基于云模型的无线传感器网络恶意节点识别技术的研究

 无线传感器网络(Wireless Sensor Network,简称WSN)是一种没有基础设施的自组织无线网络.和其它网络一样,WSN需要安全措施来保证网络通信的安全.但是,在无线传感器网络中,基于密码的安全体系不能有效处理来自网络内部的攻击,识别出恶意节点.因此,信任模型被用于无线传感器网络恶意节点识别.在信任模型和云理论的研究基础上,本文构建了一个基于云理论的无线传感器网络信任模型——云信任模型(CTM,Cloud-based Trust Model).实验结果表明,云信任模型能够有效识别恶意节点.     

A Cognitive Energy Efficient and Trusted Routing Model for the Security of Wireless Sensor Networks: CEMT

There are many smart applications evolved in the area of the wireless sensor networks. The applications of WSNs are exponentially increasing every year which creates a lot of security challenges that need to be addressed to safeguard the devices in WSN. Due to the dynamic characteristics of these resource constrained devices in WSN, there must be high level security requirements to be considered to create a high secure environments. This paper presents an efficient multi attribute based routing algorithm to provide secure routing of information for WSNs. The work proposed in this paper can decrease the energy and enhances the performance of the network than the currently available routing algorithm such as multi-attribute pheromone ant secure routing algorithm based on reputation value and ant-colony optimization algorithm. The proposed work secures the network environment with the improved detection techniques based on nodes’ higher coincidence rates to find the malicious behavior using trust calculation algorithm. This algorithm uses some QoS parameters such as reliability rate, elapsed time to detect impersonation attacks, and stability rate for trust related attacks, to perform an efficient trust calculation of the nodes in communication. The outcome of the simulation show that the proposed method enhances the performance of the network with the improved detection rate and secure routing service.

     

A Novel Heuristic Approach Based Trust Worthy Architecture for Wireless Sensor Networks

A Wireless Sensor Networks (WSNs) consist of spatially distributed autonomous sensors to cooperatively monitor physical or environmental conditions, such as temperature, sound, vibration, pressure, motion or pollutants. WSNs are more vulnerable to attacks and failures due to the involvement of many numbers of tiny sensor nodes. As the technology is tremendously increasing in the recent past, the implementation of this for various time critical applications is quite interesting and challenging. Moreover, WSNs have no specific hierarchical structures, leads to security and maintenance problems. Trust in WSN is defined as the degree of belief or confidence about the nodes based on the past interactions and observations has which become a mandatory requirement for reliable communication in WSN under security constraints. In this paper, we propose a Heuristic Approach based Trust Worthy Architecture for WSN that considers the challenges of the system and focus on the collaborative mechanism for trust evaluation and maintenance. Our proposed Architecture could also be capable of fulfilling critical security, reliability, mobility and performance requirements for reliable communication while being readily adaptable to different applications. The simulation results of the proposed architecture outperformed the recent trust worthy architecture using the analysis of the performance requirements such as communication overhead, memory requirements and energy consumption.     

GSHMAC: Green and Secure Hybrid Medium Access Control for Wireless Sensor Network

The cost efficiency of wireless platforms and their easy deployment enable the applicability of it in widespread application domains. Wireless sensor networks (WSNs) are not excluded from it. Their application domains vary from industrial monitoring to military applications. A WSN is a resource-constrained network and energy of the WSN node is a valuable resource. Like every other network, WSNs are also vulnerable to security attacks. A security attack can results in networks consuming more resources, leading to earlier depletion of node energy. A significant part of the resource consumption in a WSN is controlled by the medium access control (MAC) mechanism. This paper focuses on WSN MAC mechanisms and countermeasures for attacks targeting the MAC layer in a WSN. Denial of sleep attacks are the most relevant for WSN MAC as these types of attacks have shattered effects, which bring down the sensor lifetime from years to days. This paper proposes a secure hybrid MAC mechanism, Green and Secure Hybrid Medium Access Control (GSHMAC) to overcome the devastating effect of WSN MAC attacks. The proposed mechanism provides features such as collision threshold-based MAC mode control and countermeasures on WSN MAC using internal MAC mechanisms. GSHMAC shows improved energy-efficiency, delay, and throughput in the presence of attacks, as compared with state-of-art secure MAC mechanisms.     

基于Beta分布的无线传感器网络分簇路由信任管理机制研究

信任管理机制为保障无线传感器网络安全提供了一种有效方案,通过对节点的行为进行评价,建立整个网络的信任管理机制,对判断的恶意节点采用相应的限制措施来保障安全。文章以Beta概率密度分布函数的期望值作为信任值,优化网络分簇路由协议,可在保障网络能量高效利用的同时,有效提升整个网络的安全性。     

A Secure Routing Protocol with Trust and Energy Awareness for Wireless Sensor Network

Nodes in most of the deployments of Wireless Sensor Networks (WSNs) remain un-administered and exposed to variety of security attacks. Characterized by constrained resources and dynamically changing behavior of sensor nodes, reliable data delivery in WSNs is nontrivial. To counter node misbehavior attacks, traditional cryptographic and authentication based solutions have proved to be inappropriate due to high cost and incapability factors. Recently, trust based solutions have appeared to be viable solutions to address nodes’ misbehavior attacks. However, the existing trust based solutions incur high cost in trust estimation and network-wide dissemination which significantly increases traffic congestion and undermines network lifetime. This paper presents a Trust and Energy aware Secure Routing Protocol (TESRP) for WSN that exploits a distributed trust model for discovering and isolating misbehaving nodes. TESRP employs a multi-facet routing strategy that takes into consideration the trust level, residual energy, and hop-counts of neighboring nodes while making routing decisions. This strategy not only ensures data dissemination via trusted nodes but also balances out energy consumption among trusted nodes while traversing through shorter paths. Demonstrated by simulation results in NS-2, TESRP achieves improved performance in terms of energy consumption, throughput and network lifetime as compared to existing solutions.     

Trust management-based and energy efficient hierarchical routing protocol in wireless sensor networks

The single planar routing protocol has a slow convergence rate in the large-scale Wireless Sensor Network (WSN). Although the hierarchical routing protocol can effectively cope with large-scale application scenarios, how to elect a secure cluster head and balance the network load becomes an enormous challenge. In this paper, a Trust Management-based and ​Low Energy Adaptive Clustering Hierarchy protocol (LEACH-TM) is proposed. In LEACH-TM, by using the number of dynamic decision cluster head nodes, residual energy and density of neighbor nodes, the size of the cluster can be better constrained to improve energy efficiency, and avoid excessive energy consumption of a node. Simultaneously, the trust management scheme is introduced into LEACH-TM to defend against internal attacks. The simulation results show that, compared with LEACH-SWDN protocol and LEACH protocol, LEACH-TM outperforms in prolonging the network lifetime and balancing the energy consumption, and can effectively mitigate the influence of malicious nodes on cluster head selection, which can greatly guarantee the security of the overall network.     

A Novel Trust-Aware Geographical Routing Scheme for Wireless Sensor Networks

Wireless sensor networks are vulnerable to a wide set of security attacks, including those targeting the routing protocol functionality. The applicability of legacy security solutions is disputable (if not infeasible), due to severe restrictions in node and network resources. Although confidentiality, integrity and authentication measures assist in preventing specific types of attacks, they come at high cost and, in most cases, cannot shield against routing attacks. To face this problem, we propose a secure routing protocol which adopts the geographical routing principle to cope with the network dimensions, and relies on a distributed trust model for the detection and avoidance of malicious neighbours. A novel function which adaptively weights location, trust and energy information drives the routing decisions, allowing for shifting emphasis from security to path optimality. The proposed trust model relies on both direct and indirect observations to derive the trustworthiness of each neighboring node, while it is capable of defending against an increased set of routing attacks including attacks targeting the indirect trust management scheme. Extensive simulation results reveal the advantages of the proposed model.     

Codeword Authenticated Key Exchange (CAKE) light weight secure routing protocol for WSN

Wireless Sensor Network (WSN) is developing rapidly and used extensively in various critical applications like military, health, environment etc. Sometimes, the WSN is indiscriminately deployed in unattended hostile terrains such as border or remote region where besides energy efficiency, security is another important issue to be addressed. The adversary can have unauthorised access which can lead to tampering, modification, interception, eavesdropping etc. With the intention of improving the energy efficacy of WSN, clustering methods are developed, but dynamic behaviour of sensor nodes with limited storage and processing makes security a more challenging problem as resource intensive security solutions are not feasible in practical scenario. Key management is capable of addressing this problem by protecting the network from different attacks. In this paper, a highly secure Codeword Authenticated Key Exchange (CAKE) protocol is proposed which is based on one‐way hashing with one time password and codeword authentication. BAN logic and Random Oracle Model are used for formal proof, and AVISPA tool is used for simulating the proposed work. CAKE is compared with other existing mutual authentication schemes which depicts significant reduction in computational time and energy consumption. The proposed protocol preserves Confidentiality, Integrity, and mutual authentication and can counter several attacks like offline guessing attack, replay attack, Dos attack, impersonation attack etc. and preserve perfect forward secrecy making the protocol suitable for various WSN applications.     

A green trust‐distortion resistant trust management scheme on mobile ad hoc networks

Trust management is an emerging security approach used to conduct nodes' relationships in mobile ad hoc networks. It relates to assigning a trust level to each network component based on its cooperative behavior with respect to system goals. Because of its infrastructure‐less nature, frequent network dynamics, and severe resource constraints, it is complex to establish trust in such a network. Mainly, trust systems are vulnerable to attacks that make use of inherent properties of the trust model to alter the accuracy of estimated trust levels, referred to as trust‐distortion attacks. Because of the contradictory nature of such attacks, their detection can be confusing, complex, and energy‐demanding, especially in multiattack environments. To handle such threats, we propose a Green Trust‐distortion Resistant Trust Management Scheme, called GTRTMS, which handles different trust‐distortion attacks in multiattack environments. The proposed solution self‐adapts its trust knowledge monitoring according to the network context to conserve the energy of mobile nodes and reduce the produced CO₂ emissions. Simulation results prove that GTRTMS exhibits significantly better performance than the other counterpart in presence of simultaneous and contradictory different trust‐distortion attacks.     

Trust Based Detection and Elimination of Packet Drop Attack in the Mobile Ad-Hoc Networks

The mobile ad hoc network (MANET) is communication network of a mobile node without any prior infrastructure of communication. The network does not have any static support; it dynamically creates the network as per requirement by using available mobile nodes. This network has a challenging security problem. The security issue mainly contains a denial of service attacks like packet drop attack, black-hole attack, gray-hole attack, etc. The mobile ad-hoc network is an open environment so the working is based on mutual trust between mobile nodes. The MANETs are vulnerable to packet drop attack in which packets travel through the different node. The network while communicating, the node drops the packet, but it is not attracting the neighboring nodes to drop the packets. This proposed algorithm works with existing routing protocol. The concept of trusted list is used for secure communication path. The trusted list along with trust values show how many times node was participated in the communication. It differentiates between altruism and selfishness in MANET with the help of energy level of mobile components. The trust and energy models are used for security and for the differentiation between altruism and selfishness respectively.     

CrowWhale-ETR: CrowWhale optimization algorithm for energy and trust aware multicast routing in WSN for IoT applications

WSN serves as a medium for linking the physical and information network of IoT. Energy and trust are the two major factors that facilitate reliable communication in the network. During multicast routing, the BS engages in forwarding the data securely to the multiple destinations through the intermediate nodes, which is the major challenge in IoT. The paper addresses the challenges through proposing an energy-aware multicast routing protocol based on the optimization, CrowWhale-ETR, which is the integration of CSA and WOA based on the objective function designed with the energy and trust factors of the nodes. Initially, the trust and energy of the nodes are evaluated for establishing the routes that is chosen optimally using CWOA. This optimally chosen path is used for the data transmission, in which energy and trusts of the individual nodes are updated at the end of the individual transmission, in such a way the secure nodes can be selected, and which improves the secure communication in the network. The simulation is analyzed using 50 and 100 nodes in terms of the performance measures. The proposed method acquired the minimal delay of 0.2729 and 0.3491, maximal detection rate of 0.6726, maximal energy of 66.4275 and 71.0567, and maximal throughput of 0.4625 and 0.8649 in the presence and absence of attacks with 50 nodes for analysis.

     

Securing Wireless Sensor Networks Against Denial‐of‐Sleep Attacks Using RSA Cryptography Algorithm and Interlock Protocol

Wireless sensor networks (WSNs) have been vastly employed in the collection and transmission of data via wireless networks. This type of network is nowadays used in many applications for surveillance activities in various environments due to its low cost and easy communications. In these networks, the sensors use a limited power source which after its depletion, since it is non‐renewable, network lifetime ends. Due to the weaknesses in sensor nodes, they are vulnerable to many threats. One notable attack threating WSN is Denial of Sleep (DoS). DoS attacks denotes the loss of energy in these sensors by keeping the nodes from going into sleep and energy‐saving mode. In this paper, the Abnormal Sensor Detection Accuracy (ASDA‐RSA) method is utilized to counteract DoS attacks to reducing the amount of energy consumed. The ASDA‐RSA schema in this paper consists of two phases to enhancement security in the WSNs. In the first phase, a clustering approach based on energy and distance is used to select the proper cluster head and in the second phase, the RSA cryptography algorithm and interlock protocol are used here along with an authentication method, to prevent DoS attacks. Moreover, ASDA‐RSA method is evaluated here via extensive simulations carried out in NS‐2. The simulation results indicate that the WSN network performance metrics are improved in terms of average throughput, Packet Delivery Ratio (PDR), network lifetime, detection ratio, and average residual energy.     

基于LEACH协议的Sybil攻击入侵检测机制

LEACH协议有效地解决了无线传感器网络(WSN)能耗性问题,但是在安全性方面存在较大的隐患。因此提出了一种改进LEACH协议安全性能的LEACH-S机制,采用接收信号强度值(RSSI)的Sybil攻击入侵检测策略,通过设定合理的阈值启动该机制,即只有在判定可能遭遇Sybil攻击时才启动,实验表明该机制能以较少的能耗代价来有效检测出Sybil攻击。     

移动Ad hoc网络信任模型研究

AdHoc网络信任模型的工作流程分为收集客体的行为信息,计算信任值,最后进行信任决策3个环节。分析了当前Adhoc网络中的5类信任模型,即基于社会网络理论的信任模型、基于分簇的信任模型、基于图论的信任模型、基于非合作博弈论的信任模型和基于合作博弈论的信任模型。指出上述模型各有优缺点在构建Adhoc网络信任模型时,必经考虑适应网络的动态拓扑和成员关系的变化,所构建信任模型的密钥管理、信任管理如访问控制不能依赖固定的可信第三方的设施并减少模型中的假设条件,算法具有鲁棒性。     

一种基于信任模型的安全度量及安全路由算法设计

针对网络路由的攻击普遍且后果严重。目前的研究大多是采用数字签名,消息验证和入侵检测等机制来提高路由控制信息的安全,基本没有考虑机密应用数据的路由安全问题。该文通过分析通信实体的安全机制和安全威胁来测量链路和节点的信任度,建立节点间的信任关系,并基于该信任模型定义和量化一种新的安全度量SM(Security Metric),提出以SM为选路标准的安全路由算法SMRA(Security Metric based Routing Algorithm)。仿真表明,网络存在攻击时,SMRA算法比OSPF算法有更好的包传输率和路由安全性能。     

Novel approach of distributed & adaptive trust metrics for MANET

It is known to all that mobile ad hoc network (MANET) is more vulnerable to all sorts of malicious attacks which affects the reliability of data transmission because the network has the characteristics of wireless, multi-hop, etc. We put forward novel approach of distributed & adaptive trust metrics for MANET in this paper. Firstly, the method calculates the communication trust by using the number of data packets between nodes, and predicts the trust based on the trend of this value, and calculates the comprehensive trust by considering the history trust with the predict value; then calculates the energy trust based on the residual energy of nodes and the direct trust based on the communication trust and energy trust. Secondly, the method calculates the recommendation trust based on the recommendation reliability and the recommendation familiarity; adopts the adaptive weighting, and calculates the integrate direct trust by considering the direct trust with recommendation trust. Thirdly, according to the integrate direct trust, considering the factor of trust propagation distance, the indirect trust between nodes is calculated. The feature of the proposed method is its ability to discover malicious nodes which can partition the network by falsely reporting other nodes as misbehaving and then proceeds to protect the network. Simulation experiments and tests of the practical applications of MANET show that the proposed approach can effectively avoid the attacks of malicious nodes, besides, the calculated direct trust and indirect trust about normal nodes are more conformable to the actual situation.

     

Optimized deep learning-based intrusion detection for wireless sensor networks

The technological innovations and wide use of Wireless Sensor Network (WSN) applications need to handle diverse data. These huge data possess network security issues as intrusions that cannot be neglected or ignored. An effective strategy to counteract security issues in WSN can be achieved through the Intrusion Detection System (IDS). IDS ensures network integrity, availability, and confidentiality by detecting different attacks. Regardless of efforts by various researchers, the domain is still open to obtain an IDS with improved detection accuracy with minimum false alarms to detect intrusions. Machine learning models are deployed as IDS, but their potential solutions need to be improved in terms of detection accuracy. The neural network performance depends on feature selection, and hence, it is essential to bring an efficient feature selection model for better performance. An optimized deep learning model has been presented to detect different types of attacks in WSN. Instead of the conventional parameter selection procedure for Convolutional Neural Network (CNN) architecture, a nature-inspired whale optimization algorithm is included to optimize the CNN parameters such as kernel size, feature map count, padding, and pooling type. These optimized features greatly improved the intrusion detection accuracy compared to Deep Neural network (DNN), Random Forest (RF), and Decision Tree (DT) models.     

A dynamic TDMA based scheme for securing query processing in WSN

Nodes in a wireless sensor network (WSN) are generally deployed in unattended environments making the nodes susceptible to attacks. Therefore, the need of defending such attacks becomes a big challenge. We propose a scheme to build a security mechanism in a query-processing paradigm within WSN. The scheme is capable of protecting replay attack while preserving essential properties of security such as authentication, data integrity and data freshness. The solution is made lightweight using symmetric key cryptography with very short-length key. Further, the key used in our scheme is neither pre-deployed nor is transmitted directly. The key information is established among nodes through an efficient use of one variant of dynamic TDMA mechanism which ensures security of key. Another variant of dynamic TDMA is used to make the scheme bandwidth saving, an essential quality of WSN. Performance of the scheme is analyzed in terms of storage, computation and communication overhead. Finally the analytical results are compared with two of the existing schemes including the previous version of the present scheme that show significant reduction of all such overheads thereby proving the suitability of the proposed scheme for a resource-constrained network like WSN.