Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure and Highly-Available Aggregation Queries via Set Sampling Haifeng Yu National University of Singapore.

Published byMyrtle Dorsey Modified over 8 years ago

Similar presentations

Presentation on theme: "Secure and Highly-Available Aggregation Queries via Set Sampling Haifeng Yu National University of Singapore."— Presentation transcript:

1 Secure and Highly-Available Aggregation Queries via Set Sampling Haifeng Yu National University of Singapore

2 Haifeng Yu, National University of Singapore2 2 Secure Aggregation Queries in Sensor Networks  Multi-hop sensor network with trusted base station  With the presence of malicious (byzantine) sensors  Goal: Count the # of sensors sensing smoke (i.e., satisfying a certain predicate)  Sum, Avg, and other aggregates are similar – see paper  Type-1 attack: Malicious sensors report fake readings  If # malicious sensor is small – damage is limited  Not the focus of our work

3 Haifeng Yu, National University of Singapore3 1 3 Secure Aggregation Queries in Sensor Networks  Type-2 attack: Malicious sensors (indirectly) corrupt the readings of other sensors – much larger damage  E.g., in tree based aggregation  Focus of most research on secure aggregation – our focus too 3 6 malicious 0 1 0 0 1 4 2 base station

4 Haifeng Yu, National University of Singapore4 4 State-of-Art and Our Goal  Active area in recent years (e.g. [Chan et al.’06], [Frikken et al.’08], [Roy et al.’06], [Nath et al.’09] )  All these approaches focus on detection (i.e., safety only)  Will detect if the result is corrupted  But will not produce a correct result when under attack Detecting attacks  Tolerating attacks Safety only  Safety + Liveness System made harmless  System made useful Our Goal

5 Haifeng Yu, National University of Singapore5 5 Our Approach to Tolerating Attacks  Previous approaches: Fix the security holes in tree-based aggregation  Dilemma in in-network processing  Our novel approach: Use sampling  With MACs on each sample, security comes almost automatically 1 3 6 0 1 0 0 1 4 2

6 Haifeng Yu, National University of Singapore6 0 6 Our Approach to Tolerating Attacks sampled 0 0 0 0 0 0 0 0 flood the sample result (with a MAC) Cannot modify the result Challenge with sampling: Potentially large overhead  Previous approaches: Fix the security holes in tree-based aggregation  Dilemma in in-network processing  Our novel approach: Use sampling  With MACs on each sample, security comes almost automatically

7 Haifeng Yu, National University of Singapore7 7 (Prohibitively) expensive for small b Background: Estimate Count via Sampling  n sensors, b sensors sensing smoke (called black sensors)  Goal: Output ( ,  ) approximation b’ such that:  E.g.: Sample 10 sensors and 5 are black  b’ = 0.5n  Classic result: # sensors needed to sample is

8 Haifeng Yu, National University of Singapore8 8 Reduce the Overhead via Set Sampling  Challenges with small b :  Need many samples to encounter black sensors  Set sampling: Sample a set of sensors together  Binary result will tell whether any sensor in the set is black (but not how many)  Efficient implementation in sensor networks – later  Should be easier to hit sets containing black sensors How effective will this be? (How many sets do we need to sample to estimate count?)

9 Haifeng Yu, National University of Singapore9 9 Our Results  Novel algorithm for estimating count using set sampling  Defines randomized and inter-related sets, and sample them adaptively  # sets needed to sample:  Previously without set sampling: # of samples reduced from polynomial to polylogarithmic (can be further reduced – see paper)

10 Haifeng Yu, National University of Singapore10 Our Results  Per-sensor msg complexity:  Comparable to some detection-only protocols [Roy et al.’06]  Similar msg sizes  See paper for time complexity  See paper for other aggregates (sum, avg)  Set sampling + novel algorithms using set sampling  Enables secure aggregation queries despite adversarial interference Haifeng Yu, National University of Singapore 10

11 Haifeng Yu, National University of Singapore11Haifeng Yu, National University of Singapore 11 Outline of This Talk  Background, goal, and summary of results  Simple implementation of set sampling in sensor networks  Main technical results: Novel algorithm for estimating count via set sampling

12 Haifeng Yu, National University of Singapore12Haifeng Yu, National University of Singapore 12 Implementing Set Sampling – Non-Secure Version  Example: sample the set {A, B, C, D}  Request flooded from the base station: O(log n ) bits  We use only O( n ) (instead of O(2 n )) random sets  O(log n ) bits to name a set  Reply: Single bit  Flood back from all black sensors in the set {e.g., A and C}  Each sensor only forwards the first message received  Base station sees binary answer  Multiple samples can be taken in one flooding  Our algorithm takes samples in O(log n ) sequential stages  Only O(log n ) times of flooding Goal: O(1) per-sensor msg complexity for sampling a set

13 Haifeng Yu, National University of Singapore13Haifeng Yu, National University of Singapore 13 Implementing Set Sampling – Secure Design  Each set = Some distinct symmetric key K  Preload K onto all sensors in the set  Each sensor should be only be in a small number of sets – O(log n ) in our protocol  Request:  name of K, nonce   Reply:  MAC_ K (nonce)   Only sensors holding K can generate  DoS attacks possible  Can be avoided with improved design – see paper

14 Haifeng Yu, National University of Singapore14Haifeng Yu, National University of Singapore 14 Outline of This Talk  Background, goal, and summary of results  Implement set sampling in sensor networks  Main technical meat: Novel algorithm for estimating count via set sampling  For now assume all sensors are honest  Security follows from the clean security guarantees of sampling, though some minor modifications needed – see paper

15 Haifeng Yu, National University of Singapore15Haifeng Yu, National University of Singapore 15 Random Sets on the Sampling Tree  Basic approach:  Construct (related) randomized sets of different sizes and adaptively sample them  Base station internally created a sampling tree  A complete binary tree with 4n leaves  Each tree node = A distinct symmetric key = Some set of sensors  Sampling tree is an internal data structure and not network topology

16 Haifeng Yu, National University of Singapore16Haifeng Yu, National University of Singapore 16 K1, K2, K5, K10 loaded onto the sensor A A K1, K3, K6, K12 loaded onto the sensor B Each sensor is associated with a uniformly random leaf (independently) Each tree node corresponds to a set containing all the sensors in its subtree B

17 Haifeng Yu, National University of Singapore17Haifeng Yu, National University of Singapore 17 Properties of the Sampling Tree  A sensor is black if it satisfies the predicate  A key is black iff the corresponding set contains black sensor  : fraction of black keys at level i

18 Haifeng Yu, National University of Singapore18Haifeng Yu, National University of Singapore 18  is monotonic as we go down the tree  Decrease by a factor of at most 2 per level  At the top (assuming at least one black sensor)  At the bottom (4 n leaves!) Lemma: There exists a level  with

19 Haifeng Yu, National University of Singapore19 Why Level  Helps  not too small  Efficient estimation of via naïve sampling:  samples on level  yields an ( ,  ) approximation for  not too large  Can potentially estimate final count directly from  Chernoff-type occupancy tail bound for balls into bins  See paper for details Haifeng Yu, National University of Singapore 19

20 Haifeng Yu, National University of Singapore20Haifeng Yu, National University of Singapore 20 Additional Issues: Too Few Keys on Level   Challenge:  To estimate final count based on, the number of keys on level  needs to be large enough  If not, need to track down to lower levels  Need to leverage other interesting properties on the sampling tree  See paper

21 Haifeng Yu, National University of Singapore21Haifeng Yu, National University of Singapore 21 Additional Issues: Finding Level   Binary search on the O(log( n )) levels  On each level i examined, sample a small number of random keys to roughly estimate  Extremely efficient  Challenges:  The binary search operates on estimated values (with error and may not be monotonic)  When is small, the estimation only has error guarantee on one side  See paper

22 Haifeng Yu, National University of Singapore22 Example Numerical Results  n = 10,000 and count result ( b ) range from 0 to 10,000  Overhead:  5-15 sequential stages of sampling  Total 250-300 samples  Avg approximation error: (1±0.08)  Hard to get better accuracy even in trusted environments ( [Nath et al.’09] )…  Naive sampling: 300 samples gives same accuracy only when b > 2,000

23 Haifeng Yu, National University of Singapore23Haifeng Yu, National University of Singapore 23 Conclusions  Making aggregation queries secure is critical for many sensor network applications  Contribution: Detecting attacks  Tolerating attacks  Safety only  Safety + Liveness  Our approach:  Abandon in-network processing and use sampling  Use novel set sampling to reduce the overhead  Polynomial overhead  Logarithmic overhead

24 Haifeng Yu, National University of Singapore24Haifeng Yu, National University of Singapore 24 Related Work to Set Sampling  Decision tree complexity for threshold- t functions (i.e., whether b  t ) [Ben-Asher and Newman’95] [Aspnes’09]  Most results are for error-free deterministic protocols  Large lower bound:  ( t ) (implying  ( b ) for count)  No prior results for general Monte Carlo randomized algorithm

25 Haifeng Yu, National University of Singapore25Haifeng Yu, National University of Singapore 25 Tolerating Attacks is Difficult  Example: Byzantine consensus  Detection substantially easier than tolerance  n  3f +1 lower bound only applies to tolerance and not detection  Pinpointing / revoking malicious sensors is hard  E.g., due to lack of public-key authentication  Active research area by itself

26 Haifeng Yu, National University of Singapore26Haifeng Yu, National University of Singapore 26 System Model  Multi-hop sensor network with trusted base station  Performance metric: Time complexity – see paper  Performance metric: Per-sensor msg complexity  Max number of msgs sent/received by an single sensor (captures loading balance)  msg size is either 8 bytes (size of a MAC) of log(n) bits  Collision ignored – as in all prior work  Or one can apply existing algorithms…

27 Haifeng Yu, National University of Singapore27Haifeng Yu, National University of Singapore 27 Implementing Set Sampling – Non-Secure Version  Request size: We use at most O(n) (random) sets  O(log(n)) bits to name a set Goal: O(1) per-sensor msg complexity for sampling a set Request flooding – every sensor sends/receives one msg

28 Haifeng Yu, National University of Singapore28Haifeng Yu, National University of Singapore 28 Implementing Set Sampling – Non-Secure Version  Reply: Single bit Goal: O(1) per-sensor msg complexity for sampling a set A C B D B, C, D satisfies the predicate, A does not Reply flooding – Only the first reply is forwarded This is why set sampling is designed to be binary

29 Haifeng Yu, National University of Singapore29Haifeng Yu, National University of Singapore 29 (The overhead of sampling a set needs to be properly controlled – will discuss later.)

30 Haifeng Yu, National University of Singapore30Haifeng Yu, National University of Singapore 30 Translating to b  We now have a good estimation for  Need to produce a good estimation for b  Let number of keys on level be n  Throw b balls into n bins  The fraction of occupied bins has the same distribution as  This distribution is highly concentrated near its mean (Chernoff-type occupancy tail bound), assuming  not too close to 1  n not too small

31 Haifeng Yu, National University of Singapore31Haifeng Yu, National University of Singapore 31 Summary of Techniques to Achieve the Results  Define randomized sets based on a complete binary tree  Interesting relationships among the sets  Sample the sets adaptively  Leverages Chernoff-type occupancy tail bounds for balls-into-bins

Download ppt "Secure and Highly-Available Aggregation Queries via Set Sampling Haifeng Yu National University of Singapore."

Similar presentations

Routing Complexity of Faulty Networks Omer Angel Itai Benjamini Eran Ofek Udi Wieder The Weizmann Institute of Science.

Routing Complexity of Faulty Networks Omer Angel Itai Benjamini Eran Ofek Udi Wieder The Weizmann Institute of Science.
The Average Case Complexity of Counting Distinct Elements David Woodruff IBM Almaden.

The Average Case Complexity of Counting Distinct Elements David Woodruff IBM Almaden.
Approximate List- Decoding and Hardness Amplification Valentine Kabanets (SFU) joint work with Russell Impagliazzo and Ragesh Jaiswal (UCSD)

Approximate List- Decoding and Hardness Amplification Valentine Kabanets (SFU) joint work with Russell Impagliazzo and Ragesh Jaiswal (UCSD)
Fast Algorithms For Hierarchical Range Histogram Constructions

Fast Algorithms For Hierarchical Range Histogram Constructions
Summarizing Distributed Data Ke Yi HKUST += ?. Small summaries for BIG data  Allow approximate computation with guarantees and small space – save space,

Summarizing Distributed Data Ke Yi HKUST += ?. Small summaries for BIG data  Allow approximate computation with guarantees and small space – save space,
Haowen chan  cmu Outline  The Secure Aggregation Problem  Algorithm Description  Algorithm Analysis Proof (sketch) of correctness Proof (sketch) of.

Haowen chan  cmu Outline  The Secure Aggregation Problem  Algorithm Description  Algorithm Analysis Proof (sketch) of correctness Proof (sketch) of.
Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.

Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.
Fabian Kuhn, Microsoft Research, Silicon Valley

Fabian Kuhn, Microsoft Research, Silicon Valley
1 Distributed Adaptive Sampling, Forwarding, and Routing Algorithms for Wireless Visual Sensor Networks Johnsen Kho, Long Tran-Thanh, Alex Rogers, Nicholas.

1 Distributed Adaptive Sampling, Forwarding, and Routing Algorithms for Wireless Visual Sensor Networks Johnsen Kho, Long Tran-Thanh, Alex Rogers, Nicholas.
A Framework for Secure Data Aggregation in Sensor Networks Yi Yang Xinran Wang, Sencun Zhu and Guohong Cao The Pennsylvania State University MobiHoc’ 06.

A Framework for Secure Data Aggregation in Sensor Networks Yi Yang Xinran Wang, Sencun Zhu and Guohong Cao The Pennsylvania State University MobiHoc’ 06.
A Framework for Secure Data Aggregation in Sensor Networks Yi Yang Joint work with Xinran Wang, Sencun Zhu and Guohong Cao Dept. of Computer Science &

A Framework for Secure Data Aggregation in Sensor Networks Yi Yang Joint work with Xinran Wang, Sencun Zhu and Guohong Cao Dept. of Computer Science &
Computer Science SDAP: A Secure Hop-by-Hop Data Aggregation Protocol for Sensor Networks Yi Yang, Xinran Wang, Sencun Zhu and Guohong Cao April 24, 2007.

Computer Science SDAP: A Secure Hop-by-Hop Data Aggregation Protocol for Sensor Networks Yi Yang, Xinran Wang, Sencun Zhu and Guohong Cao April 24, 2007.
CS4231 Parallel and Distributed Algorithms AY 2006/2007 Semester 2 Lecture 7 Instructor: Haifeng YU.

CS4231 Parallel and Distributed Algorithms AY 2006/2007 Semester 2 Lecture 7 Instructor: Haifeng YU.
Haifeng Yu National University of Singapore

Haifeng Yu National University of Singapore
SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure.

SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure.
Open Problems in Data- Sharing Peer-to-Peer Systems Neil Daswani, Hector Garcia-Molina, Beverly Yang.

Open Problems in Data- Sharing Peer-to-Peer Systems Neil Daswani, Hector Garcia-Molina, Beverly Yang.
Roberto Di Pietro, Luigi V. Mancini and Alessandro Mei.

Roberto Di Pietro, Luigi V. Mancini and Alessandro Mei.
Approximating Sensor Network Queries Using In-Network Summaries Alexandra Meliou Carlos Guestrin Joseph Hellerstein.

Approximating Sensor Network Queries Using In-Network Summaries Alexandra Meliou Carlos Guestrin Joseph Hellerstein.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Deterministic Wavelet Thresholding for Maximum-Error Metrics Minos Garofalakis Bell Laboratories Lucent Technologies 600 Mountain Avenue Murray Hill, NJ.

Deterministic Wavelet Thresholding for Maximum-Error Metrics Minos Garofalakis Bell Laboratories Lucent Technologies 600 Mountain Avenue Murray Hill, NJ.

Similar presentations

Ads by Google