sensor node privacy

7/29/2019 Sensor Node Privacy

1/29

Sensor node/ Sink hiding

(Privacy)

Syed Safdar Ali Shah

FA11-PCS-004


2/29

Agenda

Motivations

Overview (Security factors)

Techniques Problem Statement


3/29

Motivations

Privacy in a network consists of not only the

privacy of the message content but also the

privacy of the source and destination locations


4/29

Motivations

Applications like military surveillance and

target tracking provide incentives to

adversaries to eavesdrop on network traffic to

obtain valuable intelligence.

The adversary may decide to deploy his own

set of sensor nodes to monitor the

communication in the target network.


5/29

GENERAL SECURITY Factors

Wireless networks are inherently morevulnerable than their wired counterparts.Notable factors contributing to securityproblems include the following:

Channel - Wireless usually involve broadcastcommunication, which makes eavesdroppingand jamming easier.

Mobility - If a wireless device is affiliated with a

person, tracking the device reveals that person'slocation. Thus privacy become a importantconcern.


6/29

GENERAL SECURITY Factors

Resources End host usually batterypowered devices which limits computation,size of RAM and secondary storage. which

open the door of denial of service attacks atbattery depletion

Accessibility- Some devices are generally leftunattended and are places in remotelocations. which increases more chances forphysical attacks.


7/29

Type of Techniques

Techniques

SourcePrivacy

DestinationPrivacy


8/29

Source Privacy


9/29

Protecting Location Privacy Through

Path Confusion[2]

Location Privacy.

The key idea underlying the perturbation

algorithm is to cross paths in areas where at

least two users meet.

This increases the chances that an adversary

wouldconfuse the paths of different users.


10/29

PROTECTING LOCATION PRIVACY IN SENSOR NETWORKS

AGAINST A GLOBAL EAVESDROPPER [3] [Thesis]

The technique prevents the leakage of location

information of monitored object.

two techniques that provide location privacy

for destinations:

periodic collection method: Every sensor node

independently and periodically send packets at

a reasonable frequency regardless of whether

there is real data to send or not.


11/29

Conti[3]

backbone flooding approach:

Packets are sent to a connected portion of thenetwork, the backbone, instead of sending them onlyto a few randomly scattered destinations.

Only the sensors, the backbone members, that belongto this backbone need to flood the packets so that allthe sensors in the communication range of thebackbone can receive them.

The real destinations are located in the communicationrange of at least one backbone member.


12/29

Source-location privacy in energy constrained

sensor network routing [4]

The flooding technique [4] requires a source nodeto send out each packet through numerous pathsto a destination to make it difficult for an

adversary to trace the source. Problem is that the destination will still receive

packets from the shortest path first.

The adversary can thus quickly trace the source

node using backtracking. This method consumes a significant amount of

energy without providing much privacy in return.


13/29

Enhancing source-location privacy in

sensor network routing [5]

Kamat et al. proposes fake packet generationtechnique [5] in which a destination creates fakesources whenever a sender notifies the

destination that it has real data to send. These fake senders are away from the real

source and approximately at the same distancefrom the destination as the real sender.

Both real and fake senders start generatingpackets at the same time. This scheme providesdecent privacy against a local eavesdropper.


14/29

Entrapping adversaries

for source protection in sensor networks [6]

Cyclic entrapment [6] creates looping paths at

various places in the sensor network.

This will cause a local adversary to follow

these loops repeatedly and thereby increase

the safety period.

Energy consumption and privacy provided by

this method will increase as the length of the

loops increase.


15/29

Towards event source

un observability with minimum network traffic in sensor networks[7]

Yang et al. propose to use proxies for the location privacy ofmonitored objects under a global eavesdropper [7].

The network is partitioned into cells where sensors in eachcell communicate with the nearest proxy.

Each cell sends traffic that follows an exponentialdistribution to its nearest proxy.

The traffic will include dummy packets if real packets arenot available.

The proxies filter out dummy packets and send data to

destination. All packets are appropriately encrypted so that adversary is

not able to distinguish between real and dummy packets.


16/29

Protecting receiver-location privacy

in wireless sensor networks [10]

Jian et al. proposed the location privacy routingprotocol (LPR) for destination location privacy [10].

The LPR algorithm provides privacy to the destinationwith help ofredundant hops and fake packets whendata is sent to the destination.

Each time a packet is forwarded to the next hop, thepacket may move either closer or away from thedestination.

Along with the real data packets, sensors maygenerate fake packets that travel away from thedestination to confuse the adversary.


17/29

Preserving Source-Location Privacy in Wireless Sensor Network usingSTaR Routing [11]

Two phase process.

First the source node randomly selects an intermediatenode at the sensor domain and routes the message tothe random intermediate node. The random

intermediate node services as a fake source when themessage is forwarded to the SINK node.

The random intermediate node would be located in apre-determine region around the SINK node. We callthis region the Sink Toroidal Region (STaR).

In the second phase, the intermediate node thenforwards the message to the SINK node by single-pathrouting.


18/29

DestinationPrivacy


19/29

Enhancing base station security in

wireless sensor networks[8]

Deng et al. introduced a technique to protect

the locations of destinations from a local

eavesdropper by hashing the identification

fields in packet headers.


20/29

De correlating wireless sensor network traffic to

inhibit traffic analysis attacks[9]

Deng et al. also presented four techniques to

protect the location privacy of destination

from a local eavesdropper who is capable of

carrying out time correlation and ratemonitoring [9]


21/29

1.[9]

First, they propose a multiple parents routing

scheme in which for each packet a sensor

node selects one of its parents randomly and

forwards the packet to that parent.

This makes the traffic pattern between the

source and the destination more dispersed

than the schemes where all the packets travelthrough same sequence of nodes


22/29

2. [9]

Second technique using controlled random walk,random fake paths, and hot spots.

The controlled random walk technique adds arandom walk to the multiple parents routingscheme causing the traffic pattern to be morespread out and hence less vulnerable to ratemonitoring.

The random fake path technique is introduced to

confuse an adversary from tracking a packet as itmoves towards the destination, mitigating thetime correlation attacks


23/29

3. [9]

In differential fractal propagation (DFP)

technique, whenever a node transmits a real

packet, its neighbor node generates a fake

packet.

This fake packet travels configured number of

hops to confuse the adversary.


24/29

4. [9]

High activity local area are created in WSN, called hotspot.

If such an area receives a packet, the packet has highprobability of traveling through the same sequence of

nodes creating an area of high activity.

A local eavesdropper may be deceived into believingthat this area is close to a destination.

However, a global eavesdropper can notice that onlysome packets generated by real objects pass throughthis hot-spots and conclude that the destination maynot necessarily be close to those hot spots.


25/29

Lifetime Bounds of Wireless Sensor Networks

Preserving Perfect Sink Un observability [12]

all nodes including base station equalize the values of

their total incoming and outgoing flows as well as their

energy expenditure.

This way, no information about the sink location isrevealed even when all communication within the

network is monitored


26/29

Preserving Mobile-Sink-Location Privacy in Wireless

Sensor Networks[13]

a scheme based on local flooding of source and

greedy random-walk of sink is proposed to protect

the location privacy of mobile sinks in sensor

networks. Sensor do not know any information about sink-

location, data are forwarded by local flooding and

stored at pass nodes in the network.

the sink move in greedy random-walk to collect data

from the local nodes occasionally,

which prevents the attackers from predicting their

locations and movements.


27/29

Protecting the sink location privacy in

wireless sensor networks[14]

protection scheme by injecting fake packets, butevery real packet is still routed along its shortestpath.

The fake packets are routed to some randomdestinations and some fake sinks in order toprovide the path diversity.

It is difficult for an attacker to distinguish the real

packets from the fake packets. Thus, the chance of finding the real sink by

packet-tracing attack is reduced.


28/29

Problem Statement[12]

WSNs could be an invaluable asset for improvinghomeland security. As a motivating example weconsider a WSN application for securing railwaytracks, oil and natural gas pipelines where sensornodes are positioned on a line. Since base stationis a natural target for rendering the networkineffective with the minimum resources

expended, countermeasures against attacks thatseek to locate the base station needs to bedeveloped.


29/29

References

[2]. Protecting Location Privacy Through Path Confusion

[3]. PROTECTING LOCATION PRIVACY IN SENSOR NETWORKS AGAINST A GLOBAL

EAVESDROPPER

[4] Source-location privacy in energy constrained sensor network routing .

[5] Enhancing source-location privacy in sensor network routing

[6] Entrapping adversaries for source protection in sensor networks [7] Towards event source un observability with minimum network traffic in sensor networks

[8] Enhancing base station security in wireless sensor networks

[9] De correlating wireless sensor network traffic to inhibit traffic analysis attacks

[10] Protecting receiver-location privacy in wireless sensor networks

[11] Preserving Source-Location Privacy in Wireless Sensor Network using STaR Routing

[12] Lifetime Bounds of Wireless Sensor Networks Preserving Perfect Sink Un observability

[13] Preserving Mobile-Sink-Location Privacy in Wireless Sensor Networks

[14] Protecting the sink location privacy in wireless sensor networks

[15]

sensor node privacy

Documents