CN113543139A - Wireless sensor network distributed security control method based on credibility - Google Patents

Wireless sensor network distributed security control method based on credibility Download PDF

Info

Publication number
CN113543139A
CN113543139A CN202110785780.5A CN202110785780A CN113543139A CN 113543139 A CN113543139 A CN 113543139A CN 202110785780 A CN202110785780 A CN 202110785780A CN 113543139 A CN113543139 A CN 113543139A
Authority
CN
China
Prior art keywords
sensor node
sensor
matrix
security control
formula
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110785780.5A
Other languages
Chinese (zh)
Other versions
CN113543139B (en
Inventor
刘健行
朱亮聪
姚蔚然
胡志坚
高耸
袁菲
李婷
孙光辉
吴立刚
高亚斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Harbin Institute of Technology
Shanghai Aerospace System Engineering Institute
Original Assignee
Harbin Institute of Technology
Shanghai Aerospace System Engineering Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Harbin Institute of Technology, Shanghai Aerospace System Engineering Institute filed Critical Harbin Institute of Technology
Priority to CN202110785780.5A priority Critical patent/CN113543139B/en
Publication of CN113543139A publication Critical patent/CN113543139A/en
Application granted granted Critical
Publication of CN113543139B publication Critical patent/CN113543139B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/37Managing security policies for mobile devices or for controlling mobile applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/145Network analysis or design involving simulating, designing, planning or modelling of a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/009Security arrangements; Authentication; Protecting privacy or anonymity specially adapted for networks, e.g. wireless sensor networks, ad-hoc networks, RFID networks or cloud networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/66Trust-dependent, e.g. using trust scores or trust relationships
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Abstract

A wireless sensor network distributed security control method based on credibility relates to the technical field of wireless communication. The method solves the problems that the existing network security control method can not realize the security control of the system under the complex network attack and has poor universality. Under an ideal state, establishing a node model of each sensor in a wireless sensor network, and designing a distributed controller by using the node model; solving, with the distributed controller, the distributed controller gains; carrying out credibility evaluation on the received data of the adjacent wireless sensor nodes by using the gain of the distributed controller, and calculating the weight of the credibility; establishing a self-adaptive isolation mechanism by using the weight of the credibility, and updating the state of the sensor node by using the self-adaptive isolation mechanism; and realizing the updating of the security control strategy. The invention is suitable for the security control of the wireless sensor network.

Description

Wireless sensor network distributed security control method based on credibility
Technical Field
The invention relates to the technical field of wireless communication.
Background
The wireless sensor network is a distributed network formed by a large number of sensor nodes in a self-organizing and multi-hop mode, and is favored in various fields of intelligent transportation, environment detection, medical health and the like by the unique advantages of convenience in deployment, strong mobility, low cost and the like. However, as the application range of the wireless sensor network is increasingly expanded, the security control problem of the network system becomes a hot topic under study. Because data are transmitted among the wireless sensor nodes through the wireless communication link, the research on the credibility of the communication link has important significance for realizing the safe and accurate control of the system.
Aiming at network attacks possibly existing on a sensor node communication chain, numerous scholars at home and abroad develop deep research for the security control problem of a wireless sensor network. A detectable denial-of-service attack model is proposed in the document distributed elastic load frequency control under denial-of-service attack (electric measurement and instrumentation, 2021, 58 th volume, 01 th phase, P158-P164), a load frequency control system model under periodic denial-of-service attack is derived, and an elastic load frequency controller is designed. In the literature, "stability research of information physical fusion system under false data injection attack" (automated science and report, 2019, volume 45, phase 01, P196-P205), a false data injection attack effectiveness model is used to quantify the influence of false data attack on the state estimation value and the measurement residual of the information physical system, and a security controller is designed and the stability of the system is discussed.
The invention patent application document with the patent application number of 201910553184.7 discloses a security control method of an event-driven network control system under multi-network attack, which sequentially introduces random network spoofing attack, replay attack and denial of service attack, establishes a system closed-loop model under the multi-network attack, designs a Lyapunov function based on the model, and solves the gain of a state feedback controller.
However, the above security control methods have not been studied in consideration of the change of the credibility of the communication link between the sensor nodes and the consequent change of the dynamic model of the system with the intrusion of the network attack. The method aims at modeling one or more specific network attack types, controller design is carried out based on the established model, unmodeled dynamics in the attack model is not considered, safety control of the system under complex network attack cannot be realized, universality is not achieved, and application of the method in an actual wireless sensor network is limited.
Disclosure of Invention
The invention aims to solve the problems that the existing network security control method cannot realize the security control of a system under complex network attack and is poor in universality, and provides a wireless sensor network distributed security control method based on credibility.
The invention relates to a credibility-based distributed security control method for a wireless sensor network, which is used for controlling each sensor node in the wireless sensor network, and updating the state of each sensor node based on the data transmitted by all the adjacent nodes of the sensor node to realize security control;
the method specifically comprises the following steps:
establishing a node model of each sensor in a wireless sensor network under an ideal state, and designing a distributed controller by using the node model;
step two, solving the gain of the distributed controller by using the distributed controller;
and thirdly, designing and updating a security control strategy based on credibility under network attack by using the gain of the distributed controller and the received transmission data of the adjacent wireless sensor nodes, and finishing security control on the wireless sensor network.
Further, in the third step, the method for designing and updating the security control strategy based on the credibility under the network attack comprises the following steps:
thirdly, carrying out reliability evaluation on the received data of the adjacent wireless sensor nodes by using the gain of the distributed controller, and calculating the weight of the reliability;
establishing a self-adaptive isolation mechanism by using the weight of the reliability, and updating the state of the sensor node by using the self-adaptive isolation mechanism; and realizing the updating of the security control strategy.
Further, in the invention, in the first step, under an ideal state, establishing a model of each sensor node in the wireless sensor network is as follows:
the model of the ith (i ═ 1,2,3 … N) sensor node in the wireless sensor network is:
Figure BDA0003158264360000021
in the formula, xi(k) Is the state vector, x, of the ith sensor node at time kj(k) Is the state vector of the jth sensor node at time k,xi(k +1) is the state vector of the ith sensor node at time k +1, ui(k) Is the control input vector of the ith sensor node, CiIs the output matrix of the ith sensor node, AiSystem matrix for i-th sensor, BiIs the control input matrix of the ith sensor, AijFor describing a matrix of the adjacency relation between the ith sensor node and the jth sensor node, N is the total number of the sensor nodes in the wireless sensor network, yi(k) Is the measured output vector of the ith sensor node, CiIs the measurement output matrix of the ith sensor.
Further, in the invention, in the first step, the distributed controller is designed through a second formula;
distributed controller u of ith sensor node in wireless sensor networki(k) Comprises the following steps:
Figure BDA0003158264360000031
in the formula, KiIs the controller gain, K, of the current sensor node iijIs the controller gain, y, of sensor node j adjacent to sensor node ij(k) Is the measured output vector of sensor node j.
Further, in the second step of the present invention, the method for solving the gain of the distributed controller by using the distributed controller comprises:
establishing a closed-loop system state equation for the ith sensor node may be expressed as:
Figure BDA0003158264360000032
Cjis an output matrix of the jth sensor node, and constructs a Lyapunov function V (k) depending on the sensor node:
Figure BDA0003158264360000033
in the formula, PiA positive definite unknown Lyapunov matrix to be solved for the sensor node i;
further comprising:
Figure BDA0003158264360000034
in the formula (I), the compound is shown in the specification,
Figure BDA0003158264360000035
Figure BDA0003158264360000036
Figure BDA0003158264360000037
B=diag{B1 B2 … BNnine formula
C=diag{C1 C2 … CNEquation ten
P=diag{P1 P2 … PNFormula eleven
Wherein A is a system matrix of the whole sensor network, K is a controller gain matrix of the whole sensor network, and K isiAnd KijThe method comprises the following steps that B is a control input matrix of the whole sensor network, namely a diagonal matrix, C is a measurement output matrix of the whole sensor network, namely the diagonal matrix, and P is a positive definite unknown Lyapunov matrix to be solved of the whole sensor network;
to make Δ V (k) < 0, let:
Figure BDA0003158264360000041
obtained by the schulbu principle:
Figure BDA0003158264360000042
linear transformation of equation thirteen, defining X ═ PBKC, yields:
Figure BDA0003158264360000043
the formula fourteen is a linear matrix inequality, unknown variables X and P are solved through a linear matrix inequality tool box in Matlab, and finally gain of the distributed controller is obtained:
Figure BDA0003158264360000044
further, in the present invention, in the third step, a specific method for performing reliability evaluation on the received data of the adjacent wireless sensor node is as follows:
modeling the transmission data received by sensor node i from the adjacent sensor node j as:
yj(k)=Cjxj(k)+Gjgj(k) formula sixteen
In the formula, GjRepresenting a constant matrix, g, associated with the sensor channel that the attacker is attempting to attackj(k) Representing a malicious attack input, CjIs the output matrix, x, of the sensor node jj(k) Is the state vector of the jth sensor node at time k;
based on the received transmission data of the adjacent sensor nodes, establishing a transmission data credibility evaluation index of each moment of the adjacent sensor nodes:
Figure BDA0003158264360000045
in the formula, Sij(k) Indicating that the data transmitted from sensor node j to sensor node i at time k is a trustworthy amount,Sij(k-1) represents the amount of data transmitted from sensor node j to sensor node i at time k-1 as authentic, Sij(0)=0,
Figure BDA0003158264360000051
Representing the measurement output y at time kj(k) Is used to determine the relationship between the relationship function of (1),
Figure BDA0003158264360000052
representing the measured output y at time k-1j(k-1), R (k) represents a threshold function, when
Figure BDA0003158264360000053
Data transmitted from sensor node j to sensor node i is deemed to be trusted when the data is received, and is deemed to be untrusted when the data is not received.
Further, in the present invention, in the first step, the method for calculating the reliability weight includes:
based on the evaluation indexes of the reliability of the transmission data of the adjacent sensor nodes at all times, a data sequence of any adjacent sensor node with a credible label and an untrustworthy label is obtained, and the reliability weight is calculated by using a formula eighteen:
Figure BDA0003158264360000054
in the formula, Creij(k) Weight of confidence for a communication link from sensor node j to sensor node i, MijRepresenting a data period, α, used to calculate a communication link confidence weight from sensor node j to sensor node i0Representing a confidence coefficient for adjusting the rate of change of the confidence weight, alpha, depending on different systems and parameters1And alpha2Representing confidence level auxiliary adjustment coefficients for assisting the confidence level coefficient alpha0Satisfy α1≤α2
Further, in the second step, the self-adaptive isolation mechanism is established by using the weight of the credibility as follows:
Figure BDA0003158264360000055
wherein the adaptive threshold function is:
Figure BDA0003158264360000056
in the formula, gamma0,γ1And gamma2All are adjustable parameters, which jointly determine the size of the adaptive threshold, wherein gamma0Threshold, gamma, for determining the initial time of the adaptive isolation mechanism1And gamma2The ratio of (A) to (B) determines the threshold at which the adaptive isolation mechanism eventually settles, when
Figure BDA0003158264360000057
And in time, the sensor node i does not receive the data transmitted by the sensor j any more, so that the self-adaptive isolation is realized.
Further, in the second step, the method for updating the state of the sensor node by using the adaptive isolation mechanism in the invention comprises the following steps:
establishing a state updating model of a sensor node i:
Figure BDA0003158264360000061
in the formula (I), the compound is shown in the specification,
Figure BDA0003158264360000062
and updating the state of the sensor node by using the state updating model.
The method can dynamically improve each sensor node model under the network attack. A distributed controller of each sensor node in an ideal state is designed, the credibility of a corresponding communication chain is evaluated based on received transmission data of adjacent sensor nodes, and the credibility weight is used for dynamically updating each sensor node model, so that the sensor model is more in line with the actual situation along with the continuous progress of network attacks. The type, the type and the concrete model of the network attack do not need to be considered, so the safety control effect is not influenced by unmodeled dynamics in the attack model, and the universality is effectively improved.
Drawings
FIG. 1 is a flowchart of a wireless sensor network distributed security control method based on confidence;
FIG. 2 is a topology structure diagram of a wireless sensor network including 3 sensor nodes under network attack;
FIG. 3(a) is an ideal open-loop state response curve of each sensor node,
FIG. 3(b) is a closed-loop state response curve under distributed control of each sensor node in an ideal state;
FIG. 4(a) is a state response curve under the traditional distributed control of each sensor node under the network attack,
fig. 4(b) is a state response curve of each sensor node under the network attack under the security distributed control based on the credibility mechanism.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the embodiments and features of the embodiments may be combined with each other without conflict.
The first embodiment is as follows: the present embodiment is described below with reference to fig. 1, and the method for distributed security control of a wireless sensor network based on reliability in the present embodiment is used for controlling each sensor node in the wireless sensor network, and updating a state of each sensor node based on data transmitted by all nodes adjacent to the sensor node to implement security control; the method specifically comprises the following steps:
establishing a node model of each sensor in a wireless sensor network under an ideal state, and designing a distributed controller by using the node model;
step two, solving the gain of the distributed controller by using the distributed controller;
and thirdly, designing and updating a security control strategy based on credibility under network attack by using the gain of the distributed controller and the received transmission data of the adjacent wireless sensor nodes, and finishing security control on the wireless sensor network.
Further, in the third step, the method for designing and updating the security control policy based on the credibility under the network attack is as follows:
thirdly, carrying out reliability evaluation on the received data of the adjacent wireless sensor nodes by using the gain of the distributed controller, and calculating the weight of the reliability;
establishing a self-adaptive isolation mechanism by using the weight of the reliability, and updating the state of the sensor node by using the self-adaptive isolation mechanism; and realizing the updating of the security control strategy.
Further, in the present embodiment, in the first step, in an ideal state, establishing a model of each sensor node in the wireless sensor network is:
the model of the ith (i ═ 1,2,3 … N) sensor node in the wireless sensor network is:
Figure BDA0003158264360000071
in the formula, xi(k) Is the state vector, x, of the ith sensor node at time kj(k) Is the state vector, x, of the jth sensor node at time ki(k +1) is the state vector of the ith sensor node at time k +1, ui(k) Is the control input vector of the ith sensor node, CiIs the output matrix of the ith sensor node, AiSystem matrix for i-th sensor, BiIs the control input matrix of the ith sensor, AijFor describing a matrix of the adjacency relation between the ith sensor node and the jth sensor node, N is the total number of the sensor nodes in the wireless sensor network, yi(k) Is the measured output vector of the ith sensor node, CiIs the measurement output matrix of the ith sensor.
The invention utilizes the received transmission data of the adjacent wireless sensor nodes to identify the safety of the corresponding communication link, and can quickly isolate the communication link with the risk of network attack. The method is realized through two steps, wherein the first step is to solve the gain of the distributed controller in an ideal state, and the second step is to design a security control strategy based on credibility under network attack. The main characteristics of the first step are as follows: and establishing a model of each sensor node in the wireless sensor network, designing a distributed controller, and solving the gain of the distributed controller. The second step is mainly characterized in that: and evaluating the reliability of the transmission data of the adjacent sensor node j at each moment, calculating the reliability weight, establishing a self-adaptive isolation mechanism, and updating the state of the sensor node. Practice proves that the distributed safety control method can effectively realize the distributed safety control of the wireless sensor network system.
Further, in the present embodiment, in the step one, designing the distributed controller is implemented by a formula two;
distributed controller u of ith sensor node in wireless sensor networki(k) Comprises the following steps:
Figure BDA0003158264360000081
in the formula, KiIs the controller gain, K, of the current sensor node iijIs the controller gain, y, of sensor node j adjacent to sensor node ii(k) Is the measurement output vector, y, of the sensor node ij(k) Is the measured output vector of sensor node j.
Further, in the second embodiment, in the step two, the method for solving the gain of the distributed controller by using the distributed controller includes:
establishing a closed-loop system state equation for the ith sensor node may be expressed as:
Figure BDA0003158264360000082
Cjis an output matrix of the jth sensor node, and constructs a Lyapunov function V (k) depending on the sensor node:
Figure BDA0003158264360000083
in the formula, PiA positive definite unknown Lyapunov matrix to be solved for the sensor node i;
further comprising:
Figure BDA0003158264360000084
in the formula (I), the compound is shown in the specification,
Figure BDA0003158264360000085
Figure BDA0003158264360000086
Figure BDA0003158264360000087
B=diag{B1 B2 … BNnine formula
C=diag{C1 C2 … CNEquation ten
P=diag{P1 P2 … PNFormula eleven
Wherein A is of the entire sensor networkSystem matrix, for K is controller gain matrix of whole sensor network, from KiAnd KijThe method comprises the following steps that B is a control input matrix of the whole sensor network and is a diagonal matrix, C is a measurement output matrix of the whole sensor network and is a diagonal matrix, and P is a positive definite unknown Lyapunov matrix to be solved of the whole sensor network;
to make Δ V (k) < 0, let:
Figure BDA0003158264360000091
obtained by the schulbu principle:
Figure BDA0003158264360000092
linear transformation of equation thirteen, defining X ═ PBKC, yields:
Figure BDA0003158264360000093
the formula fourteen is a linear matrix inequality, unknown variables X and P are solved through a linear matrix inequality tool box in Matlab, and finally gain of the distributed controller is obtained:
Figure BDA0003158264360000094
in the formula (I), the compound is shown in the specification,
Figure BDA0003158264360000095
representing the pseudo-inverse of the matrix.
Further, in the present embodiment, in the first step, a specific method for performing reliability evaluation on the received data of the adjacent wireless sensor node is as follows:
in consideration of network attacks that may exist on a wireless sensor network communication link, the transmission data received by a sensor node i from a neighboring sensor node j is modeled as:
yj(k)=Cjxj(k)+Gjgj(k) formula sixteen
In the formula, GjRepresenting a constant matrix, g, associated with the sensor channel that the attacker is attempting to attackj(k) Representing a malicious attack input, CjIs the output matrix, x, of the sensor node jj(k) Is the state vector of the jth sensor node at time k;
based on the received transmission data of the adjacent sensor nodes, establishing a transmission data credibility evaluation index of each moment of the adjacent sensor nodes:
Figure BDA0003158264360000101
in the formula, Sij(k) Representing a plausible amount of data transmitted from sensor node j to sensor node i at time k, Sij(k-1) represents the amount of data transmitted from sensor node j to sensor node i at time k-1 as authentic, Sij(0)=0,
Figure BDA0003158264360000102
Representing the measurement output y at time kj(k) Is used to determine the relationship between the relationship function of (1),
Figure BDA0003158264360000103
representing the measured output y at time k-1j(k-1), R (k) represents a threshold function, when
Figure BDA0003158264360000104
Data transmitted from sensor node j to sensor node i is deemed to be trusted when the data is received, and is deemed to be untrusted when the data is not received.
In this embodiment, the controller gain K of the entire sensor network is obtained by the formula fifteen, and the distributed controller gain K of any one sensor node can be obtained by the formula eightiAnd KijThe closed-loop system state equation of any sensor node can be obtained by using the formula III,with a closed-loop system state equation, the state of the sensor node can be dynamically updated over time (k 1,2, 3). Thus, the measured value y transmitted by the adjacent sensor node j can be continuously receivedj(k),yj(k) Representing the sensor node adjacent to sensor i, i.e., the formula sixteen.
Further, in the present embodiment, in the first step, the method of calculating the reliability weight includes:
based on the evaluation indexes of the reliability of the transmission data of the adjacent sensor nodes at all times, a data sequence with credible and untrustworthy labels of any adjacent sensor node is obtained, and the reliability weight is calculated by using a formula eighteen:
Figure BDA0003158264360000105
in the formula, Creij(k) Weight of confidence for a communication link from sensor node j to sensor node i, MijRepresenting a data period, α, used to calculate a communication link confidence weight from sensor node j to sensor node i0Representing a confidence coefficient for adjusting the rate of change of the confidence weight, alpha, depending on different systems and parameters1And alpha2Representing confidence level auxiliary adjustment coefficients for assisting the confidence level coefficient alpha0Satisfy α1≤α2
Further, in the present embodiment, in the second step, the weight of the reliability is used to establish the adaptive isolation mechanism as follows:
Figure BDA0003158264360000106
wherein the adaptive threshold function is:
Figure BDA0003158264360000111
in the formula, gamma0,γ1And gamma2All are adjustable parameters, which jointly determine the size of the adaptive threshold, wherein gamma0Threshold, gamma, for determining the initial time of the adaptive isolation mechanism1And gamma2The ratio of (A) to (B) determines the threshold at which the adaptive isolation mechanism eventually settles, when
Figure BDA0003158264360000112
And in time, the sensor node i does not receive the data transmitted by the sensor j any more, so that the self-adaptive isolation is realized.
Further, in the second step, the method for updating the state of the sensor node by using the adaptive isolation mechanism in the present embodiment is as follows:
establishing a state updating model of a sensor node i:
Figure BDA0003158264360000113
in the formula (I), the compound is shown in the specification,
Figure BDA0003158264360000114
and updating the state of the sensor node by using the state updating model.
The simulation of the method of the invention, the network is as shown in figure 2: the wireless sensor network in the simulation comprises 3 sensor nodes, and the topological structure of the wireless sensor network under the network attack is shown in figure 2. Each sensor node collects 3 state variable data at the same time, and different sensor nodes can communicate with each other to transmit data. The system simulation parameters are as follows:
Figure BDA0003158264360000115
Figure BDA0003158264360000116
Figure BDA0003158264360000117
C1=C2=C3=[1 0 0].
by utilizing the safety control method provided by the invention, the gains of the distributed controllers under the ideal state obtained by solving are as follows:
Figure BDA0003158264360000118
fig. 3(a) and 3(b) are open-loop/closed-loop state response curves of each sensor node in an ideal state, and initial states of three sensor nodes are set to [ 1; 1; 1]. For clarity of description, fig. 3(a) and 3(b) show only the response curves of the 1 st state variable measured by each sensor. The response curves of the 2 nd and 3 rd state variables of each sensor are similar to those of fig. 3(a) and 3 (b). As can be seen from fig. 3(a) and 3(b), the distributed controller designed by the present invention can rapidly stabilize the initial open loop system.
In order to verify the distributed security control method based on the credibility disclosed by the invention, the parameters in the credibility security control mechanism are designed as follows:
Gjgj(k)=k,
Figure BDA0003158264360000121
R(k)=0,Mij=50,α0=1,α1=2,α0=3,γ0=200,γ1=0.8,γ2=1。
fig. 4(a) and 4(b) are closed-loop state response curves of each sensor node under a network attack, and it can be seen from fig. 4(a) and 4(b) that after the network attack is suffered at the time k-500, the conventional distributed controller cannot continue to maintain the system stable, and the state response curves continuously diverge. By using the safe distributed controller based on the credibility mechanism disclosed by the invention, the state response curve has a divergence trend at the beginning of the network attack of the closed-loop system, and then the state response curve is rapidly converged to the zero point. The comparison result verifies that the method can quickly detect the network attack behavior and isolate the corresponding communication link in time, and can realize the distributed safety control on the wireless sensor network system under the network attack.
Although the invention herein has been described with reference to particular embodiments, it is to be understood that these embodiments are merely illustrative of the principles and applications of the present invention. It is therefore to be understood that numerous modifications may be made to the illustrative embodiments and that other arrangements may be devised without departing from the spirit and scope of the present invention as defined by the appended claims. It should be understood that features described in different dependent claims and herein may be combined in ways different from those described in the original claims. It is also to be understood that features described in connection with individual embodiments may be used in other described embodiments.

Claims (9)

1. A wireless sensor network distributed security control method based on credibility is characterized in that the method is used for controlling each sensor node in a wireless sensor network, and updating the state of each sensor node based on data transmitted by all the adjacent nodes of the sensor node to realize security control;
the method specifically comprises the following steps:
establishing a node model of each sensor in a wireless sensor network under an ideal state, and designing a distributed controller by using the node model;
step two, solving the gain of the distributed controller by using the distributed controller;
and thirdly, designing and updating a security control strategy based on credibility under network attack by using the gain of the distributed controller and the received transmission data of the adjacent wireless sensor nodes, and finishing security control on the wireless sensor network.
2. The distributed security control method for the wireless sensor network based on the credibility of claim 1, wherein in the third step, the method for designing and updating the security control strategy based on the credibility under the network attack comprises:
thirdly, carrying out reliability evaluation on the received data of the adjacent wireless sensor nodes by using the gain of the distributed controller, and calculating the weight of the reliability;
establishing a self-adaptive isolation mechanism by using the weight of the reliability, and updating the state of the sensor node by using the self-adaptive isolation mechanism; and realizing the updating of the security control strategy.
3. A distributed security control method for a wireless sensor network based on reliability as claimed in claim 1, wherein in the first step, under an ideal condition, the model of each sensor node in the wireless sensor network is established as follows:
the model of the ith (i ═ 1,2,3 … N) sensor node in the wireless sensor network is:
Figure FDA0003158264350000011
in the formula, xi(k) Is the state vector, x, of the ith sensor node at time kj(k) Is the state vector, x, of the jth sensor node at time ki(k +1) is the state vector of the ith sensor node at time k +1, ui(k) Is the control input vector of the ith sensor node, CiIs the output matrix of the ith sensor node, AiSystem matrix for i-th sensor, BiIs the control input matrix of the ith sensor, AijFor describing a matrix of the adjacency relation between the ith sensor node and the jth sensor node, N is the total number of the sensor nodes in the wireless sensor network, yi(k) Is the measured output vector of the ith sensor node, CiIs the measurement output matrix of the ith sensor.
4. A distributed security control method for a wireless sensor network based on reliability as claimed in claim 3, wherein in the first step, the design of the distributed controller is implemented by a second formula;
distributed controller u of ith sensor node in wireless sensor networki(k) Comprises the following steps:
Figure FDA0003158264350000021
in the formula, KiIs the controller gain, K, of the current sensor node iijIs the controller gain, y, of sensor node j adjacent to sensor node ij(k) Is the measured output vector of sensor node j.
5. A distributed security control method for a wireless sensor network based on reliability as claimed in claim 4, wherein in step two, the method for solving the gain of the distributed controller by using the distributed controller comprises:
establishing a closed-loop system state equation for the ith sensor node may be expressed as:
Figure FDA0003158264350000022
Cjis an output matrix of the jth sensor node, and constructs a Lyapunov function V (k) depending on the sensor node:
Figure FDA0003158264350000023
in the formula, PiA positive definite unknown Lyapunov matrix to be solved for the sensor node i;
further comprising:
Figure FDA0003158264350000024
in the formula (I), the compound is shown in the specification,
Figure FDA0003158264350000025
Figure FDA0003158264350000026
Figure FDA0003158264350000027
B=diag{B1 B2 … BNnine formula
C=diag{C1 C2 … CNEquation ten
P=diag{P1 P2 … PNFormula eleven
Wherein A is a system matrix of the whole sensor network, K is a controller gain matrix of the whole sensor network, and K isiAnd KijThe method comprises the following steps that B is a control input matrix of the whole sensor network and is a diagonal matrix, C is a measurement output matrix of the whole sensor network and is a diagonal matrix, and P is a positive definite unknown Lyapunov matrix to be solved of the whole sensor network;
to make Δ V (k) < 0, let:
Figure FDA0003158264350000031
obtained by the schulbu principle:
Figure FDA0003158264350000032
linear transformation of equation thirteen, defining X ═ PBKC, yields:
Figure FDA0003158264350000033
the formula fourteen is a linear matrix inequality, unknown variables X and P are solved through a linear matrix inequality tool box in Matlab, and finally gain of the distributed controller is obtained:
Figure FDA0003158264350000034
in the formula (I), the compound is shown in the specification,
Figure FDA0003158264350000035
representing the pseudo-inverse of the matrix.
6. The distributed security control method for the wireless sensor network based on the credibility as claimed in claim 5, wherein in the first step, the specific method for evaluating the credibility of the received data of the adjacent wireless sensor nodes is as follows:
modeling the transmission data received by sensor node i from the adjacent sensor node j as:
yj(k)=Cjxj(k)+Gjgj(k) formula sixteen
In the formula, GjRepresenting a constant matrix, g, associated with the sensor channel that the attacker is attempting to attackj(k) Representing a malicious attack input, CjIs the output matrix, x, of the sensor node jj(k) Is the state vector of the jth sensor node at time k;
based on the received transmission data of the adjacent sensor nodes, establishing a transmission data credibility evaluation index of each moment of the adjacent sensor nodes:
Figure FDA0003158264350000036
in the formula, Sij(k) Representing a plausible amount of data transmitted from sensor node j to sensor node i at time k, Sij(k-1) represents the amount of data transmitted from sensor node j to sensor node i at time k-1 as authentic, Sij(0)=0,
Figure FDA0003158264350000041
Representing the measurement output y at time kj(k) Is used to determine the relationship between the relationship function of (1),
Figure FDA0003158264350000042
representing the measured output y at time k-1j(k-1), R (k) represents a threshold function, when
Figure FDA0003158264350000043
Data transmitted from sensor node j to sensor node i is deemed to be trusted when the data is received, and is deemed to be untrusted when the data is not received.
7. A distributed security control method for a wireless sensor network based on reliability as claimed in claim 6, wherein in the first step, the method for calculating the reliability weight comprises:
based on the evaluation indexes of the reliability of the transmission data of the adjacent sensor nodes at all times, a data sequence of any adjacent sensor node with a credible label and an untrustworthy label is obtained, and the reliability weight is calculated by using a formula eighteen:
Figure FDA0003158264350000044
in the formula, Creij(k) Weight of confidence for a communication link from sensor node j to sensor node i, MijRepresenting a data period, α, used to calculate a communication link confidence weight from sensor node j to sensor node i0Representing a confidence coefficient for adjusting the rate of change of the confidence weight, alpha, depending on different systems and parameters1And alpha2Expresses a credibility auxiliary regulating coefficient and satisfies alpha1≤α2
8. A credibility-based distributed security control method for a wireless sensor network as claimed in claim 7, wherein in the third step, using the weight of the credibility, the adaptive isolation mechanism is established as follows:
Figure FDA0003158264350000045
wherein the adaptive threshold function is:
Figure FDA0003158264350000047
in the formula, gamma0,γ1And gamma2All are adjustable parameters, which jointly determine the size of the adaptive threshold, wherein gamma0Threshold, gamma, for determining the initial time of the adaptive isolation mechanism1And gamma2The ratio of (A) to (B) determines the threshold at which the adaptive isolation mechanism eventually settles, when
Figure FDA0003158264350000046
And in time, the sensor node i does not receive the data transmitted by the sensor j any more, so that the self-adaptive isolation is realized.
9. The distributed security control method for the wireless sensor network based on the credibility of claim 8, wherein in the third step, the method for updating the state of the sensor node by using the adaptive isolation mechanism comprises:
establishing a state updating model of a sensor node i:
Figure FDA0003158264350000051
in the formula (I), the compound is shown in the specification,
Figure FDA0003158264350000052
and updating the state of the sensor node by using the state updating model.
CN202110785780.5A 2021-07-12 2021-07-12 Wireless sensor network distributed security control method based on credibility Active CN113543139B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110785780.5A CN113543139B (en) 2021-07-12 2021-07-12 Wireless sensor network distributed security control method based on credibility

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110785780.5A CN113543139B (en) 2021-07-12 2021-07-12 Wireless sensor network distributed security control method based on credibility

Publications (2)

Publication Number Publication Date
CN113543139A true CN113543139A (en) 2021-10-22
CN113543139B CN113543139B (en) 2022-06-21

Family

ID=78098663

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110785780.5A Active CN113543139B (en) 2021-07-12 2021-07-12 Wireless sensor network distributed security control method based on credibility

Country Status (1)

Country Link
CN (1) CN113543139B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114563953A (en) * 2022-01-31 2022-05-31 四川大学 Wheeled robot self-adaptive fault-tolerant reliable control system and method considering multi-factor influence

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080084294A1 (en) * 2006-10-05 2008-04-10 Electronics And Telecommunications Research Institute Wireless sensor network and adaptive method for monitoring the security thereof
CN110324332A (en) * 2019-06-28 2019-10-11 重庆大学 A kind of method of controlling security for micro-capacitance sensor under network attack

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080084294A1 (en) * 2006-10-05 2008-04-10 Electronics And Telecommunications Research Institute Wireless sensor network and adaptive method for monitoring the security thereof
CN110324332A (en) * 2019-06-28 2019-10-11 重庆大学 A kind of method of controlling security for micro-capacitance sensor under network attack

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
印新棋 等: "WMNs中基于节点可信度的机会路由改进算法", 《计算机科学》 *
叶正旺 等: "基于节点行为动态变化的WSNs信任模型", 《控制与决策》 *
蔡绍滨 等: "基于云模型的无线传感器网络恶意节点识别技术的研究", 《电子学报》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114563953A (en) * 2022-01-31 2022-05-31 四川大学 Wheeled robot self-adaptive fault-tolerant reliable control system and method considering multi-factor influence
CN114563953B (en) * 2022-01-31 2023-05-09 四川大学 Adaptive fault-tolerant reliable control system and method for wheeled robot considering multi-factor influence

Also Published As

Publication number Publication date
CN113543139B (en) 2022-06-21

Similar Documents

Publication Publication Date Title
Yuan et al. Resilient strategy design for cyber-physical system under DoS attack over a multi-channel framework
CN111988303B (en) False data injection attack detection method suitable for load frequency control of power system
CN111308896B (en) Nonlinear system self-adaptive optimal control method based on variable error
Sargolzaei et al. Time-delay switch attack on load frequency control in smart grid
CN104618908B (en) The method and apparatus that distributed cognition wireless network is attacked anti-distort perception data
CN113543139B (en) Wireless sensor network distributed security control method based on credibility
CN112234629B (en) Sliding mode load frequency control method of multi-region power system based on deception attack
CN113972671B (en) Elastic load frequency control method for multi-region electric power system under denial of service attack
CN109725537A (en) A kind of improved linear optimal semi-active control method
CN114244605B (en) Load frequency control method and system considering network attack and time-varying delay
Li et al. Hierarchical-attention-based defense method for load frequency control system against DoS attack
Jahanshahi et al. Attack detection and estimation in cooperative vehicles platoons: A sliding mode observer approach
Li et al. Graph-theory-based decentralized adaptive output-feedback control for a class of nonlinear interconnected systems
CN112152221A (en) Load frequency control device and method suitable for information uncertain system
CN110011879A (en) A kind of sensor network security real time on-line monitoring system based on parallel filtering
Yu et al. Learning-based secure control for multichannel networked systems under smart attacks
Li et al. Output-feedback control under hidden Markov analog fading and redundant channels
CN104837130B (en) Wireless sensor network compromise node identification method with time-varying credit value under beta distribution
CN116755481A (en) PID vibration active control and reliability analysis method based on neural network
CN105607603A (en) Networked control system and control method capable of compensating time delay and packet loss
Tianxiang et al. Adaptive cruise control of vehicles subject to Denial-of-Service
CN112953943B (en) False data injection attack resisting method based on trust mechanism in distributed estimation
Sun et al. Remote state estimation for nonlinear systems via a fading channel: A risk-sensitive approach
Liu et al. Fractional Optimal Control for malware Propagation in the Internet of Underwater Things
Jiang et al. Intelligent consensus asymptotic tracking control for nonlinear multiagent systems under denial-of-service attacks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant