Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure In-Network Aggregation for Wireless Sensor Networks

Published byDina Rose Modified over 8 years ago

Similar presentations

Presentation on theme: "Secure In-Network Aggregation for Wireless Sensor Networks"— Presentation transcript:

1 Secure In-Network Aggregation for Wireless Sensor Networks
Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced Research Program under Grant

2 Outline of Presentation
Introduction and Motivation Assumptions and Network Model Local Detection Challenges Extended Kalman Filter based Monitoring CUSUM GLR based Monitoring Collaboration between Intrusion Detection Module (IDM) and System Monitoring Module (SMM) Performance Evaluation Conclusions and Future work

3 Introduction and Motivation

4 Wireless Sensor Networks (WSNs)
Many simple nodes with sensors deployed throughout an environment Sensing + CPU +Radio = Thousands of Potential Applications

5 Why do we need Aggregation in WSNs?
Example Query: What is the maximum temperature in area A between 10am and 11am? Redundancy in the event data Solution: Combine the data coming from different sources Eliminate redundancy Minimize the number of transmissions 2 1 3 4 5 Individual sensor readings of limit use Information redundancy Forwarding raw information too expensive Scarce energy Scarce bandwidth

6 Secure In-Network Aggregation Problem

7 Observation There is very little work that aims at addressing secure in-network aggregation problem from the intrusion detection perspective Our Work We set up the normal range of the neighbor’s future transmitted values We propose the integration between System Monitoring Modules and Intrusion Detection Modules

8 Intrusion Detection Systems (IDSs)
Goal: Highly secured Information Systems Why do we need IDSs? Security has become one of the main concerns when we deploy information systems in reality. Intrusion prevention measures, such as encryption and authentication, can be used in ad-hoc networks to reduce intrusions, but cannot eliminate them. For example, encryption and authentication cannot defend against compromised mobile nodes, especially the internal or insider attackers, which often carry the private keys. The history of security research has taught us a valuable lesson { no matter how many intrusion prevention measures are inserted in a network, there are always some weak links that one could exploit to break in. What is intrusion? Intrusion detection. Layered mechanism Security has become one of the main concerns when we deploy MANET in reality. Our goal is to construct highly secured MANET. Intrusion detection presents a second wall of defense and is necessary in a highly-survivable network. Intrusion detection is not introduced to replace the prevention-based techniques such as authentication and access control. Instead, it is intended to be used along with the existing security measures. This is my research focus. As we can see, another layer of protection is intrusion tolerance, that is, the tolerance of security policy violation. Based on this model, an attack can only be successful if the corresponding vulnerability exists and no additional precautions have been taken to prevent the security policy violation.

9 Intrusion Detection Systems
Intrusions in an information system are the activities that violate the security policy of the information system, and intrusion detection is the process to identify intrusions. Intrusions are any set of actions that try to compromise the integrity, confidentiality, availability of the system. Analysis of the behaviors of users and applications for evidence of malicious activities Intrusion detection is a security technology that attempts to identify individuals who are trying to break into and misuse a system without authorization and those who have legitimate access to the system but are abusing their privileges An intrusion detection system (IDS) is a computer system that dynamically monitors the system and user actions in the network and computer systems in order to detect the intrusions. First, we have the detection engine, here different detection techniques can be deployed. which send probes to and collect audit information describe the events that occur on the system. Intrusion detection system needs to have a database to store the long term information related to the technique used to detect intrusions (a knowledge base of attacks, for example) and configuration information describe the current state of the system. Intrusion response can be used to minimize the attack damages, gather evidence for prosecution, or even launch counter attacks.

10 Challenges It is difficult to achieve the real aggregated values
High packet loss rate Individual sensor readings are subject to environmental noise Uncertainty of the aggregation function Sensor nodes suffer from stringent resources

11 Challenges

12 Assumptions and Network Models

13 Assumptions The majority of nodes around some unusual events are not compromised Falsified data inserted by compromised nodes are significantly different from real values

14 Network Models

15 Local Detection

16 Kalman Filter A set of mathematical equations
Recursively estimate the state of a process Time Update: Project the current state estimate ahead of time Measurement Update: Adjust the projected estimate by an actual measurement

17 Extended Kalman Filter based Monitoring

18 Extended Kalman Filter based Monitoring – System Dynamic Model
Process Model Measurement Model

19 Extended Kalman Filter based Monitoring – System Equations
Time Update State Estimate Equations: Error Project Equations: Measurement Update Kalman Gain Equation: Estimate Update with Measurement: Error Covariance Update Equation:

20 EKF based Local Detection Algorithm

21 CUSUM GLR based Location Detection
EKF based solution ignores the information given by the entire data sequence EKF based solution is not suitable if an attacker continuously forge values with small deviations Solution Cumulative Summation (CUSUM) Generalized Likelihood Ratio (GLR)

22 An Example of CUSUM Cumulative sum: Source: D.C. Montgomery (2004).

23 CUSUM GLR based Location Detection

24 Collaboration between IDM and SMM to Differentiate Malicious Events from Emergency Events

25 Performance Evaluation

26 Simulation Setup Aggregation Function Simulation Performance Metric
Average, Sum, Min, and Max Simulation Different packet loss ratio: 0.1, 0.25, 0.5 D: Attack Intensity The difference between attack data and normal data Performance Metric False Positive Rate Detection Rate

27 Performance Evaluation – Average of EKF

28 Performance Evaluation – Average of CUSUM GLR

29 Performance Evaluation – Sum of EKF

30 Performance of Evaluation – Sum of CUSUM GLR

31 Performance Evaluation – Min of EKF

32 Performance Evaluation – Min of CUSUM GLR

33 Performance Evaluation – Max of EKF

34 Performance Evaluation – Max of CUSUM GLR

35 Related Work Hu and Evans’ secure Aggregation
Secure Information Aggregation Secure Hierarchical In-Network Aggregation Secure hop-by-hop data aggregation Topological Constraints based Aggregation Resilient Aggregation

36 Conclusions and Future Work
Extended Kalman Filter based approach can provide an effective local detection algorithm Intrusion Detection Module and System Monitoring Modules should work together to provide intrusion detection capabilities Future Work Large scale test of the proposed approach Further elaboration of interactions between IDM and SMM

37 Thank You !

Download ppt "Secure In-Network Aggregation for Wireless Sensor Networks"

Similar presentations

Is There Light at the Ends of the Tunnel? Wireless Sensor Networks for Adaptive Lighting in Road Tunnels IPSN 2011 Sean.

Is There Light at the Ends of the Tunnel? Wireless Sensor Networks for Adaptive Lighting in Road Tunnels IPSN 2011 Sean.
1 ECE 776 Project Information-theoretic Approaches for Sensor Selection and Placement in Sensor Networks for Target Localization and Tracking Renita Machado.

1 ECE 776 Project Information-theoretic Approaches for Sensor Selection and Placement in Sensor Networks for Target Localization and Tracking Renita Machado.
A 2 -MAC: An Adaptive, Anycast MAC Protocol for Wireless Sensor Networks Hwee-Xian TAN and Mun Choon CHAN Department of Computer Science, School of Computing.

A 2 -MAC: An Adaptive, Anycast MAC Protocol for Wireless Sensor Networks Hwee-Xian TAN and Mun Choon CHAN Department of Computer Science, School of Computing.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7.3 Secure and Resilient Location Discovery in Wireless.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7.3 Secure and Resilient Location Discovery in Wireless.
Fault-Tolerant Target Detection in Sensor Networks Min Ding +, Dechang Chen *, Andrew Thaeler +, and Xiuzhen Cheng + + Department of Computer Science,

Fault-Tolerant Target Detection in Sensor Networks Min Ding +, Dechang Chen *, Andrew Thaeler +, and Xiuzhen Cheng + + Department of Computer Science,
Intrusion Detection Techniques in Mobile Ad Hoc and Wireless Sensor Networks - IEEE October 2007 CMSC 681 - Advanced Computer Networks Oleg Aulov CMSC.

Intrusion Detection Techniques in Mobile Ad Hoc and Wireless Sensor Networks - IEEE October 2007 CMSC Advanced Computer Networks Oleg Aulov CMSC.
Target Tracking Algorithm based on Minimal Contour in Wireless Sensor Networks Jaehoon Jeong, Taehyun Hwang, Tian He, and David Du Department of Computer.

Target Tracking Algorithm based on Minimal Contour in Wireless Sensor Networks Jaehoon Jeong, Taehyun Hwang, Tian He, and David Du Department of Computer.
1 Mobility-assisted Spatiotemporal Detection in Wireless Sensor Networks Guoliang Xing 1 ; JianpingWang 1 ; Ke Shen 3 ; Qingfeng Huang 2 ; Xiaohua Jia.

1 Mobility-assisted Spatiotemporal Detection in Wireless Sensor Networks Guoliang Xing 1 ; JianpingWang 1 ; Ke Shen 3 ; Qingfeng Huang 2 ; Xiaohua Jia.
Adaptive Data Collection Strategies for Lifetime-Constrained Wireless Sensor Networks Xueyan Tang Jianliang Xu Sch. of Comput. Eng., Nanyang Technol. Univ.,

Adaptive Data Collection Strategies for Lifetime-Constrained Wireless Sensor Networks Xueyan Tang Jianliang Xu Sch. of Comput. Eng., Nanyang Technol. Univ.,
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
On the Construction of Energy- Efficient Broadcast Tree with Hitch-hiking in Wireless Networks Source: 2004 International Performance Computing and Communications.

On the Construction of Energy- Efficient Broadcast Tree with Hitch-hiking in Wireless Networks Source: 2004 International Performance Computing and Communications.
Probabilistic Data Aggregation Ling Huang, Ben Zhao, Anthony Joseph Sahara Retreat January, 2004.

Probabilistic Data Aggregation Ling Huang, Ben Zhao, Anthony Joseph Sahara Retreat January, 2004.
Extending Network Lifetime for Precision-Constrained Data Aggregation in Wireless Sensor Networks Xueyan Tang School of Computer Engineering Nanyang Technological.

Extending Network Lifetime for Precision-Constrained Data Aggregation in Wireless Sensor Networks Xueyan Tang School of Computer Engineering Nanyang Technological.
Study of Distance Vector Routing Protocols for Mobile Ad Hoc Networks Yi Lu, Weichao Wang, Bharat Bhargava CERIAS and Department of Computer Sciences Purdue.

Study of Distance Vector Routing Protocols for Mobile Ad Hoc Networks Yi Lu, Weichao Wang, Bharat Bhargava CERIAS and Department of Computer Sciences Purdue.
Energy-efficient Self-adapting Online Linear Forecasting for Wireless Sensor Network Applications Jai-Jin Lim and Kang G. Shin Real-Time Computing Laboratory,

Energy-efficient Self-adapting Online Linear Forecasting for Wireless Sensor Network Applications Jai-Jin Lim and Kang G. Shin Real-Time Computing Laboratory,
Opportunistic Routing Based Scheme with Multi-layer Relay Sets in Cognitive Radio Networks Ying Dai and Jie Wu Department of Computer and Information Sciences.

Opportunistic Routing Based Scheme with Multi-layer Relay Sets in Cognitive Radio Networks Ying Dai and Jie Wu Department of Computer and Information Sciences.
Signal Strength based Communication in Wireless Sensor Networks (Sensor Network Estimation) Imran S. Ansari EE 242 Digital Communications and Coding (Fall.

Signal Strength based Communication in Wireless Sensor Networks (Sensor Network Estimation) Imran S. Ansari EE 242 Digital Communications and Coding (Fall.
1. Introduction Generally Intrusion Detection Systems (IDSs), as special-purpose devices to detect network anomalies and attacks, are using two approaches.

1. Introduction Generally Intrusion Detection Systems (IDSs), as special-purpose devices to detect network anomalies and attacks, are using two approaches.
Kalman filter and SLAM problem

Kalman filter and SLAM problem
Presented by: Chaitanya K. Sambhara Paper by: Maarten Ditzel, Caspar Lageweg, Johan Janssen, Arne Theil TNO Defence, Security and Safety, The Hague, The.

Presented by: Chaitanya K. Sambhara Paper by: Maarten Ditzel, Caspar Lageweg, Johan Janssen, Arne Theil TNO Defence, Security and Safety, The Hague, The.

Similar presentations

Ads by Google