Title :
Secure sensor network SUM aggregation with detection of malicious nodes
Author :
Choi, Soon-Mi ; Ghinita, Gabriel ; Bertino, Elisa
Author_Institution :
Dept. of Comput. Sci., Purdue Univ., West Lafayettee, IN, USA
Abstract :
In-network aggregation is an essential operation which reduces communication overhead and power consumption of resource-constrained sensor network nodes. Sensor nodes are typically organized into an aggregation tree, whereby aggregator nodes collect data from multiple data source nodes, and perform a reduction operation such as sum, average, minimum, etc. The result is then forwarded to other aggregators higher in the hierarchy toward a base station (or sink node) that receives the final outcome of the in-network computation. However, despite its performance benefits, aggregation introduces several difficult security challenges with respect to data confidentiality, integrity and authenticity. In today´s outsource-centric computing environments, the aggregation task may be delegated to a third party that is not fully trusted. In addition, even in the absence of outsourcing, nodes may be compromised by a malicious adversary with the purpose of altering aggregation results. To defend against such threats, several mechanisms have been proposed, most of which devise aggregation schemes that rely on cryptography to detect that an attack has occurred. Although they prevent the sink from accepting an incorrect result, such techniques are vulnerable to denial-of-service if a compromised node alters the aggregation result in each round. Several more recent approaches also identify the malicious nodes and exclude them from future computation rounds. However, these incur high communication overhead as they require flooding or other expensive communication models to connect individual nodes with the base station. We propose a flexible aggregation structure (FAS) and an advanced ring structure (ARS) topology that allow secure aggregation and efficient identification of malicious aggregator nodes for the SUM operation. Our scheme uses only symmetric key cryptography, outperforms existing solutions in terms of performance, and guarantees that the aggregate result is correct and t- at malicious nodes are identified.
Keywords :
authorisation; computer network security; cryptography; wireless sensor networks; SUM aggregation; advanced ring structure topology; aggregation tree; aggregator nodes; authenticity; base station; communication overhead; data confidentiality; denial-of-service; flexible aggregation structure; in-network aggregation; in-network computation; integrity; malicious adversary; malicious nodes detection; outsource-centric computing environments; power consumption; resource-constrained sensor network nodes; secure sensor network; sink node; symmetric key cryptography; Base stations; Bismuth; Encryption; Protocols; Radiation detectors; Structural rings; Aggregation; Security; Sensor Networks;
Conference_Titel :
Local Computer Networks (LCN), 2012 IEEE 37th Conference on
Conference_Location :
Clearwater, FL
Print_ISBN :
978-1-4673-1565-4
DOI :
10.1109/LCN.2012.6423606
