ORIOT: A Source Location Privacy System for Resource Constrained IoT Devices

Privacy and Security are one of the major research topics regarding the Internet of Things (IoT). Due to the vast amount of devices collecting and processing sensitive data, anonymity and privacy mechanism are needed. Source Location Privacy (SLP) plays a key role in prohibiting adversaries from tracing back this kind of data to its origin. In this paper we propose a SLP preserving system that leverages techniques from the well established Onion Routing paradigm. The system is specifically designed for resource constrained IoT devices, i.e., devices lacking computing power. It features combined encryption schemes and symmetric key exchanges via Elliptic-Curve Diffie- Hellman (ECDH). Our performance measurements, conducted on typical resource constrained IoT devices, show the feasibility of ORIOT and facilitate the integration into existing or planned IoT systems, depending on SLP features.

[1]  K. Wehrle,et al.  Core : A Peer-To-Peer Based Connectionless Onion Router , 2006 .

[2]  Kian-Lee Tan,et al.  CASTLE: Continuously Anonymizing Data Streams , 2011, IEEE Transactions on Dependable and Secure Computing.

[3]  Tzonelih Hwang,et al.  Untraceable Sensor Movement in Distributed IoT Infrastructure , 2015, IEEE Sensors Journal.

[4]  Jörg Daubert,et al.  A view on privacy & trust in IoT , 2015, 2015 IEEE International Conference on Communication Workshop (ICCW).

[5]  Davar Pishva,et al.  A TOR-based anonymous communication approach to secure smart home appliances , 2015, 2015 17th International Conference on Advanced Communication Technology (ICACT).

[6]  Peter Friess,et al.  Internet of Things: Converging Technologies for Smart Environments and Integrated Ecosystems , 2013 .

[7]  Sylvia L. Osborn,et al.  FAANST: Fast Anonymizing Algorithm for Numerical Streaming DaTa , 2010, DPM/SETOP.

[8]  Jiafu Wan,et al.  Security in the Internet of Things: A Review , 2012, 2012 International Conference on Computer Science and Electronics Engineering.

[9]  Fang Liu,et al.  A Clustering k-Anonymity Privacy-Preserving Method for Wearable IoT Devices , 2018, Secur. Commun. Networks.

[10]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[11]  George Moldovan,et al.  Group-Based Anonymous On-Demand Routing Protocol for Resource-Restricted Mobile Ad Hoc Networks , 2013, ADHOC-NOW.

[12]  Hamid Mala,et al.  A new lightweight authentication and key agreement protocol for Internet of Things , 2016, 2016 13th International Iranian Society of Cryptology Conference on Information Security and Cryptology (ISCISC).

[13]  Muhammad Waseem,et al.  A Critical Analysis on the Security Concerns of Internet of Things (IoT) , 2015 .

[14]  Max Mühlhäuser,et al.  End-2-End privacy architecture for IoT , 2015, 2015 IEEE Conference on Communications and Network Security (CNS).

[15]  Keshav P. Dahal,et al.  Toward Anonymizing IoT Data Streams via Partitioning , 2016, 2016 IEEE 13th International Conference on Mobile Ad Hoc and Sensor Systems (MASS).

[16]  Liang Zhang,et al.  Organizational memory: reducing source-sink distance , 1997, Proceedings of the Thirtieth Hawaii International Conference on System Sciences.

[17]  Seokjoo Shin,et al.  Strategic Location-Based Random Routing for Source Location Privacy in Wireless Sensor Networks , 2018, Sensors.

[18]  Paolo Palmieri,et al.  An Anonymous Inter-Network RoutingProtocol for the Internet of Things , 2017, J. Cyber Secur. Mobil..

[19]  Mohamed Abid,et al.  An efficient scheme for anonymous communication in IoT , 2015, 2015 11th International Conference on Information Assurance and Security (IAS).