A Privacy Enhanced Dcs Network Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Sensor networks are really useful for the emerging civil and military applications like target tracking, remote surveillance and habitat monitoring. In the sensor networks large amount of data is spread though out the network creates a demand for the efficient data dissemination techniques to access the data and find the relevant data with in the network. The demand for this data to access relevant data has led to the development of data-centric sensor networks (DCS). In this the data centric sensor networks the main importance is given to the nature of data in that network than the nodes that collect the data. The sensor data is based on name based attributes such as the event type or geographical location. According to the names the sensor data is passed to the sensor nodes and the data is stored in it. The data is passed and stored in the respective sensor nodes by a mapping function such a Geo Hash Table (GHT). The data of same name is stored in the same location of the network. Queries of any particular name of data are sent directly to the sensor nodes (where the data is stored),

using geographic protocol such as GPSR, rather than sending/flooding the query through out the network.

The above picture show is taken as an example to know about the DCS network. In this the DCS network is to monitor the animal done activities or the animal habitat to a particular location. The sensed data is used to see the animal activities or location they are habituated which is looked by zoologists or any unauthorized person to locate the animal for hunting. With Data Centric Sensor network the sensed data of one particular animal is sensed and send and stored in the location. So if the zoologist wants any information of the animal can send only one query to the right location of that animal event type like activities or the location based on habitat to get any information about it. As the same in the war field the soldier can get the information of his enemy war tank from the storage sensors through DCS network.

In most of the cases the DCS based data dissemination offers an advantage over the old external data dissemination in which the sensing data is collected and stored by the base station. In the network the nodes will send number of queries to the external storage based as it will be difficult for the base station to collect the query and send back to and forth and this scheme is very insufficient and thus causing the nodes close to the BS to die rapidly due to energy depletion. In the war field the external base station is very ineffective because it is like a single point physical destruction and compromise which is a failure to the security. The operation of old DCS does not retain the BS, instead mobile sinks such as mobile sensors, users or soldiers may be dispatched on-demand to collect the stored data (or to perform other tasks) on appropriate occasions. Without keeping in mind in terms of security the previous DCS was designed. The name based event or location based the sensing data is stored in the same node or may differ node which is based on publicly known mapping function. The mapping function and the types of events and the locations monitored in the system are known then it is easy for some one to determine the locations of the sensors storing different types of data. In the example show the zoologists can see the animal of interest by using the DCS system by locating the animal or activities of the animal. Whereas the hunter is permitted to hunt some animals (deer's, goats) but not protected ones (elephants). The previous unsecured DCS system may give a chance to the hunter to hunt the protected animals, so security and privacy must be provided to the DCS system. Securing the DCS system is complicated due to the network scale. Its also difficult to deal with the node compromises. The fact is also that the sensor networks are deployed in hostile and unattended nature. The low cost sensor nodes gives the tamper resistance and combined with the unattended and hostile nature it give a great chance for the attacker to break into the captures sensor nodes and read out the cryptographic keys and the sensor data also. For this to provide security and privacy a privacy-enhanced DCS system for unattended sensor networks is presented. First thing the attacker can compromise the node and obtain the cryptographic keys but he cannot decrypt the data stored in the compromised node. Secondly after the attacker has attained the compromise node he does not know where the event data is stored in the compromise node in the previous interval. Thirdly the pDCS has the efficient key management system for revoking the compromised node and prevent the attacker to know about the further events stored in the node. The pDCS using a private mapping function than using a public mapping function. The keys are assigned and updated to thwart outsider attackers or insider attackers from deriving the locations of the storage cells for previous sensor data. Updating of compromised keys makes an seamless mapping between logical and location keys.


To design an, a privacy enhanced DCS network with different levels of privacy that a data can be accessed where the levels of privacy is based on different cryptographic keys.


In sensor networks the demand to access the efficient data using some techniques to find relevant data (in sensor networks) had led to the development of Data-Centric Sensor (DCS) network. In this the attributes based naming in the sensor data are related to geographical location or event type. Saving the data in the sensor network is also a security problem with various factors like unattended nature of sensor network and lack to tamper resistance of the sensor nodes. An attacker can also locate the node compromise it by storing the event of his interest. The main objective is to provide security for data centric sensor networks.

Wireless Communication

"The increasing demand for high data rates in wireless communications due to emerging new technologies makes wireless communications an exciting and challenging field. The spectrum or bandwidth available to the service provider is often limited and the allotment of new spectrum by the federal government is often slow in coming".

The devices which are power requirements ought to use little power in order to conserve the batter life and reduce the production level. This leads the wireless designers to face challenge as a two-part one, higher data rates and also to develop the performance though there is no change in power. This channel is volatile, unsystematic and when compared to general i.e. wired channel error rates are poorer.

Many of the current and emerging wireless communication systems make use of diversity in case of designing a classic and well-known concept that has been used for the past half century in order to combat the detrimental effects of multi-path fading. Indeed, diversity techniques at the receiver use two or more copies of the same information-bearing signal are combined skillfully to increase the overall signal-to-noise ratio (SNR) and it still offer one of the greatest potential for radio link performance improvement to many of the current and future wireless technologies. For example, to meet stringent requirements for quality service requirements and spectrally efficient multilevel constellations, antenna (space) diversity is needed to offset penalty on the SNR due to fading and denser signal constellation. In addition, one of the most promising features of wideband code division multiple access systems is their ability to resolve additional multipath, resulting in an increased multipath diversity which can be exploited by rake reception.

The major problem that is faced in Wireless communications is out-of-phase reception of multi-paths that cause bottomless attenuation in the output signal that is known as Fading. Next to fading, deep fade occurs. This decrease is referred to as signal-to-noise ratio (SNR) and this result in inaccuracy access. Thus, this breaks the performance of the signal. In Fading, incorrupt communication is done via use the diversity techniques, where the receiver is an ordered multiple model for the transmitted signal and thus come under fading conditions. Thus, these reduce the probability and they are affected by a deep attenuation.

Wireless Propagation characteristics

In radio means, the signal at the receiver consists of a single direct path signal.

The signal is changed during transmission in the real channel. The output signal consists of a combination of reflected, refracted, attenuated and diffracted replicas of the transmitted signal. And this channel then adds noise to the signal which causes a shift in the frequency of carrier if the transmitter or receiver is moving which nothing but Doppler Effect is. As these effects on the signal affect the performance of a radio system it implies that it is dependent on the characteristics of radio channel.


To improve the consistency of wireless channels which range from new transport-layer procedures to stout physical-layer schemes, the following schemes are included to improve the modulation and coding. The evolution and group of techniques are based on the errors or corrupted signal that is occurred in statistically environment of errors. Thus, an excellent considerate of the nature of errors or corruptions that had been occurred in these channels is crucial in having a consistent wireless communication for upper-layer applications. . Some of the main causes of bit errors, and consequently packet losses, in the widely deployed in wireless channel as described below are defined by Haowei Bai:

"Attenuation: This is due to a decrease in the intensity of electromagnetic energy at the receiver (e.g., due to long distance), which leads to low signal-to-noise ratio (SNR).

Inter Symbol Interference (ISI): This is caused by delay spread (the arrival of a transmitted symbol is delayed), resulting in partial cancellation of the current symbol.

Doppler shift: This is due to the relative velocities of the transmitter and the receiver. Doppler shift causes frequency shifts in the arriving signal, thereby complicating the successful reception of the signal.

Multipath fading: Caused by multipath propagation of radio frequency (RF) signals between a transmitter and a receiver. Multipath propagation can lead to fluctuations in the amplitude, phase, and angle of the signal received at a receiver". (Bai, 2003)

What is Wireless sensor network (example)

Large number of heterogeneous sensor devices (Ad Hoc Network) and complex sensor nodes with communication, processing, storage capabilities

Challenges of WSN

• Requirements: small size, large number, tetherless and lowcost. Hence constrained by- Energy, computation and communication

• Small form factors => prohibits large long lasting batteries

• Cost & energy => low power processors, small radios with minimum bandwidth & small transmission ranges.

• Ad-hoc deployment => no maintenance and battery replacement

• Increase NW lifetime => No raw data to gateway for compilation.

Literature survey

Existing System:

The previous DCS systems, however, were not designed with security in mind. All data of the same event type are stored at the same node or several nodes based on a publicly known mapping function. As long as the mapping function and the types of events monitored in the system are known, one can easily determine the locations of the sensors storing different types of data. Securing DCS systems is complicated by the network scale, the highly constrained system resource, the difficulty of dealing with node compromises, and the fact that sensor networks are often deployed in unattended and hostile environments. The low cost of sensor nodes (e.g., less than as envisioned for smart dust) precludes the built-in tamper-resistance capability of sensor nodes.

Proposed System:

We present pDCS, a privacy-enhanced DCS system for unattended sensor networks. To the best of knowledge, pDCS is the first one to provide security and privacy to DCS networks. Specifically, pDCS provides the following features. First, even if an attacker can compromise a sensor node and obtain all its keys, he cannot decrypt the data stored in the compromised node. Second, after an attacker has compromised a sensor node, he cannot know where this compromised node stored its event data generated in the previous time intervals. Third, pDCS includes very efficient key management schemes for revoking a compromised node once its compromise have been detected, thus preventing an attacker from knowing the future storage location for particular events. Finally, pDCS provides a novel query optimization scheme to significantly reduce the message overhead without losing any query privacy.

Need of the project

The need is to provide security and privacy for wireless sensor network.

Related Diagrams:

Architectural Diagram

Data flow diagram

Class Diagram

Related works

The related works are divided to three different parts.

Privacy and Anonymity.

Key-Management and

Local-Based Forwarding.

Privacy and Anonymity

Restricting the MS to access the data of the sensor there are two approaches one is policy enforcement and data perturbation. In the first approach the studies carry out that in Policy enforcement the access control decision are based on the location privacy policies. Alternatively the other mechanism anonymity can also be used for particular required levels of privacy by properly perturbing the sensor data before its release. The previous studies proposed techniques such as hierarchical data aggregation and data cloaking to make sure that the individual monitored the data can be prevented from the attacker where the attacker know the precise location of that individual. The main difference between our work and the previous work is that we achieve the sensor data privacy level in hostile and unattended nature by random location mapping and encryption instead of the old study techniques such as data perturbation and policy enforcement. The both techniques that is the encryption and location mapping can be combined jointly if needed as both the techniques are complimentary to each other. In one of the previous studies by Deng et al said that the attacker will analyse the observed traffic in sensor networks in which a single attacker will trace back to the data source by this analysed traffic in the sensor network, where sensor nodes report that the data is fixed to the external sink. To mislead the attacker from getting the sensor data the traffic pattern is distributed such that the attacker can be mislead and made confused from getting the sensor. Currently, pDCS yet does not include its own identity communication techniques. It depends on one of the schemes to provide the service whenever it is required. In this the proposal of initial version of pDCS is defined but important issues that the DCS based sensor network used by zoologists ( as taken as the example in the beginning) must be can use it to know the location of the board and deer's where as the hunter must know the location of this animals only but not the protected one's like elephants.

Key Management

The key management for sensor networks is extensively studied recently. By trusted third party (BS) a pair wise key establishment schemes are there. The pDCS will adopt one the schemes of the pair wise key management schemes. This pair wise key management scheme is adopted based on the requirement of the security, privacy level and the resources. Many logical-key-tree (LKH) are proposed in wired networks for secured multicast. Since this are not designed keeping in the mind of sensor networks this schemes are not efficient and less optimised when they are employed in this sensor networks directly. The updated group key is distributed in a network through encryption called hop-by-hop by trading computation for communication. There are two main differences between key management scheme and above one. Firstly the update of group key in the pDCS also needs the cell keys and the row keys to be updated with node revocation. Secondly the key encryption key in pDCS is location-dependent keys. This allows reducing further rekeying overhead.

Location-Based Forwarding

The location- aided routing was proposed to reduce the cost of discovery by restricted area flooding when the uncertainty about a destination is limited. The routing scheme GPSR choose the hop I such a way that it progress towards the destination. In this the delivery of the packets is guaranteed by the algorithm and the network graph which will prevent the obstacles and using the right hand rule. The previous studies showed trajectory-based routing, in which the source encodes trajectory to travel across/pass over and fix it into each packet. The intermediate nodes will follow the forwarding techniques upon the arrival of each packet when it must be forwarded further. Then the packet follows the trajectory as much as possible. With this scheme the routing table needs not be used at the intermediate nodes as it is source based. This scheme is not for random shape trajectory and suitable for regular shape trajectory.


Network Model

In the pDCS the sensor networks are like divided group of cells (or grids) each of the cell communicates directly with its neighbouring cell. The cell coordinates action like detecting the event and storing the sensor data. Every cell has an unique ID and knows in which it is located with GPS when affordable. When the GPS is too expensive to employ or the service is not available then attack resilient GPS can be employed as pDCS does not replay on absolute coordinates. One of the examples is that Verifiable Multilateration (VM), which is used to measure the distance of the radio signal propagation time providing the accurate sensor positioning and is secured. Considering the events may of different types. Taking an example like the animals habituated to a particular location or based on the activities of the animals are considered and taken into account as one type of event. For collecting the data / performing the key management a trusted MS will work as network controller will enter the network at a particular correct time interval. Also considering that the clocks of sensor nodes in a network are loosely synchronized based on an attack-resilient time synchronization protocol.

Attack Model

In the sensor network the attacker can attack all the layer of the protocol stack with various security attacks. Instead of knowing about the attacks let's focus on particular security problems in the pDCS network. The main concept behind the attacker in the pDCS network is to steal the event data of the attacker interest. To get his event of his interest the attacker may launch the following attacks.

Passive Attack: An attacker may passively eavesdrop on the message transmissions in the network. By message encryption with keys of sufficient length the passive attack can be easily addressed.

Query Attack: To get the attacker's event of interest he send a query into the network. It can address by source authentication where the nodes answer to the authorized entity only.

Readout Attack: The attacker can get the sensor data directly by capturing the sensor nodes. It is not that much hard to get the data from ROM and RAM of sensor nodes.

Mapping Attack

Identifying the mapping relation between the cells is the main goal of the attacker. The attacker will specifically identify the storage cell or the detection cell to be figured out to get his event of interest from the storage cell. Mapping attack is normally followed by a readout attack. It is easier for the attacker to compromise the node rather than breaking the authentication/encryption algorithm. From the above various types of attacks the attacker prefers for more read-out and mapping attack. Storing the encrypted data locally may not be addressed by the readout attack and therefore the attacker who had captured the sensor nodes can readout the encryption keys.

Security Assumptions

Assuming that the authorised MS has a mechanism to authenticate broadcast messages (e.g., based on TESLA) and every node can verify the broadcast messages. By compromising a node the attacker can get all material of the keying of that compromised node. It is not easy to capture a sensor node by the attacker as it depends on the geographical location and the size of the sensor nodes. There is a chance of identifying the attacker when he trying to compromise more sensor nodes as it takes more time to capture so many number of sensor nodes. The attacker has the chance to correlate the detection cell and the storage cell without knowing the mapping function by analyzing the traffic.

Design Goal

The main goal is to make the attack not to steal any sensor data of his event of interest from the DCS network by various attacks. In further detail the attacks (Passive, Query, Readout and Mapping) that are specified to the pDCS network is to be addressed. The passive attack and the query attack can be addressed easily. Mainly we discuss about the requirements need to address the other attacks that is Readout attack and Mapping attack.

Event data confidentiality: In this even if the attacker compromises the node and and obtain all the material of the keys to proceed to have the data stored he must be prevented.

Backward event privacy:

The attacker should be prevented from obtaining the pervious sensor data of his interest although if he had already compromised the nodes.

Forward event privacy:

In this we have to thwart an attacker regarding the sensor data of his interest in future to steal that sensor data by him if he had already compromise the node.

Query Privacy

In this the MS should reveal about a little amount of the location of the sensor data as possible to MS. In this if the various types of event are stored in the same storage cell if a query sent to that particular event will also reveal the other events. This makes the attacker not to take much effort for mapping attack. As the sensor networks are limited in resources the security mechanism should be resource efficient. As an example if it is possible its better to prevent public key operations and network-wide flooding.


Business Description

Large volume of data spread across wide network. Efficient data dissemination/access techniques are used to extract relevant data. In DCS nature of data is important than the identities of the node. Sensor data is named based on even type or geographic location.

Sensor data is stored in nodes determined by Geo. Hash Table (GHT)

Data with same name are co-located

Queries are sent directly using Geo. Routing protocol (e.g. GPSR) vs. flooding

Fig. 1 Sensing data about an animal aggregated and stored in one location

BS based is inefficient since large data is exchanged back and forth

Nodes close to BS will die very quickly due to energy depletion

BS is attractive for attack and single point of failure

DCS does not need presence of BS, Mobile sinks (MSs) are dispatched on demand to collect stored data.

Problem Statement

First, even if an attacker can compromise a sensor node and obtain all its keys, he cannot decrypt the data stored in the compromised node. Second, after an attacker has compromised a sensor node, he cannot know where this compromised node stored its event data generated in the previous time intervals. Third, pDCS includes very efficient key management schemes for revoking a compromised node once its compromise have been detected, thus preventing an attacker from knowing the future storage location for particular events. Finally, pDCS provides a novel query optimization scheme to significantly reduce the message overhead without losing any query privacy.

First one to provide security and privacy to DCS networks.

Can not get the sensor data from a node even with key compromise

Can not get previous event data even with node compromise.

Revokes compromised node to prevent attacks on future storage locations.

Provides novel query optimization to reduce message overhead still preserving privacy

Private data-location mapping based on cryptographic keys, with periodic key updates.

Query optimization based on Euclidean Steiner Tree (EST) and keyed Bloom Filter (KBF) to reduce message overhead.

FUNCTION Requirement

DFd Diagram

Use case description

Mainly address readout and mapping attack. Event Data Confidentiality: Though keys of a node are compromised, can not decrypt data. Backward event privacy: Attacker is prevented from obtaining previous sensor data though some nodes are compromised. Forward event privacy: Thwart an attacker from obtaining future data though some nodes are compromised. Query Privacy: MS query reveal as little location information of sensor data. Resources constrained and hence avoid network wide flooding or public key operations as much possible.


a) Performance requirement

Location Privacy and Communication anonymity

- Restrict data access using policy enforcement and data perturbation.

- Data Cloaking and hierarchical data aggregation

- pDCS in contrast uses encryption and random location mapping.

- conceal BS using constant rate and mix techniques to hide sender-receiver correlations.

- phantom flooding and disturbed data to mislead attacker.

b) Interface Requirement

Key Management

- pair wise key management with trusted BS.

- LKH based group key management for multicast.

- Not suited for sensor networks.

- updated group key distribution using hop-by-hop encryption

- Use geographic based mapping for efficient group re-keying.

- pDCS uses row keys and cell keys in addition to group key. Cell based partition reduces re-keying overhead.

Location based forwarding

- location aided routing to reduce flooding overhead

-greedy routing (GPRS) chooses next hop that provides most progress to destination

- pDCS uses trajectory based routing , trajectory encoded in each packet using EST. A novel KBF based approach.

c) Operational requirement

Assumes attacker targets specific event data

Attacker may launch

Passive attack: By eavesdropping. Solution: encryption

Query attack: Send query to target data. Solution: Authentication e.g. using micro-Tesla for broadcast.

Readout attack: Capture some nodes and read data.

Mapping attack: Obtain mapping storage vs. detection cells.

Software Requirements:

Core Java

Swing Frond End

JDK 1.5

Windows XP

Hardware Requirements:

Hard Disk : 40 GB

RAM : 256 mb

Processor : Pentium IV

d) Resource Requirement

Each sensor processes 5 types of keys

- Master key shared only with MS.

- Pair wise key shared with every neighbour.

- Row key shared by all sensors in same row.

- Cell key shared by all sensors in a cell.

- Group key shared by all sensors in a network.

Sensed data handled using 6 steps (Event -E at Time -T, detection cell -u and storage cell -v)

- determine storage cell using keyed hash function.

- encrypts recorded information with cell key.

- Forward message towards destination. Apply techniques to prevent attacker analyzing traffic and injecting false packets.

- Storage cell v stored the message locally.

- Authorized MS interested in event E at cell -u , determines storage cell -v using mapping and queries cell -v directly. Query optimization is used to reduce message overhead.

- After MS receives data of interest, decrypts using cell key.

e) Security requirement

Without knowing mapping key attacker can not get the mapping of cell-u and cell-v

Since storage cell does not posses decryption key, readout attack is difficult though a node is compromised in cell -v.

Attacker can launch various attacks only if he knows the mapping.

Key point of the design hence is to secure mapping function to randomize mapping among cells.

f) Quality and reliability requirement

All m detection cells are mapped to one location

Attacker randomly compromise a node to get group key

Locate storage cell based on group key.

Data stored is encrypted using individual cell key. Attacker has to first get cell-ID randomly from m-detection cells.

Assume attacker compromise up to s cells.

First compromise cell is Storage cell with probability (1/N). Attacker will randomly compromise (s-1) cells from (N-1) cells.