Download presentation
Presentation is loading. Please wait.
Published byJocelin Poole Modified over 8 years ago
1
Computer Science Secure Hierarchical In-network Data Aggregation for Sensor Networks Steve McKinney CSC 774 – Dr. Ning Acknowledgment: Slides based on CCS 2006 slides by Haowen Chan Research conducted by Haowen Chan, Adrian Perrig, and Dawn Song
2
Computer Science Outline The Secure Aggregation Problem Algorithm Description Efficiency Results Conclusions and Future Work
3
Computer Science In-Network Data Aggregation (( )) Q “What is the sum of all the sensor readings?” 2 4 1 3 0 3 2 0 + 4 + 6 + 9 9 +15 Answer: Why Aggregation?
4
Computer Science Sensor Reading Falsification (( )) Q 2 4 1 3 0 3 2 0 4 6 15 21 3 0 10 2 Malicious node reports false sensor reading (Direct injection)
5
Computer Science Aggregation Result Falsification (( )) Q 2 4 1 3 0 3 2 0 4 6 100 106 3 0 4 2 Malicious node reports false aggregation result
6
Computer Science Assumptions Unsecured, multi-hop network of n nodes with one untrusted base station Querier shares symmetric key with each node and all nodes are responsive Existence of broadcast authentication primitive ( μ TESLA) Nodes are capable of computing symmetric key and cryptographic hash operations
7
Computer Science Related Work Based on probabilistic detection or special cases Single malicious node –L. Hu and D. Evans [2003] –P. Jadia and A. Mathuria [2004] Flat aggregator topology –B. Przydatek, A. Perrig, D. Song [2003] –W. Du, J. Deng, Y. Han, P.K. Varshney [2003] Probabilistic Detection –B. Przydatek, A. Perrig, D. Song [2003] –Y. Yang, X. Wang, S. Zhu, G. Cao [2006]
8
Computer Science Contributions General hierarchical (tree-based) aggregation topologies Multiple (unbounded) number of compromised nodes Achieves tightest possible bound on adversary’s ability to change aggregation result Low communication overhead –O(log 2 n) edge-congestion
9
Computer Science Outline The Secure Aggregation Problem Algorithm Description Results Conclusions and future work
10
Computer Science By Example Consider the SUM aggregate Sensor readings are in the range [0, r] Each sensor submits a reading, a i, and its complement (r-a i ) Sum of legitimate sensor readings is S L Aggregate sum, S (and its complement, S’), must satisfy: –S + S’ = nr If this condition is satisfied, an adversary has, at most, conducted a Direct Injection attack, and The lower bound on S is S L and the upper bound is S L + μr, where μ is the number of malicious nodes
11
Computer Science The Algorithm 1.Query Dissemination Query sent from Querier with nonce, N 2.Aggregation Commit 3.Result Checking
12
Computer Science Aggregation Commit Aggregation Tree Commitment Tree L A ={1, v A, v’ A, A} L B ={1, v B, v’ B, B} L AB ={2, v AB, v AB, H[N||2||v AB ||v’ AB ||A||B]} L ABCD ={4, v ABCD, v ABCD, H[N||4||v ABCD ||v’ ABCD ||AB||C||D]}
13
Computer Science Result Checking Novel idea: –Distribute verification process to the sensors –Previously: Querier performed probing Cannot probe every node Too much congestion near the base station Process –Querier sends the aggregate label(s) via authenticated broadcast to all nodes –Each node verifies its contribution is part of the aggregate using off-path labels –After verification, nodes send an authentication code up the aggregation tree: MAC Ki (N||OK) –The Querier verifies the authentication code
14
Computer Science Result Checking How are off-path labels distributed?
15
Computer Science Result Checking How do nodes verify their contribution? 22 = 3 + 2 + 1 + 4 + 5 + 7
16
Computer Science Result Checking Returning and checking authentication codes 0011 0110 0101 1100 0100 0111 ⊕ 0101 ⊕ ⊕ 1100 ⊕ ⊕ 1111 Remember that the Querier shares a symmetric key with each node Therefore it can compute the XOR’d authentication code and compare to the received value: MAC K1 (N||OK) ⊕... ⊕ MAC Kn (N||OK) = MAC KA (N||OK)
17
Computer Science Balancing the Commitment Tree Unbalanced commitment trees yield long paths and high overhead Idea: Instead of one commitment tree, keep a forest of O(log n) complete commitment trees Can be constructed using Delayed Aggregation Only perform aggregation on subtrees of equal height
18
Computer Science Delayed Aggregation Naïve Approach Delayed Approach
19
Computer Science Efficiency Congestion measured in terms of most heavily loaded edge or node in the network Aggregation tree: –Edge:O(log 2 n) –Node:O( Δ log 2 n); Δ=highest degree of any node Commitment tree: O(log n)
20
Computer Science Conclusion Secure data aggregation algorithm –Suitable for general tree-based aggregation topologies –Resilient against multiple malicious nodes –Tightest possible guarantees on adversary detection (without assuming application knowledge) –Low O(log 2 n) edge congestion –Limitation: need to know the set of responding nodes Future Work: –Secure versions of more sophisticated aggregation functions –Defenses against sensor reading falsification
21
Questions?
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.