Research On Safe And Security Protocol In Two-tired Sensor Networks

Wireless Sensor Networks hold a great prospect in the field of military and civilian. Two-tiered architecture, which offers good scalability, efficient query processing and saving energy and space for sensors, has been increasingly adopted by large-scale sensor networks. However, storage nodes, which not only provide storage service for sensors but also process sink issued queries, are vulnerable to be attacked in hostile environments. A compromised storage node poses great threat to the networks such as revealing sensitive information, replying false results. It is of great importance to design and implement a series of safe and security protocols in two tiered sensor networks to protect data’s privacy and verify results’ correctness. In this thesis, we focus on designing security protocols in two-tiered sensor networks. Our main research work includes following aspects:(1) We propose VQuery, a privacy and integrity preserving range query protocol. VQuery enables storage nodes process queries correctly while prevent them from leaking both sensor collected data and sink issued queries. To preserve privacy, we present an order preserving scheme, in this scheme we encode both sensor collected data range information and sink issued queries by order preserving function, which enable storage nodes process encoded queries over encrypted data correctly without knowing their actual value. To preserve integrity, we propose a linking watermark technology, which can verify the integrity of query results efficiently. To verify the integrity of multi-dimensional data query results, we propose a data structure named Multi-Range Tree to represent multi-dimensional data. To test the efficiency of VQuery, we implemented VQuery along with SafeQ and S&L scheme in Omnet++and performed extensive side-by-side comparison between them. Results show that VQuery outperform SafeQ and S&L scheme in terms of both power consumption and storage space consumption.(2) We propose a secure Top-k query protocol:SecTQ. SecTQ enables storage nodes to process queries correctly while preventing them from leaking the sensitive data collected by sensors. To preserve privacy, the direct comparison of data items collected by different sensors is transformed into the comparison of the collected data items and query-comparison value provided by the sink. Moreover a polynomial function-based preserving scheme is proposed to encode for both the data items collected by sensors and the query-comparison values of the sink, which allows the storage nodes to perform queries without knowing the actual values of both the collected data and query-comparison values. To preserve integrity, we adopt Merkle hash tree to verify the correctness of query results. We compared SecTQ with Z&S scheme, which only provides integrity preserving for query results, in terms of power consumption and storage space. The experimental results show that SecTQ is more efficient than Z&S scheme.(3) We propose a privacy preserving conditional aggregation protocol that enables storage nodes to aggregate the data items satisfied sink issued queries correctly while prevent them from revealing both sensor collected data and sink issued queries. To protect privacy for sensor collected data and sink issued queries, we propose a encoding method based on prefix membership verification and bloom filters to encode both sensor collected data and sink issued queries, which allows storage nodes process queries correctly without knowing their actually value. We adopt homomorphism encryption method to encrypt sensor collected data, which enables storage nodes to process aggregation on encrypted data items. To reduce corresponding energy consumption between sensors and storage nodes, we propose a code table method to represent and transmit data items. Analysis and experiments validate the efficacy and efficiency of the proposed protocol.(4) We propose a safe and security classification protocol in tiered sensor networks:SSC, which enable storage nodes to process classification correctly without knowing both the value of classifying rules and the data which will be classified. To protect privacy, we propose an oblivious comparison technique:MHash, which enable storage nodes to compare data items from sink and sensors without knowing their values. Based on MHash and prefix membership verification technique, we achieve classification target in protecting the privacy of both sensor collected data and sink issued classification rules. To verify the correctness of the classification results, we propose a crossed neighborhood technique, which organize sensors and data items in one sensor in sequences, to allow sink checking the correctness of sampling classification results. Analysis and experimental results validate the efficacy and efficiency of SSC protocol.(5) Base on the research work mentioned above, we design and implement a prototype which offers the following functions:privacy and integrity preserving range query, privacy and integrity preserving Top-k query, privacy preserving conditional data aggregation and safe and security classification. This prototype is also helpful for our later research work.