Network Coding Based Privacy Preservation against
Traffic Analysis in Multi-Hop Wireless Networks
Privacy threat is one of the critical issues in multihop wireless networks, where attacks such as traffic analysis and flow tracing can be easily launched by a malicious adversary due to the open wireless medium. Network coding has the potential to thwart these attacks since the coding/mixing operation is encouraged at intermediate nodes. However, the simple deployment of network coding cannot achieve the goal once enough packets are collected by the adversaries. On the other hand, the coding/mixing nature precludes the feasibility of employing the existing privacy-preserving techniques, such as Onion Routing. In this paper, we propose a novel network coding based privacy-preserving scheme against traffic analysis in multihop wireless networks. With homomorphic encryption, the proposed scheme offers two significant privacy-preserving features, packet flow untraceability and message content confidentiality, for efficiently thwarting the traffic analysis attacks. Moreover, the proposed scheme keeps the random coding feature. Theoretical analysis and simulative evaluation demonstrate the validity and efficiency of the proposed scheme.
Due to the open wireless medium, MWNs are susceptible to various attacks, such as eavesdropping, data modification/injection, and node compromising. These attacks may breach the security of MWNs, including confidentiality, integrity, and authenticity.
Disadvantages of Existing System:
v It is very challenging to efficiently thwart traffic analysis/ flow tracing attacks and provide privacy protection in MWNs.
v Existing privacy-preserving solutions, such as proxy based schemes may either require a series of trusted forwarding proxies or result in severe performance degradation in practice.
v However, they still suffer inherent shortcomings such as limited radio coverage, poor system reliability, and lack of security and privacy.
In this paper, we focus on the privacy issue, i.e., how to prevent traffic analysis/flow tracing and achieve source anonymity in MWNs. Another example is the event reporting in wireless sensor networks, where flow tracing can help attackers to identify the location of concerned events, e.g., the appearance of an endangered animal in a monitored area, and then take subsequent actions to capture or kill the animals. Among all privacy properties, source anonymity is of special interest in MWNs. Source anonymity refers to communicating through a network without revealing the identity or location of source nodes.
Advantages of Proposed system:
In addition, some advanced attacks, such as traffic analysis and flow tracing, can also be launched by a malicious adversary to compromise users’ privacy, including source anonymity and traffic secrecy.
1. Attackers Modules.
2. Homomorphic Encryption Functions.
3. Threat models.
4. Enhanced Privacy against traffic analysis and flow tracing.
5. Security Analysis.
1. Attackers Modules:
The appearance of an endangered animal (Attackers) in a monitored area is survived by wireless sensor, at the each time the inside and outside sensors are sensing to find out the attackers location and the timing. This information is passed to the server for analyzing. After analyzing the commander and Hunter they are also can participate this wireless network. In the commander and hunter itself some intruders are there, our aim to capture the attackers before attempting the network.
2. Homomorphic Encryption Functions:
We used the homomorphic encryption function is highly efficiency and securable. In the Commander process, we using this for each packet encryption .Due to the Homomorphism of HEFs, message recoding at intermediate nodes can be directly performed on encrypted and encoded messages, without knowing the decryption keys or performing expensive decryption operations on each incoming packet. The performance evaluation on computational complexity demonstrates the efficiency of the proposed scheme. Homomorphic Encryption Functions (HEFs) have the property of homomorphism, which means operations on plaintext can be performed by operating on corresponding cipher text.
3. Threat models:
We consider the following two attack models.
Outside Attacker: An outside attacker can be considered as a global passive eavesdropper who has the ability to observe all network links, as shown in Fig. 3 (a). An outside attacker can examine the tags and message content, and thus link outgoing packets with incoming packets. Further, even if end-to-end encryption is applied to messages at a higher layer, it is still possible for a global outside attacker to trace packets by analyzing and comparing the message cipher text.
Inside attacker: An inside attacker may compromise several intermediate nodes, as shown in Fig. 3 (b). Link-to -link encryption is vulnerable to inside attackers since they may already have obtained the decryption keys and thus the message plaintext can be easily recovered. Both inside and outside attackers may perform more advanced traffic analysis/flow tracing techniques, including size correlation, time correlation, and message content correlation.
4. Enhanced Privacy against traffic analysis and flow tracing:
With the employment of HEFs, the confidentiality of GEVs is effectively guaranteed, making it difficult for attackers to recover the plaintext. Unlike other packet-forwarding systems, network coding allows intermediate nodes to perform computation on incoming messages, making outgoing messages be the mixture of incoming ones. Flow tracing in the sense of the report about the alerting sensor.
5. Security Analysis:
The generation number of a packet can be hidden in the secure routing scheme through link-to-link encryption. In this way, attackers cannot find the generation number of a packet for their further analysis. Notice that secure routing paths are only required to be established at the beginning of each session; during the packet transmission, secure routing paths are not required to change or re-established for each new generation.
Homomorphic encryption algorithm.
We will take the the encryption method when necessary. Note that the computational overhead is counted independent of the underlying network coding framework. Actually, the scalar multiplicatively can be deduced from the addictively, since ???(?????? ⋅ ??????) = ??????(Σ????????????=1 ??????). Where the addition on plaintext can be achieved by performing a multiplicative operation on the corresponding cipher text, i.e., ??????(??????1 + ??????2) = ??????(??????1) ⋅ ??????(??????2). Further, the following two equations can be easily derived:
??????(?????? ⋅ ??????) = ????????????(??????) ??????(Σ?????? ???????????? ⋅ ????????????) =Π?????? ?????????????????? (????????????)
• System : Pentium IV 2.4 GHz.
• Hard Disk : 40 GB.
• Floppy Drive : 1.44 Mb.
• Monitor : 15 VGA Colour.
• Mouse : Logitech.
• Ram : 512 Mb.
• Operating system : - Windows XP.
• Coding Language : C#.Net.
• Data Base : SQL Server 2005
Yanfei Fan, Yixin Jiang, Haojin Zhu, Jiming Chen and Xuemin Shen, “Network Coding based Privacy Preservation against Traffic Analysis in Multi-Hop Wireless Networks”, IEEE Transactions on Wireless Communications, Vol. 10, NO.3, March 2011.