Distributed detection of mobile malicious node attacks in wireless sensor networks

In wireless sensor networks, sensor nodes are usually fixed to their locations after deployment. However, an attacker who compromises a subset of the nodes does not need to abide by the same limitation. If the attacker moves his compromised nodes to multiple locations in the network, such as by employing simple robotic platforms or moving the nodes by hand, he can evade schemes that attempt to use location to find the source of attacks. In performing DDoS and false data injection attacks, he takes advantage of diversifying the attack paths with mobile malicious nodes to prevent network-level defenses. For attacks that disrupt or undermine network protocols like routing and clustering, moving the misbehaving nodes prevents them from being easily identified and blocked. Thus, mobile malicious node attacks are very dangerous and need to be detected as soon as possible to minimize the damage they can cause. In this paper, we are the first to identify the problem of mobile malicious node attacks, and we describe the limitations of various naive measures that might be used to stop them. To overcome these limitations, we propose a scheme for distributed detection of mobile malicious node attacks in static sensor networks. The key idea of this scheme is to apply sequential hypothesis testing to discover nodes that are silent for unusually many time periods—such nodes are likely to be moving—and block them from communicating. By performing all detection and blocking locally, we keep energy consumption overhead to a minimum and keep the cost of false positives low. Through analysis and simulation, we show that our proposed scheme achieves fast, effective, and robust mobile malicious node detection capability with reasonable overhead.     

基于移动Agent的JPEG2000分布式编码算法研究

该文针对无线传感器网络节点处理能力、存储能力和能量供应均有限的特点,提出一种基于移动Agent的JPEG2000分布式编码算法。采用多个节点对图像进行分布式编码,通过引入移动Agent机制来实现网络节点间的信息交互,在保证图像编码性能不变的情况下,降低单个节点能耗,使系统不因单个节点能量耗尽而瘫痪,以延长系统的生命周期。仿真实验结果表明,该文所提出的基于移动Agent的分布式编码算法在无线传感器网络环境中可以保证编码后的图像质量没有下降,并能有效均衡系统能耗、延长网络工作寿命达3倍左右。     

Collaborative Polling based Routing Security Scheme to Mitigate the Colluding Misbehaving Nodes in Mobile Ad Hoc Networks

The recent advancements in the field of wireless communications makes the mobile devices to communicate with each other in a self organized manner without relying on stable infrastructure. It requires cooperation between the mobile devices in order to find routes between them when the nodes are not in the communication range of each other. The misbehaving node comes into existence due to scarcely available resources such as battery, bandwidth and computational power. When the nodes collude to misbehave then it further makes the routing process difficult due to frequent network partitioning and it also degrades the overall network throughput. This paper proposes a Collaborative Polling based Routing Security Scheme to detect and isolate the colluding misbehaving nodes in mobile ad hoc networks. The proposed system employs a timeout approach to detect the active neighbors in the neighborhood before monitoring the transmissions which involves it. It ensures that the false detection of a good node as a bad one has been greatly reduced which in turn decreases the send buffer drop because of the availability of alternate routes. The simulation result shows that the measured parameters such as packet drop ratio and malicious drop has been reduced due to the efficient detection and isolation of misbehaving nodes. This paper also presents an analytical and simulation results of the impact of node misbehavior.     

移动无线传感网的生存时间优化算法研究

当sink节点位置固定不变时,分布在sink 节点周围的传感节点很容易成为枢纽节点,因转发较多的数据而过早失效。为解决上述问题,提出移动无线传感网的生存时间优化算法（LOAMWSN）。LOAMWSN算法考虑sink节点的移动,采用减聚类算法确定sink节点移动的锚点,采用最近邻插值法寻找能遍历所有锚点的最短路径近似解,采用分布式非同步Bellman-Ford算法构建sink节点k跳通信范围内的最短路径树。最终,传感节点沿着最短路径树将数据发送给sink节点。仿真结果表明：在节点均匀分布和非均匀分布的无线传感网中,LOAMWSN算法都可以延长网络生存时间、平衡节点能耗,将平均节点能耗保持在较低水平。在一定的条件下,比Ratio_w、TPGF算法更优。     

Communication Timing Control and Topology Reconfiguration of a Sink-Free Meshed Sensor Network With Mobile Robots

This paper deals with a unified system of fully distributed meshed sensor network and mobile robot cooperation that serves as a sink node. The meshed sensor network in this paper is composed of static wireless nodes, and is capable of fully distributed peer-to-peer (P2P) ad hoc communication with ZigBee-based protocol. A novel communication timing control employing coupled-oscillator dynamics, named phase-diffusion time-division method (PDTD), has been proposed so far, aiming at realization of an ad hoc collision-free wireless communication network. In this paper, we extend the basic PDTD so that it can exhibit flexible topological reconfiguration according to the moving sink node (robot). Unlike conventional sensor network, no static sink node is supposed inside the network; however, a mobile robot will function as a sink node and access the mesh network from an arbitrary position. A large-scale experiment was conducted, and its results show that satisfactory collaboration between the mesh sensor network and the mobile robot is achieved, and the proposed system outperformed the carrier-sense-multiple-access-based sensor system.     

基于移动Agent和WSN的突发事件场景数据收集算法研究

该文针对无线传感器网络应用于突发事件监测场景的能量消耗和网络延迟问题,提出了基于移动Agent的无线传感器网络簇式数据收集算法.动态成簇过程基于事件严重程度,并由其决定簇的生命周期和覆盖范围.Sink和簇头之间形成以Sink节点为簇头的虚拟簇.移动Agent迁移路径规划过程中下一跳节点的选取基于节点剩余能量、路径损耗及受刺激强度.移动Agent通过节点遍历的方式完成对所有簇内成员节点信息的收集.仿真结果表明,相对于C/S数据收集模型,基于移动Agent的模型具有更好的节能效果,并能一定程度地减少网络延迟,尤其适用于大规模无线传感器网络应用.     

Clustering Based Two Dimensional Motion of Sink Node in Wireless Sensor Networks

The wireless sensor network (WSN) is always known for its limited-energy issues and finding a good solution for energy minimization in WSNs is still a concern for researchers. Implementing mobility to the sink node is used widely for energy conservation or minimization in WSNs which reduces the distance between sink and communicating nodes. In this paper, with the intention to conserve energy from the sensor nodes, we designed a clustering based routing protocol implementing a mobile sink called ‘two dimensional motion of sink node (TDMS)’. In TDMS, each normal sensor node collects data and send it to their respective leader node called cluster head (CH). The sink moves in the two dimensional direction to collect final data from all CH nodes, particularly it moves in the direction to that CH which has the minimum remaining energy. The proposed protocol is validated through rigorous simulation using MATLAB and comparisons have been made with WSN’s existing static sink and mobile sink routing protocols over two different geographical square dimensions of the network. Here, we found that TDMS model gives the optimal result on energy dissipation per round and increased network lifetime.

     

无线传感网络移动分簇路由策略

无线传感网络(WSN)路由协议中,分簇路由具有拓扑管理方便、能量高效和数据融合简单等优点,成为当前重点研究的路由技术。通过研究各种环境下的移动传感器网络,有效地降低能耗则是研究移动无线传感器网络的重要目的之一。针对无线传感网络中移动性问题,基于LEACH协议,利用移动传感器网络中节点距离、速度和剩余能量等因素提出了能量高效的移动分簇路由算法。实验结果表明此算法能够较好地支持节点移动,从而降低网络能耗,延长网络生存时间。     

An enhanced performance through agent-based secure approach for mobile ad hoc networks

This paper proposes an agent-based secure enhanced performance approach (AB-SEP) for mobile ad hoc network. In this approach, agent nodes are selected through optimal node reliability as a factor. This factor is calculated on the basis of node performance features such as degree difference, normalised distance value, energy level, mobility and optimal hello interval of node. After selection of agent nodes, a procedure of malicious behaviour detection is performed using fuzzy-based secure architecture (FBSA). To evaluate the performance of the proposed approach, comparative analysis is done with conventional schemes using performance parameters such as packet delivery ratio, throughput, total packet forwarding, network overhead, end-to-end delay and percentage of malicious detection.     

Access control in wireless sensor networks

Nodes in a sensor network may be lost due to power exhaustion or malicious attacks. To extend the lifetime of the sensor network, new node deployment is necessary. In military scenarios, adversaries may directly deploy malicious nodes or manipulate existing nodes to introduce malicious “new” nodes through many kinds of attacks. To prevent malicious nodes from joining the sensor network, access control is required in the design of sensor network protocols. In this paper, we propose an access control protocol based on Elliptic Curve Cryptography (ECC) for sensor networks. Our access control protocol accomplishes node authentication and key establishment for new nodes. Different from conventional authentication methods based on the node identity, our access control protocol includes both the node identity and the node bootstrapping time into the authentication procedure. Hence our access control protocol cannot only identify the identity of each node but also differentiate between old nodes and new nodes. In addition, each new node can establish shared keys with its neighbors during the node authentication procedure. Compared with conventional sensor network security solutions, our access control protocol can defend against most well-recognized attacks in sensor networks, and achieve better computation and communication performance due to the more efficient algorithms based on ECC than those based on RSA.     

无线传感器网络中移动sink节点的路径规划

在无线传感器网络中,大量感知数据汇集到sink节点的采集方法会导致sink节点附近的节点能量耗尽,造成能量空洞。针对该问题,利用移动的sink节点进行数据收集是一种解决方法,其中移动sink的路径规划成为一个重要的问题。提出了一个移动sink路径规划算法,将无线传感器中随机分布的节点划分为不同的子区域,寻找sink节点移动的最佳转向点,最终得到最优的移动路径,以实现无线传感器网络生命周期最大化。仿真实验表明,与现有方案相比,该算法能显著延长网络的生命周期。     

Z number improved reference ideal method-based decision-making process for enforcing cooperation during data dissemination in mobile ad hoc networks

In mobile ad hoc networks (MANETs), cooperative communication and resource constraint are the two important core characteristics essential to guarantee trusted data dissemination. The cooperative communication between mobile nodes depends on the trust rendered by them towards the process of reliable data routing. However, stringent resource constraints of mobile nodes such as energy, memory, communications, and computations result in the introduction of selfish and malicious node that completely degrades the network performance in different dimensions. In this paper, Z number improved reference ideal method (RIM)-based decision-making process (NIRIMDMP) is proposed with the merits of maximizing deviation method (MDM) and best–worst method (BWM) to ensure reliable data routing by modeling the cooperation degree in terms of Z number. This NIRIMDMP adopted Z number to represent the information reliability and handle the problem of inherent uncertainty during the process of evaluating each mobile node in the routing process. In specific, MDM and BWM are included into the proposed NIRIMDMP to determine comprehensive attribute weights based on the calculated objective and subjective weights that could be possible derived in routing. It extended the merits of classical RIM using Z numbers to confirm reliable ranking of mobile nodes, even when the optimal solution exists amid extreme values taken into consideration for assessing the mobile nodes during decision making. Simulation investigations of the proposed NIRIMDMP confirmed improved throughput and network lifetime with reduced control overhead, energy consumptions, and delay independent of the amount of malicious and non-cooperative nodes.     

无线传感器网络抗欺骗的节点定位算法

节点位置定位是无线传感器网络应用的基本要求之一。针对无线传感器网络在开放性环境中应用容易遭受恶意节点欺骗攻击的问题,设计了一种抗欺骗的节点安全定位算法。算法将参考节点进行分组划分,并通过不同分组之间定位结果的比较,排除其中可能存在的恶意节点。在分组过程中,算法同时考虑了参考节点的优选问题,避免不良拓扑结构造成的定位偏差。仿真试验分析表明,算法能够有效地抵抗恶意节点的定位信息欺骗,大大提高了网络节点的定位精度。     

A Hybrid Trust Management Scheme for Wireless Sensor Networks

Wireless sensor network (WSN) consists of wireless small sensor nodes deployed in the terrain for continuous observation of physical or environmental conditions. The data collected from the WSN is used for making decisions. The condition for making critical decision is to assure the trustworthiness of the data generated from sensor nodes. However, the approaches for scoring the sensed data alone is not enough in WSN since there is an interdependency between node and data item. If the overall trust score of the network is based on one trust component, then the network might be misguided. In this work, we propose the hybrid approach to address the issue by assigning the trust score to data items and sensor nodes based on data quality and communication trust respectively. The proposed hybrid trust management scheme (HTMS) detects the data fault with the help of temporal and spatial correlations. The correlation metric and provenance data are used to score the sensed data. The data trust score is utilized for making decision. The communication trust and provenance data are used to evaluate the trust score of intermediate nodes and source node. If the data item is reliable enough to make critical decisions, a reward is given by means of adding trust score to the intermediate nodes and source node. A punishment is given by reducing the trust score of the source and intermediate nodes, if the data item is not reliable enough to make critical decisions. Result shows that the proposed HTMS detects the malicious, faulty, selfish node and untrustworthy data.     

基于信用等级划分的医疗数据安全共识算法

在基于区块链的医疗数据共享系统中为防御恶意节点攻击并且提高共识效率,该文提出基于信用等级划分的医疗数据安全共识算法(SCA_MD).首先,在SCA_MD中,考虑由数据节点、共识节点和监管节点组成的医疗区块共识模型,提出相应的节点身份验证机制,实现快速验证.其次,提出基于海洋掠食者的自我优化信用等级划分算法(SCRD),...     

Optimal reliable relay selection in multiuser cooperative relaying networks

In this paper, we investigate the problem of optimal reliable relay selection in multiuser cooperative wireless networks in the presence of malicious relay nodes. A general discrete time queueing model for such networks is introduced which takes into account the dynamic variations of the channel state, the dynamic malicious behaviour of relay nodes as well as stochastic arrival of data packets into the system. The model consists of a set of mobile users, one destination node and a set of relay nodes which may be either mobile or fixed. The system uses the benefit of cooperative diversity by relaying in the decode and forward mode. We assume that each user either transmits its packets directly to the destination (direct mode) or transmits them with the cooperation of a selected relay node (cooperative mode). It is assumed that a centralized network controller manages the relay selection process in the system. At each time slot, a malicious relay node in the system may behave spitefully and refuse to cooperate with a user deliberately when it is selected to cooperate with that user. A malicious relay node usually acts stochastically to hide its malicious behaviour for longer time. In such a system, at each time slot the network controller should decide whether a user has to cooperate with any relay node or not and if so, which relay node must be selected for cooperation. First, we show that the malicious behaviour of relay nodes makes the stable throughput region shrink. Then, we propose a throughput optimal secure relay selection policy that can stabilize the system for all the arrival rate vectors strictly inside the network stability region. We show that the optimal policy is equivalent to finding the maximum weighted matching in a weighted bipartite graph at each time slot. Finally, we use simulations to compare the performance of the proposed policy with that of four other sub-optimal policies in terms of average queue occupancy (or queueing delay).     

Energy Efficient Clustering for Certificate Revocation Scheme in Mobile Ad-Hoc Network

Mobile ad hoc networks (MANETs) have a wide range of uses because of their dynamic topologies and simplicity of processing. Inferable from the autonomous and dynamic behavior of mobile nodes, the topology of a MANET frequently changes and is inclined to different attacks. So, we present certificate revocation which is an efficient scheme is for security enhancement in MANET. This certificate revocation scheme is used to revoke the certificate of malicious nodes in the network. However, the accuracy and speed of the certificate revocation are further to be improved. By considering these issues along with the energy efficiency of the network, an energy-efficient clustering scheme is presented for certificate revocation in MANET. For cluster head (CH) selection, an opposition based cat swarm optimization algorithm (OCSOA) is proposed. This selected CH participates in quick certificate revocation and also supports to recover the falsely accused nodes in the network. Simulation results show that the performance of the proposed cluster-based certificate revocation outperforms existing voting and non-voting based certificate revocation in terms of delivery ratio, throughput, energy consumption, and network lifetime.

     

基于FSM检测的移动自组网攻击分类研究

在移动自组网环境下,由于移动节点可能被攻击截获,导致攻击从内部产生,传统的网络安全措施难以应用,只有通过入侵检测才能发现攻击者。通过分析移动自组网的攻击类型,并构造从恶意节点发起的攻击树,采用有限状态机的思想,设计一个基于FSM的入侵检测算法。采用该算法的入侵检测系统可通过邻居节点的监视,实时地检测到节点的各种攻击行为。     

Shift Reduce Parser Based Malicious Sensor Detection for Predicting Forest Fire in WSNs

Nowadays wireless sensor networks (WSNs) has been used in enormous applications for data collection in an unfriendly environment. Forest fire makes vast hazard to the consuming plant of the world. To preserve the forest from fire, sensor nodes monitor the environment temperature. If the temperature is increased and it exceeds the threshold, the sensor sends the notification message to the fire monitoring system. The forest fire is measured by Fire Weather Index. Most of the existing fire monitoring systems only highlight in detection, but not the verification of the sensor. Suppose, if the attacker inserts any malicious sensor, the malicious sensor sends false information or create an additional delay in fire monitoring system. As a result, the more chances for the forest to be destroyed by fire. To solve this problem, Shift Reduce Parser based Malicious Sensor Detection (SRP_MSD) in WSN is proposed. The Bivariate Pascal Triangle method hides the original identity of nodes, data route from the malicious observer and sends confidential information to the Base Station. This method is analyzed and evaluated using network simulator-2. The results show that it is possible to detect malicious sensor nodes and send the reliable information to the forest fire monitoring system.     

A distributed reinforcement learning based sensor node scheduling algorithm for coverage and connectivity maintenance in wireless sensor network

The fundamental challenge for randomly deployed resource-constrained wireless sensor network is to enhance the network lifetime without compromising its performance metrics such as coverage rate and network connectivity. One way is to schedule the activities of sensor nodes and form scheduling rounds autonomously in such a way that each spatial point is covered by at least one sensor node and there must be at least one communication path from the sensor nodes to base station. This autonomous activity scheduling of the sensor nodes can be efficiently done with Reinforcement Learning (RL), a technique of machine learning because it does not require prior environment modeling. In this paper, a Nash Q-Learning based node scheduling algorithm for coverage and connectivity maintenance (CCM-RL) is proposed where each node autonomously learns its optimal action (active/hibernate/sleep/customize the sensing range) to maximize the coverage rate and maintain network connectivity. The learning algorithm resides inside each sensor node. The main objective of this algorithm is to enable the sensor nodes to learn their optimal action so that the total number of activated nodes in each scheduling round becomes minimum and preserves the criteria of coverage rate and network connectivity. The comparison of CCM-RL protocol with other protocols proves its accuracy and reliability. The simulative comparison shows that CCM-RL performs better in terms of an average number of active sensor nodes in one scheduling round, coverage rate, and energy consumption.