共查询到16条相似文献,搜索用时 190 毫秒
1.
2.
一种基于AOA信任评估的无线传感器网络Sybil攻击检测新方法* 总被引:2,自引:0,他引:2
随着无线传感器网络(WSN)技术广泛应用在数字家庭网络及其他领域,其安全问题日益突出。针对无线传感器网络中典型的Sybil攻击,提出了一种基于信号到达角信任评估检测新方法TEBA。信标节点基于Sybil节点创建多个虚拟身份。但其物理位置相同的思想,利用信号到达角相位差对邻居节点身份作出信任评估,将低于某一信任阈值的节点身份归为Sybil攻击。方案引入多节点协作思想,摒弃了复杂的质心计算,实现了低时延高效性检测。仿真结果表明,该方法能防御及检测Sybil攻击, 有效保护系统性能。 相似文献
3.
4.
5.
Sybil攻击会破坏无线传感器网络的冗余备份、多路径路由等机制,基于INSENS路由协议中的路由建立机制,从事件观测区域到基站建立两条路径,建立第二条路径的同时,利用节点与邻居节点间的距离,以及第一条路径中节点的位置信息检测出Sybil攻击,从而建立绕过Sybil攻击的第二条路径,将事件区域观测到的数据传输给基站。实验表明提出的方法能够使路径有效地绕过Sybil攻击,并且建立的安全路由协议在节点计算量、存储量及能量消耗三方面的性能均低于采用共享密钥进行身份认证的防范和检测Sybil攻击方法中的开销。 相似文献
6.
余群 《计算机工程与设计》2008,29(12)
无线传感器网络中的Sybil攻击会破坏无线传感器网络的路由算法、公平资源分配等机制,因此研究Sybil攻击的防范和检测方法存在一定的意义.分析了Sybil攻击的破坏性,阐述了目前已有的防范和检测Sybil攻击的方法,并针对目前已有方法的不足,提出了从节点的能量消耗、计算量等性能进行优化出发,设计出有效的Sybil攻击防范和检测机制. 相似文献
7.
智能汽车构成的智能交通系统中,复杂交通网络中的多类型传感器的能耗数据与传输的数据量日趋增加,由车载多源无线传感器构成的网络常遭到Sybil攻击,遭到攻击后将导致数据丢失甚至交通故障。Sybil攻击以伪装身份或盗用正常节点的形式出现,但在车辆内部、车辆与车辆之间、车辆与基站之间通常所受到的攻击威胁侧重不同。本文分析了车联网中无线传感器网络拓扑结构及通信模式、受到Sybil攻击的特点、各检测方式,提出初期检测和能耗信任值计算的方式用于Sybil攻击网络节点的检测。 相似文献
8.
无线传感器网络中的Sybil攻击检测 总被引:2,自引:0,他引:2
对Sybil攻击进行了研究,提出了一种基于地理位置信息的检测方法。利用基站和节点间传输的数据包信息检测部分Sybil攻击,构造多条路径,定义查询包,对通过不同路径到达目标节点的查询包中的字段值进行比较,再结合多跳确认机制,检测网络中的Sybil攻击。这种方法避免了传统的加密、身份认证等方法带来的高计算量和通信量,节省了节点能量。 相似文献
9.
在车载自组网中,Sybil攻击是指恶意车辆通过伪造、偷窃或合谋等非法方式获取虚假身份并利用多个身份进行非正常行为而威胁到其他驾乘者生命财产安全的一种攻击。介绍了车载自组网中Sybil攻击的起因与危害,对Sybil攻击的检测方案进行了论述。根据检测过程是否与位置相关,将Sybil攻击检测方案分为与位置无关的检测方案和与位置有关的检测方案两类,对其中的检测方案进行了分类和比较。最后指出了现有方案中存在的问题和未来可能的研究方向。 相似文献
10.
Sybil攻击是P2P网络中常见的攻击方式,危害极大.Kad是当前最流行的P2P文件共享网络,最新的Kad软件限制了路由表中的IP数量,因此单个主机的Sybil攻击演化为分布式的团体攻击,传统的根据IP和节点ID来检测Sybil攻击的方式均不再有效.可行的方法是分析异常节点路由表结构及其连接关系来检测Kad网络中的Sybil攻击团体.在由Sybil节点的路由表所形成的拓扑图中,一个团体内的节点之间相互连接紧密,而与团体外节点间的连接稀疏,根据这一特征应用社会网络中的社区发现算法CNM来检测Sybil攻击团体.在应用CNM算法前,可根据Kad路由表特征高效识别异常节点,采集其路由表项,最后通过聚类路由表结构相似的异常节点来降低CNM算法的输入规模,使其可适用于具有百万级节点、亿级边的Kad网络.通过在实际Kad网络上主动注入Sybil攻击团体对该方法的有效性进行了验证,实验结果表明该方法可有效发现规模达数百的Sybil攻击团体.最后,应用该方法对实际Kad网络进行检测,发现了真实存在的多个规模不一的Sybil攻击团体. 相似文献
11.
As the prevalence of Wireless Sensor Networks (WSNs) grows in the military and civil domains, the need for network security has become a critical concern. In a Sybil attack, the WSN is subverted by a malicious node which forges a large number of fake identities in order to disrupt the network’s protocols. In attempting to protect WSNs against such an attack, this paper develops a scheme in which the node identities are verified simply by analyzing the neighboring node information of each node. The analytical results confirm the efficacy of the approach given a sufficient node density within the network. The simulation results demonstrate that for a network in which each node has an average of 9 neighbors, the scheme detects 99% of the Sybil nodes with no more than a 4% false detection rate. The experiment result shows that the Sybil nodes can still be identified when the links are not symmetric. 相似文献
12.
针对无线传感器网络(WSN)中女巫攻击使距离矢量跳数(DV-HOP)等算法的定位结果产生偏差的问题,提出基于跳数差值的距离矢量跳数算法(HDDV-HOP)及其增强型算法(EHDDV-HOP)。首先,检测节点通过可控泛洪方式获取其他节点的邻居节点列表;其次,检测节点通过分析邻居节点列表检测虚假节点并建立白名单;最后,节点根据白名单选择性转发接收到的数据包并进行安全定位。两种算法的区别在于它们使用不同的检测方式,HDDV-HOP算法中检测节点分析邻居节点列表是否相同,而EHDDV-HOP算法中检测节点分析邻居节点列表交集与并集中元素个数之比。仿真结果表明,在信标节点比例达到20%和信号覆盖不对称时,与无女巫攻击时DV-HOP算法相比,HDDV-HOP定位误差相对大133.4%,EHDDV-HOP在相似度阈值合适时只高出7.3%,但都低于有女巫攻击时DV-HOP的定位误差。两种算法都能抵御女巫攻击,但EHDDV-HOP更优。 相似文献
13.
Sybil attack is one of the most challenging problems that plague current decentralized Peer-to-Peer(P2P) systems. In Sybil
attack, a single malicious user creates multiple peer identities known as sybils. These sybils are employed to target honest
peers and hence subvert the system. In this paper, we describe a novel solution that enables all honest peers to protect themselves
from sybils with high probability in large structured P2P systems. In our proposed sybil defense system, we associate every
peer with another non-sybil peer known as SyMon. A given peer’s SyMon is chosen dynamically such that the chances of both of them being sybils are very low. The chosen SyMon is entrusted with the responsibility of moderating the transactions involving the given peer and hence makes it almost impossible
for sybils to compromise the system. We show the effectiveness of our proposed system in defending against Sybil attack both
analytically and experimentally. In addition to this, we explore the feasibility of our proposed solution in two P2P applications:
reputation systems for P2P based file sharing applications and P2P applications susceptible to Denial-of-Service(DOS) attack,
systems known to be highly vulnerable to Sybil attack. In each of our case studies, we discuss possible ways in which our
solution can be employed to defend the system against Sybil attack. 相似文献
14.
Weverton Luis da Costa Cordeiro Flávio Roberto Santos Gustavo Huff Mauch Marinho Pilla Barcelos Luciano Paschoal Gaspary 《Computer Networks》2012,56(11):2569-2589
The Sybil attack consists on the indiscriminate creation of counterfeit identities, by a malicious user (attacker), in large-scale, dynamic distributed systems (for example, Peer-to-Peer). An effective approach to tackle this attack consists in establishing computational puzzles to be solved prior to granting new identities. Solutions based on this approach have the potential to slow down the assignment of identities to malicious users, but unfortunately may affect normal users as well. To address this problem, we propose the use of adaptive computational puzzles as an approach to limit the spread of Sybils. The key idea is to estimate a trust score of the source from which identity requests depart, calculated as a proportion of the number of identities already granted to (the) user(s) associated to that source, in regard to the average of identities granted to users associated to other sources. The higher the frequency (the) user(s) associated to a source obtain(s) identities, the lower the trust score of that source and, consequently, the higher the complexity of the puzzle to be solved. An in-depth analysis of both (i) the performance of our mechanism under various parameter and environment settings, and (ii) the results achieved with an experimental evaluation, considering real-life traces from a Peer-to-Peer file sharing community, has shown the effectiveness of the proposed mechanism in limiting the spread of Sybil identities. While comparatively more complex puzzles were assigned to potential attackers, legitimate users were minimally penalized with easier-to-solve puzzles. 相似文献
15.
针对传统攻击检测方法检测稳定性低以及检测精准度差的问题,提出一种基于动态无线传感网的抗合谋Sybil攻击检测方法。根据动态无线传感网络组成结构得出对应检测原理,同时计算获取出攻击检测目标函数;在空间约束条件基础上引入无线网络攻击检测法,分类处理Sybil攻击,获取出网络被攻击节点位置;根据角度-衰减度检测法计算得出网络攻击两点基本原则,通过锚节点定位攻击节点,完成抗合谋Sybil攻击检测。仿真结果表明,所提方法能够有效解决传统方法带来的问题,且在计算过程中具有较高实用性以及广泛适用性。 相似文献