1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science...
Transcript of 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science...
![Page 1: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/1.jpg)
1
Secure In-Network Aggregation for Wireless Sensor Networks
Bo Sun
Department of Computer Science
Lamar University
Research Supported by Texas Advanced Research Program under Grant 003581-0006-2006
![Page 2: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/2.jpg)
2
Outline of Presentation• Introduction and Motivation• Assumptions and Network Model• Local Detection
– Challenges
– Extended Kalman Filter based Monitoring
– CUSUM GLR based Monitoring
• Collaboration between Intrusion Detection Module (IDM) and System Monitoring Module (SMM)
• Performance Evaluation• Conclusions and Future work
![Page 3: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/3.jpg)
3
Introduction and Motivation
![Page 4: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/4.jpg)
4
Wireless Sensor Networks (WSNs)
Target
Base Station
Internet
User
Sensor Node
Sensor Node
Sensor Field
•Many simple nodes with sensors deployed throughout an environment
Sensing + CPU +Radio = Thousands of Potential Applications
![Page 5: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/5.jpg)
5
Why do we need Aggregation in WSNs?
• Example Query:– What is the maximum
temperature in area A between 10am and 11am?
– Redundancy in the event data
• Solution: Combine the data coming from different sources
• Eliminate redundancy• Minimize the number of
transmissions
2
1
3
4
5
![Page 6: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/6.jpg)
6
Secure In-Network Aggregation Problem
I
C D
B
E
HA
F
G
Base Station
JK LM
NWireless Sensor Node
Data Transmission
Legend
v1 v2
v3
vi Sensor Measurement
f(v1, v2, v3)
f Aggregation Function
![Page 7: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/7.jpg)
7
Observation
• There is very little work that aims at addressing secure in-network aggregation problem from the intrusion detection perspective
• Our Work– We set up the normal range of the neighbor’s
future transmitted values– We propose the integration between System
Monitoring Modules and Intrusion Detection Modules
![Page 8: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/8.jpg)
8
Intrusion Detection Systems (IDSs)
Intrusion Prevention(Encryption, Authentication,etc.): Not Enough
Weakest Point
IntrusionDetection
LayeredProtection
Security Failure
IntrusionTolerance
• Why do we need IDSs?
• Goal: Highly secured Information Systems
![Page 9: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/9.jpg)
9
1) Misuse Based Detection2) Anomaly Based Detection3) Combination of 1) and 2)
Intrusion Detection Systems
System
NormalActivities
IntrusiveActivities
DetectionEngine
Probes Audits
Database Configuration
Intrusion ResponseAlarms
![Page 10: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/10.jpg)
10
Challenges
• It is difficult to achieve the real aggregated values– High packet loss rate– Individual sensor readings are subject to
environmental noise– Uncertainty of the aggregation function
• Sensor nodes suffer from stringent resources
![Page 11: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/11.jpg)
11
Challenges
![Page 12: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/12.jpg)
12
Assumptions and Network Models
![Page 13: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/13.jpg)
13
Assumptions
• The majority of nodes around some unusual events are not compromised
• Falsified data inserted by compromised nodes are significantly different from real values
![Page 14: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/14.jpg)
14
Network Models
N
Aggregation Node
N1 N2 Nn
v1 v2
vn
![Page 15: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/15.jpg)
15
Local Detection
![Page 16: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/16.jpg)
16
Kalman Filter• A set of mathematical equations
– Recursively estimate the state of a process
• Time Update: Project the current state estimate ahead of time
• Measurement Update: Adjust the projected estimate by an actual measurement
![Page 17: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/17.jpg)
17
Extended Kalman Filter based Monitoring
![Page 18: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/18.jpg)
18
Extended Kalman Filter based Monitoring – System Dynamic Model
• Process Model
• Measurement Model
![Page 19: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/19.jpg)
19
Extended Kalman Filter based Monitoring – System Equations
• Time Update– State Estimate Equations:– Error Project Equations:
• Measurement Update– Kalman Gain Equation:– Estimate Update with Measurement:
– Error Covariance Update Equation:
![Page 20: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/20.jpg)
20
EKF based Local Detection Algorithm
![Page 21: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/21.jpg)
21
CUSUM GLR based Location Detection
• EKF based solution ignores the information given by the entire data sequence
• EKF based solution is not suitable if an attacker continuously forge values with small deviations
• Solution
– Cumulative Summation (CUSUM) Generalized Likelihood Ratio (GLR)
![Page 22: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/22.jpg)
22
An Example of CUSUM • Cumulative sum:
Source: D.C. Montgomery (2004).
![Page 23: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/23.jpg)
23
CUSUM GLR based Location Detection
![Page 24: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/24.jpg)
24
Collaboration between IDM and SMM to Differentiate Malicious Events from
Emergency Events
Co-DetectorsNormal Nodes
Compromised Node
Compromised NodeFire
False Report
False ReportAlert Transmission
Base Station
![Page 25: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/25.jpg)
25
Performance Evaluation
![Page 26: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/26.jpg)
26
Simulation Setup
• Aggregation Function– Average, Sum, Min, and Max
• Simulation– Different packet loss ratio: 0.1, 0.25, 0.5– D: Attack Intensity
• The difference between attack data and normal data
• Performance Metric– False Positive Rate– Detection Rate
![Page 27: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/27.jpg)
27
Performance Evaluation – Average of EKF
![Page 28: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/28.jpg)
28
Performance Evaluation – Average of CUSUM GLR
![Page 29: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/29.jpg)
29
Performance Evaluation – Sum of EKF
![Page 30: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/30.jpg)
30
Performance of Evaluation – Sum of CUSUM GLR
![Page 31: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/31.jpg)
31
Performance Evaluation – Min of EKF
![Page 32: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/32.jpg)
32
Performance Evaluation – Min of CUSUM GLR
![Page 33: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/33.jpg)
33
Performance Evaluation – Max of EKF
![Page 34: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/34.jpg)
34
Performance Evaluation – Max of CUSUM GLR
![Page 35: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/35.jpg)
35
Related Work
• Hu and Evans’ secure Aggregation
• Secure Information Aggregation
• Secure Hierarchical In-Network Aggregation
• Secure hop-by-hop data aggregation
• Topological Constraints based Aggregation
• Resilient Aggregation
![Page 36: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/36.jpg)
36
Conclusions and Future Work
• Conclusions– Extended Kalman Filter based approach can
provide an effective local detection algorithm– Intrusion Detection Module and System
Monitoring Modules should work together to provide intrusion detection capabilities
• Future Work– Large scale test of the proposed approach– Further elaboration of interactions between IDM
and SMM
![Page 37: 1 Secure In-Network Aggregation for Wireless Sensor Networks Bo Sun Department of Computer Science Lamar University Research Supported by Texas Advanced.](https://reader035.fdocuments.net/reader035/viewer/2022070411/56649f445503460f94c64f71/html5/thumbnails/37.jpg)
37
Thank You !