A simple and effective scheme to find malicious node in wireless sensor network
Panda lacotion
1. Enhancing Source-Location Privacy in
Sensor Network Routing
P. Kamat, Y. Zhang, W. Trappe and C. Ozturk
Proceedings of the 25th IEEE Int. Conference on Distributed Computing Systems
Rutgers University
Matthew Sanderson
1
2. Presentation Outline
Introduction to issue
Panda vs Hunter
Techniques for Stationary Sources
Routing Protocols
Performance Comparison
Improvement for privacy.
(Briefly) Mobile Sources
Related/Future Work
Conclusion
Questions
2
3. The issue is privacy.
“Guarantee that information is observable or decipherable
by only those who are intentionally meant to observe or
decipher it.”
Two broad categories:
content-oriented
context-oriented
3
5. Contextual Privacy
Deals with context in
which the sensor
application works.
In this case: location
Not as thoroughly
researched.
What this paper covers.
5
6. Source-location Privacy
Privacy of the node sending the initial message.
Two metrics:
safety period – how long until the node is
discovered
capture likelihood – how likely it will get discovered
6
7. Accomplishing source-location privacy
Look at popular routing techniques.
Augment these techniques with a new approach.
Energy consumption still important.
7
8. Panda-Hunter Game Model Scenario
Panda-Hunter Game:
A sensor network has been
deployed to monitor a panda
habitat.
Sensors send Panda_Here
messages
Messages are forwarded to a data
sink.
The hunter observes packets and
traces his way back to the panda.
Privacy Goal: Increase the time
needed for an adversary to track
and capture the panda (safety Data Sink
period).
Sensor Node
Slide source: Wenyuan Xu
8
9. Additional Game Setup Issues
One panda – one source
Additional Goal: deliver
messages to base station.
Concern: energy usage.
Data Sink
Sensor Node
9
10. The Hunter
Non-malicious – does not
interfere with network
Device-rich – has devices to
measure angle of arriving
message
Resource-rich – move at any
rate and unlimited power
Informed – knows how the
network works
10
11. How the hunter gets each message.
Two primary routing
techniques.
Flooding
Single-path
New approach: Phantom
Routing.
11
12. Routing Techniques - Flooding
Flooding-based: source
sends the message to all
its neighbors, who in turn
do the same.
If node has received it
already, the node discards
it.
Performance
drawbacks, but easy
implementation.
12
13. Probabilistic Flooding
Like flooding, but with a
probability.
When a node receives a
message, it randomly
generates a number
uniformly distributed
between 0 and 1.
If # < forwarding
probability, it
sends, otherwise, it
doesn't.
13
14. Single-Path Routing
Instead of sending out to all
neighbors, single-path sends
out to one or a small subset
of neighbors.
Usually require extra
hardware or a pre-
configuration phase.
Data Sink
Sensor Node
14
17. Privacy of Routing Techniques
Problems with single-path and flooding
Single-path reduces energy, but poor at protecting source-
location privacy.
Flooding isn't any better, because the shortest-path is still
contained within the flood.
Probabilistic flooding helps – higher safety period, but at the cost
of delivery ratio.
There is room for improvement.
Maybe trick the hunter?
17
18. Routing with Fake Sources
Idea: inject fake messages
to throw off hunter.
Multiple ways this can be
done.
Short-lived – similar to
probabilistic flooding.
18
19. Persistent Fake Source
Short-lived fake sources can only draw the hunter away
momentarily.
A persistent fake source is more effective, but requires a
global overview of network.
Source sends its hop count to sink – sink instigates a fake
source at a node with the same hop count in the opposite
direction.
Works best when fake source sends at higher rate than
real source, but requires large energy budget.
19
20. Problem with Fake Sources: Perceptive Hunter
Recall the assumptions on our hunter – he's informed.
Once he realizes the fake source, he knows which
direction to go for the real source.
We need a new approach.
20
21. Phantom Routing
Idea: entice hunter to
phantom instead of
source.
Has two phases:
Random walk phase
Flood/Single-path
phase
21
22. Types of Random Walk
Sector-based – requires
knowledge of landmark
nodes to send message
away from source.
Hop-based – requires
knowledge of the hop
count from each node to
the base station.
22
23. Phantom Routing Performance
Can significantly improve
the safety period.
Higher the
hopcount, higher the
safety period.
Also increases latency
(Random walk of 20: 30%
increase = 4x privacy).
23
24. Possible Counter: Cautious Hunter
Since the phantom routing may leave the hunter
stranded, after some time, the cautious hunter may go
back.
No benefit – no progress made by hunter.
Better to be patient.
24
25. Mobile Source
Need to rethink entire
process again.
Depends on panda's
movement pattern and
velocity.
25
26. Panda Velocity
More profound on single-path routing, as subsequent
route may have little overlap compared to flooding.
Panda's speed with single-path is protection enough.
Improves privacy of phantom routing.
26
27. Hunter's Range
Not so surprising, if the
hunter's hearing range is
increased, the hunter is
more effective.
27
28. Related/Future Material
Entrapping Adversaries for Source Protection in Sensor Networks
Yi Ouyang, Zhengyi Le, Guanling Chen, James Ford, Fillia Makedon – Dartmouth College
Preserving Source Location Privacy in Monitoring-based Wireless Sensor
Networks
Yong Xi, Loren Schwiebert, Weisong Shi – Wayne State University
Location Privacy in Sensor Networks Against a Global Eavesdropper
Kiran Mehta, Donggang Liu, Matthew Wright – University of Texas at Arlington
28
29. Conclusion
The panda-hunter game is somewhat contrived.
Does a great job at visualizing concept.
Concept is simple and effective.
Source-location privacy for sensor networks seems to be
a minor issue.
I'm willing to admit I'm wrong here.
Come up with some examples.
29