节点文献

无线传感器网络广播认证协议及入侵检测研究

Research on Broadcast Authentication Protocols and Intrusion Detection in Wireless Sensor Networks

【作者】 戴庭

【导师】 黄海平;

【作者基本信息】 南京邮电大学 , 计算机软件与理论, 2014, 硕士

【摘要】 广播是无线传感器网络的一项重要操作。它可用于代码的更新、查询以及组员的管理[1]。广播认证是无线传感器网络的一项基本安全服务。常见的基于对称密钥的广播认证协议,特别是μTESLA系列,扩展性差(因为Hash链长度有限、基站通信范围有限)并且存在安全隐患(因为明文认证)等。本文首先提出了一个可扩展的广播认证机制,名曰DH-μTESLA。它是μTESLA[2]协议和多级μTESLA协议[3]的扩展和改进版本。DH-μTESLA协议包含以下三部分:1)提出了基于(t, n)门限和划分树的可再生Hash链的构造方案SRHC-TD,解决了Hash链长度受限的问题,并且在相对较低的开销下保证了一定强度的容丢包性/容错包性,最主要的是它能够抵抗选择明文攻击;2)提出了基于d-left可计数型布隆过滤器的身份认证方案AdlCBF,在实现了安全认证的同时,确保了存储空间的节约性、系统的可扩展性、查询的高效性;3)提出了基于父亲树的分簇路由算法PTCR,它的主要功能是扩大了网络的范围,使得整个DH-μTESLA协议更适用于大范围的稠密的无线传感器网络。并且,本文利用Matlab,Visual Studio C++等工具实现了性能的仿真分析,证实了DH-μTESLA协议所具备的以上优点。在无线传感器网络中运行DH-μTESLA协议时,网络常常需要采用主动的防御措施。因此,在本文的后半部分,我们将研究传感器网络中的入侵检测问题。入侵检测是传感器网络的一项重要应用。大量文献表明采用覆盖方法,特别是栅栏覆盖方法,能够增加入侵检测的效率。由于本文中所提出的PTCR的簇头轮转机制,新节点的加入以及该算法在实现800轮之后的特有的网络拓扑结构的变化,同一局部区域内,节点数目的变化可近似地看做是节点的移动。而且,使用移动的传感器节点能够增强覆盖效果,以避免静态无线传感器网络中存在的覆盖空洞。然而,传感节点和入侵者的运动轨迹并没有被相关文献详细地研究。同时,移动传感节点之间的相互影响以及传感节点与入侵者之间的影响也没有被详细地研究。为了解决这些问题,本文首先引入虚拟势场的概念。它不但存在于节点之间,而且存在于节点与入侵者之间。考虑到动态相似性,本文使用完全弹性碰撞模型来描述节点的移动;使用点电荷模型来描述入侵者的移动。通过建模,我们能够得到覆盖性能与传感节点、入侵者的移动性之间的关系。最后,我们能够得到虚拟势场下移动传感网的入侵检测的性能要优于静态无线传感器网络以及一般的移动传感网中的入侵检测的性能。

【Abstract】 Broadcast of information in Wireless Sensor Networks (WSN) is an important operation, forexample, for code updates, queries and membership information[1]. Broadcast authentication inWSN is a fundamental security primitive. Although symmetric key based μTESLA has beenproposed, it suffers from the weakness of low scalability which is resulted from hash chain’sfinite length, authentication in plaintext and base station’s finite communication radius.This paper presents a scalable broadcast authentication scheme named DH-μTESLA whichis the extension and improvement of μTESLA[2]and multilevel μTESLA[3]. It mainly hasfollowing three parts:1) It has proposed the (t, n)-threshold and division tree based self-re-initializable Hash chainscheme (SRHC-TD scheme), which can maintain the infinite lifecycle of Hash chains, lowoverheads, strong tolerance of message loss or fault, and the ability resist chosen plaintext attack.2) It has put forward the d-left counting Bloom filter based authentication scheme (AdlCBFscheme), which can make sure the security authentication with memory efficiency, scaleexpansion and query convenience.3) It has present the parent-tree based clustering routing algorithm (PTCR algorithm), whichcan expand the scalability of sensor networks, and make DH-μTESLA be suitable to large scalesensor networks with high density of sensors.It also presents the experimental results obtained through simulations, which havedemonstrated the advantages of the proposed protocol.In the process of running DH-μTESLA in WSN, the network always needs to execute theproactive defense. Thus, in the latter half of this paper, we also study the intrusion detection inWSNs.Intrusion detection is a signifcant application in sensor networks. Considerable literaturesindicate that adopting the coverage methods, especially the barrier coverage method can increasethe efficiency of detecting intruders. Because of the attributes of the proposed PTCR,(i.e. therotation of cluster heads and the participations of new nodes, and the uneven distribution of nodesafter running several rounds, especially800rounds), the number and density of nodes in the samelocal region is changing all the time. This enlightens us to consider the nodes as the mobiles onesand the stationary WSNs as periodly Mobile ones. It is believed that using mobile sensors can enhance coverage and avoid coverage hole instationary Wireless Sensor Networks (WSNs). However, the moving trajectories of sensors andintruders have not been investigated properly. Besides, the impacts between mobile sensors andthe impacts between a sensor and an intruder have not been discussed thoroughly. In order toaddress these problems, we first discuss the virtual potential field between sensors and intruders.Using motion similarity, we then formulate the sensor mobility by elastic collision model, and theintruder mobility by point charge model. Afterwards, we obtain the relationship between barriercoverage performance and sensor and intruder mobility. Finally, we show that the coverageperformance of Mobile Sensor Networks (MSNs) in virtual potential field can be improvedcompared to those in stationary WSNs and in general MSNs.

节点文献中: 

本文链接的文献网络图示:

本文的引文网络