A TWO-TIERED SENSOR NETWORK USING SAFEQ IN WSNS

(1)

72

A TWO-TIERED SENSOR NETWORK USING SAFEQ IN

WSNS

V.Vijayadeepa

Head of the Department / Academy of ComputerScience

Muthayammal College of Arts and Science.

V.kavipriya

M.Phil Scholar,

Muthayammal College of Arts and Science.

Abstract

In many wireless sensor network applications, the data collection sink (base station) needs to find the aggregated statistics of the network. Readings from sensor nodes are aggregated at intermediate nodes to reduce the communication cost. However, the previous optimally secure in-network aggregation protocols against multiple corrupted nodes require two round-trip communications between each node and the base station The architecture of two-tiered sensor networks, where storage nodes serve as an intermediate tier between sensors and a sink for storing data and processing queries, has been widely adopted because of the benefits of power and storage saving for sensors as well as the efficiency of query processing. SafeQ also allows a sink to detect compromised storage nodes when they misbehave. To preserve privacy, SafeQ uses a novel technique to encode both data and queries such that a storage node can correctly process encoded queries over encoded data without knowing their values. Our protocol achieves one round-trip communication to satisfy optimal security without the result-checking phase, by conducting aggregation along with the verification.

Keywords: Terms—Integrity, privacy, range queries, sensor networks. safeQ

1.Introduction

The architecture of two-tiered sensor networks (illustrated in Fig. 1), where storage nodes serve as an intermediate tier between sensors and a sink for storing data and processing queries, has been widely adopted because of power and storage saving for sensors as well as the efficiency of query processing. However, a compromised storage node imposes significant threats. First, it may allow attackers to obtain sensitive data stored in the storage node. Second, it may return forged data for a query. Third, it may not return all data items that satisfy the query. Several privacy and integrity preserving protocols [1, 2] have been proposed to prevent attackers from gaining information from both sensor collected data and sink issued queries, and allows the sink to detect compromised storage nodes when they misbehave. However, the state-of-the-art protocol [1] has two main drawbacks: (1) it allows attackers to obtain a reasonable estimation on both sensor collected data and sink issued queries; (2) the power consumption and storage space for both sensors and storage nodes grow exponentially with the number of dimensions of collected data.

(2)

73

theoretical research to practical applications. Special characteristics of WSNs, such as resource constraints on energy and computational power, have been well defined and widely studied [3]. What has received less attention, however, is the critical privacy concern on information being collected, transmitted, and analyzed in a WSN. Such private information of concern may include payload data collected by sensors and transmitted through the network to a centralized data processing server. For example, a patient‟s blood pressure, sugar level and other vital signs are usually of critical privacy concern when monitored by a medical WSN which transmits the data to a remote hospital or doctor‟s office. Privacy concerns may also arise beyond data content and may focus on context information such as the location of a sensor initiating data communication. Note that an alert communication originating from a patient‟s heart monitor in the medical WSN is enough for an adversary to infer that the patient suffers from heart problem. Effective countermeasure against the disclosure of both data and context-oriented private information is an indispensable prerequisite for the broad application of WSNs to real-world applications. Privacy protection has been extensively studied in various fields related to WSN such as wired and wireless networking, databases and data mining. Nonetheless, the following inherent features of WSNs introduce unique challenges for privacy preservation in WSNs, and prevent the existing techniques from being directly transplanted: Uncontrollable environment: Sensors may have to be deployed to an environment uncontrollable by the defender, such as a battlefield, enabling an adversary to launch physical attacks to capture sensor nodes or

deploy counterfeit ones. Sensor-node resource constraints:

A battery-powered sensor node generally has severe constraints on its ability to store, process, and transmit the sensed data. As a result, the computational complexity and resource consumption of public-key ciphers is usually considered unsuitable for WSNs. This introduces additional challenges for privacy preservation.

Architecture of two-tired sensor networks.

2.Models and Problemstatement

(3)

74

[a, b]}. Note that the queries in most sensor network applications can be easily modeled as range queries.

Much of the existing work on wireless sensor networks (WSNs) has focused on addressing the power and computational resource constraints of WSNs by the design of specific routing, MAC, and cross-layer protocols. Recently, there have been heightened privacy concerns over the data collected by and transmitted through WSNs. The wireless transmission required by a WSN, and the self-organizing nature of its architecture, makes privacy protection for WSNs an especially challenging problem. This paper provides a state-of-theart survey of privacy-preserving techniques for WSNs. In particular, we review two main categories of privacy-preserving techniques for protecting two types of private information, data-oriented and context-oriented privacy, respectively. We also discuss a number of important open challenges for future research. Our hope is that this paper sheds some light on a fruitful direction of future research for privacy preservation in WSNs.

3. Algorithm: Compute Dynamic Key

Algorithm:

1. ComputeDynamicKey (E

vc,

I D

dr

)

2. begin

3. j← tx

ID cnt dr

4. if j=1 then

5. Kj ← F (Eini , I V)

6. else

7.K

j ←F ( K(j-1)

,E

vc

)

8. end if

9. return K

j

10. end

Topological constraints:

(4)

75

of the network.

For context-based privacy, we analyze the protection of location privacy and temporal private information. In addition, we build a table to compare different techniques in terms of their effectiveness in practical applications. Last but not the least, we discuss some interesting and challenging open issues on this topic, which are expected to shed light on a fruitful direction of future research on privacy preservation in WSNs. The rest of the paper is organized as follows. We review privacy-preserving techniques in related fields in Section 2. In Section 3, we introduce our taxonomy of privacy-preserving techniques in WSNs. Sections 4 and 5 address techniques for data and context-oriented privacy protection, respectively. In Section 6, we evaluate and compare the performance of different privacy-preserving techniques. Section 7 outlines the open challenges for future research, followed by final remarks in Section.

4. Background work

Research on issues related to WSNs requires multidisciplinary studies spanning networking, databases, distributed computing, etc. To properly understand the challenges of privacy preservation in WSNs and the techniques necessary to address such challenges, it is important to first examine the privacy issues and privacy-preserving techniques in such related fields as databases, data mining and wireless networks, which we briefly review as follows.

In the field of database and data mining, privacy concerns may arise from three types of systems [36]: The first is an information sharing system which involves two or more mutually untrusted parties. The objective is to guarantee that no private information beyond the minimum

necessary is disclosed during information sharing. Cryptographic secure multi-party computation techniques are usually used for this type of systems [1,11,35,38]. The second is a data collection system where one centralized data collector/analyzer collects and mines data from multiple distributed data providers. Random perturbation techniques [2,15,33,34] are usually applied to protecting privacy in these systems. The third type is a data publishing system, the objective of which is to publish data to support data analytical application without compromising the anonymity of individual data owners. k-anonymity [27] and ldiversity based algorithms [19,20] are proposed for privacy protection in these systems. Privacy issues have also been extensively studied in the domain of generic networking. Location privacy is of particular concern with the pervasive development of advanced wireless device, like PDA, and with the advent of location-based service (LBS). In an LBS system, a user holding a wireless device queries the LBS server to obtain the nearest restaurant or hospital to the user. Nonetheless, the user would not willingly disclose his/her real location. To address such location privacy concerns,

Anonymizer

(5)

76

for the system because if the third party is compromised, the privacy preservation over the whole system will completely collapse. To remove the requirement of a trusted third party, a private-information-retrieval based technique was proposed [12]. Nonetheless, this technique also suffers from significant computation and communication overhead. Besides the direct disclosure of user‟s location from query payload, traffic flow information may also breach location privacy. In particular, the server may pinpoint the location of a user based on the user‟s IP address. In order to provide traffic flow confidentiality, Tor [10] is designed, as the second generation onion routing [22], and becomes a popular anonymous communication network which consists of thousands of Tor routers to relay user traffic to or from LBS server.

Taxonomy

of

privacy-preserving

techniques for WSNs

In this section, we introduce our taxonomy of privacypreserving techniques for WSNs. depicts the complete taxonomy which includes the problems defined (as elipses) as well as the techniques proposed (as rectangles) in the literature. One can see from the figure that there are two main types of privacy concerns, data-oriented and context-oriented concerns. Data-oriented concerns focus on the privacy of data collected from, or query posted to, a WSN. On the other hand, context-oriented concerns concentrate on contextual information, such as the location and timing of traffic flows in a WSN. Data- and context-oriented privacy concerns may be violated by data- and traffic-analysis attacks, respectively. depicts a simple illustration of the two types of attacks. One can see from that, in the case of data analysis attack, a malicious node of the WSN

abuses its ability of decrypting data to compromise the payload being transmitted. In traffic-analysis attacks, a third-party adversary does not have the ability to decrypt data payloads. Instead, it eavesdrops the wirelessly transmitted data and tracks the traffic flow information hop-by-hop. In the following, we provide a brief overview of the problem definitions and main challenges for these two categories, respectively.

Overview

of

data-oriented

privacy

protection

Data-oriented

privacy

protection focuses on protecting

The privacy of data content. Here „„data” refer to not only sensed data collected within a WSN but also queries posed to a WSN by users. In the above-mentioned medical WSN example, private information may include temperature and blood pressure collected from the WSN, or queries on these vital signs posed to the WSN. There are two types of adversaries which may compromise data-oriented privacy. One is an external adversary which eavesdrops the data communication between sensor nodes in a WSN. This type of adversaries can be effectively defended against using the traditional techniques of cryptographic encryption and authentication.

(6)

77

from Section 3 that two types of adversaries threatening data-oriented privacy are external and internal adversaries. To defend against external adversaries, cryptographic techniques such as encryption and authentication can be used effectively. In particular, a multi-level privacy protection scheme was proposed in [25] to assign different encryption keys to sensed data which require different levels of privacy protection, in order to properly defend against external adversaries. Compared with external adversaries, the internal adversaries can be more powerful because they consist of nodes/base stations captured and controlled by malicious entities and therefore may have knowledge of encryption keys used in a WSN. As mentioned in Section 3, there are two types of data privacy we would like to protect against internal adversaries: the privacy of data being collected and the privacy of queries being posed to a WSN. For the first class privacy, a straight forward approach to defend against internal adversaries is to apply end-to-end encryption between the data source and the base station. the quality of the paper significantly. This work is partially supported by the supported by (while serving at) the National Science Foundation. Any opinion, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation.

5. Result Analysis

The experimental results from our side-by-side comparison show that SafeQ significantly outperforms the S&L scheme for multidimensional data in terms of power and space consumption. For the two integrity-preserving schemes, the neighborhood-chaining technique is better than Merkle hash tree technique in terms of both power

and space consumption. The rationale for us to include the Merkle hash-tree-based scheme is that Merkle hash trees are the typical approach to achieving integrity. We use SafeQ-MHT+ and SafeQ-MHT to denote our schemes using Merkle hash trees with and without Bloom filters, respectively, and we use SafeQ-NC+ and SafeQ-NC to denote our schemes using neighborhood chains with and without Bloom filters, respectively.

(7)

78

6. Conclusion

We make three key contributions in this paper. First, we propose SafeQ, a novel and efficient protocol for handling range queries in two-tiered sensor networks in a privacy- and integrity-preserving fashion. SafeQ uses the techniques of prefix membership verification, Merkle hash trees, and neighborhood chaining. In terms of security, SafeQ significantly strengthens the security of two-tiered sensor networks. Unlike prior art, SafeQ prevents a compromised storage node from obtaining a reasonable estimation on the actual values of sensor collected data items and sink issued queries. In terms of efficiency, our results show that SafeQ significantly outperforms prior art for multidimensional data in terms of both power consumption and storage space. Second, we propose an optimization technique using Bloom filters to significantly reduce the communication cost between sensors and storage nodes. Third, we propose a solution to adapt SafeQ for event-driven sensor networks.

References

[1] R. Agrawal, A. Evfimievski, R. Srikant, Information sharing across private databases, in: Proceedings of the 2003 ACM SIGMOD International Conference on Management of Data, 2003, pp. 86–97.

[2] R. Agrawal, R. Srikan, Privacy-preserving data mining, in:Proceedings of the 2000 ACM SIGMOD on Management of Data, Dallas, TX USA, May 15– 18, 2000, pp. 439–450.

[3] I.F. Akyildiz, W. Su, Y. Sankarasubramaniam, E. Cayirci, Wireless sensor networks: a Survey, Computer Networks 38 (4) (2002) 393–422.

[4] B. Carbunar, Y. Yu, L. Shi, M. Pearce, V. Vasudevan, Query privacy in wireless sensor networks, in: 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc

Communications and Networks, 2007 (SECON‟07), 18–21 June 2007, pp. 203–212.

[5] D. Chaum, Blind signatures for untraceable payments, in: Advances in Cryptology – Crypto‟82, Springer-Verlag (1983), 1982, pp. 199–203.

[6] E.D. Cristofaro, J. Bohli, D.Westho, FAIR: fuzzy-based aggregation providing in-network Resilience for real-time wireless sensor networks, to appear, in: Proceedings of the Second ACM Conference Wireless Network Security (Wisec), 2009.

[7] J. Deng, R. Han, S. Mishra, Intrusion tolerance and anti-traffic analysis strategies for wireless sensor networks, in: IEEE International Conference on Dependable Systems and Networks (DSN 2004), Florence, Italy, 28 June–1 July 2004, pp. 637-646. [8] F. Chen and A. X. Liu, “SafeQ: Secure and efficient query processing in sensor networks,” in Proc. IEEE INFOCOM, 2010, pp. 1–9.

[9] S. Ratnasamy, B. Karp, S. Shenker, D. Estrin, R. Govindan, L. Yin, and F. Yu, “Data-centric storage in sensornets with GHT, a geographic hash table,” Mobile Netw. Appl., vol. 8, no. 4, pp. 427–442, 2003. [10] P. Desnoyers, D. Ganesan, H. Li, and P. Shenoy, “Presto:A predictive storage architecture for sensor networks,” in Proc. HotOS, 2005, p. 23.

[11] D. Zeinalipour-Yazti, S. Lin, V. Kalogeraki, D. Gunopulos, and W. A. Najjar, “Microhash: An efficient index structure for flash-based sensor devices,” in Proc. FAST, 2005, pp. 31–44.

(8)

79

approximation algorithm for data storage placement in sensor networks,” in Proc. WASA, 2007, pp. 71– 78.

V.Vijayadeepa received her B.Sc degree from university of Madras and M.Sc degree and MCA degree from Periyar University. She has completed her M.Phil at Bharathidasan University. She is having 10 years of experience in collegiate teaching and She is the Associate Professor and head of department of computer science and applications in Muthayammal college of Arts and Science,Rasipuram affiliated by Periyar University. Her main research interests include personalized Web search, Web information retrieval, data mining, data warehousing and information system.