ABSTRACT
In a large sensor network, in-network data aggregation, i.e., combining partial results at intermediate nodes during message routing, significantly reduces the amount of communication and hence the energy consumed. Recently several researchers have proposed robust aggregation frameworks, which combine multi-path routing schemes with duplicate-insensitive algorithms, to accurately compute aggregates (e.g., Sum, Count, Average) in spite of message losses resulting from node and transmission failures. However, these aggregation frameworks have been designed without security in mind. Given the lack of hardware support for tamper-resistance and the unattended nature of sensor nodes, sensor networks are highly vulnerable to node compromises. We show that even if a few compromised nodes contribute false sub-aggregate values, this results in large errors in the aggregate computed at the root of the hierarchy. We present modifications to the aggregation algorithms that guard against such attacks, i.e., we present algorithms for resilient hierarchical data aggregation despite the presence of compromised nodes in the aggregation hierarchy. We evaluate the performance and costs of our approach via both analysis and simulation. Our results show that our approach is scalable and efficient.
- M. Bellare, R. Guerin, and P. Rogaway. XOR MACs: New methods for message authentication using finite pseudorandom functions. In Proc. of the 15th Annual International Cryptology Conference on Advances in Cryptology - CRYPTO'95, pages 15--28, 1995.]] Google ScholarDigital Library
- L. Buttyan, P. Schaffer, and I. Vajda. Resilient aggregation with attack detection in sensor networks. In Proc. of 2nd IEEE Workshop on Sensor Networks and Systems for Pervasive Computing, 2006.]] Google ScholarDigital Library
- J. Considine, F. Li, G. Kollios, and J. Byers. Approximate aggregation techniques for sensor databases. In Proc. of IEEE Int'l Conf. on Data Engineering (ICDE), 2004.]] Google ScholarDigital Library
- W. Du, J. Deng, Y. S. Han, and P. Varshney. A pairwise key pre-distribution scheme for wireless sensor networks. In Proc. of the 10th ACM Conference on Computer and Communications Security (CCS '03)., 2003.]] Google ScholarDigital Library
- P. Flajolet and G. N. Martin. Probabilistic counting algorithms for data base applications. Journal of Computer and System Sciences, 31(2):182--209, 1985.]] Google ScholarDigital Library
- S. Ganeriwal and M. B. Sribastava. Reputation-based framework for highly integrity sensor networks. In Proc. of ACM Workshop on Security of Sensor and Adhoc Networks (SASN), Washington, DC, 2004.]] Google ScholarDigital Library
- D. Ganesan, R. Govindan, S. Shenker, and D. Estrin. Highly-resilient energy-efficient multipath routing in wireless sensor networks. Mobile Comuting and Communication Review, 4(5):11--25, 2001.]] Google ScholarDigital Library
- L. Hu and D. Evans. Secure aggregation for wireless networks. In Proc. of Workshop on Security and Assurance in Ad hoc Networks., 2003.]]Google Scholar
- M. Jelasity, A. Montresor, and O. Babaoglu. Gossip-based aggregation in large dynamic networks. ACM Transactions on Computer Systems, 23(3):219--252, 2005.]] Google ScholarDigital Library
- F. Koushanfar, M. Potkonjak, and A. Sangiovanni-Vincentelli. Fault tolerance techniques in wireless ad-hoc sensor networks. In Sensors 2002. Proceedings of IEEE, pages 1491--1496.]]Google Scholar
- S. Madden, M. J. Franklin, J.M. Hellerstein, and W. Hong. TAG: A tiny aggregation service for ad hoc sensor networks. In Proc. of 5th USENIX Symposium on Operating Systems Design and Implementation, 2002.]] Google ScholarDigital Library
- A. Manjhi, S. Nath, and P. Gibbons. Tributeries and deltas: Efficient and robust aggregation in sensor network streams. In Proc. of ACM International Conference on Management of Data (SIGMOD), 2005.]] Google ScholarDigital Library
- Mica Motes. http://www.xbow.com.]]Google Scholar
- S. Nath, P. B. Gibbons, S. Seshan, and Z. Anderson. Synopsis diffusion for robust aggregation in sensor networks. In Proc. of the 2nd international conference on Embedded networked sensor systems (SenSys), 2004.]] Google ScholarDigital Library
- A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. D. Tygar. SPINS: Security protocols for sensor networks. In Seventh Annual International Conference on Mobile Computing and Networks (MobiCOM), 2001.]] Google ScholarDigital Library
- B. Przydatek, D. Song, and A. Perrig. SIA: Secure information aggregation in sensor networks. In Proc. of the 1st international conference on Embedded networked sensor systems (SenSys), 2003.]] Google ScholarDigital Library
- D. Wagner. Resilient aggregation in sensor networks. In Proc. of ACM Workshop on Security of Sensor and Adhoc Networks (SASN), 2004.]] Google ScholarDigital Library
- Y. Yang, X. Wang, S. Zhu, and G. Cao. SDAP: A secure hop-by-hop data aggregation protocol for sensor networks. In Proc. of ACM MOBIHOC, 2006.]] Google ScholarDigital Library
- Y. Yao and J. E. Gehrke. The cougar approach to in-network query processing in sensor networks. ACM SIGMOD Record, 31(2):9--18, September 2002.]] Google ScholarDigital Library
- Fan Ye, Haiyun Luo, Songwu Lu, and Lixia Zhang. Statistical en-route filtering of injected false data in sensor networks. In Proc. of IEEE Infocom, 2004.]]Google Scholar
- W. Zhang and G. Cao. Group rekeying for filtering false data in sensor networks: A predistribution and local collaboration-based approach. Proc. of IEEE Infocom, 2005.]]Google Scholar
- J. Zhao and R. Govindan. Understanding packet delivery performance in dense wireless sensor networks. In Proc. of the 1st international conference on Embedded networked sensor systems (SenSys), 2003.]] Google ScholarDigital Library
- J. Zhao, R. Govindan, and D. Estrin. Computing aggregates for monitoring sensor networks. In Proc. of the 2nd IEEE International Workshop on Sensor Network Protocols and Applications, 2003.]]Google ScholarCross Ref
- S. Zhu, S. Setia, and S. Jajodia. LEAP: Efficient security mechanisms for large-scale distributed sensor networks. In Proc. of the 10th ACM Conference on Computer and Communications Security (CCS '03)., 2003.]] Google ScholarDigital Library
- S. Zhu, S. Setia, S. Jajodia, and P. Ning. An interleaved hop-by-hop authentication scheme for filtering injected false data in sensor networks. In Proc. of IEEE Symposium on Security and Privacy, 2004.]]Google Scholar
Index Terms
- Attack-resilient hierarchical data aggregation in sensor networks
Recommendations
SDAP: A Secure Hop-by-Hop Data Aggregation Protocol for Sensor Networks
Hop-by-hop data aggregation is a very important technique for reducing the communication overhead and energy expenditure of sensor nodes during the process of data collection in a sensor network. However, because individual sensor readings are lost in ...
Securely computing an approximate median in wireless sensor networks
SecureComm '08: Proceedings of the 4th international conference on Security and privacy in communication netowrksWireless Sensor Networks (WSNs) have proven to be useful in many applications, such as military surveillance and environment monitoring. To meet the severe energy constraints in WSNs, some researchers have proposed to use the in-network data aggregation ...
Secure median computation in wireless sensor networks
Wireless sensor networks (WSNs) have proven to be useful in many applications, such as military surveillance and environment monitoring. To meet the severe energy constraints in WSNs, several researchers have proposed to use the in-network data ...
Comments