SDAP: A secure Hop-by-hop Data Aggregation Protocol for sensor networks

被引:75
作者
Yang, Yi [1 ]
Wang, Xinran [1 ]
Zhu, Sencun [1 ]
Cao, Guohong [1 ]
机构
[1] Penn State Univ, Dept Comp Sci & Engn, University Pk, PA 16802 USA
基金
美国国家科学基金会;
关键词
security; algorithm; design; data aggregation; probabilistic grouping; commit-and-attest; hop-by-hop; sensor network security;
D O I
10.1145/1380564.1380568
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Hop-by-hop data aggregation is a very important technique for reducing the communication overhead and energy expenditure of sensor nodes during the process of data collection in a sensor network. However, because individual sensor readings are lost in the per-hop aggregation process, compromised nodes in the network may forge false values as the aggregation results of other nodes, tricking the base station into accepting spurious aggregation results. Here a fundamental challenge is how can the base station obtain a good approximation of the fusion result when a fraction of sensor nodes are compromised? To answer this challenge, we propose SDAP, a Secure Hop-by-hop Data Aggregation Protocol for sensor networks. SDAP is a general-purpose secure data aggregation protocol applicable to multiple aggregation functions. The design of SDAP is based on the principles of divide-and-conquer and commit-and-attest. First, SDAP uses a novel probabilistic grouping technique to dynamically partition the nodes in a tree topology into multiple logical groups (subtrees) of similar sizes. A commitment-based hop-by-hop aggregation is performed in each group to generate a group aggregate. The base station then identifies the suspicious groups based on the set of group aggregates. Finally, each group under suspect participates in an attestation process to prove the correctness of its group aggregate. The aggregate by the base station is calculated over all the group aggregates that are either normal or have passed the attestation procedure. Extensive analysis and simulations show that SDAP can achieve the level of efficiency close to an ordinary hop-by-hop aggregation protocol while providing high assurance on the trustworthiness of the aggregation result. Last, prototype implementation on top of TinyOS shows that our scheme is practical on current generation sensor nodes such as Mica2 motes.
引用
收藏
页数:43
相关论文
共 34 条
  • [1] Wireless sensor networks: a survey
    Akyildiz, IF
    Su, W
    Sankarasubramaniam, Y
    Cayirci, E
    [J]. COMPUTER NETWORKS, 2002, 38 (04) : 393 - 422
  • [2] [Anonymous], 2003, PROC 1 INT C EMBEDDE
  • [3] SPACE/TIME TRADE/OFFS IN HASH CODING WITH ALLOWABLE ERRORS
    BLOOM, BH
    [J]. COMMUNICATIONS OF THE ACM, 1970, 13 (07) : 422 - &
  • [4] CASTELUCCIA C, 2005, MOBILE UBIQUITOUS SY
  • [5] CHAN H, 2007, J COMPUT SECUR SPECI
  • [6] Chan H., 2006, P 13 ACM C COMP COMM, P278, DOI DOI 10.1145/1180405.1180440
  • [7] Chen JY, 2005, 2005 Fourth International Symposium on Information Processing in Sensor Networks, P348
  • [8] Du W, 2003, P 10 ACM C COMP COMM, P42, DOI [10.1145/948109.948118, DOI 10.1145/948109.948118]
  • [9] DU W, 2003, P GLOB TEL C GLOBECO
  • [10] Eschenauer L., 2002, Proceedings of the ACM Conference on Computer and Communications Security, P41, DOI [10.1145/586110.586117, DOI 10.1145/586110.586117]