Abstract
Privacy-preserving data aggregation has been widely recognized as a key enabling functionality in wireless sensor networks to allow the base station to learn valuable statistics of the sensed data while protecting individual sensor node's data privacy. Existing privacy-preserving data aggregation schemes all target simple statistic functions such as SUM, COUNT, and MAX/MIN. In contrast, a quantile summary allows a base station to extract the phi-quantile for any 0 < phi < 1 of all the sensor readings in the network and can thus provide a more accurate characterization of the data distribution. Unfortunately, how to realize privacy-preserving quantile summary aggregation remains an open challenge. In this paper, we introduce the design and evaluation of PrivQSA, a novel privacy-preserving quantile summary aggregation scheme for wireless sensor networks, which enables efficient quantile summary aggregation while guaranteeing epsilon-Local Differential Privacy for individual sensors. Detailed simulation studies confirm the efficacy and efficiency of the proposed protocol.