enhancing source-location privacy in sensor network routing p.kamat, y. zhang, w. trappe, c. ozturk...
TRANSCRIPT
Enhancing Source-Location Privacy in Sensor Network Routing
P.Kamat, Y. Zhang, W. Trappe, C. OzturkIn Proceedings of the 25th IEEE International Conference on Distributed Computing Systems
Natalia Stakhanovacs610
Sensor networks
Security threats concerns with data security
necessity to protect content of the data packages transferred through the network
privacy threats associated with sensors devices necessity to secure the transmission of the data,
for ex. location of the sensor node providing particular information
Presented work addresses this issue
Example: pander-hunter game
Sensors are monitoring the habitat of pandas once panda is observed - the information is
reported to the base station hunter desires to capture panda
Assumptions one panda, one hunter and one base station hunter is equipped with rich memory and
power resources and is able to identify the immediate sender knowing signal strength and the angle of the arrived message
Privacy metrics
the safety period number of messages initiated by the
sensor monitoring the panda.
the capture likelihood the probability that hunter can
capture panda within a specified time period.
Considered routing protocols
Two baseline techniques flooding
message is broadcasted to all neighbors single-path routing
message is routed to one of the neighbors
Improvements for these techniques each technique is associated with
behavioral hunter model
Performance: baseline routing protocols
Patient hunter model
• hunter waits at the base station for message • moves to the immediate sender of that message• repeats until reaches the source node
• The safety period is the same as the length of the shortest routing path.
single-path routing
flooding
• The capture likelihood is high with single source routing, much lower with probabilistic routing
Improvement: routing with fake sources
introduce new sources that inject fake messages into the network
two challenges: How to chose fake source Rate of fake messaging
Routing with fake sources
Fake source source is h hops away, sends message to the
sink sink sends a message into opposite direction once message reached node in h hops away
from sink it becomes a fake source
Rate of fake messaging Slow rate →hunter finds the real source fast
At the rate of the real messaging → hunter struggles between fake and real source
High rate → hunter is kept at the fake source
fake source
real source
Performance: routing with fake sources
Fast speed of fake messaging provides good privacy!
… But it won’t work for more sophisticated hunter
Perceptive hunter model
• hunter is able to detect deception • for ex. can keep the history of visited nodes
Improvement: phantom routing
Introduces two phases: random walk
message is routed in random fashion for h hops
flooding/single-path routing
after h hops message is routed using baseline technique
Random walk
Flooding
Phantom routing: further improvement
Pure random walk might not be efficient → directed random walk
a sector based directed random walk each node partitions neighbors into two sets
S1, S2 (for ex. east/west) if message is sent to node in S1, then every
node forwards it to the neighbors in set S1 only
a hop-based directed random walk must know the hop count between sink and all
nodes partition node into 2 sets: with hop count <
mine and > mine
Performance: phantom routing
Safety period for phantom single-source routing is higher than for phantom flooding
single-path routing
flooding
Why: • probability in single-source
routing that message will intersect hunter’s path is small
• in flooding this probability is still large
Performance: phantom routing
The capture likelihood - number of transmissions per message increases linearly for both techniques
single-path routing
flooding
However • Safety period increase is
more dramatic • So combined -> more
privacy
Performance: phantom routing
Caution hunter model hunter limits its listening time at node after timeout hunter returns to the previous node
However … does not provide more benefits hunter does not make much progress towards the real
source Safety period is higher, while capture likelihood is lower
Privacy in mobile sensor network
Mobility adds privacy Fast moving panda alone is sufficient to
provide source privacy using single-source routing
In phantom routing the privacy increases
Conclusion
Majority of the research efforts are focused on data security
There are some works on protecting privacy associated with network devices not appropriate for sensor networks
This is one of the first efforts to address sensor location privacy in sensor network