Location Privacy in Sensor Networks Against a Global Eavesdropper

“…This is in contrast with earlier work, where a set of fake sources is chosen at deployment time, is known a priori or requires network-wide knowledge to generate [7]. Note that, ideally, for maximum privacy, every node apart from the real source needs to be a fake source [13]. However, such an approach is not energy-efficient.…”

“…For example, Mehta et al [13] assume that an attacker has a small wireless network of his own that can capture messages and shows how the location of source nodes can be inferred once messages have been intercepted. In another work, Kamath et al [8] presented an approach that used triangulation to locate targets.…”

“…However, current algorithms that are based on the fake source technique are of limited relevance, since they make a number of assumptions which limit their practicality. For example, (i) fake sources are often known a priori or arbitrarily chosen [13], (ii) fake sources are selected based on a prohibitively expensive pre-configuration phase or the need to have network-wide knowledge [7], (iii) no common attacker model is adopted, making it is difficult to understand the efficiency of proposed algorithms [7] [13] [10], and (iv) there is a lack of results demonstrating the level of privacy that can be afforded by the fake source technique.…”

On the Use of Fake Sources for Source Location Privacy: Trade-Offs Between Energy and Privacy

“…This is in contrast with earlier work, where a set of fake sources is chosen at deployment time, is known a priori or requires network-wide knowledge to generate [7]. Note that, ideally, for maximum privacy, every node apart from the real source needs to be a fake source [13]. However, such an approach is not energy-efficient.…”

“…For example, Mehta et al [13] assume that an attacker has a small wireless network of his own that can capture messages and shows how the location of source nodes can be inferred once messages have been intercepted. In another work, Kamath et al [8] presented an approach that used triangulation to locate targets.…”

“…However, current algorithms that are based on the fake source technique are of limited relevance, since they make a number of assumptions which limit their practicality. For example, (i) fake sources are often known a priori or arbitrarily chosen [13], (ii) fake sources are selected based on a prohibitively expensive pre-configuration phase or the need to have network-wide knowledge [7], (iii) no common attacker model is adopted, making it is difficult to understand the efficiency of proposed algorithms [7] [13] [10], and (iv) there is a lack of results demonstrating the level of privacy that can be afforded by the fake source technique.…”

On the Use of Fake Sources for Source Location Privacy: Trade-Offs Between Energy and Privacy

“…With the collected network-wide traffic, the attacker can conduct traffic analysis to identify the potentially real sources. Under such a strong attack model, the corresponding countermeasures focus on making all sensors [4], [5], [6], [7] or k sensors [4] transmit (dummy) messages at the same or similar pattern to disguise the real source location. In general, such approaches are more robust to traffic analysis, at the cost of higher message overhead.…”

“…Recently, a passive global attack model has been studied [4], [5], [6], [7], where the attacker is assumed to be capable of monitoring all the network traffic by either deploying simple sensors covering the network or employing powerful site surveillance devices with hearing range no less than the network radius. With the collected network-wide traffic, the attacker can conduct traffic analysis to identify the potentially real sources.…”

An Active Global Attack Model for Sensor Source Location Privacy: Analysis and Countermeasures

Protecting source–location privacy based on multirings in wireless sensor networks