Thesis

More documents

Recommendations

Info

1. INTRODUCTION only data sent to the base station is the occurrence of the event. Thus the presence of communication reveals the location of the event. In some situations, it must be hidden from an attacker. Some approaches are described in the following: Baseline and probabilistic flooding mechanisms: The basic idea of baseline flooding is for each sensor to broadcast the data it receives from one neighbor to all of its other neighbors. The premise of this approach is that all sensors participate in the data transmission so that it is unlikely for an attacker to track a path of transmission back to the data source [Kamat et al., 2005]. This can be further optimized if not every node rebroadcasts the message, only a probabilistic set of them. Random walk mechanisms: According to [Kamat et al., 2005], a random walk can be performed before the probabilistic flooding to further increase the uncertainty of the attacker. To improve simple random walk, a two-way greedy random walk(GROW) scheme was proposed in [Xi et al., 2006]. Dummy data mechanism: To further protect the location of the data source, fake data packets can be introduced to perturb the traffic patterns observed by the adversary. In particular, a simple scheme called Short-lived Fake Source Routing was proposed in [Kamat et al., 2005] for each sensor to send out a fake packet with a pre-determined probability. Fake data sources mechanism: The basic idea of fake data source is to choose one or more sensor node to simulate the behavior of a real data source in order to confuse the adversaries [Mehta et al., 2007]. Location privacy of base station: In a WSN, a base station is not only in charge of collecting and analyzing data, but also used as the gateway connecting the WSN with outside wireless or wired network. Consequently, destroying or isolating the base station may lead to the malfunction of the entire network. This can be circumvented if the location of the base station is unknown to the adversary. Defense against local adversaries: The location information or identifier of the base station is sent in clear in many protocols. These information must be hidden from an eavesdropper, which can be done by traditional cryptographic techniques (encryption). Another problem can be if the attacker can follow the way of packets from the source towards the base station. This can be mitigated by changing data appearance by re-encryption [Deng et al., 2006a; Dingledine et al., 2004], routing with multiple parents [Deng et al., 2005; Deng et al., 2006a], routing with random walk [Jian et al., 2007], or decorrelating parentchild relationship by randomly selecting sending time [Deng et al., 2006a]. Defense against global adversaries: The techniques discussed above are inefficient against a global attacker. To fight against a global attacker the traffic patterns of the whole network must be modified. This can be done by hiding traffic pattern by controlling transmission rate [Deng et al., 2006a], or by propagating dummy data [Deng et al., 2005; Deng et al., 2006a]. – Temporal privacy problem: When an adversary eavesdrops a message, it can deduce the sending time of the message from the time it eavesdropped and the TTL value. In some applications this information must be hidden. It can be done by randomly delaying the messages by the relaying nodes [Kamat et al., 2007]. As it can be seen from the discussion above, a considerable amount of work has been done in the field of privacy in wireless sensor networks. However, the particular problem of location privacy of aggregator nodes received less attention. Therefore, in Chapter 4, I study this problem and propose two anonym aggregator election protocols, which can hide the identity of the aggregator nodes. 6
1.3. Introduction to Wireless Sensor Networks The remainder of the dissertation is organized as follows: In Chapter 2, I propose two private authentication schemes for resource limited systems, such as RFID systems. The results presented in Chapter 2 have been published in [Buttyan et al., 2006a; Buttyan et al., 2006b; Avoine et al., 2007]. In Chapter 3, I analyze the privacy achieved by pseudonym changing techniques in vehicular ad hoc networks, and propose a pseudonym changing algorithm for VANETs. All results of Chapter 3 have been published in [Buttyan et al., 2007; Papadimitratos et al., 2008; Holczer et al., 2009; Buttyan et al., 2009]. In Chapter 4, I analyze how an aggregator node can be elected and used in wireless sensor networks without revealing its identity. All results of Chapter 4 have been published in [Buttyán and Holczer, 2009; Buttyán and Holczer, 2010; Holczer and Buttyán, 2011; Schaffer et al., 2012]. The possible application of the new results can be found in Chapter 5, while Chapter 6 concludes the dissertation. 7
Page 1: Budapest University of Technology a
Page 5 and 6: Abstract Wireless networks are used
Page 7 and 8: Kivonat Vezeték nélküli hálóza
Page 9: Acknowledgement First of all, I wou
Page 12 and 13: CONTENTS 4 Anonymous Aggregator Ele
Page 15: List of Tables 2.1 Illustration of
Page 19 and 20: Chapter 1 Introduction In this diss
Page 21 and 22: 1.2. Introduction to Vehicular Ad H
Page 23: 1.3. Introduction to Wireless Senso
Page 28 and 29: 2. PRIVATE AUTHENTICATION Some year
Page 30 and 31: 2. PRIVATE AUTHENTICATION anonymity
Page 32 and 33: 2. PRIVATE AUTHENTICATION Obviously
Page 34 and 35: 2. PRIVATE AUTHENTICATION In order
Page 36 and 37: 2. PRIVATE AUTHENTICATION Proof. By
Page 38 and 39: 2. PRIVATE AUTHENTICATION 2.4 Analy
Page 40 and 41: 2. PRIVATE AUTHENTICATION For each
Page 42 and 43: 2. PRIVATE AUTHENTICATION Reader R
Page 44 and 45: 2. PRIVATE AUTHENTICATION P ( ( N
Page 46 and 47: 2. PRIVATE AUTHENTICATION Avoine et
Page 48 and 49: 3. LOCATION PRIVACY IN VANETS pseud
Page 50 and 51: 3. LOCATION PRIVACY IN VANETS Since
Page 52 and 53: 3. LOCATION PRIVACY IN VANETS This
Page 54 and 55: 3. LOCATION PRIVACY IN VANETS reach
Page 56 and 57: 3. LOCATION PRIVACY IN VANETS N5.1
Page 58 and 59: 3. LOCATION PRIVACY IN VANETS Succe
Page 60 and 61: 3. LOCATION PRIVACY IN VANETS Figur
Page 62 and 63: 3. LOCATION PRIVACY IN VANETS 3.7.2
Page 64 and 65: 3. LOCATION PRIVACY IN VANETS map,
Page 67 and 68: Chapter 4 Anonymous Aggregator Elec
Page 69 and 70: 4.2. System and attacker models res
Page 71 and 72: 4.3. Basic protocol The main differ
Page 73 and 74: Table 4.1: Estimated time of the bu
Page 75 and 76:
Probability of being cluster aggreg
Page 77 and 78:
− n∑ i=1 H = − n+1 ∑ 4.3. B
Page 79 and 80:
4.4. Advanced protocol Table 4.3: S
Page 81 and 82:
100 90 80 70 60 50 40 30 20 10 0 0
Page 83 and 84:
4.4. Advanced protocol If we consid
Page 85 and 86:
4.4.4 Query 4.4. Advanced protocol
Page 87 and 88:
L N D B NM < L N (4.5) A (4.7) (4.6
Page 89 and 90:
R ′ = R− N i=1 h(Q|ki) ÆÓ Å
Page 91:
4.7. Related publications systems w
Page 94 and 95:
5. APPLICATION OF NEW RESULTS an ap
Page 96 and 97:
6. CONCLUSION on this knowledge, sh
Page 99:
List of Acronyms CA Cluster Aggrega
Page 102 and 103:
LIST OF PUBLICATIONS [Holczer and B
Page 104 and 105:
BIBLIOGRAPHY [Beye and Veugen, 2011
Page 106 and 107:
BIBLIOGRAPHY [El Zarki et al., 2002
Page 108 and 109:
BIBLIOGRAPHY [Juels, 2005b] A. Juel
Page 110 and 111:
BIBLIOGRAPHY [Oliveira et al., 2008
Page 112:
BIBLIOGRAPHY [Wiedersheim et al., 2
show all

Thesis

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?