SECURE AND PRIVACY-PRESERVING DATA AGGREGATION IN WIRELESS SENSOR NETWORKS
Saudi Digital Library
Wireless sensor networks (WSNs) are widely expected to play an important role in future IoT-power smart cities, which are expected to have all kinds of embedded sensors continuously sensing the city space and generating an unprecedented volume of heterogeneous data. Since blindly collecting all raw sensed data from sensor nodes will incur significant communication and computation overhead and quickly drain sensor nodes' batteries, data aggregation is widely regarded as a key enabling functionality for WSNs but nevertheless faces various security and privacy challenges. Despite the large body of literature on secure and privacy-preserving data aggregation, this dissertation aims to identify new security attacks on data aggregation and develop novel secure and privacy-preserving data schemes to support complex aggregation functions. First, we introduce a novel enumeration attack against existing secure additive aggregation schemes. While secure additive aggregation such as Sum and Average has been studied extensively in the past, none of the existing solutions were designed to detect or defend against compromised sensor nodes forging their own readings, as it is widely assumed that a small number of compromised sensor nodes forging their own reading has very limited impact on the final aggregation result. We take VMAT, a representative secure additive aggregation scheme, as an example to show that this long-held assumption does not hold. Specifically, the enumeration attack allows a small number of compromised sensor nodes to significantly inflate the final aggregation result by selectively forging their own readings. We also introduce an effective defense against the enumeration attack and confirm its effectiveness by simulation studies. Second, we study the problem of secure quantile summary aggregation. A quantile summary allows a base station to extract the φ-quantile for any 0< φ <1 of all the sensor readings in the network and can provide a more accurate characterization of the data distribution than simple statistics such as sum and average. While efficient quantile summary aggregation has been studied in the past, there has been no solution for secure quantile summary aggregation. To tackle this open challenge, we first experimentally study the impact of several malicious attacks on quantile summary aggregation and then introduce a novel secure quantile summary aggregation protocol built upon efficient cryptographic primitives. Finally, we study the problem of privacy-preserving quantile summary aggregation. Privacy-preserving data aggregation is needed when the data generated by sensor nodes, which allows the base station to learn useful aggregates of sensed data while ensuring data privacy for individual sensors. Similar to the lack of a secure quantile summary aggregation solution, how to realize privacy-preserving quantile summary aggregation remains unknown. To fill this void, we design a novel scheme to enable efficient quantile summary aggregation while guaranteeing local differential privacy for individual sensors and use simulation studies to confirm its effectiveness.