is more skewed • v = 0.5, 0.1, 0.05

  28. Evaluation Results • A more skewed distribution results in • a larger cloaking area in average • a smaller Cinit • a larger Cupdate (most cases)

  29. Related 1: Encryption • Encrypt location information to make it intelligible only to certain node • Problems • The destination node may be compromised • In some cases, location information cannot be encrypted

  30. Related 2: Anonymous Routing • Make routes untraceable to protect important nodes • Problems • Do not provide location safety protection • A node can be destroyed whenever it is located, regardless of its importance

  31. Related 3: Privacy-aware LBS • Location disclosed in LBS may be correlated with restricted spaces for subject identification • Service anonymity protection • Location privacy protection • Problems • Assume some central server for location depersonalization • Location privacy is different from location safety

  32. Conclusion • We define the concept of location safety protection • We propose to reduce location resolution to achieve a desired level of safety protection • We present a novel distributed technique for location cloaking

  33. Thanks!

More Related