Project 3-3: Secure Sensor Data Dissemination and Aggregation
Principal Investigators: Hong Huang, Amiya Bhattacharya (New Mexico State University)

A wireless sensor network offers the opportunity to observe the physical world with unprecedented spatial and temporal detail. Sensor nets used for military purposes must address security and privacy concerns to a greater extent than civilian sensor nets, because an unsecured network can be co-opted or used just as effectively by an adversary.

Battlefields rely heavily on information and communications for situational awareness and rapid response to changing conditions. Data security and privacy are essential, but the constraints that security places on a communications network must be balanced with the need for fast, efficient in-network processing.

To optimize the complex tradeoffs between processing, security, communication bandwidth, and power consumption in such a setting will push the frontier of high performance computing, according to Amiya Bhattacharya and Hong Huang, assistant professors of computer science and electrical engineering, respectively, at New Mexico State University. They are developing new protocols and methods specifically for operation in a complex battlefield-like environment, where nodes are mobile and wireless channels are subject to fading, interference, obstacles, and other adverse conditions.

What is required to perform sensing tasks in the context of a battlefield? How does one specify these tasks in a high-level computer language? A sufficiently general model of the sensing tasks is needed, as well as a means to capture the uncertainties related to throughput, deadline, privacy, and security in terms of information theoretic measures. Criteria must be established to determine which existing cryptosystems and related key-distribution schemes are amenable to the adaptive protocols for achieving the intended optimization.

Bhattacharya and Huang are working to develop prototype designs for new techniques to enhance data security and privacy methods particularly suited for sensor nets with in-network processing. They are also optimizing the balance between data security and in-network processing.

Their future plans include integrating the sub-problems of the optimization and the optimization, simulation, and validation of new methods and protocols covering all relevant parameter space of battlefield network environments. The parameters of the network environment include channel condition, network size/topology, sensor density, sensor types/capabilities, node movement pattern, event generation rate/pattern, as well as adversary models and strategies.

This effort is divided into two subprojects: developing secure data aggregation methods that limit the risks from data falsification by adversary, and developing dissemination protocols for protecting the contextual privacy of sensor data (along with the privacy of the content) against traffic analysis by an intruding adversary.

The team has simulated the relative energy consumption rates of sensors in probabilistic sensor data aggregation. (See sidebar for an overview of this method.) They found that that they can retain balanced energy consumption using the probabilistic data aggregation scheme under development. This new scheme reduces security risk by making it more difficult for the adversary to compromise sensor data aggregation. They have also obtained some preliminary results in their studies of relative safety periods (time to source capture) as a function of relative receive range of an adversary.

They plan to set up and run simulations to validate the secure sensor data aggregation method. Spatial obfuscation of the source location will be formulated in terms of the RF (radio frequency) exposure created by sensor data flow. Routing protocols will be designed and simulated by composing available micro-protocols.

Dr. Huang and his students have finished the preliminary design and simulation of a number of sparse and dynamic in-network data aggregation (SDDA) schemes for sensor nets. The proposed schemes seek to balance the benefits of data aggregation with the associated security risks. The SDDA schemes select a subset of nodes as aggregators in a dynamic fashion to frustrate adversaries. Simulation results demonstrate that the new methods can achieve the reduction of security risk at the expense of a moderate increase in communications cost.

Dr. Bhattacharya and his student have been working on a protocol synthesis approach for designing an optimal sensor data routing protocol in terms of power–privacy tradeoffs. Phantom routing, a well-known privacy preserving routing protocol, has been decomposed into its constituent atomic protocol primitives. These primitives are being implemented as modules for use in Ns2 based simulation. (Ns2 is an open-source discrete event simulator for conducting networking research.) Initial studies have shown that phantom routing is sub-optimal, but a recursive version shows potential for optimality.

Analytical work using entropy as a metric is underway, so that the parameters of the recursive formulation can be theoretically determined. Both the original and the new recursive version of phantom flooding will compared using the simulation being developed using the protocol synthesis framework in the near future.

Over the next few months, the researchers plan to study the interaction of in-network processing, security function, and network parameters such as topology, channel condition, and MAC contention (a protocol for avoiding data packet collisions in medium access control networks). They will work on optimizing the tradeoff between in-network processing and security functions using simulation and analysis. They are also developing an analytical formulation of spatial obfuscation using entropy. They will be developing a simulation using a protocol synthesis approach, and integrating their work with a temporal obfuscation that they developed last year.

Source: AHPCRC Bulletin, Vol. 1, Issue 2 (2008)