Presentation is loading. Please wait.

Presentation is loading. Please wait.

SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure."— Presentation transcript:

1 SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure Sensor Networks

2 Overview Secure Aggregation What is aggregation in sensor networks Why aggregate? Security Issues with aggregation Communication Efficiency vs. Accuracy Aggregate-Commit-Prove Computing Median, Min/Max, Average Conclusions

3 Aggregation in sensor networks Aggregators Collect information from nearby sensors Process it locally Send the processed information to user Reduces communication & power consumption

4 Why Aggregate? Given a query, it may be unnecessary and inefficient to return all raw data collected from each sensor—instead, information should be processed and aggregated within the network and only processed and aggregated information is returned

5 Security issues with aggregation Node Compromise One or more sensor nodes Aggregator(s) Denial of Service Stealth Attack Make user accept false aggregation results Goal of Paper: Prevent the user from accepting incorrect results

6 Communication Each sensor has unique identifier and shares key with home server and aggregator Home Server and Aggregator each have master key K B and K A respectively. Nodes store the shared keys MAC K B (node ID) and MAC K A (node ID), where MAC is a secure message authentication code.

7 Assumptions Uncorrupted sensors can reach each other via paths of uncorrupted sensors (including aggregator) Base station has a mechanism to broadcast authentic messages such that each node can verify authenticity. (TESLA, other?)

8 More Assumptions Attacker can corrupt some* sensors as well as aggregator. Attacker has complete control over corrupted node(s) * Attacker can corrupt at most a small fraction of nodes.

9 Efficiency vs. Accuracy Assume communication between nodes/aggregator and Home Server is expensive Trivial solution Send all data with aggregated data so Home Server can verify. – Linear communication. Must be willing to accept a small non-zero possibility of error to get sub-linear communication.

10 Efficiency vs. Accuracy Let f be a function of a 1,…,a n into real numbers, and let y = f(a 1,…,a n). ỹ is a multiplicative ε-approximation of y if (1- ε)y <= ỹ <= (1+ ε)y. In addition to approximation error ε, also use δ to upper bound the probability of not detecting a cheating aggregator. Called a (ε, δ)-approximation. Finds ε-approximation with probability at least 1 – δ. ε

11 Aggregate – Commit – Prove Aggregators compute aggregation of sensor nodes’ data Report aggregated data to home server along with commitment Home server and aggregator perform efficient interactive proofs such that the home server will be able to verify results or detect cheating.

12 Aggregator collects data A B C Aggregator Nodes share key with Aggregator, preventing impersonation, but not flawed data from a corrupt sensor Home Server

13 Aggregator commits data m0m0 m1m1 m2m2 m3m3 v 3,0 v 3,1 v 3,2 v 3,3 v 2,0 v 1,0 m4m4 m5m5 m6m6 m7m7 v 3,4 v 3,5 v 3,6 v 3,7 v 0,0 = H(v 1,0 || v 1,1 ) v 2,1 v 2,2 v 2,3 v 1,1 Example: M5 is authentic if the following holds true: v0,0 = H(v1,0 || H( H(v3,4 || H(m5)) || v2,3))

14 Aggregator commits data m0m0 m1m1 m2m2 m3m3 v 3,0 v 3,1 v 3,2 v 3,3 v 2,0 v 1,0 m4m4 m5m5 m6m6 m7m7 v 3,4 v 3,5 v 3,6 v 3,7 v 0,0 = H(v 1,0 || v 1,1 ) v 2,1 v 2,2 v 2,3 v 1,1 Example: M5 is authentic if the following holds true: v0,0 = H(v1,0 || H( H(v3,4 || H(m5)) || v2,3))

15 Aggregator proves data A B C Aggregator Home Server checks committed data and aggregated data in order to verify Home Server Aggregated data and Commitment

16 Computing the Median Require Aggregator to commit in hash-tree construction AND values are sorted 2 committed sequences One sorted on measured values One sorted on sensor IDs Pick random elements from one list and verify that they are present in the other Pick random elements from committed sequence and check that elements picked from left half are less than median, elements from right half are greater. Requires only O(log n/ε) elements to check whether is an ε-approximation.

17 Computing the Min/Max Construct a spanning tree in the network of sensors such that the root of the tree holds the minimum element. Each node authenticates its final state using the shared key with the home server, and sends the authenticated state to the aggregator. The aggregator checks consistency of tree and commits to the list of all nodes and their states, and reports the root-node to the home server. Home server randomly picks a node in the committed list and traverses the path from the chosen node to the root, checking the consistency of the constructed tree. If all checks are successful, home server accepts the value reported by the aggregator.

18 Counting Distinct Elements Random Node Selection Home Server distributes hash function h Sensors compute MIN using h, ID, and time interval Find lower and upper bounds using sampling.

19 Forward Secure Authentication Time is divided into constant time intervals Each sensor updates its key shared with the home station at the beginning of each time interval using a one way function. Uses updated key to compute the MAC on the sensing data during that time interval. If hacker compromises sensor at a later time, because of the one-way function, will be unable to compute the MAC key for the previous time interval. Problem: How to efficiently store past data and authenticator.

20 Hierarchical Aggregation If networks is too big, might need to use multiple Aggregators Basically, have regular aggregators and super aggregators Super aggregators aggregate the data from regular aggregators

21 Conclusions Possible to securely aggregate information using the aggregate-commit-prove framework even when some nodes (including the aggregator) are compromised. Can be done with less than linear communication Not all values from all nodes need to be sent to home server to verify that aggregation is correct. Forward Secure Authentication Ensure that a hacker can not change previous values/measurements on a node compromised later in time.

Download ppt "SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure."

Similar presentations

Security in Sensor Networks By : Rohin Sethi Aranika Mahajan Twisha Patel.

Security in Sensor Networks By : Rohin Sethi Aranika Mahajan Twisha Patel.
Haowen chan  cmu Outline  The Secure Aggregation Problem  Algorithm Description  Algorithm Analysis Proof (sketch) of correctness Proof (sketch) of.

Haowen chan  cmu Outline  The Secure Aggregation Problem  Algorithm Description  Algorithm Analysis Proof (sketch) of correctness Proof (sketch) of.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
A Framework for Secure Data Aggregation in Sensor Networks Yi Yang Xinran Wang, Sencun Zhu and Guohong Cao The Pennsylvania State University MobiHoc’ 06.

A Framework for Secure Data Aggregation in Sensor Networks Yi Yang Xinran Wang, Sencun Zhu and Guohong Cao The Pennsylvania State University MobiHoc’ 06.
A Framework for Secure Data Aggregation in Sensor Networks Yi Yang Joint work with Xinran Wang, Sencun Zhu and Guohong Cao Dept. of Computer Science &

A Framework for Secure Data Aggregation in Sensor Networks Yi Yang Joint work with Xinran Wang, Sencun Zhu and Guohong Cao Dept. of Computer Science &
Computer Science SDAP: A Secure Hop-by-Hop Data Aggregation Protocol for Sensor Networks Yi Yang, Xinran Wang, Sencun Zhu and Guohong Cao April 24, 2007.

Computer Science SDAP: A Secure Hop-by-Hop Data Aggregation Protocol for Sensor Networks Yi Yang, Xinran Wang, Sencun Zhu and Guohong Cao April 24, 2007.
Distributed Detection Of Node Replication Attacks In Sensor Networks Presenter: Kirtesh Patil Acknowledgement: Slides on Paper originally provided by Bryan.

Distributed Detection Of Node Replication Attacks In Sensor Networks Presenter: Kirtesh Patil Acknowledgement: Slides on Paper originally provided by Bryan.
Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1

Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1
IC-29 Security and Cooperation in Wireless Networks 1 Secure and Robust Aggregation in Sensor Networks Parisa Haghani Supervised by: Panos Papadimitratos.

IC-29 Security and Cooperation in Wireless Networks 1 Secure and Robust Aggregation in Sensor Networks Parisa Haghani Supervised by: Panos Papadimitratos.
Roberto Di Pietro, Luigi V. Mancini and Alessandro Mei.

Roberto Di Pietro, Luigi V. Mancini and Alessandro Mei.
Security Issues In Sensor Networks By Priya Palanivelu.

Security Issues In Sensor Networks By Priya Palanivelu.
Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.

Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.
Timed Efficient Stream Loss-Tolerant Authentication. (RFC 4082) Habib Moukalled 1/29/08.

Timed Efficient Stream Loss-Tolerant Authentication. (RFC 4082) Habib Moukalled 1/29/08.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.

ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.
Sencun Zhu Sanjeev Setia Sushil Jajodia Presented by: Harel Carmit

Sencun Zhu Sanjeev Setia Sushil Jajodia Presented by: Harel Carmit
Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.

Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.
1 The Sybil Attack John R. Douceur Microsoft Research Presented for Cs294-4 by Benjamin Poon.

1 The Sybil Attack John R. Douceur Microsoft Research Presented for Cs294-4 by Benjamin Poon.
LPT for Data Aggregation in Wireless Sensor networks Marc Lee and Vincent W.S Wong Department of Electrical and Computer Engineering, University of British.

LPT for Data Aggregation in Wireless Sensor networks Marc Lee and Vincent W.S Wong Department of Electrical and Computer Engineering, University of British.
SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.

SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.
Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.

Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.

Similar presentations

Ads by Google