Hongbo Liu
Skip Abstract Section
Abstract
As wireless networks become more pervasive, the amount of the wireless data is rapidly increasing. One of the biggest challenges of wide adoption of distributed data storage is how to store these data securely. In this work, we study the frequency-based attack, a type of attack that is different from previously well-studied ones, that exploits additional adversary knowledge of domain values and/or their exact/approximate frequencies to crack the encrypted data. To cope with frequency-based attacks, the straightforward 1-to-1 substitution encryption functions are not sufficient. We propose a data encryption strategy based on 1-to-n substitution via dividing and emulating techniques to defend against the frequency-based attack, while enabling efficient query evaluation over encrypted data. We further develop two frameworks, incremental collection and clustered collection, which are used to defend against the global frequency-based attack when the knowledge of the global frequency in the network is not available. Built upon our basic encryption schemes, we derive two mechanisms, direct emulating and dual encryption, to handle updates on the data storage for energy-constrained sensor nodes and wireless devices. Our preliminary experiments with sensor nodes and extensive simulation results show that our data encryption strategy can achieve high security guarantee with low overhead.
- R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu. 2004. Order preserving encryption for numeric data. In Proceedings of the ACM SIGMOD International Conference on Management of Data. Google Scholar
Digital Library
- A. Boldyreva, N. Chenette, Y. Lee, and A. O'neill. 2009. Order-preserving symmetric encryption. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques (EuroCrypt'09). Lecture Notes in Computer Science, vol. 5479, Springer, 224--241. Google ScholarDigital Library
- S. Capkun and J. P. Hubaux. 2005. Secure positioning of wireless devices with application to sensor networks. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM'05). 1917--1928.Google Scholar
- Y. Chen, W. Trappe, and R. P. Martin. 2007. Detecting and localizing wireless spoofing attacks. In Proceedings of the 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks (SECON'07).Google Scholar
- Crossbow Tech. Inc. 2014. White paper. http://www.xbow.com.Google Scholar
- P. Desnoyers, D. Ganesan, and P. Shenoy. 2005. Tsar: A two tier sensor storage architecture using interval skip graphs. In Proceedings of the 3rd ACM Conference on Embedded Networked Sensor Systems. Google ScholarDigital Library
- L. Eschenauer and V. Gligor. 2002. A key-management scheme for distributed sensor networks. In Proceedings of the 9th ACM Conference on Computer and Communications Security. Google ScholarDigital Library
- Q. Fang, J. Gao, and L. Guibas. 2006. Landmark-based information storage and retrieval in sensor networks. In Proceedings of the 25th IEEE International Conference on Computer Communications.Google Scholar
- T. Fawcett. 2006. An introduction to roc analysis. Pattern Recogn. Lett. 27, 8, 861--874. Google ScholarDigital Library
- A. Ghose, J. Grossklags, and J. Chuang. 2003. Resilient data-centric storage in wireless ad-hoc sensor networks. In Proceedings of the 4th International Conference on Mobile Data Management. 45--62. Google ScholarDigital Library
- J. Girao, D. Westhoff, E. Mykletun, and T. Araki. 2007. Tinypeds: Tiny persistent encrypted data storage in asynchronous wireless sensor networks. Ad Hoc Netw. 5, 7, 1073--1089. Google ScholarDigital Library
- B. Greenstein, S. Ratnasamy, S. Shenker, R. Govindan, and D. Estrin. 2003. Difs: A distributed index for features in sensor networks. Ad Hoc Netw. 1, 2--3, 333--349.Google ScholarCross Ref
- A. Hatcher. 2004. Algebraic topology. ACM Mobile Comput. Comm. Rev. 8, 2, 50--65.Google Scholar
- D. Joshi, K. Namuduri, and R. Pendse. 2005. Secure, redundant, and fully distributed key management scheme for mobile ad hoc networks: an analysis. EURASIP J. Wirel. Comm. Netw. 4, 579--589. Google ScholarDigital Library
- X. Li, Y. Kim, R. Govindan, and W. Hong. 2003. Multi-dimensional range queries in sensor networks. In Proceedings of the 1st International Conference on Embedded Networked Sensor Systems. Google ScholarDigital Library
- D. Liu and P. Ning. 2003a. Establishing pairwise keys in distributed sensor networks. In Proceedings of the 10th ACM Conference on Computer and Communications Security. Google ScholarDigital Library
- D. Liu and P. Ning. 2003b. Establishing pairwise keys in distributed sensor networks. In Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS'03). Google ScholarDigital Library
- H. Liu, H. Wang, and Y. Chen. 2010. Ensuring data storage security against frequency-based attacks in wireless networks. In Proceedings of the 6th IEEE International Conference on Distributed Computing in Sensor Systems (DCOSS'10). 201--215. Google ScholarDigital Library
- L. Liu, Y. Wu, G. Yang, and W. Zheng. 2008. Zettads: A light-weight distributed storage system for cluster. In Proceedings of the 3rd ChinaGrid Annual Conference (ChinaGrid'08). 158--164. Google ScholarDigital Library
- B. Llc. 2010. Network Topology: Star Network, Grid Network, Tree and Hypertree Networks, Spanning Tree Protocol, Metro Ethernet, Token Ring, Mesh Networking. General Books LLC.Google Scholar
- I. Molloy, N. Li, and T. Li. 2009. On the (in)security and (im)practicality of outsourcing precise association rule mining. In Proceedings of the 9th IEEE International Conference on Data Mining (ICDM'09). 872--877. Google ScholarDigital Library
- S. Nalin, C. Yang, and W. Zhang. 2007. Securing distributed data storage and retrieval in sensor networks. In Proceedings of the 5th Pervasive Computing and Communications. Google ScholarDigital Library
- J. Newsome and D. Song. 2003. Gem: Graph embedding for routing and data-centric storage in sensor networks without geographic information. In Proceedings of the 1st ACM Conference on Embedded Networked Sensor Systems. Google ScholarDigital Library
- C. Paar and J. Pelzl. 2010. Understanding Cryptography: A Textbook for Students and Practitioners. Springer. Google ScholarCross Ref
- A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. Tygar. 2001. Spins: Security protocols for sensor networks. In Proceedings of the 7th ACM International Conference on Mobile Computing and Networking. Google ScholarDigital Library
- R. D. Pietro, L. V. Mancini, C. Soriente, A. Spognardi, and G. Tsudik. 2008. Catch me (if you can): Data survival in unattended sensor networks. In Proceedings of the 6th Annual IEEE International Conference on Pervasive Computing and Communications (PerCom'08). 185--194. Google ScholarDigital Library
- J. Polastre, J. Hill, and D. Culler. 2004. Versatile low power media access for wireless sensor networks. In Proceedings of the 2nd International Conference on Embedded Networked Sensor Systems (SenSys'04). 95--107. Google ScholarDigital Library
- S. Ratnasamy, B. Karp, L. Yin, F. Yu, D. Estrin, R. Govindan, and S. Shenker. 2002. GHT: A geographic hash table for data-centric storage. In Proceedings of the ACM International Workshop on Wireless Sensor Networks and Applications. Google ScholarDigital Library
- W. Ren, Y. Ren, and H. Zhang. 2008. Hybrids: A scheme for secure distributed data storage in wsns. In Proceedings of the IEEE/IFIP International Conference on Embedded and Ubiquitous Computing. Google ScholarDigital Library
- L. Seitz, J. Pierson, and L. Brunie. 2003. Key management for encrypted data storage in distributed systems. In Proceedings of the 2nd IEEE International Security in Storage Workshop. Google ScholarDigital Library
- M. Shao, S. Zhu, W. Zhang, and G. Cao. 2007. Pdcs: Security and privacy support for datacentric sensor networks. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM'07).Google Scholar
- S. Shenker, S. Ratnasamy, B. Karp, R. Govindan, and D. Estrin. 2003. Data-centric storage in sensornets. ACM SIGCOMM Comput. Comm. Rev. 33, 1, 137--142. Google ScholarDigital Library
- G. Wang, W. Zhang, G. Cao, and T. L. Porta. 2003. On supporting distributed collaboration in sensor networks. In Proceedings of the IEEE Military Communications Conference. Google ScholarDigital Library
- H. Wang and L. V. Lakshmanan. 2006. Efficient secure query evaluation over encrypted xml database. In Proceedings of the 32nd International Conference on Very Large Data Bases. Google ScholarDigital Library
- N. Wang and J. Lin. 2008. Network coding for distributed data storage and continuous collection in wireless sensor networks. In Proceedings of the 4th International Conference on Wireless Communications, Networking and Mobile Computing.Google Scholar
- Q. Wang, K. Ren, W. Lou, and Y. Zhang. 2009. Dependable and secure sensor data storage with dynamic integrity assurance. In Proceedings of the 28th IEEE International Conference on Computer Communications.Google Scholar
- W. K. Wong, D. W. Cheung, E. Hung, B. Kao, and N. Mamoulis. 2007. Security in outsourcing of association rule mining. In Proceedings of the 33rd International Conference on Very Large Data Bases (VLDB'07). 111--122. Google ScholarDigital Library
- M. Xie, H. Wang, J. Yin, and X. Meng. 2007. Integrity auditing of outsourced data. In Proceedings of the 33rd International Conference on Very Large Data Bases (VLDB'07). 782--793. Google ScholarDigital Library
- Z. Xu and H. Jiang. 2009. Hass: Highly available, scalable and secure distributed data storage systems. In Proceedings of the 12th International Conference on Computational Science and Engineering. Google ScholarDigital Library
- H. Yang, F. Ye, Y. Yuan, S. Lu, and W. Arbaugh. 2005. Toward resilient security in wireless sensor networks. In Proceedings of the 6th ACM International Symposium on Mobile Ad Hoc Networking and Computing. Google ScholarDigital Library
- J. Yang, Y. Chen, and W. Trappe. 2008. Detecting sybil attacks in wireless and sensor networks using cluster analysis. In Proceedings of the 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems. 834--839.Google Scholar
- F. Ye, H. Luo, J. Cheng, S. Lu, and L. Zhang, 2002. A two-tier data dissemination model for largescale wireless sensor networks. In Proceedings of the 8th ACM International Conference on Mobile Computing and Networking. Google ScholarDigital Library
- F. Ye, H. Luo, S. Lu, and L. Zhang. 2004. Statistical en-route filtering of injected false data in sensor networks. In Proceedings of the 3rd IEEE Conference of Communications Society.Google Scholar
- W. Zhang, G. Cao, and T. L. Porta. 2003. Data dissemination with ring-base index for wireless sensor networks. In Proceedings of the IEEE International Conference on Network Protocols. Google ScholarDigital Library
Index Terms
- Defending against Frequency-Based Attacks on Distributed Data Storage in Wireless Networks
Recommendations
Defending against path-based DoS attacks in wireless sensor networks
SASN '05: Proceedings of the 3rd ACM workshop on Security of ad hoc and sensor networksDenial of service (DoS) attacks can cause serious damage in resource-constrained, wireless sensor networks (WSNs). This paper addresses an especially damaging form of DoS attack, called PDoS (Path-based Denial of Service). In a PDoS attack, an adversary ...
Defending against false-endorsement-based dos attacks in wireless sensor networks
WiSec '08: Proceedings of the first ACM conference on Wireless network securityNode compromise is a serious threat in wireless sensor networks. An adversary can use compromised sensor nodes to inject false data to deceive the base station or he can try to deplete the energy resources of the sensor nodes. One approach to mitigate ...
Comments