Slides

waralligatorMobile - Wireless

Nov 21, 2013 (3 years and 11 months ago)

77 views

Secure Data Aggregation in Wireless
Sensor Networks


Liehuang

Zhu


liehuangz@hotmail.com


2009
-
10

Outline

Secure data Aggregation in Wireless Sensor Networks

1.
Background

2.
Resilient Single
-
Aggregator Aggregation Protocols


SIA: Secure information aggregation in sensor networks


Hao

Chan, Adrian
Perrig
,
Bartosz

Przydatak

and Dawn Song


Journal of Computer Security, 2007


Security Model and Framework for Information
Aggregation in Sensor Networks


Mark
Manulis


ACM Transactions on Sensor Networks, 2009

Outline

Secure data Aggregation in Wireless Sensor Networks

3.
Attack
-
resilient Hierarchical Aggregation


Secure Hierarchical In
-
Network Aggregation in Sensor Networks


Haowen

Chan, Adrian
Perrig
, Dawn Song


ACM CCS 2006


SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol for Sensor
Networks


Yi Yang,
Xinran

Wang,
Sencun

Zhu,and

Guohong

Cao


ACM Transactions on Information System and Security , 2008

4. Improved Protocol













Wireless Sensor Networks Applications

Volcanic
Activity Monitoring

Structural
Health Monitoring

Military Applications

Ocean Monitoring

habitat
monitoring

Environment Monitoring

Introduction

Wireless Sensor Networks Architecture

Introduction


Sensor nodes are usually scattered randomly in the Sensor field.


Sensor node send collection data to sink, such as
temperature, light, humid,
vibration, and voltage.


User query the wireless sensor networks data through the sink (base station)




Sensor Nodes with Limited Capabilities

Introduction


The sensor nodes are highly resource constrained
:


Limited Energy:


Two AA batteries



Cannot be replenished


Limited Communication Capability


Low data rates


Limited communication range


Limited computation Capability


About 4MHz


Small memory


About 8KB flash memory


About 512 bytes of RAM

Data Acquisition in Sensor Networks

Introduction


User can use
SQL
-
like Queries
to acquire Sensor networks’ data.


Cougar sensor database system (Cornell University)



TinyDB

sensor system (UC Berkeley)


Query
-
Based
:

The

users

broadcast

a

query

to

the

network

through

the

data

sink,

and

the

nodes

respond

with

relevant

information
.


Event
-
Based
:

Nodes

send

a

message

to

the

base

station

only

when

the

some

special

events

happen,

such

as

the

temperature

is

high

abnormal
.


Data Acquisition Methods

Introduction


SELECT

AVERAGE
(temperature)

FROM

sensors


SAMPLE

INTERVAL

30
s


DURATION

[now,

now

+

180
m]





ON ENVENT
tank
-
detect(loc):


SELECT AVERAGE(light),
MAX
(temperature), event.loc


FROM sensors s


WHERE dist(s.loc, event.loc) < 10m

WSN

is

mainly

concerned

about

the

statistics

value

of

WSN

data,

such

as

SUM/AVERAGE/MAX/MIN,

and

is

not

concerned

about

the

sensor

data

of

a

concrete

node
.


Sensor

nodes

can

send

raw

data

to

the

base

station

directly
.

Then

the

base

station

compute

the

statistic

value

based

on

received

sensor

data
.



Sensor

data

are

sent

separately,

which

will

consume

much

communication

resource

and

node

energy
.



BS

9

Data Aggregation in Wireless Sensor Networks

Introduction


The

congestion

of

the

nodes

near

the

base

station

are

very

high
.

These

nodes

need

send

several

packages,

which

will

exhaust

their

energy

quickly

and

make

these

nodes

die
.


Some

other

nodes

will

replace

these

die

nodes

to

send

packages

to

the

base

station
.

Because

these

node

are

farther

and

exhaust

there

energy

more

quickly
.



BS

10

Data Aggregation in Wireless Sensor Networks

Introduction


In the end, a piece of nodes die,
and the sensor data can not be
sent to the base station again.


BS

11

Data Aggregation in Wireless Sensor Networks

Introduction


Aggregating

sensor

data

locally

and

sending

the

aggregation

result

to

the

base

station

will

reduce
:


Communication cost


Energy expenditure


BS

12

Data Aggregation in Wireless Sensor Networks

Introduction

Attacks on WSN Aggregation

Introduction


WSNs are often deployed in
unattended
environments , most
existing WSN aggregation algorithm for sensor networks are
vulnerable to security attacks:


Adversary

can

easy

control

the

network

link,

then

eavesdrop,

modify,

drop,

replay

and

forge

message
.


(Outsider

Attacker)


Adversary

can

easy

compromise

nodes

without

being

detected
,

and

can

obtain

confidential

information,

such

as

key

shared

between

node

and

the

base

station
.


(Insider

Attacker)

WSN Aggregation Security Objective

Introduction


Robustness

objective

ensures

the

sink

gets

the

final

aggregation

result

as

accurately

as

possible
.

In

the

presence

of

malicious

nodes,

a

malicious

sensor

can

arbitrarily

bias

the

aggregation

result

by

submitting

just

one

false

data
.


Confidentiality

objective

ensures

that

other

than

the

sink

and

the

sources
,

no

node

should

have

knowledge

of

the

raw

data

or

the

aggregation

result
.


Availability

objective

ensures

the

sink

can

get

the

aggregation

result

on

time

after

the

sink

sending

queries

or

urgent

event

happening
.



Security Challenges on Robustness objective

Introduction

19

2

9

49

5

1

1)
Drop

aggregation

message
.


2)
Alter

aggregation

message


3)
Falsify

its

own

sensor

readings
.


4)
Falsify

the

aggregate

value

7

1

2

3

4

Network topology

SIA: Secure information aggregation in sensor networks

Attack model and Security goal

SIA: Secure information aggregation in sensor networks


Attack

model


A

fraction

of

nodes

will

be

compromised


The

aggregator

will

be

compromised


The

network

links

are

full

controlled


Security

goal


if

the

sink

accepts

a

reported

aggregation

result,

then

the

reported

result

is


close


to

the

true

aggregation

value

with

high

probability
.


if

the

reported

value

is

significantly

different

from

the

true

value,

the

sink

will

detect

the

corruption

and

reject

the

reported

aggregation

result

with

high

probability
.



(
ε
,
δ
)
-
secure aggregation protocol

SIA: Secure information aggregation in sensor networks


ε


approximation


y
1
is a ε
-
approximation of y if (1 − ε)y <y
1

<(1 + ε)y.


(
ε
,
δ
)
-
secure

aggregation

protocol


In

the

presence

of

adversary,

the

protocol

always



(
1
)

returns

an

aggregation

result

which

is

ε

approximation

of

the

true

result

with

probability

at

least

1
-

δ
.


(
2
)

returns

rejects

if

the

sink

can

prove

the

presence

of

adversary

in

the

system
.



Aggregate
-
commit
-
prove

SIA: Secure information aggregation in sensor networks


The

sink

broadcasts

authenticated

query

message

to

sensor

nodes,

which

includes

aggregation

function

(e
.
g
.

Average/Sum

/Median/Max/Min)

and

nonce

N
.


Each

node

S
i

verifies

the

query,

then

send

data

to

aggregator



The

aggregator

computes

the

aggregation

result

based

on

the

received

data

messages
.



|| || || ( || || ) || ( || || )
ia is
i i i k i i k i i
M ID a N MAC ID a N MAC ID a N

Aggregate
-
commit
-
prove

SIA: Secure information aggregation in sensor networks


The

aggregator

computes

the

commitment

of

received

data

through

constructing

a

commitment

tree,

so

that

the

data

cannot

be

changed

one

commited
.


All

the

collected

data

is

placed

at

the

leaves

of

the

tree,

and

computes

a

binary

hash

tree

starting

from

the

leaf

nodes
:

each

internal

node

in

the

hash

tree

is

computed

as

the

hash

value

of

the

concatenation

of

the

two

child

nodes
.

The

root

of

the

tree

represents

the

commitment
.

Aggregate
-
commit
-
prove

SIA: Secure information aggregation in sensor networks


In

prove

phase,

the

base

station

should

to

verify

that

the

aggregator

hasn’t

taken

the

following

actions

through

sampling

data

from

the

aggregator
.


Add

some

fabricated

data

values

that

were

not

reported


Duplicate

some

existing

legitimate

sensor

value


Report

an

aggregation

result

that

is

inconsistent

with

the

committed

input

data


Aggregate
-
commit
-
prove

SIA: Secure information aggregation in sensor networks


Detecting

fabricated

data

values









Theorem

Suppose

the

sink

requests

(
1

)
ln
(
1

)

samples
.

Then,

if

the

aggregator

has

falsified

at

least

ε

data

values,

the

probability

of

detecting

the

falsification

is

at

least

1



δ
.







1 1 1
ln( ) )
n(
1
(1 ) ( )
e
  
 
  
Aggregate
-
commit
-
prove

SIA: Secure information aggregation in sensor networks


Detecting

duplicated

IDs


An attacker can add legal leaves with authentic MACs to the
commitment hash tree in two ways:


1) control of the aggregator, and add

the data value of a single
legitimate node multiple times


2)

control of a compromised node, then add multiple legal data
values with authentic MACs


Aggregate
-
commit
-
prove

SIA: Secure information aggregation in sensor networks

Detecting

duplicated

IDs


1
)

The

aggregator

commits

to

the

sequence

of

measured

values

sort

according

to

the

sensor

IDs
.



2
)

The

sink

uses

Sort
-
Check
-
II

algorithm

to

verify

whether

the

ID

is

sorted
.



3
)

The

sink

performs

uniform

sampling

of

pairs

of

neighboring

elements
.


Theorem
The duplicate
-
detecting algorithm requests
elements, and ensures that either there are less than a total o f
non
-
legitimate values in the committed sequence, or the adversary’s presence
will be detected with probability at least 1 − δ.

'''
1 1
1 1 1
(( )ln )
O

 

'''
1 1 1
  
 
Aggregate
-
commit
-
prove

SIA: Secure information aggregation in sensor networks


Detecting

inconsistent

result


The

aggregator

just

reported

an

falsified

result

to

the

base

station
.

(Such

as

report

the

average

20

other

than

real

value

8
)


SIA

need

sample

some

data

to

compute

partial

aggregation

result

to

compare

with

the

received

result


Conclusions

SIA: Secure information aggregation in sensor networks


SIA

sample

sensor

data

to

assure

the

aggregation

result

is

close

to

the

real

result

with

high

probability


In

order

to

get

higher

probability,

the

base

station

should

sample

more

data

(with

authentication

information)
.



If

the

number

of

sensor

node

is

low,

SIA

is

not

better

than

directly

sending

raw

data

to

the

base

station

greatly
.


If

the

number

of

sensor

node

is

high,

sending

the

raw

data

to

a

single

aggregator

is

inefficient
.


The

aggregator

complete

all

tasks,

which

include

computing

aggregation

result

and

sending

sample

data

to

the

base

station
.

The

aggregator

will

exhaust

its

energy

quickly
.


It

costs

energy

of

normal

sensor

node

very

little
.



Three

stages
:

UPFLOW,

DOWNFLOW,

and

VERIFICATION


UPFLOW
:

The

aggregator

node

A,

collects

individual

inputs

of

other

nodes,

computes

the

aggregation

result,

and

forwards

it

together

with

some

additional

authentication

information

to

base

station
.


DOWNFLOW
:

E
very

node

receives

information

which

are

used

in

the

VERIFICATION

stage
.


VERIFICATION
:


Each

node

check

and

confirm

that

the

aggregation

result

contains

its

individual

input
.

The

sink


checks

that

every

node

is

confirmed

and

accepts

the

aggregation

result

in

the

positive

case
.

Framework for Information Aggregation

Security Model and Framework for Information Aggregation in
Sensor Networks


The

aggregator

need

complete

four

lists

as

follows
:


List

id
:

contains

the

identities

of

the

nodes


List

v

:

contains

the

initial

data

values

of

the

nodes


List
a
: contains the
intermediate aggregation values
(where a[0]
is the aggregation result)


List
h
: contains the
intermediate hash commitments



Framework for Information Aggregation

Security Model and Framework for Information Aggregation in
Sensor Networks

UPFLOW


id

S
3

S
5

S
6

S
2

S
7

S
1

S
4

v

v
3

v
5

v
6

v
2

v
7

v
1

v
4

a

v
2

v
7

v
1


v
4

h

H(
r
,
v
2
)

H(
r
,
v
7
)

H(
r
,
v
1
)

H(
r
,
v
4
)

Agg
(v
6
,v
1
,v
4
)

Agg
(v
5
,v
2
,v
7
)

Agg
(v
3
,a[2],a[3])

H(
r,a
[3],h[6],h[7])

H(
r,a
[2],h[4],h[5])

H(
r,a
[1],h[2],h[3])

S
3

Sends

a
[
0
]

and

h
[
0
]

to

the

sink


Each

node

sends

value

to

aggressor

with

MAC


Framework for Information Aggregation

Security Model and Framework for Information Aggregation in
Sensor Networks

DOWNFLOW


1)
The

sink

broadcast

a[
0
]

and

h[
0
]

to

each

node

using

secure

broadcast

authentication

protocols

(

e
.
g
.

μ
Tesla)

2)
The

aggregator

sends

corresponding

values,

intermediate

aggregation

results

and

hash

values

to

it’s

children

(
S
5

and

S
6
),

which

can

be

used

to

compute

a[
0
]

and

h[
0
]
.

3)
Each

of

these

children

extracts

information

that

it

in

turn

sends

to

its

own

children
:

grandchildren

of

the

aggregator
.





Framework for Information Aggregation

Security Model and Framework for Information Aggregation in
Sensor Networks

DOWNFLOW


3 6 1 4 1 4 3
6 1 4 6 3
6 4 1 6 3
:,,,,,[2],[4],[5]
:,,,[2],[4],[5],6
:,,,[2],[4],[5],7
S S id id v v v a h h
S S v v v a h h p
S S v v v a h h p

 
 
3 5 2 7 2 7 3
5 2 7 5 3
6 4 2 5 3
:,,,,,[3],[6],[7]
:,,,[3],[6],[7],4
:,,,[3],[6],[7],5
S S id id v v v a h h
S S v v v a h h p
S S v v v a h h p

 
 
Framework for Information Aggregation

Security Model and Framework for Information Aggregation in
Sensor Networks

Verification


6
6 1 4
3
1 4
:
[3] (,,)
[1] (,[2],[3])
[6] H(,),[7] H(,)
[3] H(,[3],[6],[7])
[2] H(,[2],[4],[5])
[1] H(,[1],[2],[3])
S
a agg v v v
a agg v a a
h r v h r v
h r a h h
h r a h h
h r a h h


 



Framework for Information Aggregation

Security Model and Framework for Information Aggregation in
Sensor Networks

After

verifying

the

correctness

of

a[
0
]

and

h[
0
],

each

node

sends

authenticated

confirm

information
.




The

sink

computes

,

and

compares

it

with

received







3
3 1 2
:(,|| )
:...
i i i
n
S S m MAC k r OK
S R m m m
 
  
(,|| )
i i
m MAC k r OK

1 2
...
n
m m m
 
Verification


Framework for Information Aggregation

Security Model and Framework for Information Aggregation in
Sensor Networks

1)
Compared

to

SIA

in

which

the

base

satiation

verify

the

aggregation

result,

this

framework

let

all

sensor

nodes

to

verify

the

aggregation

result
.

The

communication

cost

between

the

aggregator

and

the

base

satiation

is

very

low
.

2)
For

all

nodes

(the

aggregator

node

and

common

sensor

nodes

,

the

communication

complexity

and

computation

complexity

are

both

O(n)
.

3)
The

aggregator

need

to

compute

four

lists,

which

will

take

up

memory

space

greatly
.

4)
Adversary

can

modify

node’s

confirm

information

easily,

which

will

lead

the

base

station

reject

the

aggregation

result
.

This

framework

cannot

resist

DOS

attack
.

Conclusions

Security Model and Framework for Information Aggregation in
Sensor Networks

Network Assumption

Secure Hierarchical In
-
Network
Aggregation

in WSN

H,I,J,K,E,G,D collect data only

A,B,C,F collect and
aggregate data

TaG

Protocol

The data values are in
range [0,r]

R aggregate data only


A commitment tree is a tree where each vertex has
an
associated label representing the data that is passed on to its
parent. The labels have the following format:


<count,

value,

complement,

commitment>


Count : the number of leaf vertices in the sub
-
tree rooted at
this vertex


Value: the SUM aggregate computed over all the leaf in the
sub
-
tree;


Complement:
the
COMPLEMENT
of the data values;


Commitment:
a cryptographic commitment.



Commitment Tree

Secure Hierarchical In
-
Network
Aggregation

in WSN


Leaf Node S:


Count = 1


value
=a
s

, where a
s

is the data value of S


complement=r− a
s

, where r is the upper bound on allowable
data values


commitment
is the node’s unique ID





Commitment Tree

Secure Hierarchical In
-
Network
Aggregation

in WSN


Internal Nodes
S
:




Commitment Tree

Secure Hierarchical In
-
Network
Aggregation

in WSN

Construct Commitment Tree (UPFLOW)

Secure Hierarchical In
-
Network
Aggregation

in WSN


Step
1
:

Q

broadcasts

authenticated

R

to

all

nodes
.


Step
2
:

Each

node

sends

required

Label

to

its

children


Step
3
:

Each

node

computes

R
1

iteratively

from

the

node

to

the

root
.


Step
4
:

If

the

R
1

equals

to

R
,

then

Node

sends

authenticated

OK

message

to

Q
.


Step
5
:

Q

verifies

whether

all

nodes

sent

OK

messages
.


DOWNFLOW and VERIFICAITON

Secure Hierarchical In
-
Network
Aggregation

in WSN

DOWNFLOW and VERIFICAITON

Secure Hierarchical In
-
Network
Aggregation

in WSN

After

verifying

the

correctness

of

R
,

each

node

sends

authenticated

confirm

information
:




The

sink

computes

,

and

compares

it

with

received








1 2
:(,|| )
:...
i i i
n
S R m MAC k N OK
R Q m m m
 
  
(,|| )
i i
m MAC k N OK

1 2
...
n
m m m
 
DOWNFLOW and VERIFICAITON

Secure Hierarchical In
-
Network
Aggregation

in WSN


Let

h

be

the

height

of

the

aggregation

tree

and

Δ

be

the

maximum

degree

of

any

node

inside

the

tree,

each

leaf

node

needs

receive

O
(
Δ

h
)

labels
.

So

the

max

congestion

is

O
(
Δ

h
)

.



This

paper

didn’t

analyze

the

total

communication

among

the

whole

networks
.

In

terms

of

total

communication,

directly

sending

sensor

data

to

the

base

station

is

better

than

this

paper
.


This

paper

proposed

an

optimization

to

decrease

the

node

congestion,

which

don’t

decrease

the

total

communication

cost
.

Conclusions

Secure Hierarchical In
-
Network
Aggregation

in WSN

Protocol Overview

SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol


Tree Construction & Query Dissemination


Hop
-
by
-
hop aggregation


Each node generates a sub
-
aggregation result and
commitment which cannot be denied later


Probabilistic grouping


Partition nodes into logical groups of similar size


Verification & attestation


BS identifies suspicious groups


Suspect groups attest correctness of commitments to
BS




Tree construction

SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol

BS

B

S
.
.
.
.
.
.
-

An unbalanced tree rooted at BS

-

Data is aggregated hop by hop

-

Each aggregate is a
tuple

(value, count
)

Query dissemination

SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol

BS


* :
F
agg
,
S
g



F
agg
:


an aggregation function, e.g.,
avg
, count


S
g
:


a random number as grouping seed


Group leader selection (Probabilistic grouping)

SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol



H(
K
x
,
S
g
|x
) <
F
g
(c)


x : node id


K
x

: master key of x


H : pseudorandom function,


uniform output in [0,1)


S
g

: for security and load


balance


c : count


F
g

: grouping function, [0,1)

output increasing with c



Group leader selection (Probabilistic grouping)

SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol

H(K
V’
,
S
g
|Id
V

) >
F
g
(3)

H(
K
x
,
S
g
|Id
x
) <
F
g
(15)

H(
K
x
,
S
g
|Id
x
) <
F
g
(c
y
)

H(
Kw
’’,
S
g
|Id
s
’’
) <
F
g
(8)

Group Aggregation

SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol

B

S
.
.
.
.
.
.
u
v
w
x
y

u

v

: u, 0, E(
K
uv

,1|R
u
|S
g
)|
MAC
u



MAC
u
=MAC(K
u
, 0|1|u|R
u
|S
g
)

Leaf node aggregation

Group Aggregation

SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol

B

S
.
.
.
.
.
.
u
v
w
x
y


v

w

: v, 0, E(
K
vw

,3|Agg
v
|S
g
)|
MAC
v


Agg
v
=
F
agg
(
R
v
,
R
u
,
R
u

)


MAC
v
=MAC(
K
v
, 0|3|v|Agg
v
|
MAC
u

MAC
u


|
S
g
)

MAC is also computed hop by
hop, thus representing
authentication of all the nodes
contributing to the data

H(
K
v
,
S
g
|v) > F
g
(3)

Internal
node aggregation


Group Aggregation

SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol

B

S
.
.
.
.
.
.
u
v
w
x
y


x

BS : x,
1
, E(
K
x

,15|Agg
x
|S
g
)|
MAC
x


Agg
x
=
F
agg
(R
x
,
Agg
w
,
Agg
w

)


MAC
x
=MAC(
K
x
, 1|15|x|Agg
x
|MAC
w
MAC
w’
|S
g
)

H(
K
x
,
S
g
|x) < F
g
(15)

Default leader of leftover nodes

Leader node aggregation


Verification & attestation

SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol


After the BS receives the aggregates from all groups, BS
saves them in the following format: (
x,
cx
,
Aggx,MACx
,
Sg
)


BS identifies suspicious groups for attestation


Outlier detection by
Grubbs’ Test


Grubbs' test is defined for the hypothesis:


H
0
: There are no outliers in the data set


H
a
: There is at least one outlier in the data set



Test Statistic:


with and

s
denoting the sample mean and standard
deviation, respectively.


If

, then H
a
hold.



max | |
i
Y Y
G
s


Y
G


Verification & attestation

SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol

(x, 142F, 50)

(y, 100F, 20)

(w
’ ’,
95F,
8)

(BS, 90F, 28)

Verification & attestation

SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol

Forwarding attestation requests from BS

Suppose group x is under suspicion

BS


y: x, S
a
,
S
g

y


x: x, S
a
,
S
g



S
a
: a random
number

x, S
a
,
S
g

x, S
a
,
S
g

Verification & attestation

SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol

Group attestation


Probabilistic
attestation
path selection

From x, each parent sums up counts of all
the children,

then computes


picks
up
i
th

child on the path,
if





d
k
k
a
c
id
S
H
w
1
)
|
(
)
,
[
1
1
1




i
i
k
k
c
c
w
B

S
v
'
w
x
u
v
w
'
u
'
y
.
.
.
.
.
.
A node with larger counts
has a higher possibility to
be attested

Verification & attestation

SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol

Each
node on the path sends back count and
reading

Sibling node sends back count, aggregate

and
MAC

(leaf only sends count and reading)


Verification & attestation

SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol

If both match the submitted values,


accepts them ,Otherwise, rejects them

Conclusions

SDAP: A Secure Hop
-
by
-
Hop Data Aggregation Protocol


SDAP
partitions the aggregation tree into groups to reduce the
importance of high
-
level nodes in the aggregation tree.


SDAP
just let part nodes of suspicious group to be attested,
which will decrease the communication cost.


Some group whose aggregation result and count value have
been modified may cannot be found. So the base station may
accept falsified aggregation result.


Because SDAP just let part nodes to be attested, attestation
algorithm cannot find all compromised nodes. Through adding
attestation paths can increase the detection probability, but will
increase communication cost.


SDAP let the base station to verify the result, which will need
transmit many data.

Future Work

Secure data Aggregation in Wireless Sensor Networks


Directly data injection resistant


SIA/SDAP/CHAN


DOS attack resistant


Confirmation Information


Privacy and Integrity preserving


Homomorphic

encryption scheme cannot assure the
integrity.


Security Model and Provable Security


Supporting tiered wireless sensor network



Secure data Aggregation in Wireless Sensor Networks


Thank You!


Question?