Set Difference Attacks in Wireless Sensor Networks

We show that existing proposed mechanisms for preserving the privacy of reported data values in wireless sensor networks are vulnerable against a simple and practical form of attack: the set difference attack. These attacks are particularly effective where a number of separate applications are running in a given network, but are not limited to this case. We demonstrate the feasibility of these attacks and assert that they cannot, in general, be avoided whilst maintaining absolute accuracy of sensed data. As an implication of this, we suggest a mechanism based on perturbation of sensor results whereby these attacks can be partially mitigated.

[1]  Xue Liu,et al.  PDA: Privacy-Preserving Data Aggregation in Wireless Sensor Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[2]  Gene Tsudik,et al.  Mixing E-mail with Babel , 1996, Proceedings of Internet Society Symposium on Network and Distributed Systems Security.

[3]  P. Erd6s ON A CLASSICAL PROBLEM OF PROBABILITY THEORY b , 2001 .

[4]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[5]  Cecilia Mascolo,et al.  SenShare: Transforming Sensor Networks into Multi-application Sensing Infrastructures , 2012, EWSN.

[6]  Timoleon Kosmides,et al.  The legal nature of the controller's civil liability according to art. 23 of Directive 95/46 EC (Data Protection Directive) , 2013 .

[7]  Biswanath Mukherjee,et al.  Wireless sensor network survey , 2008, Comput. Networks.

[8]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[9]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[10]  Suman Nath,et al.  Differentially private aggregation of distributed time-series with transformation and encryption , 2010, SIGMOD Conference.

[11]  Ian Walden,et al.  The EC data protection directive , 1990, Comput. Law Secur. Rev..

[12]  Tarek F. Abdelzaher,et al.  PoolView: stream privacy for grassroots participatory sensing , 2008, SenSys '08.

[13]  Peter J. Denning,et al.  The tracker: a threat to statistical database security , 1979, TODS.

[14]  Steven J. Murdoch,et al.  Hot or not: revealing hidden services by their clock skew , 2006, CCS '06.

[15]  K. Nahrstedt,et al.  iPDA: An integrity-protecting private data aggregation scheme for wireless sensor networks , 2008, MILCOM 2008 - 2008 IEEE Military Communications Conference.

[16]  Wouter Joosen,et al.  Federated and Shared Use of Sensor Networks through Security Middleware , 2009, 2009 Sixth International Conference on Information Technology: New Generations.

[17]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[18]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .