Sensor networks enable real-time gathering of large amounts of data that can be mined and analyzed for taking critical actions. As such, sensor networks are a key component of decision-making infrastructures. A critical issue in this context is the trustworthiness of the data being collected. Data integrity and quality decide the trustworthiness of data. Data integrity can be undermined not only because of errors by users, measurement devices and applications, but also because of malicious subjects who may inject inaccurate data with the goal of deceiving the data users. A fundamental tradeoff exists between data quality and the cost to gather and protect this data, e.g., in terms of sensor node energy. This project focuses on a multi-faceted solution to the problem of assessing integrity of data streams in sensor networks, taking into account cost and energy constraints. Key elements of the solution are: (a) a cyclic framework supporting the assessment of sensor data trustworthiness based on provenance, and sensor trustworthiness based on data that sensors provide; (b) strategies for continuously updating trust scores of sensor data and nodes; (c) a game-theoretic model to analyze and mitigate the risks due to active adversaries that try to undermine data integrity; (d) protocols for sensor network sleep/wake scheduling and routing that balance the data quality and energy efficiency tradeoff. The project also includes the development of tools for assessing data trustworthiness, and experimental evaluation of the system performance. The research has impact on healthcare, homeland security, and applications in several other domains.
Sensor networks are being increasingly deployed in numerous application domains ranging from monitoring the environment for pollution and earthquakes, to controlling automated systems such as manufacturing facilities and power plants. Because of their ability to continuously collect large amounts of data and stream them to applications, sensor networks represent a key component in decision-making infrastructures, enabling timely situation assessment and reaction. In this context, data trustworthiness is an important requirement. Users relying on sensor data for decision making and situation analysis must be given by the system some indication of how good these data are. One approach to assess data trustworthiness is based on data provenance. Here, data provenance refers to information documenting how data came to be in its current state-- which sensor originated it, how it was generated, and the manipulations it underwent since its creation. The goal of this project is to make sensor networks more secure and assess data trustworthiness without consuming excessive resources. Network bandwidth and sensor node energy are limited in sensor networks. The trustworthy data gathering process must thus be carefully designed to conserve energy and extend network lifetime. For example, in a sensor network for seismic monitoring or radiation level control in a nuclear plant, the lifetime of each sensor node significantly impacts the quality of surveillance. Previous work has considered network operations such as clustering, routing, time synchronization, and sleep/wake scheduling protocols in isolation, without investigating the fundamental tradeoffs between data provenance/data quality and cost in terms of energy consumption. Balancing these important tradeoffs was the focus of this project. We employ a comprehensive approach that securely and efficiently transmits provenance information, and uses provenance as well as other measurements to diagnose attacks and respond to them. To the best of our knowledge, our work is the first to bring data provenance -- which had been well-studied in the database world -- to the resource-constrained wireless sensor network environment and make it practical. We designed energy-efficient and secure data provenance transmission techniques for wireless sensor networks. Our techniques consider the limited bit budget available for encoding provenance information in wireless sensor networks. Additionally, we devised the first approach to address data trustworthiness assurance using game-theoretic models. Finally, we designed fine-grained attack diagnosis and response systems, and efficient data dissemination techniques for software patches that leverage network coding and collective acknowledgments. The project provided training for two dedicated graduate students and has also involved a number of undergraduate and graduate students and two postdoctoral researchers to varying degrees. We presented our work at major conferences and published it in top-tier journals. We communicated our results with a number of researchers, users, and vendors, including those who visited Purdue University to attend the Center for Education and Research for Internet Assurance and Security (CERIAS) symposiums.
