电子学报 ›› 2015, Vol. 43 ›› Issue (4): 743-752.DOI: 10.3969/j.issn.0372-2112.2015.04.017

• 学术论文 • 上一篇    下一篇

无线传感器网络节点复制攻击和女巫攻击防御机制研究

胡蓉华, 董晓梅, 王大玲   

  1. 东北大学信息科学与工程学院, 辽宁沈阳 110819
  • 收稿日期:2013-05-12 修回日期:2014-09-16 出版日期:2015-04-25
    • 作者简介:
    • 胡蓉华 男,1985年5月出生,湖北荆州人.2010年获东北大学计算机软件与理论专业工学硕士学位.现为东北大学博士生,主要研究方向:无线传感器网络安全、信息隐藏等.董晓梅 女,1970年5月出生,河南开封人.东北大学副教授,主要研究方向为网络与信息安全、信息隐藏、计算机取证等.E-mail:dongxiaomei@ise.neu.edu.cn;王大玲 女,1962年6月出生,辽宁新民人.东北大学教授、博士生导师,主要研究方向为据挖掘、机器学习、信息检索等.
    • 基金资助:
    • 国家自然科学基金 (No.60873199)

Defense Mechanism Against Node Replication Attacks and Sybil Attacks in Wireless Sensor Networks

HU Rong-hua, DONG Xiao-mei, WANG Da-ling   

  1. School of Information Science & Engineering, Northeastern University, Shenyang, Liaoning 110819, China
  • Received:2013-05-12 Revised:2014-09-16 Online:2015-04-25 Published:2015-04-25

摘要:

在无线传感器网络(WSNs)中,节点复制攻击和女巫攻击可扰乱数据融合和阈值选举等网络操作.发起这两种攻击需先通过邻居发现认证过程.考虑到在WSNs中发起邻居认证是不频繁的,提出了一种基于单向密钥链的ID认证防御机制(OKCIDA),降低攻击者在任何时间段发起这两种攻击的可能性.然后基于椭圆曲线离散对数问题,构造对称参数,并组合OKCIDA和利用节点邻居关系,提出了一种无需位置的邻居认证协议(LFNA),以阻止复制节点和女巫节点成功加入网络.最后给出了安全性证明和分析,并在安全和开销方面将LFNA与已有典型防御方案进行了比较,结果表明该方案具有一定的优势.

关键词: 无线传感器网络, 节点复制攻击, 女巫攻击, 认证, 单向密钥链

Abstract:

In wireless sensor networks (WSNs),node replication attacks and Sybil attacks can disrupt the network's operations such as data aggregation and threshold voting schemes.To launch these attacks,it is necessary to go through the neighbor discovery verification process firstly,which is not frequent in WSNs.Considering the above observations,a one-way key chain ID authentication (OKCIDA) defense mechanism was presented to decrease the probability for attackers to mount such attacks at any time.Moreover,the symmetric parameters was constructed based on the elliptic curve discrete logarithm problem;then combines with OKCIDA and utilizes node neighbor relationship,a location-free neighborhood authentication protocol (LFNA) was introduced to stop replica nodes and Sybil nodes from successfully joining into the network.Finally,the security of LFNA was proved and analyzed.Compared with several existing important mechanisms,the proposed method is superior in security and cost.

Key words: wireless sensor network, node replication attack, Sybil attack, authentication, one-way key chain

中图分类号: