Date post: | 13-Jul-2015 |
Category: |
Documents |
Upload: | kashif-aziz-awan |
View: | 31 times |
Download: | 0 times |
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 1/34
1
Secure Solution to Data Transfer from Sensor
Node to Sink against Aggregator Compromises
Presented By: Sarfraz Azam
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 2/34
Wireless Sensor Networks
A self organizing network consists of many tiny sensor nodes
which communicate wirelessly with each other using radio
signals, are operated with battery and can sense, observe etc, is
called Wireless Sensor Networks.
WSN Varied Applications
Fire Rescue
Area Monitoring
Machine Monitoring
Greenhouse Monitoring
Environmental Monitoring
2
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 3/34
Wireless Sensor Network
3
Anatomy of Sensor Hardware Sensing Unit
Processing Unit
Transceiver
Power Unit
WSN Architecture Sensor Node
Sensor Field
Sink
WAN
End User Different Topologies of WSN
One Hop Model
Multi Hop Model
Cluster Based Model
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 4/34
Data Aggregation in WSN
4
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 5/34
SecuringWireless Sensor Networks Against Aggregator Compromises
Thomas Claveirole et al. Propose three schemes SMA, DMA and ADMA.
All have common principle, split readings into shares and send over multiple paths
When sink get enough shares for given reading, then it can reconstruct the reading
SMA uses ³Secret Sharing Scheme´ where as DMA and ADMA uses ³Information
Dispersal Algorithm´.
The number of shares transmitted and received (while using IDA) is not necessarily
equal which means that the system tolerates some losses
First technique guarantees data confidentiality where as other two data availability
Limitations
How to obtain multiple paths is not discussed
If attacker gets threshold number of shares it can also reconstruct the reading
Some extra mechanisms must be provided to ensure that the sink knows the set of
contributing nodes
Thomas Claveirole et al. ³Securing Wireless Sensor Networks Against Aggregator Compromises´ in: Communications Magazine, IEEE,Security in Mobile ad hoc and Sensor Networks, Volume 46, Issue 4, ISSN: 0163-6804, p 134 ± 141, 2008.
5
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 6/34
Required Concepts
What is Information Dispersal algorithm ?
Information dispersal algorithm is used for splitting data into multiple pieces
such that with some (threshold) pieces data can be assembled. In general, the
goal of information dispersal is to divide data into f pieces so that a subset of k
of those pieces can be used to recover the data
What is threshold ?
If we create14 slices of the data and disperse them. Among these 14 shares
minimum10 shares are required for its reconstruction then 10 is the threshold
6
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 7/34
7
Problem Analysis
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 8/34
Problem Statement
S ensor node creates ³n´ shares with sensed data and disperses them on multiple paths W hen sink node receives ³t ́ shares out of ³n´ shares, it can reconstruct the reading
where ³t ́ is the threshold value for reconstruction and ³n´ is the total number of shares
created by information dispersal algorithm
I f some paths are compromised and adversary becomes successful in capturing ³t ́
shares, it will also come into position to reconstruct the reading with these ³t ́ shares
if compromiser becomes successful in reconstruction, it will get the message information
which can be utilized in variety of ways
W ith ³t-1´ shares neither the sink node nor the adversary can perform reconstruction
Effects
Adversary can tamper
Can replay the message
Adversary can eavesdrop
Sink node will lose the messages
8
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 9/34
Problem Scenarios - 1
9
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 10/34
Problem Scenarios - 2
10
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 11/34
11
RSS (Re ±Sequencing Scheme)
Proposed Solution
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 12/34
RSS (Re ±Sequence Scheme)
We have considered [1] as the base idea and chosen the ADMA (Authenticated
Dispersed Multipath Aggregation) scheme
We divide this RSS scheme in three phases and explain each phase briefly
Initial Preparation
Sensor Node
Sink Node (On Receiving Shares)
Design Goals
Resists against adversary for more time Provides strong authentication and integrity
Will be more efficient than the previous schemes
Increases data security with less energy overhead
12
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 13/34
Initial Preparation
Prepare a symmetric key for each sensor node Symmetric key is randomly generated for each sensor node
Create a map file, with all of these symmetric keys, placing them against each node ID
13
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 14/34
Sensor Node
At the deployment time the symmetric secret key is injected in each sensor node Symmetric key contains the randomly generated sequence numbers between 0 and 11
When sensor node starts sensing it stores data readings in the buffer, until the buffer
becomes full
Sensor place 12 readings in the buffer . These can be increased or decreased
When, it reaches to this range then re-sequencing process will start
14
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 15/34
RSS (Re-Sequencing Scheme) working
15
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 16/34
Conti«
After completing re-sequencing, we take message sequence number, secret key and
apply SHA1 over them then authentication key is created
We place this authentication key at the end of the re-sequenced buffer
This equation shows the buffer after adding authentication key
Ri = [r i,1----------r i,n h(k i , s)] After completing SHA-1 process, the data is transferred to IDA (information Dispersal
Algorithm )
It creates several shares from that data
All created shares have unitary length
All shares contain information regarding the whole data (readings + authentication key)
It disperse those shares over multiple paths
All these multiple paths ends at the base station
16
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 17/34
Sink Node (On Receiving Shares)
On receiving the sink node reconstruct R i it just verifies the last element is equal to
h(k i, s)
If it is not equal it means there is a problem and another subset will be used to
reconstruct R i
When this process completes we again start the process of re-sequencing
We use the symmetric key from map file which is placed against the ID of the
transmitter node
By using this key, we re-sequence the data
Now we get the real data
17
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 18/34
Re-Sequencing Process
18
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 19/34
Scheme Analysis
We analyze RSS scheme with different perspectives
Resistance against compromisers
Comparison in number of packets sent Comparison in energy consumption
Comparison with well known techniques
19
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 20/34
RSS Resistance Against Compromisers
20
To test for how much time our RSS resist against compromiser 1 Buffer =12 Readings
12 ! = 479001600
If one millisecond is required to solve one permutation
T hours (S) = 133.056
In 10 minutes some sensors send more than 20 messages
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 21/34
RSS (Scenario - 1)
21
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 22/34
22
Simulations and Results
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 23/34
Simulations
We use TinyOS as an operating system and TOSSIM as simulator We have used two tools for simulations
PowerTOSSIM
TinyViz
23
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 24/34
Results
W
e have performed several simulations for both schemes ADMA
RSS
Comparisons of both the schemes and calculated results
Number of Packets sent by individual node
Total energy consumed by each simulation
Total energy overhead created by RSS
Comparison with other renowned schemes
Performance Metrics
RSS energy overhead
Energy consumed individually
Total energy consumed by the network
Packets sent individually to sink
24
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 25/34
Number of Packets Sent
25
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 26/34
Total Energy Consumption by Each Simulation
26
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 27/34
Total Energy Overhead Created by RSS
27
Energy difference in both schemes is 1366 joules
It is 0.075%
45.539 joules energy overhead for each node in 30 minutes
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 28/34
Comparison with Renowned Schemes
28
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 29/34
29
Conclusion And FutureWork
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 30/34
Conclusion
This scheme provides better data security from adversary then the ADMA
(authenticated Dispersed Multi path Aggregation)
Scheme depends on symmetric key, information dispersal algorithm and
multiple paths routing
RSS provides protection against eavesdropping, data tampering and denial of
service attacks even in the presence of compromised nodes
It provides data authenticity, protection and availability
0.075% energy overhead is the cost for making data more secure
30
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 31/34
FutureWork
We want to remove the loop-holes in this scheme and make it more efficient
Now we have done the simulation of the RSS scheme but in the future we
plan to implement this scheme with real time motes to get real results
We will also simulate the security attacks.
31
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 32/34
References
[[1] Thomas Claveirole et al. ³SecuringWireless Sensor Networks Against Aggregator Compromises´ in: Communications Magazine, IEEE, Security in Mobile ad hoc and
Sensor Networks, Volume 46, Issue 4, ISSN: 0163-6804, p 134 - 141, 2008.
[2] M. O. Rabin, ³Efficient Dispersal of Information for Security, Load Balancing, and
Fault Tolerance,´ J. ACM, vol. 36, no. 2, pp. 335-48, 1989.
[3] Hu, L., Evans, D. ³Secure aggregation for wireless network ́ In: Proc. IEEE
Symposium on Applications and the Internet Workshops (SAINT¶03), pp 384-394, 2003.
[4] Pawan Jadia and Anish Mathuria, ³Efficient Secure Aggregation in Sensor
Networks´
High Performance Computing - HiPC, pp 40-49, Bangalore,-India, 2004.
[5] Robert Di Pietro et al. ³Confidentiality and Integrity for Aggregation in WSN Using
Peer monitoring´ journal Security and Communication Networks, Volume 2, Issue 2,pp
181-194, 2007.
32
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 33/34
References
[6] Julia Albath and sanjay Madria, ³Secure Hierarchical Data Aggregation inWirelessSensor Networks´ Wireless Communications and Networking Conference, 5-8 April,
ISBN 1525- 3511, pp 1-6, IEEE, Budapest, 2009.
[7] Suat Ozdemir and Yang Xiao, ³Hierarchical Concealed Data Aggregation for
Wireless Sensor Networks´, in Proc. of Embedded Systems and Communications
SecurityWorkshop in conjunction with IEEE SRDS , September 27-29, Niagara Falls, NY 2009.
[8] Tiwari, Ankit et al. ³Energy-efficient wireless sensor network design and
implementation for condition-based maintenance´, ACM Transactions on Sensor
Networks (TOSN), Volume 3, Issue 1, ACM, New York, NY, USA, March 2007.
[9] Wembo He et al. ³PDA: Privacy Preserving Data Aggregation inWSN´ International
Conference on Computer Communications, ISSN: 0743-166X, pp 2045 - 2053, IEEE,
Anchorage, AK, 2007.
33
5/12/2018 Sarfraz Presentation - slidepdf.com
http://slidepdf.com/reader/full/sarfraz-presentation 34/34
References
[10] Kewei Sha et al. ³UsingWireless Sensor Networks for Fire RescueApplications: Requirements and Challenges´, Electro/ information Technology,
2006 IEEE International Conference, pp 239 - 244, East Lansing, MI, 04
December 2006.
34