Hiding contextual information in WSNs (original) (raw)
Related papers
Perfect contextual information privacy in WSNs undercolluding eavesdroppers
Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks - WiSec '13, 2013
We address the problem of preserving contextual information privacy in wireless sensor networks (WSNs). We consider an adversarial network of colluding eavesdroppers that are placed at unknown locations. Eavesdroppers use communication attributes of interest such as packet sizes, interpacket timings, and unencrypted headers to infer contextual information, including the time and location of events reported by sensors, the sink's position, and the event type. We propose a traffic normalization technique that employs a minimum backbone set of sensors to decorrelate the observable traffic patterns from the real ones. Compared to previous works, our method significantly reduces the communication overhead for normalizing traffic patterns.
Exploiting Context-Awareness to Enhance Source-Location Privacy in Wireless Sensor Networks
The Computer Journal, 2011
The source-location privacy problem in Wireless Sensor Networks has been traditionally tackled by the creation of random routes for every packet transmitted from the source nodes to the base station. These schemes provide a considerable protection level at a high cost in terms of message delivery time and energy consumption. This overhead is due to the fact that the data routing process is done in a blind way, without knowledge about the location of the attacker. In this work we propose the Context-Aware Location Privacy (CALP) approach, which takes advantage of the ability of sensor nodes to perceive the presence of a mobile adversary in their vicinity in order to transmit data packets in a more energyefficient and privacy-preserving manner. In particular, we apply the concepts of CALP to the development of a shortest-path CALP routing algorithm. A permissive and a strict version of the protocol are studied for different adversarial models and the proposed schemes are evaluated through simulation experiments in terms of privacy protection and energy consumption. Finally, we present the conclusions of the paper as well as possible extensions of this work.
Source location anonymity for sensor networks
2009
Motivated by applications like sensor, peer to peer networks there has been growing interest in monitoring large scale distributed systems. In these applications, source location anonymity is an attractive and critical security property. Most of prior works assumed a weak adversary model where the adversary sees only local network traffic, but here we consider source anonymity against a global eavesdropper. Attaining location unobservability under global attacker is very difficult and expensive to achieve, because sensor networks are very limited in resources. In this work we propose a distributed algorithm to mix real event traffic with carefully chosen dummy traffic to hide the real event traffic pattern. We assume that we have fixed amount of resources to send dummy traffic and we try to share it among sensors so as to maximize the degree of anonymity of the system. Through simulation, we illustrate that the proposed technique is efficient in protecting location information from the eavesdropper.
Providing Source and Sink Location Privacy against a Global Eavesdropper in Sensor Networks
International Journal of Research, 2014
Many of the protocols used to provide sensor network security, provide confidentiality for the content of the messages but contextual information usually remains exposed. Such contextual information can be misused by an adversary to derive sensitive information such as the locations of monitored objects and data sinks in the field. Attacks on these components can significantly undermine any network application. Existing techniques protect the leakage of location information from a limited adversary who can only observe network traffic in a small region. However, a stronger adversary, the global eavesdropper, is realistic and can overthrow these existing techniques.
Preserving source location privacy in monitoring-based wireless sensor networks
Parallel and Distributed …, 2006
While a wireless sensor network is deployed to monitor certain events and pinpoint their locations, the location information is intended only for legitimate users. However, an eavesdropper can monitor the traffic and deduce the approximate location of monitored objects in certain situations. We first describe a successful attack against the flooding-based phantom routing, proposed in the seminal work by Celal Ozturk, Yanyong Zhang, and Wade Trappe. Then, we propose GROW (Greedy Random Walk), a two-way random walk, i.e., from both source and sink, to reduce the chance an eavesdropper can collect the location information. We improve the delivery rate by using local broadcasting and greedy forwarding. Privacy protection is verified under a backtracking attack model. The message delivery time is a little longer than that of the broadcasting-based approach, but it is still acceptable if we consider the enhanced privacy preserving capability of this new approach. At the same time, the energy consumption is less than half the energy consumption of flooding-base phantom routing, which is preferred in a low duty cycle, environmental monitoring sensor network.
Sensors, 2019
Achieving high source location privacy is critical when Wireless Sensor Networks (WSNs) are used in sensitive applications such as in asset or battlefield monitoring. Due to the sensitivity of information in these applications, it is important to ensure the flow of data between sensor nodes is secure and it does not expose any information about the monitored assets to an adversary. This paper proposes a routing scheme with stronger source location privacy than the privacy of traditional routing schemes. The paper addresses some limitations of four existing schemes by providing highly random routing paths between the source nodes and sink node. The scheme randomly sends packet to the sink node through tactically positioned proxy nodes to guarantee the routes are highly befuddling to the adversary. To achieve high privacy, the proposed scheme uses a randomizing factor to generate a new random route for every successive packet. Simulation results demonstrate that the proposed scheme pr...
Traffic Decorrelation Techniques for Countering a Global Eavesdropper in WSNs
IEEE Transactions on Mobile Computing, 2017
We address the problem of preventing the inference of contextual information in event-driven wireless sensor networks (WSNs). The problem is considered under a global eavesdropper who analyzes low-level RF transmission attributes, such as the number of transmitted packets, inter-packet times, and traffic directionality, to infer event location, its occurrence time, and the sink location. We devise a general traffic analysis method for inferring contextual information by correlating transmission times with eavesdropping locations. Our analysis shows that most existing countermeasures either fail to provide adequate protection, or incur high communication and delay overheads. To mitigate the impact of eavesdropping, we propose resource-efficient traffic normalization schemes. In comparison to the state-of-the-art, our methods reduce the communication overhead by more than 50%, and the end-toend delay by more than 30%. To do so, we partition the WSN to minimum connected dominating sets that operate in a round-robin fashion. This allows us to reduce the number of traffic sources active at a given time, while providing routing paths to any node in the WSN. We further reduce packet delay by loosely coordinating packet relaying, without revealing the traffic directionality.
Using data mules to preserve source location privacy in Wireless Sensor Networks
Pervasive and Mobile Computing, 2014
Wireless sensor networks (WSNs) have many promising applications for monitoring critical regions, such as in military surveillance and target tracking. In such applications, privacy of the location of the source sensor is of utmost importance as its compromise may reveal the location of the object being monitored. Traditional security mechanisms, like encryption, have proven to be ineffective as location of the source can also be revealed by analysis of the direction of traffic flow in the network. In this paper, we investigate the source-location privacy issue. We first propose a semi-global eavesdropping attack model which we show as being more realistic than the local or global eavesdropping attack model discussed in literature. In this model, we use a linear-regression based traffic analysis technique and show that it is effective in inferring the location of the data source under an existing source-location preserving technique. To measure source location privacy against this semi-global eavesdropping, we define an α-angle anonymity model. Additionally, we adapt the conventional function of data mules to design a new protocol for securing source location privacy, called the Mules-Saving-Source (MSS) protocol, which provides α-angle anonymity. We analyze the delay incurred by using data mules in our protocol and examine the association between privacy preservation and data delay in our protocol through simulation.
Anti-traffic analysis attack for location privacy in WSNs
EURASIP Journal on Wireless Communications and Networking, 2014
Traditional encryption and authentication methods are not effective in preserving a sink's location privacy from a global adversary that is monitoring the network traffic. In this paper, we first propose a novel anti-traffic analysis (ATA) method to preserve the sink's location privacy. In order to confuse a local or global adversary, each node generates dummy messages, the number of which is dependent on the number of the node's children. Hence, ATA is able to prevent the adversary from acquiring valuable information on the sink's location through the traffic analysis attack. However, a larger number of dummy messages lead to consumption of extra energy. Then, we design our improved ATA (IATA) in such a way that we select some sensors to act as fake sinks, to ensure that sensors around fake sinks generate dummy messages and discard received dummy messages. Since the problem of the optimal fake sinks' placement is nondeterministic polynomial time (NP)-hard, we employ local search heuristics based on network traffic and security entropy. Performance analysis of the ATA scheme can protect the sink's location privacy, and IATA scheme can reduce energy consumption.
Strategic Location-Based Random Routing for Source Location Privacy in Wireless Sensor Networks
Sensors, 2018
Wireless sensor networks (WSNs) are deployed in sensitive applications, such as in military and asset monitoring. In these applications, it is important to ensure good source location privacy. This is owing to the open nature of WSNs and the easiness of an adversary to eavesdrop on sensor communication and back trace the location of the source node. This paper proposes a scheme to preserve the source location privacy based on random routing techniques. To achieve high privacy, packets are randomly routed from the source to the sink node through strategically positioned mediate or diversion nodes. The random selection of mediate or diversion nodes is location-based. Depending on the location of the source node, packets are forwarded through different regions of the network. The proposed scheme guarantees that successive packets are routed through very different routing paths and adversaries find it confusing to back trace them to the source node location. Simulation results demonstra...