Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Data Aggregation in Wireless Sensor Networks: A Survey Yingpeng Sang, Hong Shen Yasushi Inoguchi, Yasuo Tan, Naixue Xiong Proceedings of the Seventh.

Similar presentations


Presentation on theme: "Secure Data Aggregation in Wireless Sensor Networks: A Survey Yingpeng Sang, Hong Shen Yasushi Inoguchi, Yasuo Tan, Naixue Xiong Proceedings of the Seventh."— Presentation transcript:

1 Secure Data Aggregation in Wireless Sensor Networks: A Survey Yingpeng Sang, Hong Shen Yasushi Inoguchi, Yasuo Tan, Naixue Xiong Proceedings of the Seventh International Conference on Parallel and Distributed Computing,Applications and Technologies (PDCAT'06) Presented by kevin wang

2 Preview Main contributions Outline Classify by infrastructure in WSNs Classify by encryption in WSNs Proposed two general schemes  Hop by hop  End to end Conclusions

3 Main contributions Past  Only focus on data confidentiality or data integrity Now  Survey the work Hop-by-hop End-to-end  Propose security frameworks respectively for Hop-by-hop End-to-end  Both on Data confidentiality and Data integrity

4 What is confidentiality Confidentiality  Ensuring that information is accessible only to those authorized to access  One of the cornerstones of Information security  The delivering data is confidential in WSNs For avoiding to leak secret information, the sensed data have to encrypt to keep confidentiality M  En k (M)  Dn k (M)=M Sensor or aggregator  sink node

5 What is integrity Integrity  Ensuring that only authorized parties are able to modify computer system assets and transmitted information  One of the cornerstones of Information security  The delivering data is sensitive in WSNs For avoiding to modify the secret information, the sensed data have to keep integrity Especially, in a cheaper and simple device

6 Outline in this paper A survey paper for data aggregation in WSN Proposed two data aggregation scheme for HBH and ETE respectively

7 Problem definition How to satisfy the confidentiality and integrity in WSN

8 Classify with Infrestructure Wireless sensor networks  HWSN Hierarchical Wireless Sensor Networks  DWSN Distributed Wireless Sensor Networks Server Header Sensor Nodes Sacrificed Node Sensor Nodes Server

9 Classify with Data aggregation Hop-by-hop  Adv: deliver package size small  Disadv: key management Pair wise key dist.  DWSN Group wise key dist.  HWSN  perform operators: sum, min, max, avg, count, median…

10 Classify with Data aggregation End-to-end  Adv: the secrets share between sink and sensor  Disadv: much redundant are sent  Can not perform above operators The sensed data have been encrypted

11 Background-network model-HWSN Server Header Sensor Nodes Sacrificed Node S A R F A

12 Background-network model-DWSN Sensor Nodes Server S s R

13 Background-security requirements Confidentiality  Eavesdropping  Compromised node’s key  Using the compromised node’s keys to deduce all secret information in entire network  Using the compromised key to inject unauthorized malicious nodes in network. Integrity  Injecting arbitrary chosen malicious data into the compromised S.  Modifying, forging, or discarding messages in the compromised A and F.

14 Background-aggregation functions Sum Average Median Minimum Maximum Count

15 Hop-by-hop encrypted data aggregation in WSN 1.Security bootstrapping  1.1Pair-wise key distribution  DWSN (confidentiality) Master key based solution [14]  All nodes use one key Pair-wise key pre-distribution solution  Each node shares one key with sink Random key pre-distribution solution [10] [7]  Using key ring to find one common key Key pre-distribution schemes with deployment knowledge [15][10]  DDHV’s scheme Other solution [5][9][16]

16 Hop-by-hop encrypted data aggregation in WSN 1.Security bootstrapping  1.2Group-wise key distribution  HWSN (confidentiality) Symmetric group-wise key distribution [2],1992  A symmetric key can be generate among t nodes Asymmetric group-wise key distribution [18], 2004  ECC  EC-public/private

17 Hop-by-hop encrypted data aggregation in WSN 2.Data integrity  Some related work assume that confidentiality is protected by pre- deployed key.  [12], L. Hu and D. Evans, “Secure aggregation for wireless networks”, In Workshop on Security and Assurance in Ad hoc Networks, Jan 2003.  [18], A. Mahimkar, T. S. Rappaport, “SecureDAV: A Secure Data Aggregation and Verification Protocol for Sensor Networks”, Proceedings of IEEE GlobalTelecommunications Conference (Globecom) 2004,Nov, 2004, Dallas, TX, USA.  [21], B. Przydatek, D. Song, and A. Perrig, “SIA: Secure Information Aggregation in Sensor Networks”,In Proc. of ACM SenSys 2003, 2003.

18 Secure aggregation for wireless networks, 2003 Node A, deployment, symmetric pair-wise key, K AS, R A =reading data from node A Data transmission phase  K AS i =E(K AS, i)  Parent node B and aggregated result =Aggr  MAC(K AS i,Aggr) Data validation phase  R will verifies the final aggregated results using the pair- wise keys  Lower communication cost Vulnerable  Nodes, aggregators, forwarding nodes are easy to be compromised K AS i MAC(K AS i,Aggr) Sum(Aggr)

19 SecureDAV: A Secure Data Aggregation and Verification Protocol for Sensor Networks, 2004 Using Merkle Hash Tree to improve [12] Data transmission phase  A: MAC (K AS i =E(K AS, i), R A )  Parent node B and aggregated result =Aggr, generate a hash value of R A by Merkle Hash function: H(R A )  Aggregator sends MAC (Aggr, H(R A, i)) to sink node, R Data validation phase  R will verifies the final aggregated results using the pair-wise keys and queries the aggregators what hash values did they sent  The queries is to check individual readings Vulnerable  high communication cost K AS i MAC(K AS i,Aggr) Sum(Aggr)

20 SIA: Secure Information Aggregation in Sensor Networks,2003 It can engage an interactive proof with the aggregator and check whether the aggregator result is correct. Key point  Their correct build on the related trust K AS i MAC(K AS i,Aggr) Sum(Aggr)

21 Consequence Communication cost  [21]<[18]<[12]

22 End-to-end data aggregation in WSN Network-wise key distribution  Master key based solutions, 2005, CEG[6], 2005, CDA[11]  Public key based solution, 2006[19] Data integrity  Compared to HBH, there is no efficient scheme to protect integrity in ETE  In [23], 2004, each node sends its reading to R using ETE,  The R employs truncation and trimming on the R A ’ s to achieve robust aggregation result against spoofed sensor.

23 Proposed two frameworks for data aggregation in WSN-HBH Framework 1: Hop-by-hop encrypted data aggregation  1.The bootstrapping phase For controlled environment HWSN,  group-wise key can be generated for all nodes within each cluster For uncontrolled environment DWSN,  Pair-wise key can be distributed among each pair of sensor node  2.The aggregator selection phase R can select aggregators to construct a transmission structure with minimum energy cost

24 Proposed two frameworks for data aggregation in WSN Framework 1: Hop-by-hop encrypted data aggregation  3.The data aggregation phase E Kai,A (x i )  A:(D Kai,A (x i )):  sum then  R  4.The data transmission phasec E Kai,A (x i )+MHT(E Ksi,R, (x i ))  5.The data integrity verification phase R hashes all (E Ksi,R ) to check again Decrypt (E Ksi,R ) and aggregate to check correct?

25 Consequence Framework 1.  Confidentiality For HWSN group-wise key For DWSN Pair-wise key  Integrity Merkle Hash Tree

26 Proposed two frameworks for data aggregation in WSN-ETE Framework 2: End-to-end encrypted data aggregation  1.The bootstrapping phase and the aggregator selection phase For HWSN and DWSN use network-wise public key K  2.The data aggregation phase Using ECC-ElGamal to aggregate and reach homomorphic encryption

27 Proposed two frameworks for data aggregation in WSN Framework 2: End-to-end encrypted data aggregation  3.The data transmission phase Noses will commit all (E Ksi,R,(x i )) of its children by MHT to R  4.The data integrity verification phase R check the commitment hash of all (E Ksi,R,(K))

28 Consequence Confidentiality  network-wise public key K Integrity  Merkle Hash Tree

29 Security analysis Compromised some nodes, R will detect with Merkle hash tree Compromised some aggregators, R will detect with Merkle hash tree Compromised some nodes and aggregators, R will not detect with Merkle hash tree HBH more efficient than ETE HBH less secure than ETE, in compromised some nodes.

30 Conclusions Survey and classify the related work into HBH and ETE data aggregation scheme Proposed two schemes for data aggregation in HBH and ETE, respectively.

31 Comment Good  Know the data aggregation field  Research history More  This schemes did not consider the no response nodes problem  Consider MST + dynamic routing path to reduce the end- to-end communication cost to increase entire lifetime  Past did not consider nodes will be exhausted, then have to change path in end to end environment.


Download ppt "Secure Data Aggregation in Wireless Sensor Networks: A Survey Yingpeng Sang, Hong Shen Yasushi Inoguchi, Yasuo Tan, Naixue Xiong Proceedings of the Seventh."

Similar presentations


Ads by Google