共查询到20条相似文献,搜索用时 130 毫秒
1.
在无线传感器网络中,被俘获的恶意节点可以发动虚假数据注入攻击,即不断发布虚假数据耗尽网络资源,为应对此类型攻击需快速追踪定位到攻击节点,提出一种基于邻居节点信息的溯源追踪策略.在本策略中,每个节点保存两跳邻居节点信息,通过单向链密钥对发送数据包节点进行认证,避免了恶意节点伪造其他节点身份发送数据,相互通信的两个节点及其共同邻居节点记录接收到的数据包特征信息,当网络中存在虚假数据注入攻击时,因途中转发节点的邻居节点都存储有数据包的特征信息,Sink节点可以依据此类信息逐跳溯源追踪至攻击节点,因为利用了传感器节点的部分存储空间,本方法不需要收集大量攻击数据包便可定位攻击节点,同时,本方法的特性保证了溯源追踪过程不受路由变化的影响,更加健壮.理论分析和实验结果都表明该策略不仅能以较高的效率定位到恶意节点,而且能容忍路由的动态变化且能够应对合谋攻击. 相似文献
2.
虚假数据注入攻击是无线传感器网络的一种严重威胁,针对大多数虚假数据过滤方案没考虑节点身份攻击和中间节点被攻击者俘获的问题,提出了一种抗节点身份攻击的虚假数据过滤方案,方案不仅在数据转发过程中对转发的数据进行验证、过滤,同时对协作产生感知数据的节点的身份进行验证。安全性分析和性能评价表明,该方案不仅能抵抗各种攻击,而且在存储开销方面与其他方案相比,具有明显优势,并且随着数据包被转发跳数的增加,该方案的虚假数据过滤能力和能量节省也显著增加。 相似文献
3.
传感器网络遭受外来攻击时,节点会被注入大量虚假信息,在浪费通信资源的同时也会影响用户正常决策,干扰传感器网络安全运行。提出传感器网络多路虚假数据分层过滤方法。在网络部署完成后分配全局节点对应密钥,通过密集认证构建封闭区域,随后利用密钥确定簇内节点与验证节点的对应关系,转发需检测的数据包,判断其包含的节点码、哈希值以及MAC信息数量是否准确,最后使用sink节点对数据包做校对与丢弃,完成多路虚假数据分层过滤。仿真结果表明,所提方法虚假数据过滤效率高,节点能耗少,性能和鲁棒性均具有明显优势。 相似文献
4.
5.
6.
已有传感器网络中,过滤机制只能在转发过程中过滤虚假数据而无法过滤重复数据,且无法防范协同攻击.提出了一种基于单向哈希链的过滤方案HFS.在HFS中,节点在部署后将密钥和初始哈希值预分发给部分中间节点存储,每个数据包附带t个MAC和新鲜哈希值,转发节点同时对数据包中检测节点之间相对位置关系的合法性、MAC 和哈希值的正确性以及哈希值的新鲜性进行验证.理论分析及仿真实验结果表明,HFS 可同时过滤传感器网络中的虚假数据和重复数据,并能有效对抗协同攻击. 相似文献
7.
8.
基于部署前密钥分配的虚假数据过滤方案 总被引:1,自引:0,他引:1
针对传统虚假数据过滤方法无法过滤从非转发区域注入虚假数据的问题,提出了一种不依赖转发路径的过滤方案PFDF。在PFDF中,基于期望的密钥共享度灵活构建密钥池,在部署前进行密钥分发。理论分析及仿真实验表明,PFDF能有效防范非转发区域的虚假数据注入攻击,并具备较低的能量开销。 相似文献
9.
10.
虚假数据攻击不仅误导用户做出错误的决定,同时也耗尽了宝贵的网络资源。以往的过滤机制通常依赖于对偶密钥来进行数据认证,然而当一定数量的中转节点的密钥被妥协后,这类认证机制即失去效用。提出一种新的用于过滤虚假数据的鲁棒认证机制(robust authentication scheme,RAS),每个合法事件均被分成几个较小的事件块,节点利用基于单向哈希链的动态认证令牌技术及所预置的取自新密钥池的密钥对每个小事件块进行签名。在过滤阶段,中转节点将验证接收到的数据报告的真实性,并丢弃虚假的数据报告。从而,即使妥协节点拥有所有的签名密钥也无法伪造或篡改数据。理论分析与实验结果表明,RAS具有相对更高的过滤能力和安全性。 相似文献
11.
在车辆自组织网中,针对安全消息广播的有效覆盖及竞争冲突问题,本文提出了基于概率及退避等待的广播机制(VANET Broadcast Mechanism based on Probability and Backoff,VBM-PB). 该机制隶属于接受者机制,其复杂度低并且具有完全分布式计算特性. VBM-PB将车辆的地理位置信息和节点负载结合,计算各节点潜在的转发概率;构造概率转发函数并设计自适应退避等待方案,减少网络中数据包冗余、降低节点间数据发送冲突并保障消息覆盖率;利用超时重传机制确保消息发送的可靠性. 仿真表明,VBM-PB与经典的几种广播机制相比,在数据包渗透速度、转发节点所占比例以及消息传输时延上均具有更好的性能. 相似文献
12.
In this paper, we consider the issue of efficient broadcasting in mobile ad hoc networks (MANETs) using network coding and directional antennas. Network coding-based broadcasting focuses on reducing the number of transmissions each forwarding node performs in the multiple source/multiple message broadcast application, where each forwarding node combines some of the received messages for transmission. With the help of network coding, the total number of transmissions can be reduced compared to broadcasting using the same forwarding nodes without coding. We exploit the usage of directional antennas to network coding-based broadcasting to further reduce energy consumption. A node equipped with directional antennas can divide the omnidirectional transmission range into several sectors and turn some of them on for transmission. In the proposed scheme using a directional antenna, forwarding nodes selected locally only need to transmit broadcast messages, original or coded, to restricted sectors. We also study two extensions. The first extension applies network coding to both dynamic and static forwarding node selection approaches. In the second extension, we design two approaches for the single source/single message issue in the network coding-based broadcast application. Performance analysis via simulations on the proposed algorithms using a custom simulator and ns2 is presented. 相似文献
13.
In this paper, a fuzzy based distributed power aware routing scheme considering both energy and bandwidth constraints, especially for query driven applications in the asynchronous duty-cycled wireless sensor networks are devised. The proposed multi-constraint, multi-objective routing optimization approach under strict resource constraints guarantees reliability and fast data delivery along with efficient power management in spite of unreliable wireless links and limited power supply. In query driven applications, the request from the sink to the individual sensor node will be a broadcast message, whereas the individual sensor nodes replies back to sink as unicast messages. In the proposed work, the fuzzy approach and “A Star” algorithm are utilized for satisfying energy and bandwidth constraints to route the broadcast messages of the sink while querying all the sensor nodes in the network. Every node will be provided with a guidance list, which is used to decide the next best neighbor node with good route quality for forwarding the received multi-hop broadcast messages. The route quality of the every node is estimated with fuzzy rules based on the network parameters such as maximum remaining energy, minimum traffic load and better link quality to increase the network lifetime. The provision of overhearing the broadcast messages and acknowledgements within the transmission range minimizes the effort to search for the active time of nodes while routing the broadcast messages with asynchronous scheduling. Further, in the proposed work only the time slot of its nearest neighbor relay node (to which packets are to be forwarded) is learnt to reduce the number of message transmissions in the network. For the unicast message replies, the fuzzy membership function is modified and devised based on the routing metrics such as higher residual energy, minimum traffic loads and minimum hop count under energy and bandwidth constraints. Also, the multi-hop heuristic routing algorithm called Nearest Neighbor Tree is effectively used to reduce the number of neighbors in the guidance list that are elected for forwarding. This helps to increase the individual sensor node’s lifetime, thereby maximizes the network lifetime and guarantees increased network throughput. The simulation results show that the proposed technique reduces repeated transmissions, decreases the number of transmissions, shortens the active time of the sensor nodes and increases the network lifetime for query driven sensor network applications invariant to total the number of sensor nodes and sinks in the network. The proposed algorithm is tested in a small test bed of sensor network with ten nodes that monitors the room temperature. 相似文献
14.
15.
In mobile ad hoc networks (MANETs), node mobility causes network topologies to change dynamically over time, which complicates such important tasks as broadcasting and routing. In a typical efficient localized approach, each node makes forwarding decisions based on a neighborhood local view constructed simply by collecting received “Hello” messages. That kind of neighborhood local view can become outdated and inconsistent, which induces a low-coverage problem for efficient broadcasting tasks and a low-delivery ratio problem for efficient routing tasks. In this paper, we propose a neighborhood tracking scheme to guarantee the accuracy of forwarding decisions. Based on historical location information, nodes predict the positions of neighbors when making a forwarding decision, and then construct an updated and consistent neighborhood local view to help derive more precise forwarding decisions. The inaccuracy factors of our scheme are also discussed and an accessory method is provided for possible usage. Simulation results illustrate the accuracy of our proposed tracking scheme. To verify the effectiveness of our scheme, we apply it to existing efficient broadcast algorithms. Simulation results indicate that our neighborhood tracking scheme can improve the protocols coverage ratio greatly. 相似文献
16.
针对机会网络中的数据转发问题,提出一种基于节点社会属性的转发算法。该算法计算节点的陌生性、介数中心性和相似性,均衡利用多个节点的资源防止某些节点因资源消耗过快而退出网络,降低网络的连通性。仿真结果表明,与Epidemic、PROPHET及SW等算法相比,在保证较低传输延迟和较高传输成功率的基础上,通过减少节点间的转发次数,有效地降低了网络传输开销,从而提高数据交付率和减少延迟。 相似文献
17.
针对移动社会网络中节点移动形成的成簇特性和节点参与活动表现的周期特点,提出了一种基于活动的消息机会转发算法(activity-based message opportunistic forwarding,简称AMOF).算法思想是:当消息携带节点与目的节点存在相同活动时,选择消息交付概率高的中继节点转发消息;当消息携带节点与目的节点不存在相同活动时,选择消息间接交付概率高的链路来转发消息.仿真结果表明,与经典路由算法(如Epidemic,PRoPHET,CMOT和CMTS)比较,所提出的路由算法不仅能够提高消息的传输成功率,还能有效地降低传输时延和网络负载. 相似文献
18.
针对无线传感器网络中距离无关的定位技术,提出了DV-Hop定位中普通节点被俘获的欺骗攻击模型,分析了这种欺骗攻击模型对DV-Hop定位过程的影响,进而提出了一种抵御欺骗攻击的DV-Hop安全定位算法.首先,在普通节点端提出了基于发送-转发信息一致性的检测机制来检测恶意节点;其次,在汇聚节点端提出了基于消息转发链举证的检测机制来确定恶意节点;最后,当汇聚节点检测出存在恶意节点进行篡改攻击后,汇聚节点通报全网弃用恶意节点转发的数据分组并重启定位.仿真结果表明,本文提出的安全定位算法可以有效滤除恶意节点,且安全定位算法的定位性能与无攻击下的DV-Hop定位性能基本相当,可以有效解决欺骗攻击对DV-Hop定位过程造成的影响. 相似文献
19.
为保护举报者的身份隐私(身份信息和位置信息)不被包含举报受理机构在内的任意组织获取,提出一种在线匿名秘密举报方案。匿名举报者借助公开密钥算法通过随机转发的方法将加密举报信息发送给举报受理机构,加密举报信息经过网络中一系列中转节点的转发最终到达举报受理机构,任何中转节点和攻击者不能获取举报信息的明文,包含举报受理机构在内的所有节点以及外来攻击者无法取得举报人的身份隐私,如举报信息属实,举报机构可以对举报者进行奖励,同时仍然保持举报者的身份和位置信息不会泄露给举报受理机构或者任意第三方。由于中转节点是随机选择的,不依赖于某些特定节点,从而保证系统的健壮性。实验结果表明,该方案能够支持大型网络中多个举报者顺利完成举报,系统不会出现平均响应时间随节点个数增加而急剧增长的现象,具有良好的可靠性和稳定性。 相似文献
20.
针对Ad Hoc网络路由发现过程中广播路由请求分组导致的广播风暴问题,提出了一种基于节点度估计和静态博弈转发策略的Ad Hoc网络路由协议NGRP.NGRP考虑边界影响,采用分段函数的思想将网络场景分为中心、边和角区域,分别估算网络中节点在不同区域的节点度,避免了周期性广播Hello消息获取节点度导致的开销;NGRP路由请求分组的转发采用静态博弈转发策略,利用节点度估算参与转发路由请求分组的节点数量,将转发和不转发作为策略集合,设计效益函数,通过纳什均衡获得节点转发路由请求分组的转发概率,从而减少了路由请求分组广播过程中产生的大量的冗余、竞争和冲突,提高了路由发现过程中路由请求分组的广播效率.运用NS-2对协议的性能进行大量的仿真,结果表明:NGRP的分组投递率、路由开销、MAC层路由开销和吞吐率这4项指标明显优于AODV+FDG,AODV with Hello和AODV without Hello协议. 相似文献