Distributed detection of replica node attacks with group deployment knowledge in wireless sensor networks

Several protocols have been proposed to mitigate the threat against wireless sensor networks due to an attacker finding vulnerable nodes, compromising them, and using these nodes to eavesdrop or undermine the operation of the network. A more dangerous threat that has received less attention, however, is that of replica node attacks, in which the attacker compromises a node, extracts its keying materials, and produces a large number of replicas to be spread throughout the network. Such attack enables the attacker to leverage the compromise of a single node to create widespread effects on the network. To defend against these attacks, we propose distributed detection schemes to identify and revoke replicas. Our schemes are based on the assumption that nodes are deployed in groups, which is realistic for many deployment scenarios. By taking advantage of group deployment knowledge, the proposed schemes perform replica detection in a distributed, efficient, and secure manner. Through analysis and simulation experiments, we show that our schemes achieve effective and robust replica detection capability with substantially lower communication, computational, and storage overheads than prior work in the literature.     

An efficient weighted trust‐based malicious node detection scheme for wireless sensor networks

The aim of wireless sensor networks (WSNs) is to gather sensor data from a monitored environment. However, the collected or reported information might be falsified by faults or malicious nodes. Hence, identifying malicious nodes in an effective and timely manner is essential for the network to function properly and reliably. Maliciously behaving nodes are usually detected and isolated by reputation and trust‐based schemes before they can damage the network. In this paper, we propose an efficient weighted trust‐based malicious node detection (WT‐MND) scheme that can detect malicious nodes in a clustered WSN. The node behaviors are realistically treated by accounting for false‐positive and false‐negative instances. The simulation results confirm the timely identification and isolation of maliciously behaving nodes by the WT‐MND scheme. The effectiveness of the proposed scheme is afforded by the adaptive trust‐update process, which implicitly performs trust recovery of temporarily malfunctioning nodes and computes a different trust‐update factor for each node depending on its behavior. The proposed scheme is more effective and scalable than the related schemes in the literature, as evidenced by its higher detection ratio (DR) and lower misdetection ratio (MDR), which only slightly vary with the network's size. Moreover, the scheme sustains its efficient characteristics without significant power consumption overheads.     

无线传感器网络恶意节点定位综述

无线传感器网络是近年来研究比较热门的课题,无线传感器网络的应用十分广阔,从军事到农业物联网,无线传感器网络起到了重要作用。但是网络中恶意节点行为也为其带来很大的风险,无论是外部恶意节点还是内部被俘节点都对无线传感器网络产生巨大危害,该文章从恶意节点定位的特点和研究现状出发,分析了目前国内外主要的恶意节点定位的方法和模型。为以后进一步改进定位提供参考。     

Distributed localization using mobile beacons in wireless sensor networks

A new distributed node localization algorithm named mobile beacons-improved particle filter (MB-IPF) was proposed. In the algorithm, the mobile nodes equipped with globe position system (GPS) move around in the wireless sensor network (WSN) field based on the Gauss-Markov mobility model, and periodically broadcast the beacon messages. Each unknown node estimates its location in a fully distributed mode based on the received mobile beacons. The localization algorithm is based on the IPF and several refinements, including the proposed weighted centroid algorithm, the residual resampling algorithm, and the markov chain monte carlo (MCMC) method etc., which were also introduced for performance improvement. The simulation results show that our proposed algorithm is efficient for most applications.     

无线传感器网络中的定位异常检测

在无线传感器网络中位置信息有着重要应用,但是定位过程容易受到恶意攻击者的攻击或环境因素的干扰。为了增加节点定位的安全性。本文提出一种基于节点部署模型的检测方法用来提高定位的安全性能,该方法独立于节点定位过程,根据节点位置的邻居发现和部署知识的一致性判断节点位置是否异常。在具体的异常判断过程中使用一种由马氏距离定义差异矩阵作为比较工具。最后通过Matlab仿真实验分别从检测率,错误警报率两个方面评估验证了该方法的正确性。     

Distributed trajectory design for data gathering using mobile sink in wireless sensor networks

Several studies have demonstrated the benefits of using a mobile sink (MS) to reduce energy consumption resulting from multi-hop data collection using a static sink in wireless sensor networks (WSNs). However, using MS may increase data delivery latency as it needs to visit each sensor node in the network to collect data. This is a critical issue in delay-sensitive applications where all sensed data must be gathered within a given time constraint. In this paper, we propose a distributed data gathering protocol utilizing MS for WSNs. The proposed protocol designs a trajectory for the MS, which minimizes energy consumption and delay. Our protocol operates in four main phases: data sensing, rendezvous point (RP) selection, trajectory design, and data gathering. In data sensing, a number of deployed sensor nodes keep sensing the target field for a specific period of time to capture events. Then, using a cluster-based RP selection algorithm, some sensor nodes are selected to become RPs based on local information. The selected RPs are then used to determine a trajectory for the MS. To do so, we propose three trajectory design algorithms that support different types of applications, namely reduced energy path (REP), reduced delay path (RDP), and delay bound path (DBP). The MS moves through the constructed path to accomplish its data gathering according to an effective scheduling technique that is introduced in this work. We validate the proposed protocol via extensive simulations over several metrics such as energy, delay, and time complexity.     

Sequential Monte Carlo localization in mobile sensor networks

Node localization in wireless sensor networks is essential to many applications such as routing protocol, target tracking and environment surveillance. Many localization schemes have been proposed in the past few years and they can be classified into two categories: range-based and range-free. Since range-based techniques need special hardware, which increases the localization cost, many researchers now focus on the range-free techniques. However, most of the range-free localization schemes assume that the sensor nodes are static, the network topology is known in advance, and the radio propagation is perfect circle. Moreover, many schemes need densely distributed anchor nodes whose positions are known in advance in order to estimate the positions of the unknown nodes. These assumptions are not practical in real network. In this paper, we consider the sensor networks with sparse anchor nodes and irregular radio propagation. Based on Sequential Monte Carlo method, we propose an alterative localization method—Sequential Monte Carlo Localization scheme (SMCL). Unlike many previously proposed methods, our work takes the probabilistic approach, which is suitable for the mobile sensor networks because both anchors and unknown nodes can move, and the network topology need not be formed beforehand. Moreover, our algorithm is scalable and can be used in large-scale sensor networks. Simulation results show that SMCL has better localization accuracy and it can localize more sensor nodes when the anchor density is low. The communication overhead of SMCL is also lower than other localization algorithms.

Collaborative techniques for intrusion detection in mobile ad-hoc networks

In this paper, we present two intrusion detection techniques for mobile ad-hoc networks, which use collaborative efforts of nodes in a neighborhood to detect a malicious node in that neighborhood. The first technique is designed for detection of malicious nodes in a neighborhood of nodes in which each pair of nodes in the neighborhood are within radio range of each other. Such a neighborhood of nodes is known as a clique [12]. The second technique is designed for detection of malicious nodes in a neighborhood of nodes, in which each pair of nodes may not be in radio range of each other but where there is a node among them which has all the other nodes in its one-hop vicinity. This neighborhood is identical to a cluster as mentioned in [12]. Both techniques use message passing between the nodes. A node called the monitor node initiates the detection process. Based on the messages that it receives during the detection process, each node determines the nodes it suspects to be malicious and send votes to the monitor node. The monitor node upon inspecting the votes determines the malicious nodes from among the suspected nodes. Our intrusion detection system is independent of any routing protocol. We give the proof of correctness of the first algorithm, which shows that it correctly detects the malicious nodes always when there is no message loss. We also show with the help of simulations that both the algorithms give good performance even when there are message losses arising due to unreliable channel.     

无线传感器网络节点定位技术

无线传感器网络（Wireless Sensor Network,WSN）在许多领域有广泛的应用,无线传感器网络中节点位置对无线传感器网络的应用有重要的影响,没有位置属性的信息是无价值的,定位技术是无线传感器网络的重要研究方向之一.依据测距和非测距的分类方法,介绍节点定位技术的基本原理和方法及当前的发展状况,最后对节点定位技术的发展方向作展望.     

基于序列的传感器网络节点定位算法

针对MSP算法需要借助额外的外部扫描设备,不适合应用于对野外大规模部署的传感器网络进行定位这一缺点,提出了一种HG-MSP算法。该算法通过锚节点发出扫描信息,不需要额外的外部设备进行辅助定位,提高了算法的可用性。仿真实验表明,在去掉辅助设备的情况下,算法的定位精度并无明显下降。     

A faulty node detection scheme for wireless sensor networks that use data aggregation for transport

This paper presents a faulty node detection approach for wireless sensor networks that aggregate measurement data on their way toward the sink (base station). The approach is based on the idea of commanding sensor nodes on the aggregation paths to temporarily stop including their readings in the received aggregated readings from their upstream neighbors. The scheme is dependent on the ability of the sink to detect faulty nodes through changes in the received aggregated readings at the sink using a Markov Chain Controller (MCC). The algorithm that is run in the sink uses the MCC to assign a state to each sensor node based on transitions that are triggered by receiving aggregated path readings, and accordingly deduces the nodes that may be faulty. The experimental results show at least 98% detection rate at the cost of reasonable detection delays and generated wireless network traffic. Copyright © 2016 John Wiley & Sons, Ltd.     

Path planning using a mobile anchor node based on trilateration in wireless sensor networks

In wireless sensor networks (WSNs), many applications require sensor nodes to obtain their locations. Now, the main idea in most existing localization algorithms has been that a mobile anchor node (e.g., global positioning system‐equipped nodes) broadcasts its coordinates to help other unknown nodes to localize themselves while moving according to a specified trajectory. This method not only reduces the cost of WSNs but also gets high localization accuracy. In this case, a basic problem is that the path planning of the mobile anchor node should move along the trajectory to minimize the localization error and to localize the unknown nodes. In this paper, we propose a Localization algorithm with a Mobile Anchor node based on Trilateration (LMAT) in WSNs. LMAT algorithm uses a mobile anchor node to move according to trilateration trajectory in deployment area and broadcasts its current position periodically. Simulation results show that the performance of our LMAT algorithm is better than that of other similar algorithms. Copyright © 2011 John Wiley & Sons, Ltd.     

非均匀分布下无线传感器网络节点调度机制

针对传统依赖精确位置信息的计算复杂和无位置信息部署受限性等弊端,从理论上对节点部署方式进行分析,提出一种非均匀分布下的无线传感器网络节点调度NDNS(non-uniform distribution node scheduling)机制,该机制利用节点与邻居节点的距离信息,对节点覆盖冗余进行判别,适应于任意分布下的网络部署方式。通过实验对机制进行了性能分析和验证,结果表明该方案在保证网络覆盖的前提下,有效地延长了网络生存时间。     

Defending against cache consistency attacks in wireless ad hoc networks

Caching techniques can be used to reduce bandwidth consumption and data access delay in wireless ad hoc networks. When cache is used, the issue of cache consistency must be addressed, and maintaining strong cache consistency is desired in some strategic scenarios (e.g., battlefields). In these situations, the invalidation-based approach is preferred due to its low overhead. However, this approach may suffer from some security attacks. For example, malicious nodes (also called intruders) may drop, insert or modify invalidation messages to mislead receivers to use stale data or unnecessarily invalidate data that are still valid. In this paper, we first propose to employ the Invalidation Report (IR) based cache invalidation strategy to prevent intruders from dropping or modifying invalidation messages. Although digital signatures can be used to protect IRs, this has significantly high overhead in terms of computational and bandwidth overhead. To address this problem, we further propose a family of randomized grouping-based schemes for intrusion detection, damage recovery and intruder identification. Extensive analysis and simulations are performed to evaluate the proposed schemes. The results show that our solution can achieve a satisfactory level of security with low overhead.     

无线传感器网络节点定位技术综述

无线传感器网络在许多领域有着重要的科研和使用价值,网络中传感器节点自身定位可为无线传感器网络的很多应用提供基础信息,是重要研究方向之一.从无线传感器网络节点定位技术的研究意义与应用价值出发,介绍了节点定位技术的基本原理与方法,并讨论了定位算法的评价标准,最后对节点定位技术的发展方向进行了展望.     

无线传感器网络复件攻击的移动检测方法

无线传感器网络无人值守的特性使得它易于遭受复件攻击从而造成严重的安全隐患。提出了一个移动检测复件攻击的方法,通过检测节点的移动使得网络内的每个节点都能直接与检测节点通信,从而使得检测节点与一跳范围内的传感器节点能够直接通信,从而全局地检测到网络中的复件攻击节点,并采用更新网络对称密钥的方法防御逃避检测的节点。实验表明该方法能够检测到网络内的所有复件攻击节点,和其他方法相比,本方法不需要检测消息的转发,检测开销小并且实现了开销在网络中的均衡。     

实现位置及时间绑定的密钥分发——防御传感器网络节点复制攻击的新方法

提出了一种新的防御思路:通过使复制节点无法与邻居节点建立成对密钥的方式,来达到消除复制节点攻击威胁的目的,由此设计了一种基于多项式的成对密钥分发方法LTB(location and time binding).LTB把每个节点的密钥信息与其部署位置和时间信息绑定起来,使每个节点只能在其部署位置与邻居节点建立成对密钥.由于复制节点的部署位置不同于原捕获节点,因此LTB能够有效阻止其与邻居节点建立成对密钥.LTB相比现有各种周期性复制节点检测机制的优势是它彻底消除了复制节点攻击隐患而且协议开销更低,通信开销从O(pn3/2)下降到O(n),其中,p是检测周期数,n是网络节点个数.     

基于RSSI的传感器网络节点安全定位机制

针对RSSI测距存在的脆弱性问题,提出了一种基于完整性编码和不间断占用信道的安全RSSI测距协议,该协议不仅可以抵抗伪造插入、重放/虫洞等常规攻击,而且可以防止信标信号被恶意干扰而削弱,即可抵抗虚增测距的外部攻击。在此基础上,设计了一种基于RSSI的传感器网络节点安全定位机制,该机制采用可校验的多边测量法来过滤虚减测距的外部攻击,实现安全定位,并对测距协议和定位机制的安全性进行了理论分析。     

Detecting unauthorized and compromised nodes in mobile ad hoc networks

Security of mobile ad hoc networks (MANET) has become a more sophisticated problem than security in other networks, due to the open nature and the lack of infrastructure of such networks. In this paper, the security challenges in intrusion detection and authentication are identified and the different types of attacks are discussed. We propose a two-phase detection procedure of nodes that are not authorized for specific services and nodes that have been compromised during their operation in MANET. The detection framework is enabled with the main operations of ad hoc networking, which are found at the link and network layers. The proposed framework is based on zero knowledge techniques, which are presented through proofs.     

An immunity-based security architecture for mobile ad hoc networks

This paper focuses on investigating immunological principles in designing a multi-agent security architecture for intrusion detection and response in mobile ad hoc networks. In this approach, the immunity-based agents monitor the situation in the network. These agents can take appropriate actions according to the underlying security policies. Specifically, their activities are coordinated in a hierarchical fashion while sensing, communicating, decision and generating responses. Such an agent can learn and adapt to its environment dynamically and can detect both known and unknown intrusions. The proposed intrusion detection architecture is designed to be flexible, extendible, and adaptable that can perform real-time monitoring. This paper provides the conceptual view and a general framework of the proposed system. In the end, the architecture is illustrated by an example to show it can prevent the attack efficiently.