Panda lacotion
Transcript of Panda lacotion
1
Enhancing Source-Location Privacy in Sensor Network Routing
P. Kamat, Y. Zhang, W. Trappe and C. OzturkProceedings of the 25th IEEE Int. Conference on Distributed Computing Systems
Rutgers University
Matthew Sanderson
2
Presentation Outline Introduction to issue Panda vs Hunter Techniques for Stationary Sources
Routing Protocols Performance Comparison Improvement for privacy.
(Briefly) Mobile Sources Related/Future Work Conclusion Questions
3
The issue is privacy.
“Guarantee that information is observable or decipherable by only those who are intentionally meant to observe or decipher it.”
Two broad categories: content-oriented context-oriented
4
Content-oriented Security/Privacy
Security of the contents of messages.
Cryptographic methods.
5
Contextual Privacy
Deals with context in which the sensor application works.
In this case: location Not as thoroughly
researched. What this paper covers.
6
Source-location Privacy
Privacy of the node sending the initial message.
Two metrics: safety period – how long until the node is
discovered capture likelihood – how likely it will get discovered
7
Accomplishing source-location privacy
Look at popular routing techniques. Augment these techniques with a new approach. Energy consumption still important.
8
Panda-Hunter Game Model Scenario
Panda-Hunter Game: A sensor network has been
deployed to monitor a panda habitat.
Sensors send Panda_Here messages
Messages are forwarded to a data sink.
The hunter observes packets and traces his way back to the panda.
Privacy Goal: Increase the time needed for an adversary to track and capture the panda (safety period).
Data Sink
Sensor Node
Slide source: Wenyuan Xu
9
Additional Game Setup Issues
One panda – one source
Additional Goal: deliver messages to base station.
Concern: energy usage.
Data Sink
Sensor Node
10
The Hunter
Non-malicious – does not interfere with network
Device-rich – has devices to measure angle of arriving message
Resource-rich – move at any rate and unlimited power
Informed – knows how the network works
11
How the hunter gets each message.
Two primary routing techniques. Flooding Single-path
New approach: Phantom Routing.
12
Routing Techniques - Flooding
Flooding-based: source sends the message to all its neighbors, who in turn do the same.
If node has received it already, the node discards it.
Performance drawbacks, but easy implementation.
13
Probabilistic Flooding Like flooding, but with a
probability. When a node receives a
message, it randomly generates a number uniformly distributed between 0 and 1.
If # < forwarding probability, it sends, otherwise, it doesn't.
14
Single-Path Routing
Instead of sending out to all neighbors, single-path sends out to one or a small subset of neighbors.
Usually require extra hardware or a pre-configuration phase.
Data Sink
Sensor Node
15
How well do they work?
16
Performance Comparison cont.
17
Privacy of Routing Techniques
Problems with single-path and flooding Single-path reduces energy, but poor at protecting source-
location privacy. Flooding isn't any better, because the shortest-path is still
contained within the flood. Probabilistic flooding helps – higher safety period, but at the cost
of delivery ratio. There is room for improvement.
Maybe trick the hunter?
18
Routing with Fake Sources
Idea: inject fake messages to throw off hunter.
Multiple ways this can be done. Short-lived – similar to
probabilistic flooding.
19
Persistent Fake Source
Short-lived fake sources can only draw the hunter away momentarily.
A persistent fake source is more effective, but requires a global overview of network.
Source sends its hop count to sink – sink instigates a fake source at a node with the same hop count in the opposite direction.
Works best when fake source sends at higher rate than real source, but requires large energy budget.
20
Problem with Fake Sources: Perceptive Hunter
Recall the assumptions on our hunter – he's informed. Once he realizes the fake source, he knows which
direction to go for the real source.
We need a new approach.
21
Phantom Routing
Idea: entice hunter to phantom instead of source.
Has two phases: Random walk phase Flood/Single-path
phase
22
Types of Random Walk
Sector-based – requires knowledge of landmark nodes to send message away from source.
Hop-based – requires knowledge of the hop count from each node to the base station.
23
Phantom Routing Performance Can significantly improve
the safety period. Higher the hopcount,
higher the safety period. Also increases latency
(Random walk of 20: 30% increase = 4x privacy).
24
Possible Counter: Cautious Hunter
Since the phantom routing may leave the hunter stranded, after some time, the cautious hunter may go back.
No benefit – no progress made by hunter. Better to be patient.
25
Mobile Source Need to rethink entire
process again.
Depends on panda's movement pattern and velocity.
26
Panda Velocity
More profound on single-path routing, as subsequent route may have little overlap compared to flooding.
Panda's speed with single-path is protection enough.
Improves privacy of phantom routing.
27
Hunter's Range
Not so surprising, if the hunter's hearing range is increased, the hunter is more effective.
28
Related/Future Material
Entrapping Adversaries for Source Protection in Sensor Networks Yi Ouyang, Zhengyi Le, Guanling Chen, James Ford, Fillia Makedon – Dartmouth College
Preserving Source Location Privacy in Monitoring-based Wireless Sensor Networks
Yong Xi, Loren Schwiebert, Weisong Shi – Wayne State University
Location Privacy in Sensor Networks Against a Global Eavesdropper Kiran Mehta, Donggang Liu, Matthew Wright – University of Texas at Arlington
29
Conclusion
The panda-hunter game is somewhat contrived. Does a great job at visualizing concept.
Concept is simple and effective. Source-location privacy for sensor networks seems to be
a minor issue. I'm willing to admit I'm wrong here. Come up with some examples.
30
Questions?
?