【摘要】：隨著嵌入式計算技術(shù)、傳感器技術(shù)和通信技術(shù)的迅猛發(fā)展,無線傳感器網(wǎng)絡(luò)由此應(yīng)運而生,并在軍事、環(huán)境監(jiān)測和保護、醫(yī)療護理、建筑、工業(yè)、農(nóng)業(yè)、智能家居系統(tǒng)、倉儲管理等許多領(lǐng)域得到廣泛應(yīng)用,現(xiàn)已被譽為新世紀(jì)三大高科技產(chǎn)業(yè)之一。和傳統(tǒng)的網(wǎng)絡(luò)不同,無線傳感器網(wǎng)絡(luò)是將大量廉價微型傳感器節(jié)點隨機部署在監(jiān)控區(qū)域,通過自組織方式構(gòu)成無線網(wǎng)絡(luò),各節(jié)點協(xié)作感知、采集和處理監(jiān)控區(qū)域中對象的信息,并通過多跳的方式將信息傳輸給匯聚節(jié)點和用戶,每個節(jié)點除采集和處理數(shù)據(jù)外,還具有路由器的功能、動態(tài)搜索、定位和連接的功能。 傳感器網(wǎng)絡(luò)節(jié)點通常部署在野外或敵方區(qū)域,由于價格低廉、抗捕獲能力較弱,攻擊者可利用捕獲到的節(jié)點,獲取其中的敏感信息,并將之改造成為惡意節(jié)點。由于這類節(jié)點和正常節(jié)點一樣擁有合法的密鑰等私密信息,基于密碼學(xué)機制的安全認(rèn)證方案無法識別出這類惡意節(jié)點。攻擊者就可通過這些惡意節(jié)點獨立或相互配合發(fā)動各種類型的攻擊,若不加以防范,這些攻擊將導(dǎo)致正常的請求達不到滿足,消耗網(wǎng)絡(luò)有限的資源,造成部分網(wǎng)絡(luò)臨時或永久癱瘓,同時引發(fā)錯誤警報,影響用戶決策。 本文圍繞虛假數(shù)據(jù)途中過濾、防范選擇性丟棄的途中過濾和惡意節(jié)點的溯源追蹤等問題展開研究。主要研究工作與創(chuàng)新特色如下： 1)虛假數(shù)據(jù)的途中過濾。針對當(dāng)前的途中過濾策略難以有效應(yīng)對惡意節(jié)點之間的協(xié)同攻擊問題,提出了一種基于鄰居節(jié)點監(jiān)聽的虛假數(shù)據(jù)過濾策略。該策略中,每個節(jié)點保存兩跳鄰居信息,接收數(shù)據(jù)包節(jié)點通過監(jiān)聽上游節(jié)點是否發(fā)送ACK包來判斷上游節(jié)點是生成數(shù)據(jù)包的節(jié)點還是中間轉(zhuǎn)發(fā)節(jié)點,從而確保惡意節(jié)點不能利用已俘獲的節(jié)點成功偽造其他區(qū)域發(fā)生的事件而不被識別出來,在絕大多數(shù)情況下,虛假數(shù)據(jù)包將在一跳之內(nèi)被過濾掉。該策略提高了途中過濾效率,降低了惡意節(jié)點對網(wǎng)絡(luò)的影響,延長了網(wǎng)絡(luò)生存期。 2)防范選擇性丟棄的途中過濾�，F(xiàn)有的虛假數(shù)據(jù)途中過濾策略中,一個隱含的基本前提就是假設(shè)途中節(jié)點是正常節(jié)點。當(dāng)途中惡意節(jié)點有選擇性的丟棄合法數(shù)據(jù)包時,現(xiàn)有的途中過濾策略無法判斷出丟棄的數(shù)據(jù)包是虛假數(shù)據(jù)包還是被惡意節(jié)點丟棄的合法數(shù)據(jù)包。針對該問題,提出了一種防范選擇性丟棄的虛假數(shù)據(jù)途中過濾策略。該策略采用逐步認(rèn)證的方式遞交數(shù)據(jù)包,不僅可過濾虛假數(shù)據(jù),而且可識別出合法數(shù)據(jù)被選擇性丟棄的行為。此外,由于數(shù)據(jù)包中附加的是T個節(jié)點的最新單向鏈密鑰,而不是傳統(tǒng)策略的MAC,確保一個合法數(shù)據(jù)包不會因惡意節(jié)點附加錯誤MAC而被途中節(jié)點或Sink過濾掉。 3)惡意節(jié)點的溯源追蹤。虛假數(shù)據(jù)過濾策略雖然能有效過濾虛假數(shù)據(jù),但不能消除惡意節(jié)點對網(wǎng)絡(luò)的破壞作用,針對該情況,提出了兩種快速追蹤定位惡意攻擊節(jié)點的策略。針對稠密節(jié)點的網(wǎng)絡(luò)環(huán)境,提出了一種基于鄰居節(jié)點信息的溯源追蹤策略。利用相互通信的兩個節(jié)點及其共同鄰居節(jié)點保存接收到的數(shù)據(jù)包特征信息,Sink節(jié)點可逐跳溯源追蹤至攻擊節(jié)點。該方法不需要收集大量攻擊數(shù)據(jù)包便可定位攻擊節(jié)點,且溯源追蹤過程不受路由變化的影響。針對稀疏節(jié)點的網(wǎng)絡(luò)環(huán)境,提出了一種基于兩跳鄰居的邊標(biāo)記策略。該策略將網(wǎng)絡(luò)中節(jié)點分為標(biāo)記節(jié)點和非標(biāo)記節(jié)點,只有標(biāo)記節(jié)點才需概率性標(biāo)記數(shù)據(jù)包,從而將重構(gòu)攻擊路徑長度降為現(xiàn)有概率邊標(biāo)記策略的1/2,定位攻擊節(jié)點需收集的攻擊數(shù)據(jù)包大大降低。
[Abstract]:With the rapid development of embedded computing technology, sensor technology and communication technology, wireless sensor networks emerge at the historic moment and are widely used in many fields, such as military, environmental monitoring and protection, medical care, construction, industry, agriculture, smart home system, warehouse management and so on. Now it has been praised as one of the three high-tech industries in the new century. Unlike traditional networks, wireless sensor networks (WSNs) deploy a large number of inexpensive micro-sensor nodes randomly in the monitoring area to form a wireless network by self-organizing. Each node cooperatively senses, collects and processes the information of the objects in the monitoring area, and transmits the information to the sink node and the user through multi-hop mode, each node. Besides collecting and processing data, it also has the function of router, dynamic search, location and connection.
Sensor network nodes are usually deployed in the field or enemy area. Because of the low price and weak anti-capture ability, attackers can use the captured nodes to obtain sensitive information and transform it into malicious nodes. Security authentication schemes can not identify such malicious nodes. Attackers can launch various types of attacks independently or in coordination with each other through these malicious nodes. If not prevented, these attacks will lead to normal requests can not be met, consume limited network resources, cause temporary or permanent network paralysis, and cause errors. Alerts affect user decisions.
This paper focuses on the filtering of false data on the way, the filtering of selective discarding on the way and the traceability of malicious nodes.
1) On-the-way filtering of false data. To solve the problem that the current on-the-way filtering strategy is difficult to effectively deal with the cooperative attack between malicious nodes, a new false data filtering strategy based on neighbor node sniffing is proposed. Packets determine whether the upstream node is a node that generates packets or an intermediate forwarding node, thus ensuring that malicious nodes can not use the captured node to successfully forge events in other areas without being recognized. In most cases, false packets will be filtered out within one hop. It reduces the impact of malicious nodes on the network and prolongs the lifetime of the network.
2) Prevent selective drop-in-the-way filtering. An implicit basic premise of the existing filter strategy for false data in-the-way is to assume that the nodes in the path are normal. When malicious nodes selectively discard legitimate packets on the way, the existing filter strategy can not determine whether the discarded packets are false or are being discarded. To solve this problem, this paper proposes an on-the-way filtering strategy to prevent selectively discarded false data. This strategy delivers data packets with step-by-step authentication, which not only filters false data, but also identifies the selectively discarded behavior of legitimate data. The latest one-way chain key of each node, rather than the traditional MAC strategy, ensures that a legitimate packet will not be filtered out by the on-going node or Sink due to malicious nodes attaching erroneous MAC.
3) Traceability of malicious nodes. Although the false data filtering strategy can effectively filter the false data, it can not eliminate the destructive effect of malicious nodes on the network. In view of this situation, two strategies are proposed to quickly track and locate malicious attack nodes. Tracing strategy. By using two communicating nodes and their common neighbors to store the received packet feature information, the Sink node can track the source to the attacking node hop by hop. This method can locate the attacking node without collecting a large number of attack packets, and the tracing process is not affected by routing changes. In the network environment, an edge marking strategy based on two-hop neighbors is proposed, which divides the nodes into labeled nodes and unlabeled nodes, and only labeled nodes need probabilistic labeled packets. Thus, the reconstructed attack path length is reduced to 1/2 of the existing probabilistic edge marking strategy, and the size of attack packets to be collected by the attacking nodes is located. It's a big drop.
【學(xué)位授予單位】：中國科學(xué)技術(shù)大學(xué)
【學(xué)位級別】：博士
【學(xué)位授予年份】：2014
【分類號】：TP212.9;TN929.5

【參考文獻】

相關(guān)期刊論文 前6條

1 胡向東;余朋琴;魏琴芳;;物聯(lián)網(wǎng)中選擇性轉(zhuǎn)發(fā)攻擊的發(fā)現(xiàn)[J];重慶郵電大學(xué)學(xué)報(自然科學(xué)版);2012年02期

2 楊峰;周學(xué)海;張起元;謝婧;章曙光;;無線傳感器網(wǎng)絡(luò)惡意節(jié)點溯源追蹤方法研究[J];電子學(xué)報;2009年01期

3 崔莉,鞠海玲,苗勇,李天璞,劉巍,趙澤;無線傳感器網(wǎng)絡(luò)研究進展[J];計算機研究與發(fā)展;2005年01期

4 江長勇;張建明;王良民;;無線傳感器網(wǎng)絡(luò)中的選擇轉(zhuǎn)發(fā)攻擊檢測[J];計算機工程;2009年21期

5 易葉青;林亞平;李小龍;羊四清;尤志強;;WSN中基于協(xié)作水印的虛假數(shù)據(jù)過濾算法[J];軟件學(xué)報;2010年01期

6 劉志雄;王建新;;傳感器網(wǎng)絡(luò)中一種基于地理位置的虛假數(shù)據(jù)過濾方案[J];通信學(xué)報;2012年02期

，

本文編號：2191401