DoS-Resilient Secure Aggregation Queries in Sensor Networks

1. DoS-Resilient Secure Aggregation Queries in Sensor Networks Haifeng Yu National University of Singapore http://www.comp.nus.edu.sg/~yuhf

2. Entire sub-tree affected Background: Secure Aggregation Queries • Sensor networks often queries for aggregate information • Predicate count, sum, avg, etc • Usually obtained via in-network aggregation • Need for security: • Malicious sensors may report arbitrary readings – not much we can do • Malicious sensors may manipulate other sensors readings – want to prevent this 28 2 8 10 8 8 6 2 6 3 6 1 3 1 Haifeng Yu (National University of Singapore)

3. Previous Work and Our Goal • [Chan’06,Chan’07,Yang’06] • Enables the detection of an incorrect result – user will then reject the result • But, attacker can keep corrupting the result and cause result to be rejected  DoS attack! • Analogy: Safety without liveness … • Our goal: Secure and highly-available aggregation queries • Tolerate the attacker instead of just detect it • This talk will use predicate count as an example… Haifeng Yu (National University of Singapore)

4. Protocol One: Set Sampling (Broadcast Sampling) • Sampling: More robust that aggregation • Challenge: If count is b, then # samples needed to obtain an approximation is • Solution: Set sampling (Broadcast sampling) • Sample a set of sensors in a single sample • Leverages special properties of sensor networks Haifeng Yu (National University of Singapore)

5. Protocol Two: Verifiable Aggregate Synopsis • Light-weight detection-only protocols • But maintain audit trails • Adopt ideas from duplicate-insensitive counting • Failure-free message complexity • FM synopsis [Flajolet’85]: • Exp synopsis [Mosk-Aoyama’06]: • Generate audit trails when under attack • Pinpointing protocol can later revoke malicious sensors Haifeng Yu (National University of Singapore)