一种能量有效的平面式无线传感器网络的信任管理模型

信任管理机制解决了来自无线传感器网络的内部攻击问题,但同时产生由信任评价带来的额外开销。现有的信任管理模型对节点信任度的评价缺乏公平性,导致节点使用率的降低。为了解决信任机制在无线传感器网络的耗能问题,提出了一种能量有效的平面式无线传感器网络信任模型。通过节点的自身性能与任务难度的关系定义节点的执行度,在确保信任管理有效性的同时,增强节点信任度评价的公平性,从而提高传感器节点的使用率,降低了能量消耗。最后通过模拟实验,证明该信任模型与传统信任模型相比,能够有效检测恶意节点,同时大大降低了节点的能量消耗,提高了网络生存周期。     

基于云信任模型和蚁群算法的WSN簇可信路由算法

在无线传感器网络中,信息的传输需要安全的保护.在分簇管理的基础上,GTMS(group-based trust management scheme)算法利用节点的可信度来实现路由的安全.但是,它的可信度表示方法过于简单,无法反映信誉复杂性.因此,在基于区间的云相似度比较算法的基础上,以云理论为基础构建节点可信度,提出了基于云信任模型和蚁群算法的无线传感器网络簇可信路由算法.研究结果表明,在准确判定簇内节点可信度的基础上,CRPCTMAS (cluster reliability protocol based on cloud trust model and the ant scheme)算法建立了安全、有效的路由,保证了路由的高有效发包率,延长了网络的生命周期     

Trust-based security for wireless ad hoc and sensor networks

Wireless sensors networks are susceptible to a large number of security threats, and because of the communication, computation and delay constraints of most applications that run on top of these networks, traditional security mechanisms cannot be used. Trust and reputation have been recently suggested as an effective security mechanism for open environments such as the Internet, and considerable research has been done on modeling and managing trust and reputation. Using the trust and reputation management scheme to secure wireless sensor networks (WSNs) requires paying close attention to the incurred bandwidth and delay overhead, which have thus far been overlooked by most research work. In this paper, we propose a novel agent-based trust and reputation management scheme (ATRM) for wireless sensor networks. The objective of the scheme is to manage trust and reputation locally with minimal overhead in terms of extra messages and time delay. Throughout the entirety of this paper, we describe our scheme and prove its correctness. We will also present our extensive performance evaluation results, which clearly show that trust and reputation can be computed in wireless sensor networks with minimal overhead.     

A key predistribution scheme for sensor networks using deployment knowledge

To achieve security in wireless sensor networks, it is important to be able to encrypt messages sent among sensor nodes. Keys for encryption purposes must be agreed upon by communicating nodes. Due to resource constraints, achieving such key agreement in wireless sensor networks is nontrivial. Many key agreement schemes used in general networks, such as Diffie-Hellman and public-key-based schemes, are not suitable for wireless sensor networks. Predistribution of secret keys for all pairs of nodes is not viable due to the large amount of memory used when the network size is large. Recently, a random key predistribution scheme and its improvements have been proposed. A common assumption made by these random key predistribution schemes is that no deployment knowledge is available. Noticing that, in many practical scenarios, certain deployment knowledge may be available a priori, we propose a novel random key predistribution scheme that exploits deployment knowledge and avoids unnecessary key assignments. We show that the performance (including connectivity, memory usage, and network resilience against node capture) of sensor networks can be substantially improved with the use of our proposed scheme. The scheme and its detailed performance evaluation are presented in this paper.     

基于时间部署的无线传感器网络密钥管理方案

提出一种基于时间部署的随机密钥管理方案.该方案采用了特殊的两级随机密钥预分配和清除机制以及按时间顺序的成组部署方法:每个传感器节点从多个密钥池中随机选择密钥并在一定条件下删除相关的密钥;所有传感器节点被组织成部署组并按时间顺序被部署到网络中.与经典的随机密钥管理方案相比,该方案在为成对密钥的生成提供了较高的节点连通度的同时,提高了节点资源利用率并且增强了网络抵抗节点受损攻击的能力.     

一种无线传感器网络的密钥管理方案

目前很多无线传感器网络的应用是建立在群组式通讯的模式之上,如何建立一个用以加密群组通讯的组密钥,来防范攻击者窃听无线传感器网络上的通讯,近年来引起广泛关注。为了在有限资源的无线传感器网络能安全进行群组通讯,本文只使用对称加密算法和单向哈希函数提出了一种具有有效性和扩充性的组密钥管理方案,并可满足前向和后向安全性。与目前现有的群组密钥相比,方案不仅具有较好的效率,并且更适合于无线传感器网络。     

一种无线传感器网络的组密钥管理方案研究

为了在有限资源的无线传感器网络上能安全进行群组通讯,同时考虑到组密钥管理必须满足前向安全性、后向安全性和完整性的安全需求,使用椭圆曲线密码体制的部分步骤和异或运算提出了一种安全有效的组密钥管理方案。与目前现有的群组密钥相比,方案不仅具有较好的效率,并且更适合于无线传感器网络。     

一种新的传感器网络密钥分配方案

密钥分配对于无线传感器网络（WSN）的安全起着基础性作用。由于传感器网络规模大、节点资源非常受限等特点,传统的基于公钥和可信任密钥分配中心等方式不能使用。提出了一种新的WSN密钥分配方案,并对其存储量、通信量、计算量和安全性进行了分析。该方案基于安全两方计算,计算负载小,安全性高,适合传感器网络。     

Location-Aware Combinatorial Key Management Scheme for Clustered Sensor Networks

Recent advances in wireless sensor networks (WSNs) are fueling the interest in their application in a wide variety of sensitive settings such as battlefield surveillance, border control, and infrastructure protection. Data confidentiality and authenticity are critical in these settings. However, the wireless connectivity, the absence of physical protection, the close interaction between WSNs and their physical environment, and the unattended deployment of WSNs make them highly vulnerable to node capture as well as a wide range of network-level attacks. Moreover, the constrained energy, memory, and computational capabilities of the employed sensor nodes limit the adoption of security solutions designed for wire-line and wireless networks. In this paper, we focus on the management of encryption keys in large-scale clustered WSNs. We propose a novel distributed key management scheme based on Exclusion Basis Systems (EBS); a combinatorial formulation of the group key management problem. Our scheme is termed SHELL because it is Scalable, Hierarchical, Efficient, Location-aware, and Light-weight. Unlike most existing key management schemes for WSNs, SHELL supports rekeying and, thus, enhances network security and survivability against node capture. SHELL distributes key management functionality among multiple nodes and minimizes the memory and energy consumption through trading off the number of keys and rekeying messages. In addition, SHELL employs a novel key assignment scheme that reduces the potential of collusion among compromised sensor nodes by factoring the geographic location of nodes in key assignment. Simulation results demonstrate that SHELL significantly boosts the network resilience to attacks while conservatively consuming nodes' resources.     

Trust mechanisms in wireless sensor networks: Attack analysis and countermeasures

As the trust issue in wireless sensor networks is emerging as one important factor in security schemes, it is necessary to analyze how to resist attacks with a trust scheme. In this paper we categorize various types of attacks and countermeasures related to trust schemes in WSNs. Furthermore, we provide the development of trust mechanisms, give a short summarization of classical trust methodologies and emphasize the challenges of trust scheme in WSNs. An extensive literature survey is presented by summarizing state-of-the-art trust mechanisms in two categories: secure routing and secure data. Based on the analysis of attacks and the existing research, an open field and future direction with trust mechanisms in WSNs is provided.     

面向多网关的无线传感器网络多因素认证协议

无线传感器网络作为物联网的重要组成部分,广泛应用于环境监测、医疗健康、智能家居等领域.身份认证为用户安全地访问传感器节点中的实时数据提供了基本安全保障,是保障无线传感器网络安全的第一道防线;前向安全性属于系统安全的最后一道防线,能够极大程度地降低系统被攻破后的损失,因此一直被学术及工业界视为重要的安全属性.设计面向多网关的可实现前向安全性的无线传感器网络多因素身份认证协议是近年来安全协议领域的研究热点.由于多网关无线传感器网络身份认证协议往往应用于高安全需求场景,一方面需要面临强大的攻击者,另一方面传感器节点的计算和存储资源却十分有限,这给如何设计一个安全的多网关无线传感器网络身份认证协议带来了挑战.近年来,大量的多网关身份认证协议被提出,但大部分都随后被指出存在各种安全问题.2018年,Ali等人提出了一个适用于农业监测的多因素认证协议,该协议通过一个可信的中心(基站)来实现用户与外部的传感器节点的认证;Srinivas等人提出了一个通用的面向多网关的多因素身份认证协议,该协议不需要一个可信的中心,而是通过在网关之间存储共享秘密参数来完成用户与外部传感器节点的认证.这两个协议是多网关无线传感器网络身份认证协议的典型代表,分别代表了两类实现不同网关间认证的方式:1)基于可信基站,2)基于共享秘密参数.分析指出这两个协议对离线字典猜测攻击、内部攻击是脆弱的,且无法实现匿名性和前向安全性.鉴于此,本文提出一个安全增强的可实现前向安全性的面向多网关的无线传感器网络多因素认证协议.该协议采用Srinivas等协议的认证方式,即通过网关之间的共享秘密参数完成用户与外部传感器节点的认证,包含两种典型的认证场景.对新协议进行了BAN逻辑分析及启发式分析,分析结果表明该协议实现了双向认证,且能够安全地协商会话密钥以及抵抗各类已知的攻击.与相关协议的对比结果显示,新协议在提高安全性的同时,保持了较高的效率,适于资源受限的无线传感器网络环境.     

基于单位元的无线传感器网络密钥管理方案

针对现有无线传感器网络密钥管理方案的网络可扩展性差、连通率低和存储开销大等问题,在分簇结构无线传感器网络基础上,根据单位设计原理,提出了一种具有较强网络可扩展性同时具有较高网络连通率的新的密钥预分配方案。方案中,簇头间采用了以基站作为第三方服务节点来完成通信,簇头与簇内节点间通信采用新方案。在相同网络规模的情况下,与现有方案相比,分析和计算结果验证了新方案具有较好的可扩展性同时有较高的连通性。     

A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks

Mobile ad-hoc networks (MANETs) and wireless sensor networks (WSNs) have gained remarkable appreciation and technological development over the last few years. Despite ease of deployment, tremendous applications and significant advantages, security has always been a challenging issue due to the nature of environments in which nodes operate. Nodes’ physical capture, malicious or selfish behavior cannot be detected by traditional security schemes. Trust and reputation based approaches have gained global recognition in providing additional means of security for decision making in sensor and ad-hoc networks. This paper provides an extensive literature review of trust and reputation based models both in sensor and ad-hoc networks. Based on the mechanism of trust establishment, we categorize the stateof-the-art into two groups namely node-centric trust models and system-centric trust models. Based on trust evidence, initialization, computation, propagation and weight assignments, we evaluate the efficacy of the existing schemes. Finally, we conclude our discussion with identification of some unresolved issues in pursuit of trust and reputation management.     

A survey of key management schemes in wireless sensor networks

Wireless sensor networks have many applications, vary in size, and are deployed in a wide variety of areas. They are often deployed in potentially adverse or even hostile environment so that there are concerns on security issues in these networks. Sensor nodes used to form these networks are resource-constrained, which make security applications a challenging problem. Efficient key distribution and management mechanisms are needed besides lightweight ciphers. Many key establishment techniques have been designed to address the tradeoff between limited memory and security, but which scheme is the most effective is still debatable. In this paper, we provide a survey of key management schemes in wireless sensor networks. We notice that no key distribution technique is ideal to all the scenarios where sensor networks are used; therefore the techniques employed must depend upon the requirements of target applications and resources of each individual sensor network.     

传感器网络中基于簇的组密钥管理方案

针对传感器网络中无长期可信节点的特点,基于传感器网络的簇结构和门限密钥共享机制提出一种新的组密钥管理方案,使得只有组中的合法节点才能存储一个有效的组密钥分量。组密钥更新时,组密钥由节点协同产生并由簇头安全分发。理论分析和仿真实验表明,该方案具有良好的安全性,在组密钥更新时存储开销和通信开销较低。     

无线传感网络中安全密钥管理机制

Recent advancements in wireless communication and microchip techniques have accelerated the development of wireless sensor networks (WSN). Key management in WSN is a critical and challenging problem because of the inner characteristics of sensor networks: deployed in hostile environments, limited resource and ad hoc nature. This paper investigates the constraints and special requirements of key management in sensor network environment, and some basic evaluation metrics are introduced. The key pre-distribution scheme is thought as the most suitable solution for key management problem in wireless sensor networks. It can be classified into four classes: pure probabilistic key predistribution, polynomial-based, Blom′s matrix-based, and deterministic key predistribution schemes. In each class of methods, the related research papers are discussed based on the basic evaluation metrics. Finally, the possible research directions in key management are discussed.     

基于group based模型的无线传感器网络密钥管理方案*

由于无线传感器网络受电源、计算能力、内存容量等方面的限制,传统的基于公钥和可信任的密钥管理方式不再适用。为了进一步提高无线传感器网络的安全连通性,在分析DU Wenliang等人的groupbased节点投放模型的基础上,提出了一种改进的密钥管理方案：多密钥空间与多路径增强相结合的随机密钥预分配方案。结果分析表明,该方案需要较少的内存存储空间,不仅提高了系统的连通性,还降低了节点的被捕获概率。     

移动Ad Hoc网络信任管理综述

移动Ad Hoc网络是由移动节点组成的无线移动通信网络,具有动态拓扑、无线通信的特点,易受到各种安全威胁。信任管理为实体间的相互信任问题提供了决策框架,是移动Ad Hoc网络安全方案的基础。综合分析了移动Ad Hoc网络信任管理研究的最新进展。首先介绍了移动Ad Hoc网络中信任关系的特点及信任管理的分类,然后对每个类型的一些典型信任管理方案进行了分类论述和综合比较,最后指出了下一步研究中应当着重考虑的问题。     

支持网内处理的无线传感器网络加密方案

随着无线传感器网络的广泛应用,网络安全成了很多传感器网络应用的关键.在研究现有的安全方案的基础上,提出了一种支持安全网内处理的无线传感器网络加密方案.它能提供网络数据内容的语义加密、数据源认证、数据完整性和数据新鲜.同时,通过安全的网内处理延长了无线传感器网络的生命期.     

基于身份的无线传感器网络密钥系统

无线传感器络（WSN）是一类由众多微型传感器节点通过自组织的方式构成的网络。随着在军事、环境监测等方面的应用逐渐成为现实,其有效和安全通信问题由于自身的特性（如能量、计算能力和节点存储资源等的局限性）而显得更加突出。本文首先比较详细地介绍了无线传感器网络安全结构及其面临的问题;其次重点讨论了无线传感器网络密钥系统相关的研究现状;然后给出了一种有效的基于身份的无线传感器网络密钥系统方案及与其它方案的仿真比较实验。仿真实验结果表明,我们方案较其它密钥系统方案在处理时间和节点存储需求方面具有优势。