Watermark Based Secure Data Collection Mechanisms In Sensor Networks

Wireless sensor networks hold a great prospect in the field of military and civilian, but they are usually deployed in the dangerous or even hostile environment, which make them prone to be attacked and compromised. In particular attackers may inject false data into a sensor network through those compromised sensor nodes within the network, which will compromise the accuracy of the data items collected by all sensor nodes, or interfere the user decision-making, or let the network system unreliable. Therefore, how to design secure protocols for data collection in wireless sensor networks is regarded as an important unsolved issue. In this thesis we focus on the problem that how to ensure the safety and reliability of sensor collected data. The main research work includes the following:(1) We propose a cooperative watermark scheme to recognize and filter the false data. Firstly, we propose a cooperative watermark mode under which each data packet will be with two kinds of watermark embedded, one is robust watermark for the identification of the sender and freshness authentication of the data items; the other is the so called Semi-Fragile watermark for the authentication of the data content, which is generated by the t witness nodes. This cooperative watermark mode holds several distinguishing merits. First, different watermarks will do not interfere with each other; Second, each sensor can extract the watermark embedded in its packets to verify the correctness of the packet while cannot modify or fabricate the watermark. Based on it we propose a cooperative watermark based operation algorithm for authenticating and filtering the false data. Both the theoretical analysis and experimental results show that, by embedding watermark into the data items’our algorithm can achieve good performance in both the peak signal to noise ratio and signal to noise ratio in most cases. Meanwhile, this algorithm is highly sensitive to malicious modification on the data and holds good robustness to noise interference and lossy compression. Compared with the existing MACs (Message Authentication Code) based filter algorithms, our algorithm consumes a lower communication overhead and achieves a higher efficiency for recognizing and filtering false data.(2) We propose a distributed multiple semi-fragile watermarks algorithm for recognizing and filtering the false data. Firstly, according to the fact in sensor networks that sensors in one cluster will be collaborative with each other to aggregate and transmit data items, we propose a distributed multiple semi-fragile watermarks algorithm, under which the watermark generation, embedding and extraction are accomplished by multiple witness nodes in a cooperative manner instead of the self-manner. Such a kind of algorithm can save the energy consumption and also prevent revealing those secret keys in case a single sensor is compromised. Based on it we propose a distributed multiple semi-fragile watermarks algorithm for filtering false data. This algorithm authenticates the accuracy, integrity and freshness for the data packets using watermarks instead of MACs. Compared with the existing filtering algorithms based on MACs, our algorithm has a better capability for filtering false data, and consumes less communication energy, and holds the advantage of "robust, yet fragile", and also supports intra-network lossy data processing and partly resists the noise interference.(3) Visual Sensor Networks (VSN) has a high QoS demand, but the traditional QoS guarantee mechanism is not applicable to the VSN as the VSN holds the special features such as mismatch between its transmission and sensing. In this respect, based on the fact of VSN that sensors in it are collaborative in their work, we propose a sensor node cooperating based interleaving embedding and watermark technology, so that the sub-blocks in an image can carry the watermark information of other sub-blocks, which is different from the previous error control techniques under which the error control code or redundant transmission data is added. After receiving images, sink could recover or restore damaged regions of images using the watermark information so as to improve the quality of collected images. Compared with the previous error control techniques, this algorithm is more suitable for VSN in that it can save the communication cost and also hold better tolerance for packet loss.(4) In two-tiered sensor networks, storage nodes are more prone to be attacked than sensors as they are in charge of storing collected data and also processing queries issued by the sinks. A compromised storage node will not only reveal the sensitive data collected by the sensors, but also answer the incomplete or false query results. We propose a so called QuerySec scheme, a protocol which enables storage nodes to process queries correctly while prevents them from revealing the sensitive data and queries. To protect privacy, we propose a privacy preserving scheme based on two-variable polynomail function in which both the sensor collected data and the sink issued queries are encoded by polynomail function, which enables storage nodes to process queries correctly without knowing the actual values of both data and queries. To preserve integrity, we propose a link watermarking scheme, in which data items are formed into a link structure via the watermarks embedded in them so that any deletion in the query results can be detected. In addition, we propose a method which allows the sink to distinguish failure of the sensors from storage node misbehavior when the sink does not receive any data from a sensor.