Background technology
Wireless sensor network has become a hot fields in the network research, and the popularity that it is used has also caused people's attention.In the most application of wireless sensor network, the data that sensor node collects and the positional information of node link together just meaningful.Therefore, in the middle of numerous the studying a question of wireless sensor network, node locating is a key technology.
The localization method of wireless sensor network mainly is divided into based on the location algorithm of range finding and non-localization method based on range finding.Both compare, and are more outstanding based on the positioning accuracy of range finding location algorithm, but higher for the requirement of node, need some auxiliary equipment aid sensors nodes relevant with range finding to finish location work; Non-positioning accuracy based on the range finding location algorithm shows inferior slightly, but the location cost is lower, sensor node is not had special requirement, also easier enforcement.The DV-Hop that D.Niculescu and B.Nath propose is exactly a kind of typical non-localization method based on range finding, use very extensive, but the destruction for malicious node can not effectively be taken precautions against, and can not guarantee the accuracy of positioning result when facing security threat.By discovering, the DV-Hop localization method very easily is subjected to the influence of Sybil attack and the attack of worm hole and reduces locating accuracy in application, and the present invention will compare with this method.
Sybil attack typically refers to malicious node and pretends to be a plurality of identity that network is attacked.Especially, attack node and pretend to be legal beaconing nodes to send false positional information probably like this in the navigation system based on route at DV-Hop, also may be as intermediate node tampered position information, thus destroy the accuracy of positioning result.The worm hole is attacked normally and is conspired to launch a offensive by two above malicious nodes, set up privately owned communication channel between the malicious node, and distance is much larger than the transmission radius of normal node.The high bandwidth that malicious node utilizes privately owned channel is Data transmission apace, makes the path power of acquired information when setting up route, attacks node like this and just can obtain more information, and can arbitrarily distort the information that receives.Even the worm hole is attacked and to be had authentication at inter-node communication, and the assailant there is no under the situation of key and still can attack (as Fig. 1).As can be seen from Figure 1, A, B represent two beaconing nodes, estimation between them during fewest number of hops normal route should be A-C-D-E-H-B, in worm hole node M, the fewest number of hops path has become A-C-M-N-B under the attack of N, thereby can increase final node locating error.
In the wireless sensor network node location, node with known self-positions of positioning function such as GPS is called beaconing nodes, they can provide positional information to help the needing node of location to finish positioning action to other nodes, and ordinary node to be positioned in the network is called unknown node.
Summary of the invention
The object of the present invention is to provide a kind of reliable wireless sensor network node locating method.The Sybil attack and the worm hole of using this method can prevent effectively that the malicious node in the network from initiating are attacked, thereby have reduced the position error of wireless sensor node under unsafe conditions.For achieving the above object, the present invention comprises two important mechanisms in position fixing process.
Mechanism 1: Sybil attack is resisted mechanism.
In position fixing process, for resisting Sybil attack, need to guarantee that the positional information that is used for location Calculation sent by legal beaconing nodes, and positional information itself do not distorted by malicious node, the present invention introduces a kind of simple and direct certificate scheme.In this scheme; before beaconing nodes sends positional information, it is carried out Hash operation and combine the effect that location information reaches safeguard protection with identity information; carrying out loaded down with trivial details encipherment scheme with location information in the past, to compare its step simple, effectively saved the calculation cost of node.The basic thought of this scheme is based on the digital signature principle of information, utilizes the one-way of hash function to help ordinary node that the positional information of receiving is effectively authenticated.Computing hash function substitution operation fast public key encryption system slowly finishes authentication for positional information, both saved the calculation cost that space that node stores key has also reduced the authentification of message process.Thereby this scheme can successfully detect false positional information and effectively resist Sybil attack.
Mechanism 2: worm hole attack detecting mechanism.
This programme is attacked node according to the worm hole and whether is hidden self identity, worm hole attack node is divided into two classes detects respectively.This programme combines with method for detecting position from the attack feature of malicious node, filled up the defective of the detection method in simple dependence geographical position, has reduced the possibility of omission in detecting or flase drop.This scheme not only can detect the existence that the worm hole is attacked, and can also locate the position that node is attacked in the worm hole, thereby isolate attack node as early as possible effectively reduces and attacks node for the influence in the node locating process.
Based on mechanism 1 and mechanism 2 reliable wireless sensor network node locating method four-stage is arranged, be respectively: 1. the fewest number of hops between beaconing nodes estimation and other beaconing nodes; 2. beaconing nodes is estimated internodal average every hop distance; 3. internode collaboration detects the attack node in the network; 4. unknown node is estimated self coordinate.
With existing node security localization method contrast, the present invention has following feature:
(1) the present invention is not a safe positioning method of attacking the form proposition at a kind of, but promoted the reliability of locating from the source of locating information, positional information of pretending to be legal beaconing nodes to send and the legal position information of being distorted can be filtered effectively, thus the accuracy of raising positioning result.
(2) the present invention has saved the communication cost of position fixing process and has assessed the cost, and has reduced the energy consumption of sensor node.
(3) the present invention is not high for the hardware requirement of sensor node, only requires that the node in the network has synchronised clock.
Embodiment
In conjunction with above-mentioned explanation and accompanying drawing, describe embodiments of the present invention below in detail.Enforcement of the present invention is supposed based on following precondition and network:
A. all legal nodes have an overall symmetric key; B. each node all has and distinguishes identity unique ID number in the network; C. the cryptographic Hash H (ID) of each beaconing nodes ID correspondence is disclosed to all nodes in the network; D. all nodes in the network have synchronised clock, and the propagation time of signal calculated provides condition during for the detection node spacing.
1. the implementation in the fewest number of hops stage between beaconing nodes estimation and other beaconing nodes
This stage has been introduced the symmetric key encryption system when calculating between the beaconing nodes fewest number of hops, the positional information that makes beaconing nodes send has only legal beaconing nodes to use, prevent that it from being caught by illegal node, simultaneously the symmetric key encryption system amount of calculation of having saved beaconing nodes with respect to the public key encryption system.
The netinit stage is that each legal node distributes an overall symmetric key K, and the concrete steps in this stage are described below:
(1) beaconing nodes i is with message { ID
i|| (x
i, y
i) || hop-count||t
s}
KBroadcasting is gone out, ID
iID number of expression beaconing nodes i, (x
i, y
i) two coordinates of expression beaconing nodes i, hop-count represents the node jumping figure of this message process, the hop-count initial value is 0, t
sRepresent the moment that this message is sent, { }
KExpression is encrypted the information in the bracket with key K;
(2) arbitrary legal node is received the message that beaconing nodes i sends, and with the plaintext that obtains message after the symmetric key K deciphering, self ID is write message, and jumping figure is added 1 and this message continued broadcasting;
Because information is encrypted, therefore in repeating process, has only legal node can obtain message content and message content is upgraded.This step can access the fewest number of hops between the beaconing nodes, has also obtained simultaneously unknown node and the fewest number of hops between the beaconing nodes on every side.
2. beaconing nodes is estimated the implementation in internodal average every hop distance stage
Beaconing nodes is estimated internodal average jumping distance after the fewest number of hops that obtains between them.For example beaconing nodes i is according to formula
I ≠ j calculates it and the average jumping distance between the beaconing nodes, wherein c on every side
iAverage jumping distance between expression beaconing nodes i and other beaconing nodes, h
iExpression beaconing nodes i is to the jumping figure of other beaconing nodes, (x
i, y
i) two-dimensional coordinate of expression beaconing nodes i, (x
j, y
j) expression can set up the two-dimensional coordinate of the beaconing nodes communicate by letter with i.
Because the position of beaconing nodes is known, if the estimation of the fewest number of hops between them words devious, the distance calculation of so average every jumping is also just inaccurate, and this can directly cause being decided to be at last the reliability decrease of positioning result.
3. internode collaboration detects the implementation in the attack node stage in the network
The task in this stage is the security mechanism of improving in the localization method, and the Sybil attack and the worm hole that need detect in the network are attacked, thereby improve the reliability that localization method is located under unsafe conditions.
(1) be example with beaconing nodes p and unknown node q, when p on average jumped apart from after, node broadcasts information towards periphery: { ID
p|| (x
p, y
p) || c
p|| t
s|| H (ID
p|| (x
p, y
p) || c
p|| H (ID
p) || t
s).This information has comprised identity ID, coordinate, average distance and the corresponding Hash operation value of jumping of node p.ID wherein
pID number of expression beaconing nodes p, (x
p, y
p) coordinate of expression beaconing nodes p, c
pExpression beaconing nodes p and the average jumping distance between the beaconing nodes on every side, H () represent the information in the bracket is carried out Hash operation, t
sRepresent the moment that this message is sent.
(2) unknown node q receives after the information the at first reliability of authorization information.Because unknown node q knows H (ID in advance
p), can oneself calculate H (ID in conjunction with the information of receiving
p|| (x
p, y
p) || c
p|| H (ID
p) || t
s), compare with cryptographic Hash in the packets of information.If consistent, the then beacon position received of explanation and average the jumping apart from being believable, unknown node q then according to obtain in the stage 1 and beaconing nodes p between jumping figure, according to formula L
Qp=c
qH
QpEstimate the distance between them, wherein c
qThe average jumping distance that expression unknown node q receives, h
QpRepresent the fewest number of hops between it and the beaconing nodes p; If inconsistent, then this packets of information is abandoned, and the node that will send information is judged to be the Sybil attack node and gives the alarm.
Sybil attack can be effectively resisted in above measure, and does not bring too much computation burden to node.The present invention adopted computing hash function substitution operation fast slowly the public key encryption system finish authentication for positional information, both saved the calculation cost that space that node stores key has also reduced the authentification of message process.
(3) this programme is attacked node to the worm hole and is divided into two classes according to whether hiding self identity.
For the existence of not hiding self, normally receive and send messages, just obtain the worm hole attack node of shorter jumping figure by privately owned communication channel, can judge by euclidean distance between node pair.Because it is the distance of having elongated between the collusion node that the essence of node is attacked in the worm hole, between same beaconing nodes, obtains still less jumping figure with this, so attack distance between the node necessarily greater than the communication distance between the general sensor nodes.Communication radius R apart from c and node compares with the average jumping that obtains in previous stage, if c>R, then explanation exists the worm hole to attack.After find to exist attacking, the distance of calculating between each node with formula d=v Δ t compares with the node communication radius R, thereby determines in the path which two node is the attack node actually.Wherein d represents the actual range of signal transmission between node, and v represents the aerial propagation velocity of signal, and Δ t represents the time that signal is propagated in air, Δ t=t
r-t
s, t wherein
rExpression receives the moment of this message, t
sRepresent the moment that this message is sent.
For the existence of hiding self, node is attacked in the worm hole that self information is not write route.The present invention utilizes the complete trails detection method, check all after each node information that previous node is sent in receiving route that whether this node is with in the self information writing information, if registration strictly according to the facts thinks that then last node attacks node for the worm hole and give the alarm.
4. the implementation in unknown node estimation self coordinate stage
Through the checking of location information previous stage, unknown node obtained the peripheral beaconing nodes that can communicate by letter with it coordinate and and the distance between them, in this stage, utilize the maximum likelihood estimation technique to calculate the coordinate of unknown node.
At first because the distance between the coordinate of known beaconing nodes and they and the unknown node, so unknown node can utilize collect with the position relation of beaconing nodes on every side, and list equation group according to the Euclidean distance formula:
This moment z=1,2 ..., n, expression is set up the beaconing nodes of communicating by letter with this unknown node, n represents the number of the beaconing nodes that can communicate by letter with this unknown node foundation, (x
u, y
u) coordinate of expression unknown node U, (x
z, y
z) represent that ID is the coordinate of the beaconing nodes of z.At last, utilize least square method solving equation group, try to achieve the coordinate (x of unknown node U
u, y
u).
5. emulation experiment assessment
Verify performance of the present invention with three l-G simulation tests from different aspects below.
(1) l-G simulation test carries out in the rectangular area of a 600m*400m, disposes the unknown node of 100 sensor nodes as the needs location at random, and the communication radius of node is made as 100m.
In order to verify that the present invention is used for the effect of wireless sensor node location in unsafe environment, need to calculate the position error of unknown node.The computational methods of position error such as formula
(x wherein
m, y
m) elements of a fix of expression unknown node m, (x '
m, y '
m) true coordinate of expression unknown node m, R represents the communication radius of location node.In the rectangular area, dispose 30 beaconing nodes and 10 attack nodes at random.This experimental program is repeated
emulation 10 times, according to formula
Calculate the average position error (as Fig. 2) of 100 unknown node, wherein e
mThe position error of expression unknown node m, N represents the number of unknown node.By among Fig. 2 as can be seen, under experiment condition described above, the ratio that is beaconing nodes and unknown node is about 30%, the ratio of attacking node and unknown node is about under 10% the situation, the average position error of node of the present invention will reduce about 50% than the average position error of the node that does not have security mechanism, and the mean error value is comparatively stable, can remain between the 0.2-0.4 always.In order further to understand the performance of localization method of the present invention, detected the relation between the average position error of node and beaconing nodes number and the radius below respectively.
(2) in onesize rectangular area, dispose 100 unknown node (as Fig. 3) at random.The quantity of beaconing nodes is increased to the 50 average position errors (as Fig. 4) that obtain unknown node in the map network gradually by 10.Localization method of the present invention as seen from Figure 4 is also insensitive for the variation of beaconing nodes quantity, and can keep the average position error of node of 0.2-0.4 always.
(3) in position fixing process, the communication radius of node also can have influence on positioning result.In onesize rectangular area, dispose 100 unknown node at random, node (as Fig. 5) is attacked in 30 beaconing nodes and 3 pairs of worm holes, the communication radius of beaconing nodes is increased to 150m gradually by 50m, obtains the average position error (as Fig. 6) of 100 unknown node in this process.Localization method of the present invention as seen from Figure 6 makes that the average position error of unknown node is littler, but when the communication radius of beaconing nodes surpass the worm hole attack the node communication radius 150% after, the positioning accuracy of the present invention and DV-Hop reaches unanimity.Because the communication radius of uncontrollable attack node and their distribution density in actual applications, therefore locating effect of the present invention is more reliable.
In concrete exemplifying embodiment, safe position fixing process is by four-stage, effectively protected in the position fixing process reliability of position information source and the integrality of positional information itself.By The simulation experiment result as can be seen, because the present invention has added authentication mechanism and testing mechanism in position fixing process, the present invention can effectively reduce the average position error of wireless sensor network node in having the network environment of security threat.