Security and privacy support for wireless sensor networks
Sensor networks are considered useful for a broad spectrum of emerging civil and military applications. However, sensor networks are also confronted with many security threats such as node compromise, routing disruption, and false data injection, because they normally operate in unattended, harsh or hostile environments. Due to the unique characteristics of sensor networks, such as limited system resources and large-scale deployment, traditional security and privacy solutions cannot be applied to them.
The goal of this dissertation is to provide ways to deal with security and privacy attacks on sensor networks. First, we design and evaluate solutions for local, passive, external attackers. Traditionally, dummy messages are used to hide the event source. To reduce the message overhead, we propose a cross-layer solution utilizing beacons at the MAC layer. In this solution, the event information is first propagated several hops through a MAC-layer beacon. Then, it is propagated in the routing layer to the destination to avoid further beacon delay. Second, to defend against global, passive, and external attackers, dummy messages are used. To reduce the event notification delay, we propose a FitProbRate scheme based on a statistically strong source anonymity model. Our analysis and simulation results show that this scheme, besides providing provable privacy, significantly reduces real event reporting latency compared to other schemes. To reduce the network traffic, we select some sensors as proxies that proactively filter dummy messages on their way to the base station. Since the problem of optimal proxy placement is NP-hard, we employ local search heuristics. We propose a Proxy-based Filtering Scheme and a Tree-based Filtering Scheme to accurately locate proxies. Simulation results show that our schemes not only quickly find nearly optimal proxy placement, but also significantly reduce message overhead and improve message delivery ratio. Finally, we study the internal attacker in data-centric sensor networks (DCS) and present pDCS, a privacy-enhanced DCS network that offers different levels of data privacy based on different cryptographic keys. In addition, we propose several query optimization techniques based on the Euclidean Steiner Tree and Keyed Bloom Filter to minimize the query overhead while providing certain query privacy. Detailed analysis and simulations show that the Keyed Bloom Filter scheme can significantly reduce message overhead with the same level of query delay and maintain a very high level of query privacy.