基于FSM检测的移动自组网攻击分类研究

在移动自组网环境下,由于移动节点可能被攻击截获,导致攻击从内部产生,传统的网络安全措施难以应用,只有通过入侵检测才能发现攻击者。通过分析移动自组网的攻击类型,并构造从恶意节点发起的攻击树,采用有限状态机的思想,设计一个基于FSM的入侵检测算法。采用该算法的入侵检测系统可通过邻居节点的监视,实时地检测到节点的各种攻击行为。     

Distributed detection of mobile malicious node attacks in wireless sensor networks

In wireless sensor networks, sensor nodes are usually fixed to their locations after deployment. However, an attacker who compromises a subset of the nodes does not need to abide by the same limitation. If the attacker moves his compromised nodes to multiple locations in the network, such as by employing simple robotic platforms or moving the nodes by hand, he can evade schemes that attempt to use location to find the source of attacks. In performing DDoS and false data injection attacks, he takes advantage of diversifying the attack paths with mobile malicious nodes to prevent network-level defenses. For attacks that disrupt or undermine network protocols like routing and clustering, moving the misbehaving nodes prevents them from being easily identified and blocked. Thus, mobile malicious node attacks are very dangerous and need to be detected as soon as possible to minimize the damage they can cause. In this paper, we are the first to identify the problem of mobile malicious node attacks, and we describe the limitations of various naive measures that might be used to stop them. To overcome these limitations, we propose a scheme for distributed detection of mobile malicious node attacks in static sensor networks. The key idea of this scheme is to apply sequential hypothesis testing to discover nodes that are silent for unusually many time periods—such nodes are likely to be moving—and block them from communicating. By performing all detection and blocking locally, we keep energy consumption overhead to a minimum and keep the cost of false positives low. Through analysis and simulation, we show that our proposed scheme achieves fast, effective, and robust mobile malicious node detection capability with reasonable overhead.     

Malicious Node Detection in Wireless Sensor Networks Using an Efficient Secure Data Aggregation Protocol

Wireless sensor networks are randomly deployed and responsible for monitoring geographical area wide. In WSN, the aggregation of data is very complex because of its limited power and computing capabilities. Issue in data aggregation is that the data may be passed on malicious node. All the existing data aggregation techniques undergo security issues because of the transfer of large amount of data. In this paper we propose a protocol named Secure Data Aggregation Protocol (SDAP) which identifies the malicious node by providing a logical group in the form of tree topology. In the tree topology the aggregation is formed by aggregating the nodes, which are non-leaf node and high level of trust is required to provide a better approximation and accuracy against the security threats. Thus the data is securely aggregated and the efficiency is achieved in data aggregation.

     

基于加权信任优化的传感器网络安全实现

In this paper, an optimized malicious nodes detection algorithm, based on Weighted Confidence Filter (WCF), is proposed to protect sensor networks from attacks. In this algorithm, each cluster head in a cluster-based hierarchical network figures out an average confidence degree by means of messages from its child nodes. The cluster head only accepts a message from the child node whose confidence degree is higher than the average. Meanwhile, it updates the confidence degrees for each of its child nodes by comparing the aggregation value and the received messages, and regards them as the weight of exactness of messages from nodes. A sensor node is judged to be malicious if its weight value is lower than the predefined threshold. Comparative simulation results verify that the proposed WCF algorithm is better than the Weighted Trust Evaluation (WTE) in terms of the detection ratio and the false alarm ratio. More specifically, with the WCF, the detection ratio is significantly improved and the false alarm ratio is observably reduced, especially when the malicious node ratio is 0.25 or greater. When 40% of 100 sensors are malicious, the detection accuracy is above 90% and the false alarm ratio is nearly only 1.8% .     

无线传感器网络抗欺骗的节点定位算法

节点位置定位是无线传感器网络应用的基本要求之一。针对无线传感器网络在开放性环境中应用容易遭受恶意节点欺骗攻击的问题,设计了一种抗欺骗的节点安全定位算法。算法将参考节点进行分组划分,并通过不同分组之间定位结果的比较,排除其中可能存在的恶意节点。在分组过程中,算法同时考虑了参考节点的优选问题,避免不良拓扑结构造成的定位偏差。仿真试验分析表明,算法能够有效地抵抗恶意节点的定位信息欺骗,大大提高了网络节点的定位精度。     

Access control in wireless sensor networks

Nodes in a sensor network may be lost due to power exhaustion or malicious attacks. To extend the lifetime of the sensor network, new node deployment is necessary. In military scenarios, adversaries may directly deploy malicious nodes or manipulate existing nodes to introduce malicious “new” nodes through many kinds of attacks. To prevent malicious nodes from joining the sensor network, access control is required in the design of sensor network protocols. In this paper, we propose an access control protocol based on Elliptic Curve Cryptography (ECC) for sensor networks. Our access control protocol accomplishes node authentication and key establishment for new nodes. Different from conventional authentication methods based on the node identity, our access control protocol includes both the node identity and the node bootstrapping time into the authentication procedure. Hence our access control protocol cannot only identify the identity of each node but also differentiate between old nodes and new nodes. In addition, each new node can establish shared keys with its neighbors during the node authentication procedure. Compared with conventional sensor network security solutions, our access control protocol can defend against most well-recognized attacks in sensor networks, and achieve better computation and communication performance due to the more efficient algorithms based on ECC than those based on RSA.     

一种安全的无线传感器网络路由协议

Wireless sensor networks are increasingly deployed in security-critical areas, such as battle field. However, general sensor nodes are manufactured with inexpensive components, and they are short of security enhancement. Therefore, an adversary could capture and compromise sensor nodes easily, then launch some malicious attacks （including tampering or discarding useful data collected from source nodes）. In this paper, we propose a secure routing and aggregation protocol for sensor networks, which utilizes one-way hash chain and multi-path mechanism to achieve security of wireless sensor networks.     

Shift Reduce Parser Based Malicious Sensor Detection for Predicting Forest Fire in WSNs

Nowadays wireless sensor networks (WSNs) has been used in enormous applications for data collection in an unfriendly environment. Forest fire makes vast hazard to the consuming plant of the world. To preserve the forest from fire, sensor nodes monitor the environment temperature. If the temperature is increased and it exceeds the threshold, the sensor sends the notification message to the fire monitoring system. The forest fire is measured by Fire Weather Index. Most of the existing fire monitoring systems only highlight in detection, but not the verification of the sensor. Suppose, if the attacker inserts any malicious sensor, the malicious sensor sends false information or create an additional delay in fire monitoring system. As a result, the more chances for the forest to be destroyed by fire. To solve this problem, Shift Reduce Parser based Malicious Sensor Detection (SRP_MSD) in WSN is proposed. The Bivariate Pascal Triangle method hides the original identity of nodes, data route from the malicious observer and sends confidential information to the Base Station. This method is analyzed and evaluated using network simulator-2. The results show that it is possible to detect malicious sensor nodes and send the reliable information to the forest fire monitoring system.     

E2EACK: an end-to-end acknowledgment-based scheme against collusion black hole and slander attacks in MANETs

Mobile ad hoc networks (MANETs) rely on the benevolence of nodes within the network to forward packets from a source node to a destination node. This network construction allows for the forwarding nodes, whether they are selfish or malicious, to drop packets hindering end-to-end communication. In this paper, a new scheme is proposed against collusion black hole and slander attacks in MANETs, named E2EACK. A novel method is used to detect collusion attacks due to collusive malicious nodes which cooperate in the route discovery, but refuse to forward data packets and do not disclose the misbehavior of each other. Contrary to existing methods that detect only collusion black hole attacks, the E2EACK also detects slander attacks and framing attacks. Moreover, the E2EACK uses ACKnowledgment packet to detect malicious nodes on the path and Message Authentication Code (MAC) to authenticate the sender of each data packet. Analytical and simulation results show that the proposed scheme considerably decreases the routing overhead and increases the packet delivery ratio compared to the existing methods.     

一种面向智能电网数据采集的传感器聚合布局构造算法

智能电网中分布着大量的无线传感器用于监测智能电网设备和用户的运营状态信息,原始监测数据都采集到数据处理中心会给数据采集通信网络带来极大的数据流量压力。采用在数据采集过程中进行数据聚合的策略,将极大地缩减数据流量,降低通信网络的开销。因此聚合节点的选择以及聚合拓扑的构造成为智能电网数据采集的关键问题。该文提出一种基于层次聚类的异步分布式聚合布局构造算法。该算法首先按照层次聚类把所有节点按照距离的远近聚合构造出一棵采集树。随后计算出最佳分组数,按照该分组数进行分组。然后按照异步分布式策略进行最佳聚合节点的选择以及最佳传输拓扑的构造。仿真实验表明,该算法可以快速找到具有最小开销的数据聚合方式,提高智能电网数据采集网络的效率。