Download presentation
Presentation is loading. Please wait.
1
SafeQ: Secure and Efficient Query Processing in Sensor Networks Fei Chen and Alex X. Liu Department of Computer Science and Engineering Michigan State University
2
2 Two-tiered Sensor Network A two-tiered sensor network [Ratnasamy et al. 2003] Benefits ─Power saving for sensors ─Memory saving for sensors ─Query processing is efficient Several products of storage nodes, such as StarGate and RISE, are commercially available Data Storage Node Sensor Query Result Sensor Sink Sensor
3
3 Storage nodes can be compromised Storage nodes are attractive to be attacked ─Sensitive data collected by sensors are stored in storage nodes It raises two security problems if a storage node is compromised ─How to preserve the privacy of sensor collected data and sink issued queries? ─How to preserve the integrity of query result? Data Storage Node Sensor Query Result Sensor Sink Sensor
4
4 Preserving privacy ─A compromised storage node cannot gain information from sensor collected data and sink issued queries ─A storage node can perform query processing Preserving integrity ─The sink can detect whether a query result from a storage node ●includes forged data items ●excludes any data items that satisfy the query Problem Statement: Privacy and Integrity Preserving Range Queries Collect n data items at time slot t Storage Node Query Sensor Sink d 1, d 2,…, d n t,[a,b]
5
5 Privacy Preserving Scheme To protect the privacy of sensor collected data ─Encrypt each data item individually How does a storage node process a query over encrypted data? ─Using prefix membership verification technique (1) k i,(4) k i,(5) k i,(7) k i,(9) k i [3, 7] 5 (binary expression 101) {011, 1**}PF(5)={101, 10*,1**,***} Prefix familyPrefix format Prefix numericalization {1011,1010, 1100,1000} {0111, 1100} HMAC hash {h g (1011), h g (1010), h g (1100), h g (1000)}{h g (0111), h g (1100)} Sensor (Key g )Sink (Key g ) Storage node If two sets have a common element, 5 [3,7]
6
6 5 1 5 Integrity Preserving Scheme Neighborhood Chaining ─Encrypt the data item with its neighbors (1) k i 1479 min max || () kiki (min|1|4) k i (1|4|5)ki(1|4|5)ki (4|5|7)ki(4|5|7)ki (5|7|9)ki(5|7|9)ki Query: [3, 7] (4) k i (5) k i (7) k i (9) k i (7|9|max) k i [3, 7] (min|1) k i (1|4) k i (4|5) k i (5|7) k i (7|9) k i Query: [3, 7] (9|max) k i Verification Object Query Result 1 9 a. < 37 b. <
7
7 What if the query result is empty? Verification Object min(1|4) k i (4|5) k i (5|7) k i (7|9) k i (9|max) k i (min|1) k i Query: [2,3] Storage node only knows that no data item satisfies the query ─It doesn’t know which is the verification object Storage node needs to know the position of the query among all data items.
8
8 Privacy Preserving Scheme V2 How does a storage node process a query over encrypted data? [2, 3] {1, 4, 5, 7, 9} Sensor (Key g ) Sink (Key g )Storage node Storage node returns (1|4) k i as verification object min14579max 2 3
9
9 Multi-dimensional Data To preserve privacy, we apply our 1-dimensional privacy preserving techniques to each dimension of multi-dimensional data. To preserve integrity, we build a multi-dimensional neighborhood chain. X dimension Y dimension (1,11) (3,5) (6,8) (7,1) (9,4) (15,15) (0,0) The multi-dimensional neighborhood chain of the above example is (0|1, 9|11) k i, (1|3, 4|5) k i, (3|6, 5|8) k i, (6|7, 0|1) k i, (7|9, 1|4) k i, (9|15, 11|15) k i,
10
10 Range Queries in Event-driven Networks We have assumed that at each time slot, a sensor sends data to a storage node. However, in event-driven networks, a sensor only reports data to a storage node when certain event happens. Our idea: Sensors report their idle period to the storage node when one of following two conditions holds: ─Sensors submit data after an idle period ─The idle period is longer than a threshold, say γ t1t1 Idle period: [t 1, t 2 ] k i γ Time axis A grey unit denotes that the sensor has data to submit at that time slot. A blank unit denotes that the sensor has no data to submit at that time slot t2t2 Idle period: [t 1, t 1 + γ ] k i
11
11 Optimization with Bloom Filters 01010101010101......1 --...... h1h1 h2h2 h3h3 h1h1 h2h2 h3h3 1 11 1 11 h g (00011),h g (00110), 1 A h1h1 h2h2 h3h3 h g (01001) B h g (p([min,1])), h g (p([1,4])), h g (p([4,5])), h g (p([5,7])), h g (p([7,9])), h g (p([9,max])) 1 1 Index: 0 1 2 3 4 5
12
12 Experimental Results (1/2) We conducted experiments on both S&L (prior art) and our schemes ─We use SafeQ-Basic and SafeQ-Bloom to denote our schemes without and with Bloom filters In terms of power consumption, for 3-dimensional data ─SafeQ-Bloom is 184.9 times less power for sensors and 76.8 times less power for storage nodes ─SafeQ-Basic is 59.2 times less power for sensors and 76.8 times less power for storage nodes 3-dimensional data Power consumption for storage nodesPower consumption for sensors 3-dimensional data
13
13 Experimental Results (2/2) In terms of space consumption, for 3-dimensional data ─SafeQ-Bloom is 182.4 times less space for storage nodes ─SafeQ-Basic is 58.5 times less space for storage nodes Space consumption for storage nodes 3-dimensional data
14
14 Prior work (1/2) Sheng&Li scheme [Infocom 2008] Two major drawbacks ─Fairly accurate estimating data items and queries [Hore et al. VLDB 2004] ─Power and space consumption grows exponentionally with the number of dimensions. Data:{1, 4, 5, 7, 9} Storage Node Query: [9,10] Sensor S i (k i )Sink (k i ) {1,4} k i 0 4 5 9 10 {5} k i h(i||4||t||k i ) {7, 9} k i Bucket IDs: 1 2 3 4 3, 4 h(i||4||t||k i ) 7 is out of the range Prove empty bucket {7, 9} k i
15
15 Prior work (2/2) Shi et al.’s scheme [Infocom 2009] and Zhang et al.’s scheme [MobiHoc 2009] Two major drawbacks ─A compromised sensor could easily compromise the integrity verification functionality of the network by sending falsified bucket vectors to other sensors and storage nodes. ─Fairly accurate estimating data items and quires [Hore et al. VLDB 2004] V i (1110) Storage Node Sensor S i (k i ) 0 4 5 9 10 Bucket Vector V i : 1 1 1 0 Data: {1, 4, 5, 7, 9} Sensor S j (k j ) 0 4 5 9 10 {4, 1110} k j {8, 1110} k j Data: { 4, 8}
16
16 Contributions Propose a novel privacy and integrity preserving range query protocol for two-tiered sensor networks Propose an optimization technique using Bloom filters to significantly reduce the communication cost between sensors and storage nodes Propose a solution for event-driven sensor networks
17
17 Questions Thank you!
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.