ISSN ONLINE(2320-9801) PRINT (2320-9798)

All submissions of the EM system will be redirected to Online Manuscript Submission System. Authors are requested to submit articles directly to Online Manuscript Submission System of respective journal.

Improved Client Data Security with Aggregated Query Using CDAMA

Ms.S.Kanimozhi1, Mrs.K.Makanyadevi2
  1. PG Scholar, Department of CSE, M.Kumarasamy College of Engineering, Karur, Tamilnadu, India
  2. Assistant Professor, Department of CSE, M.Kumarasamy College of Engineering, Karur, Tamilnadu, India
Related article at Pubmed, Scholar Google

Visit for more related articles at International Journal of Innovative Research in Computer and Communication Engineering

Abstract

- One of the major problems in data mining is security. In the existing framework implementation was done in wireless sensor network. Existing system provides three contributions: 1. it is designed for multi-application environment, 2. it mitigates the impact of compromising attacks in single application environments and 3. it degrades the damage from the unauthorized aggregations. The two drawbacks in this scheme are, this CDAMA technique cannot be used for Database as a Service model and compromising the secret keys in sensor are very easy. In the proposed framework, Database as a Service model can be implemented through the bucketization algorithm and in the existing framework as sensors are easily compromised the secret keys are not secured whereas in the proposed framework trusted service providers are used to secure the secret keys. So the security level is increased in the proposed system when compared with the existing system.

Keywords

Concealed data aggregation for multiple application, bucketization algorithm, wireless sensor networks, Database as a Service model, trusted service provider.

INTRODUCTION

Wireless sensor networks (WSNs) consist of thousands of sensor nodes (SN) that gather data from deployed environments. Currently, there are plenty of rich applications proposed for WSNs, such as environment monitoring, accident reporting, and military investigation. Depending on the purpose of each application, SN is customized to read different kinds of data. SN is restricted by the resources due to limited computational power and low battery supply; thus, energy saving technologies must be considered when I design the protocols. For better energy utilization, cluster-based WSNs [2] have been proposed. In cluster-based WSNs, SN resident in nearby area would form a cluster and select one among them to be their cluster head (CH).
The CH organizes data pieces received from SN into an aggregated result, and then forwards the result to the base station based on regular routing paths. Generally, aggregative operations are algebraic, such as the addition or multiplication of received data, or statistical operation, such as a median, a minimum, or a maximum of a data set. Although data aggregation could significantly reduce transmission, it is vulnerable to some attacks. For instance, compromising a CH will allow adversaries to forge aggregated results as similar as compromising all its cluster members. To solve this problem, several studies, such as the delay aggregation, SIA, ESPDA, and SRDA have been proposed.
An alternative approach for this problem is to aggregate encrypted messages directly from SN, thereby avoiding the forgery of aggregated result. Since CHs are not capable of encrypting messages, compromising a CH earns nothing in forging aggregated results. Based on this concept, Wu et al. gave the proposal to allow CHs to classify encrypted data without decrypting them. The proposed scheme, called CDAMA, provides CDA for multiple groups. Basically, CDAMA is a modification from Boneh et al.’s PH scheme. Here, It also suppose three practical application scenarios for CDAMA, all of which can be realized by only CDAMA.
The last scenario is designed for secure counting capability. In previous schemes, the base station does not know how many messages are aggregated from the decrypted aggregated result; leaking count knowledge will suffer maliciously selective aggregation and repeated aggregation. In CDAMA, the base station exactly knows the number of messages aggregated to avoid above attacks.

II. RELATED WORKS

A novel framework was designed by Bartosz przydatek et al (2003) for secure information aggregation in large sensor networks. In our framework certain nodes in the sensor network, called aggregators, help aggregating information requested by a query, which substantially reduces the communication overhead. By constructing efficient random sampling mechanisms and interactive proofs, enable the user to verify that the astir given by the aggregator is a good approximation of the true value even when the aggregator and a fraction of the sensor nodes are corrupted. In particular, it present efficient protocols for secure computation of the median and the average of the measurements, for the estimation of the network size, and for finding the minimum and maximum sensor reading. Our protocols require only sub linear communication between the aggregator and the user.
Wireless Sensor Network (WSN) is an emerging technology is designed by A. Perrig et al (2004) that show great promise for various futuristic applications both for mass public and military. The sensing technology combined with processing poitr and wireless communication makes it lucrative for being exploited in abundance in future. The inclusion of wireless communication technology also incurs various types of security threats. The intent of this paper is to investigate the security related issues and challenges in wireless sensor networks.
A protocol was designed by Lingxuan Hu et al (2003) that provide a secure aggregation mechanism for wireless networks that is resilient to both intruder devices and single device key compromises. Our protocol is designed to work within the computation, memory and poitr consumption limits of inexpensive sensor devices, but takes advantage of the properties of wireless networking, as it will act as the pointer asymmetry to the devices and the base station.
Data aggregation in wireless sensor networks was designed by H.O. Sanli et al (2006) in eliminates redundancy to improve bandwidth utilization and energy-efficiency of sensor nodes. This paper presents a secure energy-efficient data aggregation protocol called ESPDA (Energy-Efficient Secure Pattern based Data Aggregation). Unlike conventional data aggregation techniques, ESPDA prevents the redundant data transmission from sensor nodes to cluster-heads. If sensor nodes sense the same data, ESPDA first puts all but one of them into sleep mode and generate pattern codes to represent the characteristics of data sensed by sensor nodes.
SRDA is designed by Hasan Cam in 2004 establishes secure connectivity among sensor nodes by taking advantage of deployment estimation and not performing any online key distribution. The incremental security requirement due to the nature of the data aggregation process is met by an aggregation specific security technique. Simulation results show that SRDA yields significant savings in the energy consumption while preserving the data security. YongKong Du was designed by 2004 in a classifier, an intermediate sensor node in our setting, is embedded with a set of searching keywords in encrypted format. Upon receiving an encrypted message, it matches the message with the keywords and then processes the message based on certain policies such as forwarding the original message to the next hop, updating it and forwarding or simply dropping it on detecting duplicates.
Routing in wireless sensor networks is designed by Mithun Acharya (2006) in commonsense mobile ad-hoc networks. It mainly needs to support reverse multicast traffic to one particular destination in a multihop manner. For such a communication pattern, end-to-end encryption is a challenging problem. To save the overall energy resources of the network, sensed data needs to be consolidated and aggregated on its way to the final destination. It present an approach that 1) conceals sensed data end-to-end by 2) still providing efficient and flexible in-network data aggregation. The aggregating intermediate nodes are not required to operate on the sensed plaintext data. It apply a particular class of encryption transformations and discuss techniques for computing the aggregation functions “average” and “movement detection.”

III. OVERVIEW

In the proposed system a new concealed data aggregation scheme extended from Boneh et al.’s homomorphism public encryption system. The proposed scheme has three contributions. First, it is designed for a multi-application environment. The base station extracts application-specific data from aggregated cipher texts. Next, it mitigates the impact of compromising attacks in single application environments. Finally, it degrades the damage from unauthorized aggregations.
• These three applications that are realized by only CDAMA multi group construction.
• WSN Aggregation Model
• Concealed Data Aggregation
• Aggregation with Secure Counting
• Database as a Service Model for CDAMA
• Trusted Service Provider
• Secured Client Data Bucketized Aggregation

WSN AGGREGATION MODEL

In WSNs, SN collect information from deployed environments and forward the information back to base station (BS) via multihop transmission based on a tree or a cluster topology. The accumulated transmission carries large energy cost for intermediate nodes. To increase the lifetime, tree-based or cluster networks force the intermediate nodes.
The multi-application WSNs, the scenario of a single application is more commonly discussed in WSNs. However, the scenario of multiple applications working concurrently is more realistic in most cases. Study indicates that deploying multiple applications in a shared WSN can reduce the system cost and improve system flexibility. The reason is because an SN supports multiple applications and can be assigned to different applications dynamically.
To maintain data privacy and reduce the communication overhead, sensed reading should be encrypted by SNs and the corresponding cipher texts must be aggregated. The solution satisfying this requirement has already been proposed, called CDA. Even if aggregation on cipher texts is possible, aggregation of multi-application is still hard because the decryption cannot extract application-specific aggregated result from a mixed cipher text.

CONCEALED DATA AGGREGATION

Interestingly, applying CDAMA to the conventional aggregation model can mitigate the impact from compromising attacks. Each group could be assigned a distinct group public key. Once an adversary compromised a SN in group A; it only reveals PKA, not PKB. Since the adversary can only forge messages in group A, not group B, the SNs in group B can still communicate safely
CDAMA assigns every node for its own group, resulting in the strongest security CDAMA ever offered. However, this is impractical because the size of cipher text becomes extremely large when it construct groups with a huge group number. Thus, assigning a reasonable number of groups for a single application not only keeps the overhead acceptable but also mitigates the impact of compromising attacks.

AGGREGATION WITH SECURE COUNTING

An asymmetric CDA schemes is that an AG can manipulate aggregated results without encryption capability. An AG is able to increase the value of aggregated result by aggregating the same cipher text of sensed reading repeatedly, or decrease the value by selective aggregation. Since the BS does not know the exact number of ciphertexts aggregated, repeated or selective aggregation may happen. To avoid this problem, it adopt CDAMA (k ¼ 2) scheme to provide secure counting for single application case, i.e., the BS exactly knows how many sensed readings are aggregated while it receives the final result. The BS obtains the aggregated result M and its count.
If a malicious AG launches unauthorized aggregations, such as repeated or selective aggregation, s value would be changed to a bigger or smaller value than the reference. Since the AG does not know the base points P and Q, unauthorized aggregations have to alter the values M simultaneously; it is impossible to alter M without changing. Meanwhile, the BS knows the number of deployed sensors through gathering topology information; the BS can detect unauthorized aggregation.

DATABASE AS A SERVICE MODEL FOR CDAMA

DAS involves clients outsourcing their private databases to database service providers (servers) who offer storage facilities and necessary expertise. Clients, in general, do not trust service providers with the contents of their databases and, therefore, store the databases in encrypted format. The central challenge is how to enable a UN trusted service provider to run SQL-style queries over encrypted data.
It proposes a very simple alternative for handling aggregation queries at the server, which does not involve homomorphic encryption functions. It further describes the protocols for formulating and executing queries as itll as updating encrypted tuples.

TRUSTED SERVICE PROVIDER

DAS model involves bucketizing (partitioning) attributes upon which range queries will be based. This involves dividing the range of values in the specific domains of the attribute into buckets and providing explicit labels for each partition. These bucket labels are then stored along with the encrypted tuples at the server. Based on the same bucketization strategy, the follow-on work in addresses aggregation queries in DAS by proposing the use of a particular homomorphic encryption function. In general, homomorphic encryption is a technique that allows entities who only possess encrypted values (but no decryption keys) to perform certain arithmetic operations directly over these values.

SECURED CLIENT DATA BUCKETIZED AGGREGATION

In contrast, equi-depth bucketization attempts to avoid this problem by having each bucket contain the same number of items, thereby hiding the actual distribution of values. The downside of this approach is that, in the presence of frequent database updates, the equi-depth partition needs to be adjusted periodically. This requires additional (and nontrivial) interaction between the server and the client (database owner).
Bucketization has an unavoidable side-effect of privacy loss since labels (bucket id-s) disclose some information about the clear text. Unless there are as many buckets as there are distinct values in the domain of an attribute, some statistical information about the underlying data is disclosed through bucket id-s.

IV. PERFORMANCE ANALYSIS

Data aggregation can reduce the communication effectively; sensors must pay higher computation cost for encryption and aggregation. To argue with this point, we estimate the performance gain from the whole WSN based on CDAMA.
Fig 4.1 CDAMA is several thousand times greater than that in DFS because the encryption cost of CDAMA is significantly greater than the cost of AES. For an AG, the communication overhead in DFS is increased tenfold whenever the AG reaches to the next layer, whereas the communication overhead in CDAMA are all kept the same. The reason for this is because the i th layer AG must forward 10i messages in DFS but only 10 messages in CDAMA. For a forwarder, the main energy consumption depends on transmission; therefore, CDAMA allows the forwarder to spend only 1 percent of transmission cost in DFS.
The CDAMA is Comparison between Encrypt Decrypt Overhead and Mixed Data Aggregation Cost is DFS is high level and CDAMA is low level position. In DFS, a leaf node encrypts its sensed reading by symmetric encryption schemes and forwards the cipher text to its parent AG. AGs and forwarders just transmit the received data without any innetwork processing. Both schemes (rather than hop-by-hop aggregation) provide end-to-end security, thereby avoiding the forgery of aggregated result.

V. CONCLUSION

CDAMA, the ciphertexts from distinct applications can be aggregated, but not mixed. For a single-application environment, CDAMA is still more secure than other CDA schemes. When compromising attacks occur in WSNs, Finally, the performance evaluation shows that CDAMA is applicable on WSNs while the number of groups or applications is not large.
CDAMA to realize aggregation query in Database-As-a-Service (DAS) model. In DAS model, a client stores her database on a UN trusted service provider. Therefore, the client has to secure their database through PH schemes because PH schemes keep utilizable properties than standard ciphers. Based on PH schemes, the provider can conduct aggregation queries without decryption. The most important of all is that it do not have to consider the computation cost and the impact of compromising secret keys.
 

Figures at a glance

Figure 1 Figure 2 Figure 3 Figure 4
Figure 1 Figure 2 Figure 3 Figure 4
 

References