【摘要】：無線傳感器網(wǎng)絡(luò)是資源受限、分布式、自組織、多跳、以數(shù)據(jù)為中心的網(wǎng)絡(luò),其低成本和高靈活性的優(yōu)點使其廣泛應(yīng)用于軍事偵查、環(huán)境監(jiān)測、醫(yī)療健康、交通監(jiān)控等領(lǐng)域。數(shù)據(jù)融合機制被應(yīng)用于無線傳感器網(wǎng)絡(luò)中以減少能量消耗和網(wǎng)絡(luò)碰撞,但同時也帶來了新的安全威脅。攻擊者不僅可以偽造、重放、篡改和丟棄普通傳感器節(jié)點的數(shù)據(jù),而且可能通過直接妥協(xié)更高級別的融合節(jié)點來獲取、更改或者丟棄融合結(jié)果,導致災(zāi)難性的后果。論文針對現(xiàn)有研究成果的不足,分別從機密性和完整性兩個方面設(shè)計改進的安全數(shù)據(jù)融合方案,采用切片重組技術(shù)和監(jiān)督信譽機制,最終達到數(shù)據(jù)融合所需的安全目標。論文中所作的具體工作主要包括以下三個方面:首先,提出一種輕量級的隱私保護方案,應(yīng)用私密種子和簇內(nèi)切片技術(shù)實現(xiàn)隱私保護,采用隨機概率決定每個簇的最大分片數(shù)和簇內(nèi)每個節(jié)點的不同分片數(shù),降低通信和計算代價,提高融合結(jié)果精確度。相比于CPDA算法,該方案在有效保證隱私的前提下,具有較少的計算和通信代價,并且融合精確度高。其次,在雙簇頭安全融合方案(DCSA)的基礎(chǔ)上,通過在節(jié)點間加入對稱密鑰,采用分布式驗證方法,使節(jié)點認證與融合同時進行,在向上融合的過程中立即證實子節(jié)點融合數(shù)據(jù)的完整性。同時,利用紅黑簇頭的監(jiān)督特性,能夠定位惡意節(jié)點,增強抗共謀攻擊能力。該方案保證與DCSA相同安全等級的前提下,能夠及早檢測并丟棄錯誤數(shù)據(jù),提高了完整性檢測機制的效率,且具有更低的網(wǎng)絡(luò)能耗。最后,通過理論分析論證了兩種類型的安全數(shù)據(jù)融合算法的高效性和可靠性,并通過實驗?zāi)M驗證了安全數(shù)據(jù)融合方案的可行性。
[Abstract]:Wireless sensor network is a resource-limited, distributed, self-organizing, multi-hop, data-centric network. Its advantages of low cost and high flexibility make it widely used in military reconnaissance, environmental monitoring, medical health, traffic monitoring and other fields. Data fusion mechanism is applied to wireless sensor networks to reduce energy consumption and network collision, but also brings new security threats. An attacker can not only forge, replay, tamper and discard the data of ordinary sensor nodes, but also obtain, change or discard the fusion results by directly compromising the higher level fusion nodes, resulting in disastrous consequences. Aiming at the deficiency of the existing research results, this paper designs an improved security data fusion scheme from the aspects of confidentiality and integrity, adopts slice reorganization technology and monitoring reputation mechanism, and finally achieves the security goal required for data fusion. The main work in this paper includes the following three aspects: firstly, a lightweight privacy protection scheme is proposed, which uses private seeds and intra-cluster slicing technology to achieve privacy protection. Random probability is used to determine the maximum number of segments per cluster and the number of nodes in each cluster to reduce the communication and computational costs and to improve the accuracy of the fusion results. Compared with CPDA algorithm, the proposed scheme has less computational and communication costs and high fusion accuracy on the premise of effectively guaranteeing privacy. Secondly, on the basis of double cluster head secure fusion scheme (DCSA), by adding symmetric key between nodes and adopting distributed verification method, the authentication and fusion of nodes can be carried out simultaneously. In the process of upward fusion, the integrity of the fusion data is confirmed immediately. At the same time, the red and black cluster heads can be used to locate malicious nodes and enhance their ability to resist collusion attacks. On the premise of the same security level as DCSA, this scheme can detect and discard the error data as early as possible, improve the efficiency of the integrity detection mechanism, and have lower network energy consumption. Finally, the high efficiency and reliability of two kinds of secure data fusion algorithms are demonstrated through theoretical analysis, and the feasibility of the secure data fusion scheme is verified by experimental simulation.
【學位授予單位】：哈爾濱工程大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP212.9;TN915.08

【參考文獻】

相關(guān)期刊論文 前3條

1 范永健;陳紅;張曉瑩;;無線傳感器網(wǎng)絡(luò)數(shù)據(jù)隱私保護技術(shù)[J];計算機學報;2012年06期

2 楊庚;王安琪;陳正宇;許建;王海勇;;一種低耗能的數(shù)據(jù)融合隱私保護算法[J];計算機學報;2011年05期

3 周水庚;李豐;陶宇飛;肖小奎;;面向數(shù)據(jù)庫應(yīng)用的隱私保護研究綜述[J];計算機學報;2009年05期

，

本文編號：2133240