ABSTRACT
Hop-by-hop data aggregation is a very important technique for reducing the communication overhead and energy expenditure of sensor nodes during the process of data collection in a sensor network. However, because individual sensor readings are lost in the per-hop aggregation process, compromised nodes in the network may forge false values as the aggregation results of other nodes, tricking the base station into accepting spurious aggregation results. Here a fundamental challenge is: how can the base station obtain a good approximation of the fusion result when a fraction of sensor nodes are compromised.To answer this challenge, we propose SDAP, a Secure Hop-by-hop Data Aggregation Protocol for sensor networks. The design of SDAP is based on the principles of divide-and-conquer and commit-and-attest. First, SDAP uses a novel probabilistic grouping technique to dynamically partition the nodes in a tree topology into multiple logical groups (subtrees) of similar sizes. A commitment-based hop-by-hop aggregation is performed in each group to generate a group aggregate. The base station then identifies the suspicious groups based on the set of group aggregates. Finally, each group under suspect participates in an attestation process to prove the correctness of its group aggregate. Our analysis and simulations show that SDAP can achieve the level of efficiency close to an ordinary hop-by-hop aggregation protocol while providing certain assurance on the trustworthiness of the aggregation result. Moreover, SDAP is a general-purpose secure aggregation protocol applicable to multiple aggregation functions.
- I. Akyildiz, W. Su, Y. Sankarasubramaniam, and E.Cayirci, "Wireless Sensor Networks: A Survey," Computer Networks, vol. 38, no. 4, March 2002. Google ScholarDigital Library
- D. Estrin, R. Govindan, J. Heidemann, and S. Kumar, "Next century challenges: Scalable coordination in sensor networks," in Proceedings of ACM Mobicom, Seattle, Washington, USA, August 1999, pp. 263--270, ACM. Google ScholarDigital Library
- C. Intanagonwiwat, D. Estrin, R. Govindan, and J. Heidemann, "Impact of network density on data aggregation in wireless sensor networks," in ICDCS, 2002, pp. 457--458. Google ScholarDigital Library
- C. Intanagonwiwat, R. Govindan, and D. Estrin, "Directed diffusion: a scalable and robust communication paradigm for sensor networks," in MOBICOM, 2000, pp. 56--67. Google ScholarDigital Library
- B. Krishnamachari, D. Estrin, and S. Wicker, "The impact of data aggregation in wireless sensor networks," in International Workshop on Distributed Event-Based Systems, (DEBS '02), Vienna, Austria, July 2002. Google ScholarDigital Library
- Samuel Madden, Michael J. Franklin, Joseph M. Hellerstein, and Wei Hong, "TAG: A tiny aggregation service for ad-hoc sensor networks," in OSDI, 2002. Google ScholarDigital Library
- C. Castelluccia, E. Mykletun, and G. Tsudik, "Efficient aggregation of encrypted data in wireless sensor networks," in Mobile and Ubiquitous Systems: Networking and Services MobiQuitous 2005, July 2005. Google ScholarDigital Library
- Jen-Yeu Chen, Gopal Pandurangan, and Dongyan Xu, "Robust computation of aggregates in wireless sensor networks: distributed randomized algorithms and analysis," in IPSN, 2005, pp. 348--355. Google ScholarDigital Library
- David Wagner, "Resilient aggregation in sensor networks," in Proceedings of ACM Workshop SASN '04, 2004. Google ScholarDigital Library
- "Mica Motes," http://www.xbow.com.Google Scholar
- L. Hu and David Evans, "Secure aggregation for wireless networks," in Workshop on Security and Assurance in Ad hoc Networks, January 2003. Google ScholarDigital Library
- J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler, and K. Pister, "System architecture directions for networked sensors," Proc. of ASPLOS IX, 2000. Google ScholarDigital Library
- A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. Tygar, "SPINS: security protocols for sensor netowrks," in Mobile Computing and Networking, 2001, pp. 189--199. Google ScholarDigital Library
- Donggang Liu and Peng Ning, "Establishing pairwise keys in distributed sensor networks," in Proceedings of ACM CCS, October 2003. Google ScholarDigital Library
- S. Zhu, S. Setia, and S. Jajodia, "LEAP: Efficient security mechanisms for large-scale distributed sensor networks," in Proceedings of ACM CCS, October 2003. Google ScholarDigital Library
- W. Zhang, H. Song, S. Zhu, and G. Cao, "Least Privilege and Privilege Deprivation: Towards Tolerating Mobile Sink Compromises in Wireless Sensor Networks," ACM MobiHoc, May 2005. Google ScholarDigital Library
- J. McCune, E. Shi, A. Perrig, and M. Reiter, "Detection of denial-of-message attacks on sensor network broadcasts," in IEEE Symposium on Security and Privacy, 2005, pp. 64--78. Google ScholarDigital Library
- Ralph Merkle, "A certified digital signature," in Proceedings of Advances in Crypto-89, 1989, pp. 218--238. Google ScholarDigital Library
- Burton H. Bloom, "Space/time trade-offs in hash coding with allowable errors," Commun. ACM, vol. 13, no. 7, pp. 422--426, 1970 Google ScholarDigital Library
- Grubbs Frank, "Procedures for detecting outlying observations in samples," Technometrics, vol. 11, no. 1, pp. 1--21, February 1969.Google ScholarCross Ref
- Yong Yao and Johannes Gehrke, "The Cougar approach to in-network query processing in sensor networks," SIGMOD Record, vol. 31, no. 3, pp. 9--18, 2002. Google ScholarDigital Library
- W. Du, J. Deng, Y. S. Han, and P. K. Varshney, "A witness-based approach for data fusion assurance in wireless sensor networks," in Proc. of IEEE GLOBECOM '03, December 2003.Google Scholar
- B. Przydatek, D. Song, and A. Perrig, "SIA: secure information aggregation in sensor networks," in SenSys '03: Proceedings of the 1st international conference on Embedded networked sensor systems, 2003, pp. 255--265. Google ScholarDigital Library
- Fan Ye, Haiyun Luo, Songwu Lu, and Lixia Zhang, "Statistical en-route filtering of injected false data in sensor networks," in Proceedings of IEEE Infocom'04, 2004.Google Scholar
- W. Zhang and G. Cao, "Group Rekeying for Filtering False Data in Sensor Networks: A Predistribution and Local Collaboration-Based Approach," IEEE INFOCOM, March 2005.Google Scholar
- S. Zhu, S. Setia, S. Jajodia, and P. Ning, "An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks," in Proceedings of IEEE Symp. on Security and Privacy, 2004, pp. 259--271.Google Scholar
Index Terms
- SDAP: a secure hop-by-Hop data aggregation protocol for sensor networks
Recommendations
SDAP: A Secure Hop-by-Hop Data Aggregation Protocol for Sensor Networks
Hop-by-hop data aggregation is a very important technique for reducing the communication overhead and energy expenditure of sensor nodes during the process of data collection in a sensor network. However, because individual sensor readings are lost in ...
Reverse Tree-based Key Routing: Robust Data Aggregation in Wireless Sensor Networks
CIT '10: Proceedings of the 2010 10th IEEE International Conference on Computer and Information TechnologyEfficient and privacy-preserving data aggregation in a wireless sensor network (WSN) poses a tremendous challenge: how to cope with sensors compromise---once a sensor is compromised, its crypto material is compromised and so is privacy of aggregate ...
Securely computing an approximate median in wireless sensor networks
SecureComm '08: Proceedings of the 4th international conference on Security and privacy in communication netowrksWireless Sensor Networks (WSNs) have proven to be useful in many applications, such as military surveillance and environment monitoring. To meet the severe energy constraints in WSNs, some researchers have proposed to use the in-network data aggregation ...
Comments