presented by: su jin kim collaboration of mobile and pervasive devices for embedded networked...

Presented by: Su Jin Kim Collaboration of Mobile and Pervasive Devices for Embedded Networked Systems Committee: Sandeep K. S. Gupta (Chair) Partha Dasgupta Hasan Davulcu Yann-Hang Lee

Outline Introduction Mobile Edge Computing Devices (MECD) Mesh-Networked MECDs Self-organizing Authentication for Embedded Networked Systems Conclusion and Future Work

Embedded Networked System (ENS) Embedded System Wireless Network Pervasive Computing Embedded Networked System (ENS) Embedded Networked System (ENS) Context awareness Collaboration Feature Technology End nodes ENS Architecture [1][2][3] End nodes are embedded systems with wireless communication capability. Gateways are capable of connecting end nodes to the external network. Servers could access data remotely. Collaboration of local gateways Interaction is mostly local. Local systems could detect same events (e.g. fire, earthquake). Save bandwidth and reduce delay. Smart Service in everyday life Bandwidth and connectivity problem between gateways and servers

Research Challenges Large sized Distributed and Autonomous Mobile (high and unpredictable) Resource limited Heterogeneous Gateway- level collaboration Gateway- level collaboration Scalability End-to-end reliability Local data processing Efficiency Energy, computation, and communication Neighbor & Service discovery Security Authentication Authorization (Access control) Key management ENS Characteristics Research Issues Scalability How to support additional networks of local gateways for a large sized network. End-to-end reliability How to ensure packet delivery between local and external networks within a certain delay. Authentication How to authenticate strangers without any knowledge. Research Questions Dynamic characteristic of gateway level networks Additional networks and works

Research Contributions Research Domains Research ChallengesResearch Outcomes ScalabilityContext: Need to be scalable for a large sized network Question: How to support a large network with gateway level collaboration? Challenges: High and unpredictable mobility pattern Approach: A hierarchical architecture with a mobile gateway that provides distributed and local management for an object Intelligent Networked Containers for Enhancing Global Supply Chain Security and Enabling New Commercial Value, COMSWARE'08 Enhancing Cargo Container Security during Transportation: A Mesh Networking Based Approach, HST'08 Design and Implementation of Monitoring Systems using Networked Mobile Edge Computing Devices for Ubiquitous Sensor Networks, IEEE Trans. on Consumer Electronics (under review) End-to-end reliability Context: End-to-end reliability requirement Question: How to ensure packet delivery between local and external networks within a certain delay? Challenges: High temperature variance and interference in the environment, small overhead Approach: A mesh networking approach among neighboring gateways AuthenticationContext: Authentication for a dynamic network of neighboring gateways Question: How to authenticate strangers without any knowledge? Challenges: Self-organizing, dynamic Approach: Acoustic feature based authentication using environmental sound Audio-based Self-organizing Authentication for Pervasive Computing: a Cyber-Physical Approach, NGWMN09

Scalability of Gateway and Related Work Scalability Problem of Gateways in ENS Interface for a large network Collaboration between gateways High and unpredictable mobility pattern Hard to provide scalability to a huge number of mobile devices that have unpredictable mobility patterns. Use a mobile gateway per object not per area Gateway Static Mobile Improve Lifetime Improve Connectivity

Hierarchical Network Structure with MECDs Mobile Edge Computing Device (MECD) Mobile gateway Manage the internal network of a moving object in a distributed manner Perform local data processing Support collaboration with neighboring gateways 3-level network of ENS Reduce the amount of data Reduce the remote communication Separate the internal network from outside

Functional Architecture of MECD Communication with end nodes neighboring MECDs Communication with remote servers Local Data Processing

Case Study: Intelligent Container Systems Autonomous End-to-End monitoring system for cargo containers Homeland Security Global Supply Chain

Test-bed Configuration MECD: Data collection, Data reporting, Door Opening Detection, RFID reader Control, Datase Management MicaZ/TelosB mote(s): Report sensed data periodically PDA: Monitors data from MECD, Setup variables Reader-mote module: Reads tag IDs and reports fresh readings Container 2.4 GHz 802.11

Deployment Supported by Mary Murphy-Hoye

Lessons Learned Unreachability Problem High temperature variance High interference between metalic containers Effect on connectivity between gateways

Lifecycle of Containers

Mesh Network Multi-hop Reliability Self-healing Self-organizing More extensive range Requirements of Mesh- networked MECDs Server reachability Low delay Energy efficiency A B

Simulation Setup International Standards Organization (ISO) Container Size Common width for international commerce = 8 ft. (2.44 m) Common height = 8.5 (2.6 m) Length: 20 ft. 53 ft. Common lengths = 20 ft. (6.1 m), 40 ft. (12.2 m), 48 ft. (14.6 m), 53 ft. (16.2 m) Temperature, T 25 C T 65 C Containers stack Up to 6 in height 1 ft distance Forwarder

Metrics Connectivity (C i ) C i = 1, If there is a path between MECD i and the forwarder. C i = 0, If not. Sever Reachability (SR) (S is the set of MECDs in the network) Network Latency Average path length that is defined as the average number of hops along the shortest paths between the forwarder and all other MECDs in the network Energy Efficiency Total energy consumption when every node sends a packet to the forwarder via its shortest path.

Simulation Model: Communication Model Received power (Log-distance Path Loss) [4] Temperature Loss [5] Maximum Transmission Range [5] d 0 = 1m n p = 3.3 Pr(0) = -45dBm = 3dBm Ps = -94 dBm d 0 = 1m n p = 3.3 Pr(0) = -45dBm = 3dBm Ps = -94 dBm Received Power at the refence distance d 0 Path loss exponent Distance Zero-mean normally distributed random variable with standard deviation Temperature, 25 C T 65 C Radio Sensitivity

Simulation Model: Energy Consumption Model First-order Radio Model [6] Energy Consumption to transmit a k-bit packet to a distance d Energy Consumption to receive a k-bit packet Total Energy Consumption to transmit a k-bit packet over n hops Energy consumption to run the transmitter circuitry for a k-bit packet Energy consumption by transmitting amplifier to transmite k bits to distance d Energy consumption to run the transmitter circuitry Energy consumption by transmitting amplifier Energy loss at distance d Energy consumption to run receiver circuitry for a k-bit packet E elec = 50nJ/bit amp = 100pJ/bit/m 2 k = 20 bits, d = 50m E elec = 50nJ/bit amp = 100pJ/bit/m 2 k = 20 bits, d = 50m

Server Reachability vs Network Density vs Temperature MECD-level network can provide 100% server reachability for ISO standard containers within the range 25 C T 65 C. ISO standard container lengths with 1 ft. space are less than 16.5 m.

Path length vs Network Size vs Temperature The MECD-level network will produce a small amount of additional delays and is scalable to a large size of MECD networks (a) T = 25 C (b) T = 45 C (c) T = 65 C

Energy Consumption vs Network Size vs Temperature The MECD-level network will consume a small amount of additional power and is scalable to a large size of MECD networks (a) T = 25 C (b) T = 45 C (c) T = 65 C

Authentication Collaboration among neighboring MECDs Wireless communication Sharing information and resources Authentication The process to prove a users claimed identity. Required before granting access

Related Work Requirement of authentication process for MECD-level networks Mutually unknown MECDs must verify each others claim without any knowledge. Authentication Traditional Context-aware Pre-shared Secret Biometric Trusted-Third Party Require securely pre-established information Interact with the environment and use contextual information Location-based

Location-based authentication The process to authenticate a user by detecting his presence at a distinct location Trust relationship is based on a users current location Localization Approach Absolute location Distance bounding In-region

Problem Definition & Assumptions Self-organizing Region-based Authentication A verifier v authenticates a requester r when they are in a region R of interest. Without humans help, pre-shared information, and pre-established trust relationship. R: the region (e.g., a room, a house, a ship, or a yard) Trust-relationship An entitys presence of the region, R. Assumptions R must have some sort of physical control to restrict people into this area. v and r are well-synchronized. Threat model Active adversaries capture, replay, and insert Passive adversaries - eavesdrop Denial of Service attacks (DoS) not considered an attempt to make a computer resource unavailable to its intended users

Acoustic Feature Based Approach Challenges Distinguish the region Detecting the leave and closing the granted access Approach Acoustic feature based technique using environmental sound Environmental sound is produced by random events in any physical location. Devices within a particular region hear similar environmental sound. A microphone is cheap. Recording Feature Extraction Feature Extraction Feature Exchange Feature Exchange Verification

Acoustic Feature Extraction Techniques Time-domain (temporal) feature extraction Simple to implement. Requires highly well synchronized devices. Frequency-domain (spectral) feature extraction Relatively expensive. Relax synchronization requirement. Hybrid feature extraction Split into several windows and perform frequency-domain feature extraction. Requirements Distinctiveness of locating Randomness and Timevariance

Correlation Recorded sounds in 4 different environments Caf Classroom House Office Correlation coefficient Measure the similarity of two frequency domain signals with different length of FFT functions. Definition: Co-located devices Devices within the same region

Correlation with 256-point FFT (a) Cafe (b) Classroom (c) House (d) Office

Distinctiveness vs Cost of FFT functions Percentage of overlapping between two case: correlation of co-located and not co- located devices Specifications Computation and Energy Cost [7] [8] [11] [9] [10]

Acoustic Feature Extraction 1. A requester sends the request. 2. A verifier sends a random number, n. 3. Both devices start recording and feature extraction steps. 4. The requester sends the feature set to the verifier. 5. The verifier performs the verification step. Recording 123w...Windowing FFT Caculating the peak of each window Hash P1P1 P2P2 P3P3 PwPw .. H(P 1 | n) mod l. Feature Extraction H(P 2 | n) mod lH(P w | n) mod l 0..100100000010 Bloom Filter

Verification At least t % of features match? Authenticated Reject Yes No 0..100100000010 0 100000100010 Features received from the requester Features extracted locally Matched Not matched

Data Collection Implemented on Google Android Dev 1 phones. Deployed at a room. Distinctiveness Evaluation False Positive Rate (FPR): the error rate of failing to reject authentication when it is in fact false False Negative Rate (FNP): the error rate of rejecting authentication when it is actually true To be completely distinguishable against attacks out of the region, False positive rate must be 0. False positive rate 0, a system is vulnerable. False negative rate 0, re-trial can be used. 10 m 20 m 30 m

Experimental Results With t 40%, the complete dinstincitiveness can achieved within a small region. Security Analysis Replay attack: The random number, n, is generated by the verifier and used for a feature set. Therefore, an attacker can not reuse any valid feature set from the previous communications. Guessing: To represent the 128-bit output of the MD-5 hash function in a filter, the length can be 128- bit. With the longer bits of the feature set, it is hard to guess a valid set. (a) w=10(b) w=6

Conclusion and Future Work Conclusion Collaboration among gateways is a key component to save bandwidth and reduce delay for the remote communication by sharing information locally. A mesh networking approach of MECDs improves the connectivity with the remote server. For an intelligent container scenairo, using mesh networked MECDs can solve reachability problem completely with small additional delay and energy consumption with the range of temperature, 25 65 C. The acoustic feature based technique is feasible for self-organizing region-based authentication within a small region. With threshold of 40%, it provides 0.1 FNR for 10m and 0.4 FNR for 20m approximately for a smart home scenario. Future Work Power management for mobile gateways of ENS Mesh-networked MECDs Mesh network management for general USN Self-organizing region-based authentication Improve distinctiveness: multiple contextual information (e.g. temp, light, wifi) Extend for heterogeneous devices in ENS

References [1] S. Fukunaga, T. Tagawa, K. Fukui, K. Tanimoto, and H. Kanno., Development of Ubiquitous Sensor Network, Oki Technical Review, Vol. 71, No. 4, Oct. 2004. [2] ITU-T Technology Watch Briefing Report Series, No. 4., Ubiquitous Sensor Networks, http://www.itu.int/dms\_pub/itu- t/oth/23/01/T23010000040001PDFE.pdf [3] M. Kim, Y. Lee1, and J. Ryou, What are Possible Security Threats in Ubiquitous Sensor Network Environment?, In Proc. of Asia-Pacific Network Operations and Management Symposium (APNOMS 2007), LNCS4773, pp. 437-446, 2007. [4] Randy H. Katz, Radio propagation, http://www.sss-mag.com/pdf/1propagation.pdf [5] K. Bannister, G. Giorgetti, and S. K. S. Gupta, Wireless Sensor Networking for Hot Applications: Effects of Temperature on Signal Strength, Data Collection and Localization, In Proc. of the 5th Workshop on Embedded Networked Sensors (HotEmNets)}, Jun. 2008. [6] W. R. Heinzelman, A. Chandrakasan, and H. Balakrishnan, Eenergy-effieicnt communication protocol for wireless microsensor networks, In Proc. of the 33rd Hawaii Int'l Conf, on System Science, Vol. 8, pp. 8020-8029, 2000. [7] CrossBow, Mica2 Datasheet, https://www.eol.ucar.edu/rtf/facilities/isa/internal/CrossBow/DataSheets/mica2.pdf [8] CrossBow, CrossBow TelosB 2.4GHz datasheet, http://www.willow.co.uk/TelosB\_Datasheet.pdf [9] Shah Bhatti, James Carlson, Hui Dai, Jing Deng, Jeff Rose, Anmol Sheth, Brian Shucker, Charles Gruenwald, Adam Torgerson, and Richard Han, MANTIS OS: An Embedded Multithreaded Operating System for Wireless Micro Sensor Platforms, In ACM/Kluwer Mobile Networks \& Applications (MONET) Journal, Special Issue on Wireless Sensor Networks, August 2005. [10] Robert M. Newman and Elena Gaura, Size does matter - the case for big motes, In Proc. of the 2006 NSTI Nanotechnology Conference and Trade Show (Nanotech 2006), May 2006. [11] K. Venkatasubramanian, A. Banerjee, S. K. S. Gupta, Green and Sustainable Cyber Physical Security Solutions for Body Area Networks, In Proceedings of 6th Workshop on Body Sensor Networks (BSN'09), Berkeley, CA, June 2009.

Thank you! Questions? Impact Lab (http://impact.asu.edu)http://impact.asu.edu

Backup Slides

Related publications Su Jin Kim, and Sandeep K. S. Gupta, Design and Implementation of Monitoring Systems using Networked Mobile Edge Computing Devices for Ubiquitous Sensor Networks, IEEE Trans. on Consumer Electronics, Under review. Su Jin Kim, and Sandeep K. S. Gupta, Audio-based Self-organizing Authentication for Pervasive Computing: a Cyber-Physical Approach, The 2 nd Intl Workshop on Next Generation of Wireless and Mobile Networks (NGWMN09), Vienna, Austria, 2009. Su Jin Kim, Guofeng Deng, Sandeep K. S. Gupta and Mary Murphy-Hoye, Enhancing Cargo Container Security during Transportation: A Mesh Networking Based Approach, 2008 IEEE Intl Conf. on Technologies for Homeland Security (HST'08), Waltham, MA, USA, April 2008. Su Jin Kim, Guofeng Deng, Sandeep K. S. Gupta and Mary Murphy-Hoye, Intelligent Networked Containers for Enhancing Global Supply Chain Security and Enabling New Commercial Value, The 3 rd Int'l Conf. on Communication System Software and Middleware (COMSWARE'08), Bangalore, India, 2008.

Functional Requirements of Smart Containers CategoriesFunctionalitiesTechnologies Container IntegrityDetect unauthorized door opening or door unsealing E-seal, sensors Detect breaching of the container walls, floor, or ceiling (6 sides) Sensors (light, temperature, sound, shock, hole detector) Detect intrusion (a person or animal)Sensors (chemical, pressure, motion detection) Container Tracking & Monitoring Track the container locationGPS Monitor the container conditionsSensors (temperature, humidity, shock, vibration) Contents Tracking & Monitoring Detect unauthorized addition or removal of items/packages RFID Track the items/packages locationRFID History of journeyRecord all relevant information and events (when/who/how/what) Database

Stargate RS232 Prototype Implementation of MECD Crossbow Stargate Gateway Single-board embedded Linux computing designed for sensor networking applications Low-power device Various interfaces USB Memory Card MICAz mote 2.4 GHz Stargate (Gateway) 51-pin PCMCIA Compact Flash USB Ethernet 802.11 Compact Flash card

RFID Reader-Mote Implementation SkyeTek M9 UHF RFID eader Small form factor, cost-efficient, energy-efficient and high-performance RFID reader Converter Two-way communications Voltage conversion between the M9 reader (5V) and MicaZ mote (3V) Reader-Mote Converter MICAz mote 2.4 GHz M9 UHF RFID Reader UART RS232

GUI implementation

Software Components and Data Flow

Experimental Study: RFID Read Ranges According to the SkyeTek document, a M9 UHF RFID reader can approximately read 138 inches with the maximum output power (27 dBm). However, the average read ranges by our experiments are much smaller. In Singapore and Taiwan, the government regulation of output power level is 0.5 watts ERP. In this case, the RFID read range is 10-18 inches. Antennas UHF RFID Tags EPC Class 1 Gen 2ISO 180006B AlienAveryAWiD Cushcraft S9028PC (8 dBiC)20 inches37 inches70 inches Symbol Z1747 (6.4 dBdc)16 inches37 inches75 inches Sensormatic(6.75 dBd)43 inches88 inches86 inches

Experimental Study: Lifetime of MicaZ motes MicaZ mote with MTS310 Sensor board Broadcasts a packet every 10 sec with its voltage level Uses the power saving mode (switching off radio and sensor board after readings) 2 new AA batteries The base station (4 meters away) collects packets The mote lasts about 46 days 46 days

Experimental Study: Energy Consumption Current draw (mA)Power Consumption (mW) TelosB mote0.14 mA0.42 mW MicaZ mote with MTS310 sensor board attached11.25 mA33.75 mW Stargate with MicaZ and AmbiCom CF WiFi card attached 406 mA1827 mW M9 UHF RFID Reader270 mA1215 mW ACSD requires 10 years and MATTS requires 1 year lifetime. Unlike the gateway and motes, the RFID reader needs to operate only 760 hours per year for loading/unloading operations. Using sleep mode, the energy consumption can be reduced. For our 5-day test from Singapore to Taiwan, we used a large (car-size) battery.

Government Regulations for UHF RFID RegionPower LevelsFrequency Bands Singapore0.5 Watts ERP866-869 MHz Taiwan0.5 Watts ERP922-928 MHz Philippines0.5 Watts ERP918-920 MHz Europe, South Africa 2 Watts ERP865.6-867.6 MHz China2 Watts ERP840.5-844.5 MHz U.S4 Watts EIRP902-928 MHz Australia4 Watts EIRP920-926 MHz New Zealand4 Watts EIRP864-868 MHz Japan4 Watts EIRP952-954 MHz South Korea4 Watts EIRP908.5-910 MHz ERP (Effective Isotropic Radiated Power) EIRP (Effective Radiated Power) ERP (dB) = EIRP (dB) 2.15dB

RFID Setup and Reading Gateway

Interenal and External Container Networks External Container Network A container forms and participates in networks with their neighbors dynamically. Internal Container Network The network inside a container is isolated from the dynamic changes outside a container.

Notations

Evaluation Experimental Setip 3 heterogeneous recorders 2 different environments: Caf (noisy) and classroom (moderate) Sound recorded every minute (about 40 60 trials) Simulation: Matlab

Observation Co-located devices have similar patterns on FFT

FFT and Coeff Fast Fourier Transform (FFT) Transforms a signal to frequency-domain Where x is a discrete audio signal and w N = e (-2 i)/N N-point FFT produces a N/2 length feature Correlation coefficient Measure the similarity of two signals, x and y -1 corrcoef 1 Covariance between x and y where E is mathematical expectation and x = E(x)

Feature verification Correlation coefficient Measure the similarity of two signals, x and y -1 corrcoef 1 Covariance between x and y where E is mathematical expectation and x = E(x) July 20, 2009Ph.D Proposal59

Security Concepts Authentication Proving ones identity. Confidentiality Ensuring no one can read the message except the intended receiver. Integrity Assuring the receiver that the received message has not been altered in any way from the original. Non-repudiation Proving that the sender sent the message and the receiver received it.

Localization Approach Absolute location Determines the entitys absolute location, (x, y) Distance bounding Determines whether the entity is closer to the verifier thatn some distance or not In-region Determines whether the entity is inside a certain region or not Localization Category Range-dependent Measures physical properties of the exchanged signals Time of Arrival (TOA), Angle of Arrival (AOA), Received Signal Strength (RSS) Accurate, but expensive Range-independent Use other characteristic Existence of beaon signals Inexpensive, but less accurate

Results on 256 point FFT

Randomness test Ent, a randomness test program [ent] Entropy: the number of bits per character needed Must be 8 for the perfect randomness Chi-square Test: a way to evaluate differences between real and expected results due to normal random chance The Interpreted percentage must be between 10% and 90% Arithmetic Mean: the sum of all bytes in the file divided by the file length Must be 127.5 for the perfect randomness Monte Carlo Valud for Pi: the probability of that a trowing dart is inside a circle. Must be pi for the perfect randomness Serial correlation coefficient: the correlation of successive bytes Must be zero for the perfect randomness [ent] A Pseudorandom Number Sequence Test Program. http://www.fourmilab.ch/random/

Results Randomness Using Ent, a randomness test program [ent]

Time-variance Run Ent program on the sequence of all featrues (about 40 60) for each environment

Security Basics Symmetric ciphers The same secret key to encrypt and decrypt data. Only sender and receiver know their symmetric ciphers. Used for ensuring confidentiality of data. Asymmetric ciphers (public key algorithm) Two different keys are used. Public key is shared with everyone and used for encryption. Private key is only held by the receiver and used for decryption. Typically used for identifying entities and exchanging symmetric keys. Hashing algorithms Provide ways of mapping messages with or without a key into a fixed-length value Typically used for ensuring integrity of data 1) The sender calculates the hash value of a message 2) The receiver calculates the hash value of a message 3) Two hash values are compared to verify the integrity.

Implementation FIR (Finite Impulse Response) low pass filter: Anti-aliasing filter 1 sec window (8 kHz) 256-point FFT FIR filter Downsample Generate a feature with a peak 1 sec window (8 kHz) 256-point FFT FIR filter Downsample Generate a feature with a peak feature set (bloom filter)

presented by: su jin kim collaboration of mobile and pervasive devices for embedded networked...

Documents

local systems

embedded systems

mobile gateway

gateway level collaboration

local management

large network

external networks

dynamic approach