High energy‐efficient and privacy‐preserving secure data aggregation for wireless sensor networks

An efficient data process technology is needed for wireless sensor networks composed of many sensors with constrained communication, computational, and memory resources. Data aggregation is presented as an efficient and significant method to reduce transmitted data and prolong lifetime for wireless sensor networks. Meanwhile, many applications require preserving privacy for secure data aggregation. In this paper, we propose a high energy‐efficient and privacy‐preserving scheme for secure data aggregation. Because of the importance of communication overhead and accuracy, our scheme achieves less communication overhead and higher data accuracy besides providing for privacy preservation. For extensive simulations, we evaluate and conclude the performance of our high energy‐efficient and privacy‐preserving scheme. The conclusion shows that the high energy‐efficient and privacy‐preserving scheme provides better privacy preservation and is more efficient than existing schemes. Copyright © 2012 John Wiley & Sons, Ltd.     

A secure electric energy management in smart home

We formulate and study an intelligent and secure house electricity system on the basis of the Internet of Things. The security of sensitive data collected and transmitted by sensor nodes installed in home appliances and household electrical devices is critical, since the transmitted data can be easily manipulated by different types of attacks. The confidentiality and integrity of household electrical devices information must be assured to insure appropriate and timely response. Providing a secure aggregation mechanism is thus very essential to protect the integrity and the privacy of data aggregation. In this paper, we propose a secure data aggregation scheme that exploits compressed sensing (CS) to reduce the communication overhead of collected electrical power measurement. Then, the data will be encrypted by each sensor node after the compressing phase, and a cryptography hash algorithm is used to ensure data integrity. Finally, we apply an aggregation function for data priorities and then send the data for diagnosis. Then, we will present simulation results for the evaluation of the proposed electric energy management system.     

NLDA non-linear regression model for preserving data privacy in wireless sensor networks

Recently, the application of Wireless Sensor Networks (WSNs) has been increasing rapidly. It requires privacy preserving data aggregation protocols to secure the data from compromises. Preserving privacy of the sensor data is a challenging task. This paper presents a non-linear regression-based data aggregation protocol for preserving privacy of the sensor data. The proposed protocol uses non-linear regression functions to represent the sensor data collected from the sensor nodes. Instead of sending the complete data to the cluster head, the sensor nodes only send the coefficients of the non-linear function. This will reduce the communication overhead of the network. The data aggregation is performed on the masked coefficients and the sink node is able to retrieve the approximated results over the aggregated data. The analysis of experiment results shows that the proposed protocol is able to minimize communication overhead, enhance data aggregation accuracy, and preserve data privacy.     

A secure channel code‐based scheme for privacy preserving data aggregation in wireless sensor networks

Data aggregation is an efficient method to reduce the energy consumption in wireless sensor networks (WSNs). However, data aggregation schemes pose challenges in ensuring data privacy in WSN because traditional encryption schemes cannot support data aggregation. Homomorphic encryption schemes are promising techniques to provide end to end data privacy in WSN. Data reliability is another main issue in WSN due to the errors introduced by communication channels. In this paper, a symmetric additive homomorphic encryption scheme based on Rao‐Nam scheme is proposed to provide data confidentiality during aggregation in WSN. This scheme also possess the capability to correct errors present in the aggregated data. The required security levels can be achieved in the proposed scheme through channel decoding problem by embedding security in encoding matrix and error vector. The error vectors are carefully designed so that the randomness properties are preserved while homomorphically combining the data from different sensor nodes. Extensive cryptanalysis shows that the proposed scheme is secure against all attacks reported against private‐key encryption schemes based on error correcting codes. The performance of the encryption scheme is compared with the related schemes, and the results show that the proposed encryption scheme outperforms the existing schemes.     

Malleability Resilient Concealed Data Aggregation in Wireless Sensor Networks

The objective of concealed data aggregation is to achieve the privacy preservation at intermediate nodes while supporting in-network data aggregation. The need for privacy preservation at intermediate nodes and the need for data aggregation at intermediate nodes can be simultaneously realized using privacy homomorphism. Privacy homomorphism processes the encrypted data without decrypting them at intermediate nodes. However, privacy homomorphism is inherently malleable. Although malicious adversaries cannot view transmitted sensor readings, they can manipulate them. Hence, it is a formidable challenge to realize conflicting requirements, such as end-to-end privacy and end-to-end integrity, while performing en route aggregation. In this paper, we propose a malleability resilient concealed data aggregation protocol for protecting the network against active and passive adversaries. In addition, the proposed protocol protects the network against insider and outsider adversaries. The proposed protocol simultaneously realizes the conflicting objectives like privacy at intermediate nodes, end-to-end integrity, replay protection, and en route aggregation. As per our knowledge, the proposed solution is the first that achieves end-to-end security and en route aggregation of reverse multicast traffic in the presence of insider, as well as outsider adversaries.     

End-to-end privacy preserving scheme for IoT-based healthcare systems

Preserving patients’ privacy is one of the most important challenges in IoT-based healthcare systems. Although patient privacy has been widely addressed in previous work, there is a lack of a comprehensive end-to-end approach that simultaneously preserves the location and data privacy of patients assuming that system entities are untrusted. Most of the past researches assume that parts of this end-to-end system are trustworthy while privacy may be threatened by insider attacks. In this paper, we propose an end-to-end privacy preserving scheme for the patients assuming that all main entities of the healthcare system (including sensors, gateways, and application providers) are untrusted. The proposed scheme preserves end-to-end privacy against insider threats as well as external attacks concerning the resource restrictions of the sensors. This scheme provides mutual authentication between main entities while preserves patients’ anonymity. Only the allowed users can access the real identity of patients alongside their locations and their healthcare information. Informal security analysis and formal security verification of the proposed protocol in AVISPA show that it is secure against impersonation, replay, modification, and man-in-the-middle attacks. Moreover, performance assessments show that the proposed protocol provides more security services without considerable growth in the computation overhead of the sensors. Also, it is shown that the proposed protocol diminishes the signaling overhead of the sensors and so their energy consumption compared to the literature at the expense of adding a little more signaling overhead to the gateways.

     

安全的WSN数据融合隐私保护方案设计

针对无线传感器网络数据融合过程中的数据隐私和完整性保护问题,提出一种安全的数据融合隐私保护方案(SPPDA),把节点的私密因子与原始数据构成复数,采用同态加密方法对复数进行加密,实现在密文不解密的情况下进行数据融合,同时采用基于复数的完整性验证方法,确保数据的可靠性。理论分析和仿真结果表明,SPPDA方案的计算代价和通信开销较少,数据融合的精确度高。     

High Reliable In-Network Data Verification in Wireless Sensor Networks

In order to provide efficient and suitable services for users in a ubiquitous computing environment, many kinds of context information technologies have been researched. Wireless sensor networks are among the most popular technologies providing such information. Therefore, it is very important to guarantee the reliability of sensor data gathered from wireless sensor networks. However, there are several factors associated with faulty sensor readings which make sensor readings unreliable. In this paper, we classify faulty sensor readings into sensor faults and measurement errors, then propose a novel in-network data verification algorithm which includes adaptive fault checking, measurement error elimination and data refinement. The proposed algorithm eliminates faulty readings as well as refines normal sensor readings, to increase reliability. Also, to achieve scalability of sensor networks and minimize network overhead, the proposed scheme involves a distributed implementation in a local area. The simulation study shows that the in-network data verification algorithm is highly reliable and its network overhead is very low compared to previous works. Reliability and overhead is improved by a maximum of 10–30% and 70%, respectively.     

PRDA: polynomial regression‐based privacy‐preserving data aggregation for wireless sensor networks

In wireless sensor networks, data aggregation protocols are used to prolong the network lifetime. However, the problem of how to perform data aggregation while preserving data privacy is challenging. This paper presents a polynomial regression‐based data aggregation protocol that preserves the privacy of sensor data. In the proposed protocol, sensor nodes represent their data as polynomial functions to reduce the amount of data transmission. In order to protect data privacy, sensor nodes secretly send coefficients of the polynomial functions to data aggregators instead of their original data. Data aggregation is performed on the basis of the concealed polynomial coefficients, and the base station is able to extract a good approximation of the network data from the aggregation result. The security analysis and simulation results show that the proposed scheme is able to reduce the amount of data transmission in the network while preserving data privacy. Copyright © 2013 John Wiley & Sons, Ltd.     

EEPPDA—Edge-enabled efficient privacy-preserving data aggregation in smart healthcare Internet of Things network

The Internet of Things-based smart healthcare provides numerous facilities to patients and medical professionals. Medical professionals can monitor the patient's real-time medical data and diagnose diseases through the medical health history stored in the cloud database. Any kind of attack on the cloud database will result in misdiagnosis of the patients by medical professionals. Therefore, it becomes a primary concern to secure private data. On the other hand, the conventional data aggregation method for smart healthcare acquires immense communication and computational cost. Edge-enabled smart healthcare can overcome these limitations. The paper proposes an edge-enabled efficient privacy-preserving data aggregation (EEPPDA) scheme to secure health data. In the EEPPDA scheme, captured medical data have been encrypted by the Paillier homomorphic cryptosystem. Homomorphic encryption is engaged in the assurance of secure communication. For data transmission from patients to the cloud server (CS), data aggregation is performed on the edge server (ES). Then aggregated ciphertext data are transmitted to the CS. The CS validates the data integrity and analyzes and processes the authenticated aggregated data. The authorized medical professional executes the decryption, then the aggregated ciphertext data are decrypted in plaintext. EEPPDA utilizes the batch verification process to reduce communication costs. Our proposed scheme maintains the privacy of the patient's identity and medical data, resists any internal and external attacks, and verifies the health data integrity in the CS. The proposed scheme has significantly minimized computational complexity and communication overhead concerning the existing approach through extensive simulation.     

面向ZigBee网络节点安全定位的消息签名方案

针对ZigBee网络节点定位中消息的安全性问题,该文提出一种带隐私保护的消息签名方案。方案基于椭圆曲线(ECC)上的无双线性对运算,设计了带身份隐私保护的定位请求消息签名算法和坐标隐私保护的定位参照消息签名算法。理论证明了所提方案可抵御伪造攻击、重放攻击等多种外部攻击,同时具备隐私保护、身份追踪等功能。性能分析结果表明,与同类方案相比,所提方案计算开销和通信开销均具有优势。     

An improved key distribution mechanism for large-scale hierarchical wireless sensor networks

Wireless sensor networks are often deployed in hostile environments and operated on an unattended mode. In order to protect the sensitive data and the sensor readings, secret keys should be used to encrypt the exchanged messages between communicating nodes. Due to their expensive energy consumption and hardware requirements, asymmetric key based cryptographies are not suitable for resource-constrained wireless sensors. Several symmetric-key pre-distribution protocols have been investigated recently to establish secure links between sensor nodes, but most of them are not scalable due to their linearly increased communication and key storage overheads. Furthermore, existing protocols cannot provide sufficient security when the number of compromised nodes exceeds a critical value. To address these limitations, we propose an improved key distribution mechanism for large-scale wireless sensor networks. Based on a hierarchical network model and bivariate polynomial-key generation mechanism, our scheme guarantees that two communicating parties can establish a unique pairwise key between them. Compared with existing protocols, our scheme can provide sufficient security no matter how many sensors are compromised. Fixed key storage overhead, full network connectivity, and low communication overhead can also be achieved by the proposed scheme.     

MDPA: multidimensional privacy‐preserving aggregation scheme for wireless sensor networks

In this paper, we propose a novel multidimensional privacy‐preserving data aggregation scheme for improving security and saving energy consumption in wireless sensor networks (WSNs). The proposed scheme integrates the super‐increasing sequence and perturbation techniques into compressed data aggregation, and has the ability to combine more than one aggregated data into one. Compared with the traditional data aggregation schemes, the proposed scheme not only enhances the privacy preservation in data aggregation, but also is more efficient in terms of energy costs due to its unique multidimensional aggregation. Extensive analyses and experiments are given to demonstrate its energy efficiency and practicability. Copyright © 2009 John Wiley & Sons, Ltd.     

LPPA: Lightweight privacy‐preservation access authentication scheme for massive devices in fifth Generation (5G) cellular networks

Because of the requirements of stringent latency, high‐connection density, and massive devices concurrent connection, the design of the security and efficient access authentication for massive devices is the key point to guarantee the application security under the future fifth Generation (5G) systems. The current access authentication mechanism proposed by 3rd Generation Partnership Project (3GPP) requires each device to execute the full access authentication process, which can not only incur a lot of protocol attacks but also result in signaling congestion on key nodes in 5G core networks when sea of devices concurrently request to access into the networks. In this paper, we design an efficient and secure privacy‐preservation access authentication scheme for massive devices in 5G wireless networks based on aggregation message authentication code (AMAC) technique. Our proposed scheme can accomplish the access authentication between massive devices and the network at the same time negotiate a distinct secret key between each device and the network. In addition, our proposed scheme can withstand a lot of protocol attacks including interior forgery attacks and DoS attacks and achieve identity privacy protection and group member update without sacrificing the efficiency. The Burrows Abadi Needham (BAN) logic and the formal verification tool: Automated Validation of Internet Security Protocols and Applications (AVISPA) and Security Protocol ANimator for AVISPA (SPAN) are employed to demonstrate the security of our proposed scheme.     

Research and Improvement of Wireless Sensor Network Secure Data Aggregation Protocol Based on SMART

The privacy-preserving of information is one of the most important problems to be solved in wireless sensor network (WSN). Privacy-preserving data aggregation is an effective way to protect security of data in WSNs. In order to deal with the problem of energy consumption of the SMART algorithm, we present a new dynamic slicing D-SMART algorithm which based on the importance degree of data. The proposed algorithm can decrease the communication overhead and energy consumption effectively while provide good performance in preserving privacy by the reasonable slicing based on the importance degree of the collected raw data. Simulation results show that the proposed D-SMART algorithm improve the aggregation accuracy, enhance the privacy-preserving, reduce the communication overhead to some extent, decrease the energy consumption of sensor node and prolong the network lifetime indirectly.     

An efficient data aggregation scheme with local differential privacy in smart grid

By integrating the traditional power grid with information and communication technology, smart grid achieves dependable, efficient, and flexible grid data processing. The smart meters deployed on the user side of the smart grid collect the users' power usage data on a regular basis and upload it to the control center to complete the smart grid data acquisition. The control center can evaluate the supply and demand of the power grid through aggregated data from users and then dynamically adjust the power supply and price, etc. However, since the grid data collected from users may disclose the user's electricity usage habits and daily activities, privacy concern has become a critical issue in smart grid data aggregation. Most of the existing privacy-preserving data collection schemes for smart grid adopt homomorphic encryption or randomization techniques which are either impractical because of the high computation overhead or unrealistic for requiring a trusted third party.In this paper, we propose a privacy-preserving smart grid data aggregation scheme satisfying Local Differential Privacy (LDP) based on randomized responses. Our scheme can achieve an efficient and practical estimation of power supply and demand statistics while preserving any individual participant's privacy. Utility analysis shows that our scheme can estimate the supply and demand of the smart grid. Our approach is also efficient in terms of computing and communication overhead, according to the results of the performance investigation.     

Fault-Tolerance Data Aggregation for Clustering Wireless Sensor Network

The hierarchical cluster-based topology is commonly accepted as an optimal structure for sensor network to increase communication scalability, prolong network lifetime, and reduce data redundancy. However, the data privacy and security are challenging the proliferation of clustering wireless sensor network (CWSN) due to its highly constrained resources and violably deployed environments, which make it infeasible to directly apply traditional cryptography and therefore vulnerable to various attacks. This article proposes a scheme that provides efficient privacy-preserving data fusion as well as malicious data tolerance by mining concealed data within groups. And the dynamically organized groups in each cluster improves resilience against large number of node compromise comparing with the existing data aggregation schemes. The simulation results and mathematical comparison show the effectiveness and fitness of our scheme for CWSN in terms of fault tolerance and process efficiency, which costs a little of additional overheads in memory and communication.     

Distributed detection of mobile malicious node attacks in wireless sensor networks

In wireless sensor networks, sensor nodes are usually fixed to their locations after deployment. However, an attacker who compromises a subset of the nodes does not need to abide by the same limitation. If the attacker moves his compromised nodes to multiple locations in the network, such as by employing simple robotic platforms or moving the nodes by hand, he can evade schemes that attempt to use location to find the source of attacks. In performing DDoS and false data injection attacks, he takes advantage of diversifying the attack paths with mobile malicious nodes to prevent network-level defenses. For attacks that disrupt or undermine network protocols like routing and clustering, moving the misbehaving nodes prevents them from being easily identified and blocked. Thus, mobile malicious node attacks are very dangerous and need to be detected as soon as possible to minimize the damage they can cause. In this paper, we are the first to identify the problem of mobile malicious node attacks, and we describe the limitations of various naive measures that might be used to stop them. To overcome these limitations, we propose a scheme for distributed detection of mobile malicious node attacks in static sensor networks. The key idea of this scheme is to apply sequential hypothesis testing to discover nodes that are silent for unusually many time periods—such nodes are likely to be moving—and block them from communicating. By performing all detection and blocking locally, we keep energy consumption overhead to a minimum and keep the cost of false positives low. Through analysis and simulation, we show that our proposed scheme achieves fast, effective, and robust mobile malicious node detection capability with reasonable overhead.     

A novel multi functional multi parameter concealed cluster based data aggregation scheme for wireless sensor networks (NMFMP-CDA)

Data aggregation is a promising solution for minimizing the communication overhead by merging redundant data thereby prolonging the lifetime of energy starving Wireless Sensor Network (WSN). Deployment of heterogeneous sensors for measuring different kinds of physical parameter requires the aggregator to combine diverse data in a smooth and secure manner. Supporting multi functional data aggregation can reduce the transmission cost wherein the base station can compute multiple statistical operations in one query. In this paper, we propose a novel secure energy efficient scheme for aggregating data of diverse parameters by representing sensed data as number of occurrences of different range value using binary encoded form thereby enabling the base station to compute multiple statistical functions over the obtained aggregate of each single parameter in one query. This also facilitates aggregation at every hop with less communication overhead and allows the network size to grow dynamically which in turn meets the need of large scale WSN. To support the recovery of parameter wise elaborated view from the multi parameter aggregate a novelty is employed in additive aggregation. End to end confidentiality of the data is secured by adopting elliptic curve based homomorphic encryption scheme. In addition, signature is attached with the cipher text to preserve the data integrity and authenticity of the node both at the base station and the aggregator which filters out false data at the earliest there by saving bandwidth. The efficiency of the proposed scheme is analyzed in terms of computation and communication overhead with respect to various schemes for various network sizes. This scheme is also validated against various attacks and proved to be efficient for aggregating more number of parameters. To the best of our understanding, our proposed scheme is the first to meet all of the above stated quality measures with a good performance.

     

Energy-Aware Data Aggregation for Grid-Based Wireless Sensor Networks with a Mobile Sink

Wireless sensor networks (WSNs) are made up of many small and highly sensitive nodes that have the ability to react quickly. In WSNs, sink mobility brings new challenges to large-scale sensor networks. Almost all of the energy-aware routing protocols that have been proposed for WSNs aim at optimizing network performance while relaying data to a stationary gateway (sink). However, through such contemporary protocols, mobility of the sink can make established routes unstable and non-optimal. The use of mobile sinks introduces a trade-off between the need for frequent rerouting to ensure optimal network operation and the desire to minimize the overhead of topology management. In this paper, in order to reduce energy consumption and minimize the overhead of rerouting frequency, we propose an energy-aware data aggregation scheme (EADA) for grid-based wireless sensor networks with a mobile sink. In the proposed scheme, each sensor node with location information and limited energy is considered. Our approach utilizes location information and selects a special gateway in each area of a grid responsible for forwarding messages. We restrict the flooding region to decrease the overhead for route decision by utilizing local information. We conducted simulations to show that the proposed routing scheme outperforms the coordination-based data dissemination scheme (CODE) (Xuan, H. L., & Lee, S. Proceedings of the Sensor Networks and Information Processing Conference, pp. 13–18, 2004).