CN104702606B - A kind of Distributed Wireless Sensor Networks Node replication attack detection method - Google Patents
A kind of Distributed Wireless Sensor Networks Node replication attack detection method Download PDFInfo
- Publication number
- CN104702606B CN104702606B CN201510107472.1A CN201510107472A CN104702606B CN 104702606 B CN104702606 B CN 104702606B CN 201510107472 A CN201510107472 A CN 201510107472A CN 104702606 B CN104702606 B CN 104702606B
- Authority
- CN
- China
- Prior art keywords
- node
- witness
- information
- random number
- sensing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 45
- 230000010076 replication Effects 0.000 title claims abstract description 14
- 238000000034 method Methods 0.000 claims abstract description 14
- 230000007246 mechanism Effects 0.000 claims description 6
- 238000013507 mapping Methods 0.000 claims description 4
- 238000007493 shaping process Methods 0.000 abstract description 2
- 238000006467 substitution reaction Methods 0.000 abstract description 2
- 238000012795 verification Methods 0.000 description 5
- 238000005259 measurement Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of Distributed Wireless Sensor Networks Node replication attack detection method, this method, which is used to circulate, carries out replication attacks detection to Distributed Wireless Sensor Networks node, and base-station node generates a random number R for being less than number of nodes and broadcasted to other sensing nodes before the detection of each of which wheel starts;In each round detection, after sensing node receives random number R, shaping random number r is generated, and witness's node identification ID is calculated using generation formulawitness;Generation includes IDnodeWith random number r claim information and send to witness's node;After sensing node receives claim information, by IDnodeID is recalculated in substitutionwitness, judge whether itself is equal to IDwitnessIf equal, sensing node preserves claim information;If unequal, claim information is sent to IDwitness;Identical but different random number r more than two sensing nodes are identified if existing in sensing node, broadcasting the replica node to whole Distributed Wireless Sensor Networks identifies and the information that gives a warning.
Description
Technical field
It is more particularly to a kind of based on distribution the present invention relates to a kind of radio sensing network node replication attacks detection method
The detection method of Random Maps mechanism, belongs to network safety filed.
Background technology
With the development of radio sensing network, its safety problem is of increasing concern, wherein, in radio sensing network node
In replication attacks, attacker obtains the key information of some node (being referred to as being captured node) and internal generation by technological means
Code rear clone node, data, interference data transfer etc. are stolen by the way that clone's node is placed in radio sensing network, to nothing
Line sensing network brings great harm.
The Node replication attack detection method occurred earliest is centralized detection method.This method starts in each round detection
When, the claim information of oneself is all sent to base-station node by all nodes in network, and claim information therein includes node ID, position
Confidence breath etc..It is unified to judge to whether there is two or more in network after base station receives the claim information of all nodes
The node that ID is identical, positional information is different.
Centralized detection method deployment is simple, and verification and measurement ratio can reach 100%, but there is also very big defect.The party first
Method is very high to base station operational capability, security requirement, and secondly this method makes whole network energy expenditure unbalanced, is got over apart from base station
Near node, the information content of transmission is bigger, and consumed energy is higher, once this part of nodes energy expenditure is totally, then and it is whole wireless
The connectedness of sensing network is affected, so as to shorten radio sensing network life cycle.
The defects of for centralized detection method, forefathers propose Distributed Detection method.Distributed Detection method is mainly thought
Think to be the task random distribution by base station in centralized detection method to the sensing node in radio sensing network.In this method
In, all declaration nodes in radio sensing network send claim information into the witness's node mapped with it, witness's node
After receiving claim information, it is compared with the claim information preserved in witness's node, detects whether to exist that ID is identical, position
The different node of information, replica node be present in radio sensing network if finding.
Distributed node replication attacks detection method mainly has random multicast detection method, straight line multicast detection method at present
Deng.
(1) random multicast detection method
The position statement message of this method is the geographical position coordinates where node.Random multicast detection method is by node
Position statement message is sent to the node of randomly selected certain amount, i.e. witness's node.Declaration node firstly generates a use
After the position statement message of oneself private key signature, the message is broadcasted in the range of a hop neighbor, neighbours' section of declaration node
Check and accept after stating message to position, decide whether to forward this position to state message with certain Probability p.If neighbor node determines forwarding
State message in this position, then the neighbor node randomly chooses witness node of the g node as declaration node in a network, so
This position statement message is sent to this g witness's node afterwards.It is theoretical according to birthday paradox, if declaration node is to replicate section
Point, a node is at least had in network and receives two or more collision messages on declaration node positional information, thus
Detect replica node.
(2) straight line multicast detection method
Straight line multicast detection method is optimized on the basis of random multicast detection method.In the method, statement section
When point is to witness's node transmission claim information, each intermediate node by declaration node to witness's node path will be stated
Information preserves, i.e., these intermediate nodes also become witness's node simultaneously.Because the position statement message of replica node exists
Propagation path in network has g bars, if therefore two replica nodes in network be present, 2g paths very likely intersect at together
One witness's node, when witness's node finds that the id of two nodes is identical, but during the claim information difference of position, you can detect net
Replica node in network be present.In straight line multicast detection method, the quantity g of declaration node random selection witness's node can be relatively
It is small, so while communication cost is reduced, the verification and measurement ratio of replica node is improved, but also accordingly add the storage generation of node
Valency.
Different from centralized detection method, the verification and measurement ratio of Distributed Detection method is unable to reach 100%.Moreover, random
, will to each declaration node in order to prevent attacker from carrying out secondary attack in multicast detection method and straight line multicast detection method
Randomly choose multiple witness's nodes, make attacker unpredictable to the declaration node witness's node, so as to prevent attacker after
Continuous capture witness node carries out secondary attack.In order to improve verification and measurement ratio node is captured it is necessary to improve and replica node is chosen
The probability of same witness's node, according to birthday paradox principle, it is necessary to it is a large amount of to choose witness's node, therefore improve in detection process
Communication consumption and storage consumption.
The content of the invention
In view of this, can the invention provides a kind of Distributed Wireless Sensor Networks Node replication attack detection method
Communication consumption and storage consumption are reduced, and prevents secondary attack.
In order to achieve the above object, the technical scheme is that:This method is used to circulate to distributed wireless Sensor Network
Network node carries out replication attacks detection, and the detection of each of which wheel starts preceding first by the base in Distributed Wireless Sensor Networks node
Tiny node generates a random number R and broadcasted to other sensing nodes in Distributed Wireless Sensor Networks, R ∈ (0, n], wherein
N is the quantity of sensing node in Distributed Wireless Sensor Networks;In each round detection, each sensing node is located as follows
Reason:
After sensing node receives random number R, shaping random number r is generated, and formula meter is generated according to witness's node identification
Witness's node identification ID when calculating the sensing node as declaration nodewitness, witness's node identification generation formula be:IDwitness
=IDnode* R%n;Wherein IDnodeFor the mark of sensing node itself, then generation includes IDnodeStatement with random number r is believed
Cease and be wrapped into sending to witness's node.
Sensing node is first depending on sending witness's section in the sensing node of the claim information after claim information is received
Point identification generates formula, by the ID in the claim informationnodeSubstitute into and calculate witness's node identification IDwitness, and whether judge itself
With IDwitnessEqual, if equal, sensing node is preserved claim information;If unequal, sensing node will be stated to believe
Breath is sent to being identified as IDwitnessWitness's node preserved.
Sensing node is judged in its claim information preserved, if is existed and is identified identical but different random number r two
More than sensing node, if in the presence of this is identified as replica node mark, then sensing node is to whole distributed wireless Sensor Network
Network is broadcasted the replica node and identified and the information that gives a warning.
Further, witness's node identification ID is being calculatedwitnessAfterwards, the ID is determined whetherwitnessWhether it is equal to
IDnodeIf equal, continue to calculate witness's node identification ID using equation belowwitness=(IDnode* R%n+1) %n.
Beneficial effect:
(1) in detection process, positional information is replaced using integer random number r, memory space can be saved;Each statement section
Point is chosen and only chooses witness's node, and ensures that witness's node that each round detects declaration node selection is all random
, prevent attacker from predicting witness's node and carrying out secondary attack;Because each declaration node only chooses witness's node,
Compared with traditional Distributed Detection method, witness's node selection quantity is greatly reduced, can reduce in detection process and communicate
Consumption, storage consumption, so as to extend radio sensing network life cycle.
(2) a kind of multiple mapping mechanism is proposed, ensures that claim information is sent to same witness by the node with identical ID
In node, under the mechanism, even if attacker change replica node witness's node selection code, still ensure that replica node and
It is captured node claim information is sent in same witness's node, if replica node and being captured node and being mapped to same witness
Node, then the probability that replica node is detected is up to 100%.
Brief description of the drawings
Fig. 1 is selection witness's node flow chart;
Fig. 2 is NS2 radio sensing network topological diagrams.
Embodiment
Technical solution of the present invention is described in detail with reference to instantiation, but embodiments of the present invention are not limited to
This.
Using NS2 network simulator analog sensed networks, 1 base-station node of arrangement in 500*500 topology area, 49
Individual wireless sensing node, it is 1~49 to set wireless sensing node ID, and wherein wireless sensing node position is random static.Make
Arrange that the radio sensing network topological structure is as shown in Figure 2 with NS2.Each origin represents a sensing node, random portion in Fig. 2
Administration is in 500*500 region.
Setting network interior joint 2 is captured by attacker, and attacker has generated the replica node of node 2, and is assigned
In a network, attacker makes it possess new witness's node mapping mechanism by changing the internal code of replica node 2.Setting
New witness's node identification of replica node 2 is that ID calculation formula are revised as by initial calculation formula (1), formula (2) by attacker
Formula (3), formula (4).
IDwitness=IDnode* R%n (1)
if(IDwitness==IDnode){ (2)
IDwitness=(IDwitness+ 1) %n;
}
IDwitness=(IDnode* R+1) %n (3)
if(IDwitness==IDnode){
IDwitness=(IDwitness+ 1) %n (4)
}
This method, which is used to circulate, carries out replication attacks detection, the detection of each of which wheel to Distributed Wireless Sensor Networks node
A random number R is generated by the base-station node in Distributed Wireless Sensor Networks node first before starting and broadcasted to distributed nothing
Other sensing nodes in line sensing network, and R ∈ (0, n], wherein n is the number of sensing node in Distributed Wireless Sensor Networks
Amount.
Random number first between base-station node generation random number 1~49, sets and is generated at random in wheel detection process at this
Number 8, the random number 8 is then broadcast to all sensing nodes.
After sensing node receives broadcast message R, random number r is generated.
Each node setting node 1 generation 256, is captured the generation of node 2 19, replicates section after random number 8 is received
The generation of point 2 18, the generation of node 3 879 ... ..., the generation of node 50 271.The random number of sensing node generation is used for representing oneself
Positional information.
Sensing node calculates witness's node ID, sends claim information.
It is captured node 2 and generates claim information { 2,19 }, replica node 2 generates claim information { 2,18 }.
It is captured node 2 and calculates its witness's node ID, IDwitness=IDnode* R%n=2*8%49=16, i.e. witness are saved
Point is node 16;
Replica node 2 calculates its witness's node ID, IDwitness=(IDnode* R+1) %n=(2*8+1) %49=17, i.e.,
Witness's node of replica node 2 is node 17.
It is captured node 2 to send claim information { 2,19 } to node 16, after node 16 receives { 2,19 }, first verifies that
Whether oneself is final witness's node, i.e. IDva=IDnode* R%n=2*8%49=16, ID is judged firstvaWith IDnodeWhether
It is identical, ID herevaWith IDnode, continue to judge, here ID whether identical with oneself IDvaOneself ID is equal with witness's node,
All it is 16, it is determined that oneself being exactly the witness's node for being captured node 2, node 16 preserves the claim information.
Replica node 2 sends claim information { 2,18 } to node 17, after node 17 receives { 2,18 }, first verifies that certainly
Whether oneself is final witness's node, because node 17 is not captured, so its witness's node calculation formula is not made an amendment,
IDwitness=IDnode* R%n=2*8%49=16, ID is judged firstvaWith IDnodeIt is whether identical, ID herevaWith IDnodeNo
Deng, and it is different from oneself ID, then continue to send claim information { 2,18 } to node 16.
After node 16 receives claim information { 2,18 }, witness's node ID, i.e. ID are recalculatedwitness=IDnode* R%n=
2*8%49=16, IDvaWith IDnode, and it is identical with oneself ID, i.e., oneself it is exactly witness's node of replica node 2.And
Information is preserved.It is as shown in table 1 that node 16 stores claim information form:
Table 1
Declaration node ID | Declaration node generates random number |
2 | 19 |
2 | 18 |
Select witness's node flow chart as shown in Figure 1.
Witness's node verification whether there is replica node.
Node 16 is judged in the claim information that receives, if has that two or more ID are identical, and random number is different
Node, by checking, find to be respectively present { 2,19 } and { 2,18 } two claim informations in claim information storage table, statement saves
Point ID identical is 2, and declaration node random number is different, is followed successively by 19 and 18, then judges to exist in radio sensing network and replicate section
Point, and it is node 2 to be captured node and replica node.
To sum up, presently preferred embodiments of the present invention is these are only, is not intended to limit the scope of the present invention.It is all
Within the spirit and principles in the present invention, any modification, equivalent substitution and improvements made etc., the protection of the present invention should be included in
Within the scope of.
Claims (2)
1. a kind of Distributed Wireless Sensor Networks Node replication attack detection method, it is characterised in that this method is used for circulation pair
Distributed Wireless Sensor Networks node carries out replication attacks detection, and the detection of each of which wheel is passed by distributed wireless first before starting
Feel the base-station node in network node to generate a random number R and broadcast to other biographies in the Distributed Wireless Sensor Networks
Sense node, and R ∈ (0, n], wherein n is the quantity of sensing node in Distributed Wireless Sensor Networks;In each round detection, Mei Gechuan
Sense node is handled as follows:
After sensing node receives random number R, integer random number r is generated, and in witness's node mapping mechanism internal according to it
Witness node identification ID of witness's node identification generation formula when calculating the sensing node as declaration nodewitness, initially
Witness's node identification generation formula be:IDwitness=IDnode* R%n, wherein IDnodeFor the sensing node as declaration node
The mark of itself;Then generation includes IDnodeSent with random number r claim information and being wrapped into being identified as IDwitness
Witness's node;
Witness's node is after claim information is received, witness's node mark for being first depending in its internal witness's node mapping mechanism
Generation formula is known, by the ID in the claim informationnodeSubstitute into and calculate witness's node identification IDwitness, and judge itself whether with
IDwitnessIt is equal, if equal, the claim information is preserved;If unequal, continue to send the claim information
To being identified as IDwitnessWitness's node;
Witness's node is judged in its claim information preserved, if is existed and is identified two or more identical but that random number r is different
Declaration node, if in the presence of, this be identified as replica node mark, then witness's node is wide to whole Distributed Wireless Sensor Networks
The replica node is broadcast to identify and the information that gives a warning.
A kind of 2. Distributed Wireless Sensor Networks Node replication attack detection method as claimed in claim 1, it is characterised in that
Calculating witness's node identification IDwitnessAfterwards, the ID is determined whetherwitnessWhether ID is equal tonodeIf equal, continue
Witness's node identification ID is calculated using equation belowwitness=(IDnode* R%n+1) %n.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510107472.1A CN104702606B (en) | 2015-03-12 | 2015-03-12 | A kind of Distributed Wireless Sensor Networks Node replication attack detection method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510107472.1A CN104702606B (en) | 2015-03-12 | 2015-03-12 | A kind of Distributed Wireless Sensor Networks Node replication attack detection method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104702606A CN104702606A (en) | 2015-06-10 |
CN104702606B true CN104702606B (en) | 2018-01-19 |
Family
ID=53349375
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510107472.1A Expired - Fee Related CN104702606B (en) | 2015-03-12 | 2015-03-12 | A kind of Distributed Wireless Sensor Networks Node replication attack detection method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104702606B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110944383B (en) * | 2019-12-09 | 2022-01-04 | 青岛黄海学院 | Wireless sensor network safety positioning method for clone attack |
CN112203289B (en) * | 2020-04-26 | 2022-02-15 | 北京理工大学 | Aerial base station network deployment method for area coverage of cluster unmanned aerial vehicle |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102143495A (en) * | 2011-03-16 | 2011-08-03 | 中山爱科数字科技有限公司 | Method for detecting node attack in wireless sensor network |
CN102325131A (en) * | 2011-07-20 | 2012-01-18 | 北京邮电大学 | Bidirectional identity authentication method for wireless sensor network node |
CN103139804A (en) * | 2013-02-07 | 2013-06-05 | 西安邮电大学 | Energy-saving transmission self-adaption recursive least squares (RLS) distributed-type detection method of wireless sensor network |
CN103298058A (en) * | 2013-06-14 | 2013-09-11 | 南京邮电大学 | Distributed target detection method based on wireless sensor network |
CN103338451A (en) * | 2013-06-24 | 2013-10-02 | 西安电子科技大学 | Method for detecting distributed malicious nodes in wireless sensor network |
CN104376206A (en) * | 2014-11-14 | 2015-02-25 | 浙江工业大学 | Large-scale reaction kettle distributed fault diagnosis method based on sensor network |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7769848B2 (en) * | 2004-09-22 | 2010-08-03 | International Business Machines Corporation | Method and systems for copying data components between nodes of a wireless sensor network |
CN103120003B (en) * | 2010-09-23 | 2016-09-28 | 黑莓有限公司 | The system and method that dynamic coordinate Radio Resource uses in wireless network environment |
-
2015
- 2015-03-12 CN CN201510107472.1A patent/CN104702606B/en not_active Expired - Fee Related
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102143495A (en) * | 2011-03-16 | 2011-08-03 | 中山爱科数字科技有限公司 | Method for detecting node attack in wireless sensor network |
CN102325131A (en) * | 2011-07-20 | 2012-01-18 | 北京邮电大学 | Bidirectional identity authentication method for wireless sensor network node |
CN103139804A (en) * | 2013-02-07 | 2013-06-05 | 西安邮电大学 | Energy-saving transmission self-adaption recursive least squares (RLS) distributed-type detection method of wireless sensor network |
CN103298058A (en) * | 2013-06-14 | 2013-09-11 | 南京邮电大学 | Distributed target detection method based on wireless sensor network |
CN103338451A (en) * | 2013-06-24 | 2013-10-02 | 西安电子科技大学 | Method for detecting distributed malicious nodes in wireless sensor network |
CN104376206A (en) * | 2014-11-14 | 2015-02-25 | 浙江工业大学 | Large-scale reaction kettle distributed fault diagnosis method based on sensor network |
Non-Patent Citations (2)
Title |
---|
《Distributed Detection of Clone Attacks in Wireless Sensor Networks》;Mauro Conti等;《IEEE》;20111231;第8卷(第5期);第685-698页 * |
《一类新的分布式随机验证无线传感网络节点克隆攻击检测》;周豫苹等;《传感技术学报》;20140430;第27卷(第4期);第544-550页 * |
Also Published As
Publication number | Publication date |
---|---|
CN104702606A (en) | 2015-06-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Schweitzer et al. | Contradiction based gray-hole attack minimization for ad-hoc networks | |
CN101969661B (en) | Method, device and system for transmitting data in mobile Ad hoc network | |
CN107835510B (en) | Phantom routing-based wireless sensor network source node position privacy protection method | |
CN105979508B (en) | Node method for secret protection based on orientation stochastic route in wireless sensor network | |
Han et al. | Intrusion detection algorithm based on neighbor information against sinkhole attack in wireless sensor networks | |
CN106131919A (en) | A kind of synchronous method of non-stop layer self-organized network topology | |
Gorbil et al. | Resilience and security of opportunistic communications for emergency evacuation | |
CN104702606B (en) | A kind of Distributed Wireless Sensor Networks Node replication attack detection method | |
KR20100086216A (en) | Routing path selection method for improving the detection power of statistical filtering and a sensor node for implementing the same | |
Siddiqui et al. | Hop-by-hop traceback in wireless sensor networks | |
CN104994109A (en) | Self-organizing network protocol security analysis method based on vulnerability attack | |
Wang et al. | Self-organizing fault-tolerant topology control in large-scale three-dimensional wireless networks | |
Nabizadeh et al. | IFRP: an intrusion/fault tolerant routing protocol for increasing resiliency and reliability in wireless sensor networks | |
CN102395174B (en) | Anti-interference routing method used for ad hoc network | |
Yadav et al. | A survey on selfish node detection in manet | |
Jerew et al. | Estimation of hop count in multi-hop wireless sensor networks with arbitrary node density | |
Yi | En‐Route Message Authentication Scheme for Filtering False Data in WSNs | |
Ssu et al. | Using overhearing technique to detect malicious packet-modifying attacks in wireless sensor networks | |
Vamsi et al. | Trust aware cooperative routing method for WANETs | |
CN106060890A (en) | Method and device for path selection based on reputation value | |
Zhang et al. | Secure DV-hop localization against wormhole attacks in wireless sensor networks | |
Sangeetha et al. | ZIDS: zonal-based intrusion detection system for studying the malicious node behaviour in MANET | |
Cai et al. | A neighborhood connectivity-based trust scheme to identify active black hole attacks | |
Liu et al. | Impact of social features on the performance of pocket switched network | |
Banerjee et al. | ANovel CLUSTER BASED WORMHOLE AVOIDANCE ALGORITHM FOR MOBILE AD-HOC NETWORKS |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20180119 |