Sarfraz Presentation

5/12/2018 Sarfraz Presentation - slidepdf.com

http://slidepdf.com/reader/full/sarfraz-presentation 1/34

1

Secure Solution to Data Transfer from Sensor

Node to Sink against Aggregator Compromises

Presented By: Sarfraz Azam



Wireless Sensor Networks

A self organizing network consists of many tiny sensor nodes

which communicate wirelessly with each other using radio

signals, are operated with battery and can sense, observe etc, is

called Wireless Sensor Networks.

WSN Varied Applications

Fire Rescue

Area Monitoring

Machine Monitoring

Greenhouse Monitoring

Environmental Monitoring

2



Wireless Sensor Network

3

Anatomy of Sensor Hardware Sensing Unit

Processing Unit

Transceiver

Power Unit

WSN Architecture Sensor Node

Sensor Field

Sink

WAN

End User Different Topologies of WSN

One Hop Model

Multi Hop Model

Cluster Based Model



Data Aggregation in WSN

4



SecuringWireless Sensor Networks Against Aggregator Compromises

Thomas Claveirole et al. Propose three schemes SMA, DMA and ADMA.

All have common principle, split readings into shares and send over multiple paths

When sink get enough shares for given reading, then it can reconstruct the reading

SMA uses ³Secret Sharing Scheme´ where as DMA and ADMA uses ³Information

Dispersal Algorithm´.

The number of shares transmitted and received (while using IDA) is not necessarily

equal which means that the system tolerates some losses

First technique guarantees data confidentiality where as other two data availability

Limitations

How to obtain multiple paths is not discussed

If attacker gets threshold number of shares it can also reconstruct the reading

Some extra mechanisms must be provided to ensure that the sink knows the set of

contributing nodes

Thomas Claveirole et al. ³Securing Wireless Sensor Networks Against Aggregator Compromises´ in: Communications Magazine, IEEE,Security in Mobile ad hoc and Sensor Networks, Volume 46, Issue 4, ISSN: 0163-6804, p 134 ± 141, 2008.

5



Required Concepts

What is Information Dispersal algorithm ?

Information dispersal algorithm is used for splitting data into multiple pieces

such that with some (threshold) pieces data can be assembled. In general, the

goal of information dispersal is to divide data into f pieces so that a subset of k

of those pieces can be used to recover the data

What is threshold ?

If we create14 slices of the data and disperse them. Among these 14 shares

minimum10 shares are required for its reconstruction then 10 is the threshold

6



7

Problem Analysis



Problem Statement

S ensor node creates ³n´ shares with sensed data and disperses them on multiple paths W hen sink node receives ³t ́ shares out of ³n´ shares, it can reconstruct the reading

where ³t ́ is the threshold value for reconstruction and ³n´ is the total number of shares

created by information dispersal algorithm

I f some paths are compromised and adversary becomes successful in capturing ³t ́

shares, it will also come into position to reconstruct the reading with these ³t ́ shares

if compromiser becomes successful in reconstruction, it will get the message information

which can be utilized in variety of ways

W ith ³t-1´ shares neither the sink node nor the adversary can perform reconstruction

Effects

Adversary can tamper

Can replay the message

Adversary can eavesdrop

Sink node will lose the messages

8



Problem Scenarios - 1

9



Problem Scenarios - 2

10



11

RSS (Re ±Sequencing Scheme)

Proposed Solution



RSS (Re ±Sequence Scheme)

We have considered [1] as the base idea and chosen the ADMA (Authenticated

Dispersed Multipath Aggregation) scheme

We divide this RSS scheme in three phases and explain each phase briefly

Initial Preparation

Sensor Node

Sink Node (On Receiving Shares)

Design Goals

Resists against adversary for more time Provides strong authentication and integrity

Will be more efficient than the previous schemes

Increases data security with less energy overhead

12



Initial Preparation

Prepare a symmetric key for each sensor node Symmetric key is randomly generated for each sensor node

Create a map file, with all of these symmetric keys, placing them against each node ID

13



Sensor Node

At the deployment time the symmetric secret key is injected in each sensor node Symmetric key contains the randomly generated sequence numbers between 0 and 11

When sensor node starts sensing it stores data readings in the buffer, until the buffer

becomes full

Sensor place 12 readings in the buffer . These can be increased or decreased

When, it reaches to this range then re-sequencing process will start

14



RSS (Re-Sequencing Scheme) working

15



Conti«

After completing re-sequencing, we take message sequence number, secret key and

apply SHA1 over them then authentication key is created

We place this authentication key at the end of the re-sequenced buffer

This equation shows the buffer after adding authentication key

Ri = [r i,1----------r i,n h(k i , s)] After completing SHA-1 process, the data is transferred to IDA (information Dispersal

Algorithm )

It creates several shares from that data

All created shares have unitary length

All shares contain information regarding the whole data (readings + authentication key)

It disperse those shares over multiple paths

All these multiple paths ends at the base station

16



Sink Node (On Receiving Shares)

On receiving the sink node reconstruct R i it just verifies the last element is equal to

h(k i, s)

If it is not equal it means there is a problem and another subset will be used to

reconstruct R i

When this process completes we again start the process of re-sequencing

We use the symmetric key from map file which is placed against the ID of the

transmitter node

By using this key, we re-sequence the data

Now we get the real data

17



Re-Sequencing Process

18



Scheme Analysis

We analyze RSS scheme with different perspectives

Resistance against compromisers

Comparison in number of packets sent Comparison in energy consumption

Comparison with well known techniques

19



RSS Resistance Against Compromisers

20

To test for how much time our RSS resist against compromiser 1 Buffer =12 Readings

12 ! = 479001600

If one millisecond is required to solve one permutation

T hours (S) = 133.056

In 10 minutes some sensors send more than 20 messages



RSS (Scenario - 1)

21



22

Simulations and Results



Simulations

We use TinyOS as an operating system and TOSSIM as simulator We have used two tools for simulations

PowerTOSSIM

TinyViz

23



Results

W

e have performed several simulations for both schemes ADMA

RSS

Comparisons of both the schemes and calculated results

Number of Packets sent by individual node

Total energy consumed by each simulation

Total energy overhead created by RSS

Comparison with other renowned schemes

Performance Metrics

RSS energy overhead

Energy consumed individually

Total energy consumed by the network

Packets sent individually to sink

24



Number of Packets Sent

25



Total Energy Consumption by Each Simulation

26



Total Energy Overhead Created by RSS

27

Energy difference in both schemes is 1366 joules

It is 0.075%

45.539 joules energy overhead for each node in 30 minutes



Comparison with Renowned Schemes

28



29

Conclusion And FutureWork



Conclusion

This scheme provides better data security from adversary then the ADMA

(authenticated Dispersed Multi path Aggregation)

Scheme depends on symmetric key, information dispersal algorithm and

multiple paths routing

RSS provides protection against eavesdropping, data tampering and denial of

service attacks even in the presence of compromised nodes

It provides data authenticity, protection and availability

0.075% energy overhead is the cost for making data more secure

30



FutureWork

We want to remove the loop-holes in this scheme and make it more efficient

Now we have done the simulation of the RSS scheme but in the future we

plan to implement this scheme with real time motes to get real results

We will also simulate the security attacks.

31



References

[[1] Thomas Claveirole et al. ³SecuringWireless Sensor Networks Against Aggregator Compromises´ in: Communications Magazine, IEEE, Security in Mobile ad hoc and

Sensor Networks, Volume 46, Issue 4, ISSN: 0163-6804, p 134 - 141, 2008.

[2] M. O. Rabin, ³Efficient Dispersal of Information for Security, Load Balancing, and

Fault Tolerance,´ J. ACM, vol. 36, no. 2, pp. 335-48, 1989.

[3] Hu, L., Evans, D. ³Secure aggregation for wireless network ́ In: Proc. IEEE

Symposium on Applications and the Internet Workshops (SAINT¶03), pp 384-394, 2003.

[4] Pawan Jadia and Anish Mathuria, ³Efficient Secure Aggregation in Sensor

Networks´

High Performance Computing - HiPC, pp 40-49, Bangalore,-India, 2004.

[5] Robert Di Pietro et al. ³Confidentiality and Integrity for Aggregation in WSN Using

Peer monitoring´ journal Security and Communication Networks, Volume 2, Issue 2,pp

181-194, 2007.

32



References

[6] Julia Albath and sanjay Madria, ³Secure Hierarchical Data Aggregation inWirelessSensor Networks´ Wireless Communications and Networking Conference, 5-8 April,

ISBN 1525- 3511, pp 1-6, IEEE, Budapest, 2009.

[7] Suat Ozdemir and Yang Xiao, ³Hierarchical Concealed Data Aggregation for

Wireless Sensor Networks´, in Proc. of Embedded Systems and Communications

SecurityWorkshop in conjunction with IEEE SRDS , September 27-29, Niagara Falls, NY 2009.

[8] Tiwari, Ankit et al. ³Energy-efficient wireless sensor network design and

implementation for condition-based maintenance´, ACM Transactions on Sensor

Networks (TOSN), Volume 3, Issue 1, ACM, New York, NY, USA, March 2007.

[9] Wembo He et al. ³PDA: Privacy Preserving Data Aggregation inWSN´ International

Conference on Computer Communications, ISSN: 0743-166X, pp 2045 - 2053, IEEE,

Anchorage, AK, 2007.

33



References

[10] Kewei Sha et al. ³UsingWireless Sensor Networks for Fire RescueApplications: Requirements and Challenges´, Electro/ information Technology,

2006 IEEE International Conference, pp 239 - 244, East Lansing, MI, 04

December 2006.

34

Sarfraz Presentation

Documents