Location Privacy In Sensor Networks Against A Global Eavesdropper
Abstract
While many protocols for sensor network security provide con dentiality for
the content of messages, contextual information usually remains exposed. Such contextual
information can be exploited by an adversary to derive sensitive information
such as the locations of monitored objects and data sinks in the eld. Attacks on
these components can signi cantly undermine network applications. The existing
techniques defend the leakage of location information only from an adversary who
sees only local network tra c. However, a stronger adversary, the global eavesdrop-
per, is realistic and can defeat all existing techniques. This paper rst formalizes
the location privacy issues in sensor networks under this strong adversary model and
computes a lower bound on the communication overhead needed for achieving a certain
level of location privacy. The paper then proposes two techniques to provide
location privacy for monitored objects (source location privacy): periodic collection
and source simulation, and two techniques to provide location privacy for data sinks
(destination location privacy): destination simulation and backbone
ooding. These
techniques provide trade-o s between privacy, communication cost, and latency. The analysis and simulation demonstrate that the proposed techniques are e cient and
e ective for source and destination location privacy in sensor networks.