Private and Resilient Data Aggregation

Sensors are commonly deployed in hostile environment, and consequently a number of research works have focused on data aggregation schemes designed to be tolerant to attacks on sensor nodes. In parallel, schemes ensuring the confidentiality of sensor data have been proposed to address the emerging privacy concerns. We note that resilience against tampering attacks requires access to the sensor node's data, while in privacy-preserving systems this data must remain confidential. In this work, we aim to reconcile these two seemingly conflicting objectives. We present a novel private and resilient aggregation system, in which an aggregator combines the data collected from sensor nodes and forwards the resulting sum to an analyst. Our scheme protects the privacy of the users from both honest-but-curious aggregator and analyst, while enabling the filtering of fake data values using a Private Range Test protocol.Les réseaux de capteurs peuvent être déployés dans un environnement hostile. Ainsi un nombre de travaux de recherche se sont intéressés à des systèmes d'agrégation de données tolérant aux attaques sur les noeuds. Parallèlement des techniques garantissant la confidentialité des données collectées par les réseaux de capteurs ont été proposées afin de faire face à la problématique de vie privée. La tolérance aux attaques sur les capteurs nécessite un accès aux données retournées par ceux-ci, alors que la protection de la vie privée nécessite justement que ces données restent confidentielles. Le but de ce travail est de réconcilier ces deux objectifs qui apparaissent comme conflictuels. Nous présentons un nouveau système d'agrégation capable de tolérer les attaques sur les noeuds tout en préservant la confidentialité des données des capteurs. Ce système inclut un agrégateur qui collecte et combine les données provenant des capteurs et renvoi le résultat à l'utilisateur final appelé analyste. Ce système protège la vie privée des utilisateurs face à un couple agrégateur/analyste "curieux mais honnête". Il permet également de données les données contrôlées par un attaquant en utilisant un protocole de "Private Range Test" basé sur la théorie du calcul sécurisé multipartie

Security and Privacy in Heterogeneous Wireless and Mobile Networks: Challenges and Solutions

abstract: The rapid advances in wireless communications and networking have given rise to a number of emerging heterogeneous wireless and mobile networks along with novel networking paradigms, including wireless sensor networks, mobile crowdsourcing, and mobile social networking. While offering promising solutions to a wide range of new applications, their widespread adoption and large-scale deployment are often hindered by people's concerns about the security, user privacy, or both. In this dissertation, we aim to address a number of challenging security and privacy issues in heterogeneous wireless and mobile networks in an attempt to foster their widespread adoption. Our contributions are mainly fivefold. First, we introduce a novel secure and loss-resilient code dissemination scheme for wireless sensor networks deployed in hostile and harsh environments. Second, we devise a novel scheme to enable mobile users to detect any inauthentic or unsound location-based top-k query result returned by an untrusted location-based service providers. Third, we develop a novel verifiable privacy-preserving aggregation scheme for people-centric mobile sensing systems. Fourth, we present a suite of privacy-preserving profile matching protocols for proximity-based mobile social networking, which can support a wide range of matching metrics with different privacy levels. Last, we present a secure combination scheme for crowdsourcing-based cooperative spectrum sensing systems that can enable robust primary user detection even when malicious cognitive radio users constitute the majority.Dissertation/ThesisPh.D. Electrical Engineering 201

Routing Security Issues in Wireless Sensor Networks: Attacks and Defenses

Wireless Sensor Networks (WSNs) are rapidly emerging as an important new area in wireless and mobile computing research. Applications of WSNs are numerous and growing, and range from indoor deployment scenarios in the home and office to outdoor deployment scenarios in adversary's territory in a tactical battleground (Akyildiz et al., 2002). For military environment, dispersal of WSNs into an adversary's territory enables the detection and tracking of enemy soldiers and vehicles. For home/office environments, indoor sensor networks offer the ability to monitor the health of the elderly and to detect intruders via a wireless home security system. In each of these scenarios, lives and livelihoods may depend on the timeliness and correctness of the sensor data obtained from dispersed sensor nodes. As a result, such WSNs must be secured to prevent an intruder from obstructing the delivery of correct sensor data and from forging sensor data. To address the latter problem, end-to-end data integrity checksums and post-processing of senor data can be used to identify forged sensor data (Estrin et al., 1999; Hu et al., 2003a; Ye et al., 2004). The focus of this chapter is on routing security in WSNs. Most of the currently existing routing protocols for WSNs make an optimization on the limited capabilities of the nodes and the application-specific nature of the network, but do not any the security aspects of the protocols. Although these protocols have not been designed with security as a goal, it is extremely important to analyze their security properties. When the defender has the liabilities of insecure wireless communication, limited node capabilities, and possible insider threats, and the adversaries can use powerful laptops with high energy and long range communication to attack the network, designing a secure routing protocol for WSNs is obviously a non-trivial task.Comment: 32 pages, 5 figures, 4 tables 4. arXiv admin note: substantial text overlap with arXiv:1011.152

Securing Node Capture Attacks for Hierarchical Data Aggregation in Wireless Sensor Networks

Abstract -Serious security threat is originated by node capture attacks in hierarchical data aggregation where a hacker achieves full control over a sensor node through direct physical access in wireless sensor networks. It makes a high risk of data confidentiality. In this study, we propose a securing node capture attacks for hierarchical data aggregation in wireless sensor networks. Initially network is separated into number of clusters, each cluster is headed by an aggregator and the aggregators are directly connected to sink. The aggregator upon identifying the detecting nodes selects a set of nodes randomly and broadcast a unique value which contains their authentication keys, to the selected set of nodes in first round of data aggregation. When any node within the group needs to transfer the data, it transfers slices of data to other nodes in that group, encrypted by individual authentication keys. Each receiving node decrypts, sums up the slices and transfers the encrypted data to the aggregator. The aggregator aggregates and encrypts the data with the shared secret key of the sink and forwards it to the sink. The set of nodes is reselected with new set of authentication keys in the second round of aggregation. By simulation results, we demonstrate that the proposed technique resolves the security threat of node capture attacks