Opportunistic Sensing:

1
Opportunistic Sensing

• Security Challenges for the New Paradigm

Apu Kapadia MIT Lincoln Laboratory
David Kotz Dartmouth College
Nikos Triandopoulos Boston University
Michael Betancourt UCF - EEL 6788 Dr. Turgut
2
Overview

• Introduction
• Urban Sensing Examples
• Applications Examples
• Security Challenges
•      a. Confidentiality and Privacy Issues    
  b. Integrity Issues     c. Availability
  Issues     d. Challenges in Participatory
  Sensing
• 5.  Conclusion

3
Introduction

• Opportunistic people centric sensing
• Small devices carried by people that sense
  information
• Direct or indirect relation to human activity
• Environmental conditions
• Advantages
• Leverage millions of devices
• No need to manually deploy
• Highly mobile and accessible
• Disadvantages
• High risks in security
• Data integrity

4
Urban Sensing Examples

• CarTel
• Maps traffic patterns
• BikeNet
• Bicycle network infrastructure
• CenceMe
• User activity social networking

CarTel Interface
BikeNet Interface
CenceMe Interface
5
Application Examples

• Urban data collection and processing
• Large scale online data collection
• Being able to locate lost objects
• Measuring the flow of bicycles in an urban center
• Environmental monitoring at the human level
•  Optimize energy usage for heating and cooling
•  Personal Environmental Impact Report

6
Security Challenges Overview

• Challenges
• Context privacy
• Anonymous tasking
• Anonymous data reporting
• Reliable data readings
• Data authenticity
• System integrity
• Preventing data suppression
• Participation
• Fairness

7
Confidentiality and Privacy IssuesContext Privacy

• Problems
• It is cumbersome for users to specify fine grain
  policies
• Once the data is on the server who can access the
  h/w
• Solutions
• Virtual walls
• Group settings in categories
• Only information outside the wall can be seen
• Faces
• Data changes according to who is viewing
• Future Research
• Determining what data can be used without being
  able to infer other data
• Grabbing only enough data for application purpose
  without sacrificing usability

8
Confidentiality and Privacy IssuesAnonymous
Tasking

• Problems
• By tasking specific users it is possible to gain
  personal information
• Determining reliability of participants could
  reduce anonymity
• Solutions
• Tasking Service
• Users download all tasks and selectively choose
  which to do
•  Attribute based authentication
• Users reveal only their attributes

9
Confidentiality and Privacy IssuesMasking Users'
Location

• Blind Tasking
• Transfer data to other nodes before uploading
• Overall routing structure must be protected
• Data needs to be encrypted to not be intercepted
• Hitchhiking
• Only include characteristics about location
• Disadvantageous for limited popularity
• Introduce blur and random jitter
• Decreases accuracy
• Amount of error needs to be constrained
•  Automatic Spatiotemporal Blurring
• Generalize location through large geographical
  tiles
• Only upload data when enough sets are available

10
Integrity IssuesReliable Data Storage

• Problems
• Any participant with an appropriately configured
  device can report falsified data
• Devices are controlled by users
• Incentives to mask private information
• Solutions
• Redundancy
• Task cloning
• Fixed sensor ground truth
• Game Theory
• Reputation based system

11
Integrity IssuesData Authenticity

• Problems
• Tampered data during transit
• Current schemes correspond to fixed sensors where
  there is a stable topological tree that spans
  sensors
• Solutions
• Cryptographoically enhanced error-correcting
  techniques
• Encrypted data that shows if it has been tampered
  with
• Group signatures
• Allows multiple groups to use a single verifying
  signature
• Cracked signatures and be redistributed without
  taking down the entire infrastructure

12
Integrity IssuesSystem Integrity

• Problems
• Tasks need to have their source verified
• Data received needs to be accurate and temporally
  relevant
• Solutions
• Task specific languages
• Secure crytographic states
• Provide topological, temporal and
  user-related parameters to validate the
  information received.

13
Availability IssuesPreventing Data Suppression

• Denial of Service (DoS) due to devices ignoring
  task requests
• Network availability of devices
• Data consuming applications could be killed by
  users
• If users are unable to control the data access,
  they are less likely to carry the device or
  permit tasks to be performed

Distributed DoS (DDoS) Attack
14
Availability IssuesParticipation

• Problems
• Users must have incentives to gain mass
  participation
• Difficult to convince giving away private
  information with little to no benefit
• Solutions
• Convenience is key to appeal
• Provide incentives that are compatible with
  users' needs and interests
• Privacy-aware hybrid payoff model
• Beneficial services vs privacy loss they
  experience

15
Availability IssuesFairness

• People centric applications provide direct
  benefits to users
• Users will try to cheat to gain better service
  for themselves
• Tasking others to complete their tasks
• Not contributing back to the community

BitTorrent Inc. Logo
Battlefield 2142 Cover Art
16
Challenges in Participatory Sensing

• Users are tasked and have to manually partake in
  gathering information
• Additional security challenges arise as the user
  may leak more information than the task specifies
• Taking a picture of a menu on a table
• Integrity becomes difficult as the user can
  fabricate sensor data or not provide the correct
  results of the task
• Ratings of a restaurant

4 Rivers Smokehouse Google User Review
17
Conclusion

• Opportunistic people centric sensing
• Most applications contain personal information
• Securing that information becomes key
• Providing a service that people would want to
  participate
• Keepings users data secure as to not be harmed
• Even obscuring the data may not be enough for
  complete anonymity
• Participatory sensing needs additional security
  thought
• Questions?