1 / 22

A Framework for Secure Data Aggregation in Sensor Networks

A Framework for Secure Data Aggregation in Sensor Networks. Yi Yang Xinran Wang, Sencun Zhu and Guohong Cao The Pennsylvania State University MobiHoc’ 06. Why data aggregation? (1). Many low-cost sensors

vanig
Download Presentation

A Framework for Secure Data Aggregation in Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Framework for Secure Data Aggregation in Sensor Networks Yi Yang Xinran Wang, Sencun Zhu and Guohong Cao The Pennsylvania State University MobiHoc’ 06

  2. Why data aggregation? (1) • Many low-cost sensors • Some data sinks which subscribe to special data streams by distributing interests or querying BS • Without data aggregation • Data redundancy • Communication cost • Energy expenditure SDAP

  3. Why data aggregation? (2) BS • With data aggregation Reduce data redundancy, communication cost and energy expenditure in data collection! SDAP

  4. BS Network model • An unbalanced tree rooted at BS • Data are aggregated hop by hop • Each aggregate is a tuple (value, count) • Every node only forwards one copy SDAP

  5. Security challenges in aggregation? (1) BS • A compromised node may report a false fusion result, causing the final aggregation result to be much different from the true measurement. • Question: • How can BS obtain a good approximation of the fusion result when a fraction of nodes are compromised? Compromised node False Alarm SDAP

  6. Legitimate temperature (32F ~ 150F) BS (?, ?) (100F, 50) Attack model Goal: Inject false data without being detected by BS • Example: • Without modifying the received aggregate • (98.7F~101F, 51) • Count change attack • (100F~150F, *) • Value change attack • (32F~150F, 51) The combination of count and value change attacks, and collusion among compromised nodes are more destructive! SDAP

  7. Our solutions • Divide and conquer • Commit and attest • Tree construction and query dissemination • Probabilistic grouping • Partition nodes in the tree into multiple logical groups (subtrees) of similar size • Hop-by-hop aggregation • Each group generates a commitment which cannot be denied later • Attestation between BS and suspicious groups • BS identifies abnormal groups from the set of received group commitments • Groups under suspicion prove the correctness of submitted commitments to BS • BS discards commitments from groups failing to support previous values when computing final aggregates SDAP

  8. avg avg avg avg avg avg avg avg avg avg avg avg avg avg avg avg avg avg avg avg avg avg avg avg avg avg Tree Construction & Query Dissemination • Tree construction • Similar to TAG • Query dissemination • BS   * : Fagg, Sg • Fagg: an aggregation function, e.g., avg, count • Sg: a random number as grouping seed Legitimate temperature (32F ~ 150F) SDAP

  9. Probabilistic grouping & data aggregation • Probabilistic grouping is conducted through group leader selection • H(Kx, Sg|x) < Fg(c) Legitimate temperature (32F ~ 150F) • x : node id • Kx : master key of x • H : pseudorandom function, • uniformly maps the input into the range of[0,1) • Sg : for security and load balance • c : count value • Fg : grouping function, outputs a real number between[0,1) • output increasing with c H(Ky, Sg|y) < Fg(c) H(Kx, Sg|x) < Fg(15) H(Kw’, Sg|w’) < Fg(8) H(Kid, Sg|id) > Fg(1) SDAP

  10. Probabilistic grouping & data aggregation • Probabilistic grouping is conducted through group leader selection • H(Kx, Sg|x) < Fg(c) Legitimate temperature (32F ~ 150F) • x : node id • Kx : master key of x • H : pseudorandom function, • uniform output in [0,1) • Sg : for security and load balance • c : count • Fg : grouping function, [0,1) • output increasing with c By choosing appropriate grouping functions, group sizes are roughly even with small deviation, providing good basis for attestation SDAP

  11. Authenticated id flag count value seed MAC Encrypted Group aggregation (1) • Format of aggregates Flag: initialized to 0, set to 1 after leaders finish group aggregation, so that other nodes on the path just forward group commitments • Leaf node aggregation • uv : u, 0, E(Kuv ,1|Ru|Sg)|MACu MACu=MAC(Ku, 0|1|u|Ru|Sg) H(Ku, Sg|u) > Fg(1) SDAP

  12. Group aggregation (2) • Immediate node aggregation • vw : v, 0, E(Kvw ,3|Aggv|Sg)|MACv Aggv=Fagg(Rv, Ru, Ru’) MACv=MAC(Kv, 0|3|v|Aggv| MACu MACu’|Sg) MAC is also computed hop by hop, thus representing authentication of all the nodes contributing to the data H(Kv, Sg|v) > Fg(3) SDAP

  13. Group aggregation (3) • Leader node aggregation • xBS : x, 1, E(Kx ,15|Aggx|Sg)|MACx Aggx=Fagg(Rx, Aggw, Aggw’) MACx=MAC(Kx, 1|15|x|Aggx|MACw MACw’|Sg) Default leader of leftover nodes H(Kx, Sg|x) < Fg(15) SDAP

  14. Verification & attestation(1) • BSneeds to verify the correctness of the aggregated value • Outlier detection by Grubbs’ Test an existing work SDAP

  15. Verification & attestation(2) • Forwarding attestation requests from BS • Suppose group x is under suspicion • BS  y: x, Sa, Sg • Node y then forwards this request to leader x • Sa: a random number • as attestation seed SDAP

  16. Verification & attestation(3) • Group attestation • Probabilistic attestation path selection • From x, each parent sums up counts of all the children, then computes . Finally determine the path by picking up ith child on the path, if A node with larger count has more chances to be attested SDAP

  17. Verification & attestation(4) • Attestation response from groups • Each node on the path sends back count and reading • Sibling node sends back count, aggregate and MAC (leaf only sends count and reading) SDAP

  18. Verification & attestation(5) • Group response validation by BS • BS reconstructs Aggx and MACx based on responses • If both match the submitted values, accepts them • Otherwise, rejects them SDAP

  19. Security Analysis An attacker can not selectively compromise nodes to ensure his optimal attacking • A compromised node can not know in advance whether • it will become a group leader or which group it will belong to • its aggregate will become an outlier by Grubbs’ test • it will be selected on the attestation path SDAP

  20. Detection Rate • m is the number of attestation paths SDAP

  21. Communication Overhead Packet*hop: 3.4k~4.4K • in a non-secure aggregation scheme: 3k • in a no aggregation secure scheme: 21k SDAP

  22. Thank you! • Questions? • if a node has a larger count value, the probability for it to become • a leader is higher. So if a compromised node with large count be- • comes a leader, the BS will definitely reject it and the whole large • group, which will also affect the quality of aggregation. SDAP

More Related