CN103619011A - Method for tolerating malicious nodes in wireless sensor network - Google Patents

Method for tolerating malicious nodes in wireless sensor network Download PDF

Info

Publication number
CN103619011A
CN103619011A CN201310597049.5A CN201310597049A CN103619011A CN 103619011 A CN103619011 A CN 103619011A CN 201310597049 A CN201310597049 A CN 201310597049A CN 103619011 A CN103619011 A CN 103619011A
Authority
CN
China
Prior art keywords
node
nodes
sensor network
time
malicious
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201310597049.5A
Other languages
Chinese (zh)
Other versions
CN103619011B (en
Inventor
姜禹
黄杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southeast University
Original Assignee
Southeast University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southeast University filed Critical Southeast University
Priority to CN201310597049.5A priority Critical patent/CN103619011B/en
Publication of CN103619011A publication Critical patent/CN103619011A/en
Application granted granted Critical
Publication of CN103619011B publication Critical patent/CN103619011B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

本发明公开了一种无线传感器网络中的恶意节点容忍方法,改变了传统的以加密、认证和信任模型为基础的安全防护方法,采用主动破坏恶意节点的方式进行主动防护达到攻击容忍的目的。通过在网络中传输无意义数据消耗恶意节点的能量,在攻击容忍状态下,正常节点只有在发送数据的时刻才产生能量消耗,而恶意节点一直处于射频工作状态,以所有正常节点的小能量消耗换取恶意节点的大能量消耗以至其不能工作。在保证传感器网络正常数据通信的前提下,完成了对恶意节点的有效防护,为无线传感器网络的安全通信提供了新的思路。

The invention discloses a malicious node tolerance method in a wireless sensor network, which changes the traditional security protection method based on encryption, authentication and trust model, and actively protects by actively destroying malicious nodes to achieve the purpose of attack tolerance. The energy of malicious nodes is consumed by transmitting meaningless data in the network. In the state of attack tolerance, normal nodes only generate energy consumption when sending data, while malicious nodes are always in the radio frequency working state. With the small energy consumption of all normal nodes In exchange for the large energy consumption of malicious nodes so that they cannot work. On the premise of ensuring the normal data communication of the sensor network, the effective protection of malicious nodes is completed, which provides a new idea for the secure communication of the wireless sensor network.

Description

一种无线传感器网络中的恶意节点容忍方法A Malicious Node Tolerance Method in Wireless Sensor Networks

技术领域technical field

本发明涉及一种无线传感器网络中的恶意节点攻击容忍方法,属于无线通信和网络安全领域。The invention relates to a malicious node attack tolerance method in a wireless sensor network, belonging to the fields of wireless communication and network security.

背景技术Background technique

近年来,随着传感器、计算机、无线通信、微机电等技术的发展和相互融合,产生了无线传感器网络(WSN:wireless sensor networks),人们终于可以实时监测外部环境,实现大范围、自动化的信息采集。WSN在军事侦察、环境监测、医疗监护、空间探索、城市交通管理、仓储管理等军事和民用领域有着广阔的应用前景。In recent years, with the development and integration of sensor, computer, wireless communication, micro-electromechanical and other technologies, wireless sensor networks (WSN: wireless sensor networks) have emerged. People can finally monitor the external environment in real time and realize large-scale and automated information. collection. WSN has broad application prospects in military and civilian fields such as military reconnaissance, environmental monitoring, medical monitoring, space exploration, urban traffic management, and warehouse management.

无线传感器网络是由大量的电池能量、计算能力、存储能力、通信能力有限的传感器节点组成。如果网络节点不可控(例如,敌战区)或者WSN规模庞大,那么节点将会通过随机撒播的方式布置。由于WSN是无线通信,攻击者可轻易在该网络的任务域里监听信道,向信道里注射比特流,重放以前监听到的数据包。此外,如果传感器随机部署在无人值守的外部空间的,攻击者可轻易捕获该节点,重写内存,或者用自己的传感器来替代该节点,通过冒充以获得数据信息。A wireless sensor network is composed of a large number of sensor nodes with limited battery energy, computing power, storage capacity, and communication capabilities. If the network nodes are uncontrollable (for example, enemy war zone) or the WSN scale is large, then the nodes will be arranged randomly. Since WSN is a wireless communication, an attacker can easily monitor the channel in the task domain of the network, inject bit stream into the channel, and replay the previously monitored data packets. In addition, if the sensor is randomly deployed in the unattended external space, the attacker can easily capture the node, rewrite the memory, or replace the node with his own sensor, and obtain data information by posing.

但是,WSN由于自身资源和计算能力的限制,导致其安全比普通计算机网络安全面临更严峻的挑战。因此,需要更加有效的安全防范机制。However, due to the limitations of its own resources and computing power, WSN's security faces more severe challenges than ordinary computer network security. Therefore, a more effective security prevention mechanism is needed.

目前,一些无线传感器网络模型中的恶意节点被假设是能量和资源不受限制的,但在实际的应用场合这种假设往往不成立,在现实的无线传感器布设场景下,无限能量和资源几乎不可能实现,这只适用于有线网络的场景。因此,对于恶意节点来说,同样存在当能量耗尽而无法工作的情况。At present, malicious nodes in some wireless sensor network models are assumed to have unlimited energy and resources, but this assumption is often not true in practical applications. In the actual wireless sensor deployment scenario, unlimited energy and resources are almost impossible. Realized, this is only applicable to wired network scenarios. Therefore, for malicious nodes, there is also the situation that they cannot work when the energy is exhausted.

恶意节点在传感器网络中的攻击方式包括选择转发、篡改数据、重放和DOS攻击等等,恶意节点如果要进行上述的攻击,当网络中有数据包传输,必须保证射频电路处于工作状态,否则无法达到其攻击目的。恶意节点的射频电路的工作时间决定其生命周期,长时间使恶意节点工作于射频收发状态让其能量迅速耗尽以达到容忍攻击的目的。The attack methods of malicious nodes in the sensor network include selective forwarding, data tampering, replay and DOS attacks, etc. If malicious nodes want to carry out the above attacks, when there is data packet transmission in the network, the radio frequency circuit must be in working condition, otherwise Unable to achieve its attack purpose. The working time of the radio frequency circuit of the malicious node determines its life cycle, so that the malicious node works in the radio frequency transmitting and receiving state for a long time so that its energy will be exhausted quickly to achieve the purpose of tolerating the attack.

对于无线传感器节点,其能量的消耗主要在控制电路和射频电路,而射频电路处于发射或者接收状态下的功耗一般是控制电路的3~6倍。如何有效的使无线传感器节点协调其工作中的休眠状态(关闭射频电路),使保证整个网络长时间有效运行的关键。For wireless sensor nodes, the energy consumption is mainly in the control circuit and the radio frequency circuit, and the power consumption of the radio frequency circuit in the transmitting or receiving state is generally 3 to 6 times that of the control circuit. How to effectively make the wireless sensor nodes coordinate their dormant state (turn off the radio frequency circuit) in their work is the key to ensure the long-term effective operation of the entire network.

发明内容Contents of the invention

技术问题:为了克服现有技术中存在的不足,本发明提出一种无线传感器网络中的恶意节点容忍方法,针对恶意节点的运作特点,无线传感器网络中的正常节点在修改后的网络通信协议下工作,使得恶意节点的能量迅速耗尽,达到容忍和破坏恶意节点的目的。Technical problem: In order to overcome the deficiencies in the prior art, the present invention proposes a malicious node tolerance method in a wireless sensor network. Aiming at the operating characteristics of malicious nodes, normal nodes in a wireless sensor network can Work, so that the energy of malicious nodes is quickly exhausted, and the purpose of tolerating and destroying malicious nodes is achieved.

技术方案:为实现上述目的,本发明采用的技术方案为:Technical scheme: in order to achieve the above object, the technical scheme adopted in the present invention is:

一种无线传感器网络中的恶意节点容忍方法,包括如下步骤:A malicious node tolerance method in a wireless sensor network, comprising the steps of:

(1)基站向全网发送攻击容忍命令,该命令消息以泛洪方式在网络中传输,每个传感器网络中的正常节点收到该命令后都准备从正常工作状态进入攻击容忍状态;(1) The base station sends an attack tolerance command to the entire network, and the command message is transmitted in the network in a flooding manner, and each normal node in the sensor network is ready to enter the attack tolerance state from the normal working state after receiving the command;

(2)正常节点i(i=1,2,......N)进入攻击容忍状态,N表示无线传感器网络中的节点个数。节点i分别设定两个定时器Ti1和Ti2,以及一个随机唤醒次数Wi,其中Wi根据网络中的攻击节点数目确定,当攻击节点不确定时,设定Wi=3,Wi随着网络中的攻击节点数目的增加而增加,Ti1表示节点i进入攻击容忍状态的总时间,Ti2表示节点i第一次唤醒的时间,并且Ti1>Wi·Ti2(2) The normal node i (i=1,2,...N) enters the attack tolerance state, and N represents the number of nodes in the wireless sensor network. Node i respectively sets two timers T i1 and T i2 , and a random number of wake-ups W i , where W i is determined according to the number of attacking nodes in the network, when the attacking node is uncertain, set W i =3, W i increases as the number of attacking nodes in the network increases, T i1 represents the total time for node i to enter the attack-tolerant state, T i2 represents the time for node i to wake up for the first time, and T i1 >W i ·T i2 ;

(3)节点i关闭射频电路,并根据Ti1设定的时间进入休眠模式,当休眠时间达到Ti2时,节点i唤醒并打开射频电路,并向网络发送随机数据包D。数据包D发送完成后,Wi=Wi-1,Ti1=Ti1-Ti2,节点i重新计算Ti2满足Ti1>Wi·Ti2,并设定Ti1和Ti2(3) Node i turns off the radio frequency circuit, and enters sleep mode according to the time set by T i1 , when the sleep time reaches T i2 , node i wakes up and turns on the radio frequency circuit, and sends random data packet D to the network. After the data packet D is sent, W i =W i -1, T i1 =T i1 -T i2 , node i recalculates T i2 to satisfy T i1 >W i ·T i2 , and sets T i1 and T i2 ;

(4)重复步骤(3),直到Wi=0,节点i关闭射频电路,并根据Ti1设定的时间进入休眠模式;(4) Repeat step (3) until W i =0, node i turns off the radio frequency circuit, and enters the sleep mode according to the time set by T i1 ;

(5)当休眠时间达到Ti1时,节点i唤醒并打开射频电路,重新进入正常工作状态。(5) When the sleep time reaches T i1 , node i wakes up and turns on the radio frequency circuit, and re-enters the normal working state.

所述无线传感器网络中的恶意节点容忍方法可以在传感器网络正常工作的状态下使用,传感器网络的所有节点周期性地在正常工作状态SN和攻击容忍状态ST下交替。交替的周期时间由传感器网络对数据实时性的要求决定,实时性要求越高则SN的时间要大于ST的时间,反之,ST的时间要大于SN的时间。The malicious node tolerance method in the wireless sensor network can be used in the normal working state of the sensor network, and all nodes of the sensor network alternate between the normal working state SN and the attack tolerant state ST periodically. The alternate cycle time is determined by the sensor network's requirement for real-time data. The higher the real-time requirement, the longer the time of SN is than the time of ST . On the contrary, the time of ST is longer than the time of SN .

所述处于正常工作状态SN和攻击容忍状态ST下的时间可以在网络初始化时设定,也可根据数据实时性要求的变化进行实时调整。The time in the normal working state SN and the attack tolerant state ST can be set during network initialization, and can also be adjusted in real time according to changes in data real-time requirements.

所述无线传感器网络中的恶意节点容忍方法在所有网络节点处于攻击容忍状态ST下,不进行数据和路由信息的交互。The malicious node tolerance method in the wireless sensor network does not perform data and routing information interaction when all network nodes are in the attack tolerance state ST .

所述无线传感器网络中的恶意节点容忍方法在对数据实时性要求很高的网络中,可以采用分簇的方法实现。每个簇分别独立运行恶意节点容忍方法,由簇头向自己所在簇的节点发送攻击容忍命令进而每个簇内节点运行完整攻击容忍的方法,每个簇头仍然处于正常工作状态,接收并缓存来自上层的数据或路由请求,在本簇进入正常工作状态时和簇内节点进行数据交互。The malicious node tolerance method in the wireless sensor network can be implemented by clustering in a network that requires high real-time data. Each cluster independently runs the malicious node tolerance method, and the cluster head sends the attack tolerance command to the nodes in its own cluster, and then each node in the cluster runs a complete attack tolerance method, and each cluster head is still in the normal working state, receiving and caching Data or routing requests from the upper layer interact with the nodes in the cluster when the cluster enters the normal working state.

所述分簇的方法实现无线传感器网络中的恶意节点容忍方法中,各个簇中的簇头需要根据自身的能量和资源情况进行簇头轮换,保证节点能量和资源的平衡。In the clustering method to realize malicious node tolerance in the wireless sensor network, the cluster heads in each cluster need to perform cluster head rotation according to their own energy and resource conditions to ensure the balance of node energy and resources.

所述无线传感器网络中的恶意节点容忍方法可以结合恶意节点的入侵检测方法使用,当入侵检测方法未检测到恶意节点时,传感器网络中的所有节点维持原状态工作;当入侵检测方法检测到恶意节点时,传感器网络进入正常工作状态和攻击容忍状态的交替。随着恶意节点的排除,网络恢复到原工作状态。The malicious node tolerance method in the wireless sensor network can be used in conjunction with the intrusion detection method of the malicious node. When the intrusion detection method does not detect the malicious node, all nodes in the sensor network maintain the original state of work; when the intrusion detection method detects the malicious node When the nodes are connected, the sensor network enters the alternation of normal working state and attack tolerance state. With the exclusion of malicious nodes, the network returns to its original working state.

有益效果:本发明提供无线传感器网络中的恶意节点容忍方法,改变了传统的以加密、认证和信任模型为基础的安全防护方法,采用主动破坏恶意节点的方式进行主动防护达到攻击容忍的目的。通过在网络中传输无意义数据消耗恶意节点的能量,在攻击容忍状态下,正常节点只有在发送数据的时刻才产生能量消耗,而恶意节点一直处于射频工作状态,以所有正常节点的小能量消耗换取恶意节点的大能量消耗以至其不能工作。在保证传感器网络正常数据通信的前提下,完成了对恶意节点的有效防护,为无线传感器网络的安全通信提供了新的思路。Beneficial effects: the present invention provides a malicious node tolerance method in a wireless sensor network, which changes the traditional security protection method based on encryption, authentication and trust models, and actively protects by actively destroying malicious nodes to achieve the goal of attack tolerance. The energy of malicious nodes is consumed by transmitting meaningless data in the network. In the state of attack tolerance, normal nodes only generate energy consumption when sending data, while malicious nodes are always in the radio frequency working state. With the small energy consumption of all normal nodes In exchange for the large energy consumption of malicious nodes so that they cannot work. On the premise of ensuring the normal data communication of the sensor network, the effective protection of malicious nodes is completed, which provides a new idea for the secure communication of the wireless sensor network.

附图说明Description of drawings

图1为本发明方法的流程图;Fig. 1 is the flowchart of the inventive method;

图2为本发明方法在分簇网络中的流程图;Fig. 2 is the flowchart of the inventive method in the clustering network;

图3为本发明中正常节点的工作时序图;Fig. 3 is the working sequence chart of normal node among the present invention;

图4为本发明中正常节点结合入侵检测方法的工作时序图;Fig. 4 is a working sequence diagram of a normal node combined with an intrusion detection method in the present invention;

图5为使用本发明方法后的节点能量消耗图。Fig. 5 is a graph of node energy consumption after using the method of the present invention.

具体实施方式Detailed ways

下面结合附图对本发明作更进一步的说明。The present invention will be further described below in conjunction with the accompanying drawings.

如图1所示为一种无线传感器网络中的恶意节点容忍方法在分簇网络中的流程图,包括如下步骤:As shown in Figure 1, it is a flow chart of a malicious node tolerance method in a wireless sensor network in a clustering network, including the following steps:

(1)基站向全网发送攻击容忍命令,该命令消息以泛洪方式在网络中传输,每个传感器网络中的正常节点收到该命令后都准备从正常工作状态进入攻击容忍状态;(1) The base station sends an attack tolerance command to the entire network, and the command message is transmitted in the network in a flooding manner, and each normal node in the sensor network is ready to enter the attack tolerance state from the normal working state after receiving the command;

(2)正常节点i(i=1,2,......N)进入攻击容忍状态,N表示无线传感器网络中的节点个数。节点i分别设定两个定时器Ti1和Ti2,以及一个随机唤醒次数Wi,其中Wi根据网络中的攻击节点数目确定,当攻击节点不确定时,设定Wi=3,Wi随着网络中的攻击节点数目的增加而增加,Ti1表示节点i进入攻击容忍状态的总时间,Ti2表示节点i第一次唤醒的时间,并且Ti1>Wi·Ti2(2) The normal node i (i=1,2,...N) enters the attack tolerance state, and N represents the number of nodes in the wireless sensor network. Node i respectively sets two timers T i1 and T i2 , and a random number of wake-ups W i , where W i is determined according to the number of attacking nodes in the network, when the attacking node is uncertain, set W i =3, W i increases as the number of attacking nodes in the network increases, T i1 represents the total time for node i to enter the attack-tolerant state, T i2 represents the time for node i to wake up for the first time, and T i1 >W i ·T i2 ;

(3)节点i关闭射频电路,并根据Ti1设定的时间进入休眠模式,当休眠时间达到Ti2时,节点i唤醒并打开射频电路,并向网络发送随机数据包D。数据包D发送完成后,Wi=Wi-1,Ti1=Ti1-Ti2,节点i重新计算Ti2满足Ti1>Wi·Ti2,并设定Ti1和Ti2(3) Node i turns off the radio frequency circuit, and enters sleep mode according to the time set by T i1 , when the sleep time reaches T i2 , node i wakes up and turns on the radio frequency circuit, and sends random data packet D to the network. After the data packet D is sent, W i =W i -1, T i1 =T i1 -T i2 , node i recalculates T i2 to satisfy T i1 >W i ·T i2 , and sets T i1 and T i2 ;

(4)重复步骤(3),直到Wi=0,节点i关闭射频电路,并根据Ti1设定的时间进入休眠模式;(4) Repeat step (3) until W i =0, node i turns off the radio frequency circuit, and enters the sleep mode according to the time set by T i1 ;

(5)当休眠时间达到Ti1时,节点i唤醒并打开射频电路,重新进入正常工作状态。(5) When the sleep time reaches T i1 , node i wakes up and turns on the radio frequency circuit, and re-enters the normal working state.

如图2所示为一种无线传感器网络中的恶意节点容忍方法的流程图,包括如下步骤:As shown in Figure 2, it is a flowchart of a malicious node tolerance method in a wireless sensor network, including the following steps:

(1)基站向全网的簇头节点发送攻击容忍命令,该命令消息以泛洪方式在网络中传输,每个传感器网络中的簇头节点接收该命令;(1) The base station sends an attack tolerance command to the cluster head nodes of the entire network, and the command message is transmitted in the network in a flooding manner, and the cluster head nodes in each sensor network receive the command;

(2)每个簇头节点向所在簇的各个传感器节点发送攻击容忍命令,每个簇中的正常节点收到该命令后都准备从正常工作状态进入攻击容忍状态;(2) Each cluster head node sends an attack tolerance command to each sensor node in the cluster, and the normal nodes in each cluster are ready to enter the attack tolerance state from the normal working state after receiving the command;

(3)簇内的正常节点i(i=1,2,......N)进入攻击容忍状态,N表示簇内的节点个数。节点i分别设定两个定时器Ti1和Ti2,以及一个随机唤醒次数Wi,其中Wi根据本簇内中的攻击节点数目确定,当攻击节点不确定时,设定Wi=3,Wi随着网络中的攻击节点数目的增加而增加,Ti1表示节点i进入攻击容忍状态的总时间,Ti2表示节点i第一次唤醒的时间,并且Ti1>Wi·Ti2(3) The normal node i (i=1,2,...N) in the cluster enters the attack tolerance state, and N represents the number of nodes in the cluster. Node i respectively sets two timers T i1 and T i2 , and a random number of wake-ups W i , where W i is determined according to the number of attacking nodes in the cluster, and when the attacking node is uncertain, set W i =3 , W i increases with the number of attacking nodes in the network, T i1 represents the total time for node i to enter the attack-tolerant state, T i2 represents the time for node i to wake up for the first time, and T i1 >W i ·T i2 ;

(4)节点i关闭射频电路,并根据Ti1设定的时间进入休眠模式,当休眠时间达到Ti2时,节点i唤醒并打开射频电路,并向网络发送随机数据包D。数据包D发送完成后,Wi=Wi-1,Ti1=Ti1-Ti2,节点i重新计算Ti2满足Ti1>Wi·Ti2,并设定Ti1和Ti2(4) Node i turns off the radio frequency circuit, and enters sleep mode according to the time set by T i1 , when the sleep time reaches T i2 , node i wakes up and turns on the radio frequency circuit, and sends random data packet D to the network. After the data packet D is sent, W i =W i -1, T i1 =T i1 -T i2 , node i recalculates T i2 to satisfy T i1 >W i ·T i2 , and sets T i1 and T i2 ;

(5)重复步骤(3),直到Wi=0,节点i关闭射频电路,并根据Ti1设定的时间进入休眠模式;(5) Repeat step (3) until W i =0, node i turns off the radio frequency circuit, and enters the sleep mode according to the time set by T i1 ;

(6)当休眠时间达到Ti1时,节点i唤醒并打开射频电路,重新进入正常工作状态。(6) When the sleep time reaches T i1 , node i wakes up and turns on the radio frequency circuit, and re-enters the normal working state.

如图3所示为正常节点使用本发明的恶意节点容忍方法的工作时序图,从图中可以看出,正常节点以T为周期在正常工作状态和攻击容忍状态间进行交替,其中处于正常工作状态的时间为T1,处于攻击容忍状态的时间为T2。T1和T2根据传感器网络的实际应用环境和攻击节点的情况进行调整,T2越大,对恶意节点的容忍效果越好,但网络数据通信的实时性会下降。As shown in Figure 3, it is a working sequence diagram of a normal node using the malicious node tolerance method of the present invention. It can be seen from the figure that the normal node alternates between the normal working state and the attack tolerant state with a period of T, and the normal working state The time in the state is T 1 , and the time in the attack-tolerant state is T 2 . T 1 and T 2 are adjusted according to the actual application environment of the sensor network and the situation of the attack node. The larger T 2 is, the better the tolerance to malicious nodes is, but the real-time performance of network data communication will decrease.

如图4所示为本发明中正常节点结合入侵检测方法的工作时序图,从图中可以看出,正常节点在正常工作状态下同时进行恶意节点的入侵检测,处于这个状态的时间为T1,当正常节点检测到有恶意节点存在会通知基站或簇头使所有正常节点进入攻击容忍状态,因此T1不固定,如果网络中未检测到恶意节点,那么正常节点一直处于正常工作和入侵检测状态。节点处于攻击容忍状态的时间为T2,T2为固定值。随着恶意节点的排除,网络恢复到原工作状态。As shown in Figure 4, it is a working sequence diagram of a normal node in conjunction with an intrusion detection method in the present invention, as can be seen from the figure, a normal node simultaneously performs intrusion detection of a malicious node in a normal working state, and the time in this state is T 1 , when a normal node detects the existence of a malicious node, it will notify the base station or the cluster head to make all normal nodes enter the attack tolerance state, so T 1 is not fixed, if no malicious node is detected in the network, then the normal node has been in normal work and intrusion detection state. The time that the node is in the attack tolerance state is T 2 , and T 2 is a fixed value. With the exclusion of malicious nodes, the network returns to its original working state.

在具体实施例中,我们假设无线传感器网络中有100个正常节点,有1个恶意节点,恶意节点在10%的正常节点的射频覆盖范围内,即其可以和10个正常节点进行数据通讯,恶意节点收到正常节点的数据包后,会进行两次转发。为了说明本发明方法的作用,需要对节点的能量消耗值进行量化。以CC2530作为传感器节点主芯片为例,假设其工作时钟频率是32MHz,CPU的工作电流为6.5mA,射频接收开启的工作电流为24.3mA,射频发射开启的工作电流为33.5mA,休眠状态下仅开启一个定时器中断的工作电流为90uA。In a specific embodiment, we assume that there are 100 normal nodes and 1 malicious node in the wireless sensor network, and the malicious node is within the radio frequency coverage of 10% of the normal nodes, that is, it can communicate with 10 normal nodes. After the malicious node receives the data packet from the normal node, it will forward it twice. In order to illustrate the function of the method of the present invention, it is necessary to quantify the energy consumption value of the nodes. Taking CC2530 as the main chip of the sensor node as an example, suppose its working clock frequency is 32MHz, the working current of CPU is 6.5mA, the working current of RF receiving is 24.3mA, and the working current of RF transmitting is 33.5mA. The operating current to start a timer interrupt is 90uA.

节点按照图3所示的正常节点工作时序图进行工作,T1=1s,T2=4s,并分别取W=3和W=30进行试验,观测100s时间,结果如图5所示,横坐标为时间,单位s,纵坐标为功耗,单位mAs。从图中可以看出,最下方的曲线为正常节点的功耗非常小,因此使用了本发明的方法几乎不增加正常节点能量的消耗,而上方的两条曲线表示恶意节点的功耗,其能量消耗是正常节点的几百倍,W越大,恶意节点的能量消耗也越快。随着工作时间的增加,使用本发明方法会使得恶意节点的能量快速消耗,使其无法运作,而对于恶意节点数量更多的网络,本发明方法的效果更佳。The node works according to the normal node working timing diagram shown in Figure 3, T 1 =1s, T 2 =4s, and respectively take W=3 and W=30 for the test, observe for 100s, the results are shown in Figure 5, horizontal The coordinate is time, the unit is s, and the ordinate is power consumption, the unit is mAs. It can be seen from the figure that the lower curve shows that the power consumption of normal nodes is very small, so the method of the present invention hardly increases the energy consumption of normal nodes, while the upper two curves represent the power consumption of malicious nodes. The energy consumption is hundreds of times that of normal nodes. The larger W is, the faster the energy consumption of malicious nodes will be. With the increase of working time, using the method of the present invention will rapidly consume the energy of malicious nodes, making them unable to operate, and for a network with more malicious nodes, the effect of the method of the present invention is better.

以上所述仅是本发明的优选实施方式,应当指出:对于本技术领域的普通技术人员来说,在不脱离本发明原理的前提下,还可以做出若干改进和润饰,这些改进和润饰也应视为本发明的保护范围。The above is only a preferred embodiment of the present invention, it should be pointed out that for those of ordinary skill in the art, without departing from the principle of the present invention, some improvements and modifications can also be made, and these improvements and modifications are also possible. It should be regarded as the protection scope of the present invention.

Claims (7)

1.一种无线传感器网络中的恶意节点攻击容忍方法,其特征在于:该方法包括如下步骤:1. A malicious node attack tolerance method in a wireless sensor network, characterized in that: the method comprises the steps: 1)基站向全网发送攻击容忍命令,该命令消息以泛洪方式在网络中传输,每个传感器网络中的正常节点收到该命令后都准备从正常工作状态进入攻击容忍状态;1) The base station sends an attack tolerance command to the entire network, and the command message is transmitted in the network in a flooding manner, and each normal node in the sensor network is ready to enter the attack tolerance state from the normal working state after receiving the command; 2)正常节点i进入攻击容忍状态,i=1,2,......N,N表示无线传感器网络中的节点个数,节点i分别设定两个定时器Ti1和Ti2,以及一个随机唤醒次数Wi,其中Wi根据网络中的攻击节点数目确定,当攻击节点不确定时,设定Wi=3,Wi随着网络中的攻击节点数目的增加而增加,Ti1表示节点i进入攻击容忍状态的总时间,Ti2表示节点i第一次唤醒的时间,并且Ti1>Wi·Ti22) The normal node i enters the attack tolerance state, i=1, 2,...N, N represents the number of nodes in the wireless sensor network, and the node i sets two timers T i1 and T i2 respectively, And a random wake-up times W i , where W i is determined according to the number of attacking nodes in the network, when the attacking nodes are uncertain, set W i =3, W i increases with the increase of the number of attacking nodes in the network, T i1 represents the total time for node i to enter the attack tolerance state, T i2 represents the time for node i to wake up for the first time, and T i1 >W i ·T i2 ; 3)节点i关闭射频电路,并根据Ti1设定的时间进入休眠模式,当休眠时间达到Ti2时,节点i唤醒并打开射频电路,并向网络发送随机数据包D,数据包D发送完成后,Wi=Wi-1,Ti1=Ti1-Ti2,节点i重新计算Ti2满足Ti1>Wi·Ti2,并设定Ti1和Ti23) Node i turns off the radio frequency circuit, and enters the sleep mode according to the time set by T i1 . When the sleep time reaches T i2 , node i wakes up and turns on the radio frequency circuit, and sends a random data packet D to the network, and the sending of data packet D is completed Afterwards, W i =W i -1, T i1 =T i1 -T i2 , node i recalculates T i2 to satisfy T i1 >W i ·T i2 , and sets T i1 and T i2 ; 4)重复步骤3),直到Wi=0,节点i关闭射频电路,并根据Ti1设定的时间进入休眠模式;4) Repeat step 3) until W i =0, node i turns off the radio frequency circuit, and enters the sleep mode according to the time set by T i1 ; 5)当休眠时间达到Ti1时,节点i唤醒并打开射频电路,重新进入正常工作状态。5) When the sleep time reaches T i1 , node i wakes up and turns on the radio frequency circuit, and re-enters the normal working state. 2.根据权利要求1所述的一种无线传感器网络中的恶意节点攻击容忍方法,其特征在于:该方法在传感器网络正常工作的状态下使用,传感器网络的所有节点周期性地在正常工作状态SN和攻击容忍状态ST下交替,交替的周期时间由传感器网络对数据实时性的要求决定,实时性要求越高则SN的时间要大于ST的时间,反之,ST的时间要大于SN的时间。2. the malicious node attack tolerance method in a kind of wireless sensor network according to claim 1, it is characterized in that: this method is used under the state that sensor network works normally, and all nodes of sensor network are in normal work state periodically SN and attack-tolerant state ST alternate, and the cycle time of the alternation is determined by the real-time requirements of the sensor network for data. The higher the real-time requirements, the time of SN is longer than the time of ST , otherwise, the time of ST is longer. Time greater than SN . 3.根据权利要求2所述的一种无线传感器网络中的恶意节点攻击容忍方法,其特征在于:所述处于正常工作状态SN和攻击容忍状态ST下的时间在网络初始化时设定,或根据数据实时性要求的变化进行实时调整。3. the malicious node attack tolerance method in a kind of wireless sensor network according to claim 2, it is characterized in that: the time under described normal working state SN and attack tolerance state ST is set during network initialization, Or make real-time adjustments according to changes in data real-time requirements. 4.根据权利要求1所述的一种无线传感器网络中的恶意节点攻击容忍方法,其特征在于:该方法在所有网络节点处于攻击容忍状态下,不进行数据和路由信息的交互。4. A malicious node attack tolerance method in a wireless sensor network according to claim 1, characterized in that: the method does not perform data and routing information interaction when all network nodes are in an attack tolerance state. 5.根据权利要求1所述的一种无线传感器网络中的恶意节点攻击容忍方法,其特征在于:该方法在对数据实时性要求很高的网络中,采用分簇的方法实现;每个簇分别独立运行恶意节点容忍方法,由簇头向自己所在簇的节点发送攻击容忍命令进而每个簇内节点运行完整攻击容忍的方法,每个簇头仍然处于正常工作状态,接收并缓存来自上层的数据或路由请求,在本簇进入正常工作状态时和簇内节点进行数据交互。5. the malicious node attack tolerance method in a kind of wireless sensor network according to claim 1, it is characterized in that: this method adopts the method for clustering to realize in the network that real-time data is required very high; Run the malicious node tolerance method independently, the cluster head sends the attack tolerance command to the nodes in its own cluster, and then each node in the cluster runs the complete attack tolerance method, each cluster head is still in the normal working state, receiving and caching the data from the upper layer Data or routing requests, when the cluster enters the normal working state, it interacts with the nodes in the cluster. 6.根据权利要求5所述的一种无线传感器网络中的恶意节点攻击容忍方法,其特征在于:所述分簇的方法实现无线传感器网络中的恶意节点容忍方法中,各个簇中的簇头需要根据自身的能量和资源情况进行簇头轮换,保证节点能量和资源的平衡。6. The malicious node attack tolerance method in a wireless sensor network according to claim 5, characterized in that: the clustering method realizes that in the malicious node tolerance method in the wireless sensor network, the cluster heads in each cluster It is necessary to perform cluster head rotation according to its own energy and resource conditions to ensure the balance of node energy and resources. 7.根据权利要求1所述的一种无线传感器网络中的恶意节点攻击容忍方法,其特征在于该方法结合恶意节点的入侵检测方法使用,当入侵检测方法未检测到恶意节点时,传感器网络中的所有节点维持原状态工作;当入侵检测方法检测到恶意节点时,传感器网络进入正常工作状态和攻击容忍状态的交替。随着恶意节点的排除,网络恢复到原工作状态。7. The malicious node attack tolerance method in a wireless sensor network according to claim 1, characterized in that the method is used in conjunction with the intrusion detection method of the malicious node, when the intrusion detection method does not detect the malicious node, in the sensor network All nodes in the sensor network maintain the original state; when the intrusion detection method detects malicious nodes, the sensor network enters the alternation of normal working state and attack tolerance state. With the exclusion of malicious nodes, the network returns to its original working state.
CN201310597049.5A 2013-11-21 2013-11-21 A kind of malicious node tolerance method in wireless sensor network Expired - Fee Related CN103619011B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310597049.5A CN103619011B (en) 2013-11-21 2013-11-21 A kind of malicious node tolerance method in wireless sensor network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310597049.5A CN103619011B (en) 2013-11-21 2013-11-21 A kind of malicious node tolerance method in wireless sensor network

Publications (2)

Publication Number Publication Date
CN103619011A true CN103619011A (en) 2014-03-05
CN103619011B CN103619011B (en) 2016-08-03

Family

ID=50169715

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310597049.5A Expired - Fee Related CN103619011B (en) 2013-11-21 2013-11-21 A kind of malicious node tolerance method in wireless sensor network

Country Status (1)

Country Link
CN (1) CN103619011B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080295170A1 (en) * 2002-04-29 2008-11-27 Microsoft Corporation Peer-to-peer name resolution protocol (pnrp) security infrastructure and method
CN102843672A (en) * 2012-08-08 2012-12-26 中国电力科学研究院 Malicious node detection method for sensing network based on energy fields

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080295170A1 (en) * 2002-04-29 2008-11-27 Microsoft Corporation Peer-to-peer name resolution protocol (pnrp) security infrastructure and method
CN102843672A (en) * 2012-08-08 2012-12-26 中国电力科学研究院 Malicious node detection method for sensing network based on energy fields

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
JING DENG: "《Dependable system and networks,2004 international conference ,IEEE》", 1 July 2004 *
王良民: "《容忍入侵的无线传感器网络模糊信任评估模型》", 《通信学报》 *

Also Published As

Publication number Publication date
CN103619011B (en) 2016-08-03

Similar Documents

Publication Publication Date Title
Wang et al. Wireless sensor networks-an introduction
Tripathi et al. Comparing the impact of black hole and gray hole attack on LEACH in WSN
CN105636053B (en) A kind of detection method attacked towards Sybil in WSN
Tran et al. OCO: Optimized communication & organization for target tracking in wireless sensor networks
Zhijie et al. Intrusion detection for wireless sensor network based on traffic prediction model
Singh et al. An adaptive energy aware DTN-based communication layer for cyber-physical systems
CN102045708A (en) Energy prediction-based wireless sensor network intrusion detection method
CN103560998A (en) Method and system for wireless sensor network to resist DoS attacks
Duan et al. Shortest path routing protocol for multi-layer mobile wireless sensor networks
CN103491542A (en) Method for detecting sewage pool attack intrusion of multi-path route in underwater sensor network
CN103619011B (en) A kind of malicious node tolerance method in wireless sensor network
Hudda et al. A novel approach for energy-efficient communication in a constrained IoT environment
Kaur et al. Securing the wireless sensor network from denial of sleep attack by isolating the nodes
CN108882282A (en) It is a kind of for the detection and the response method that newly flow attack in SDWSNs
Serianni et al. A MAC Layer Energy Drain Attack Analysis in WSN
Tripathi et al. Detection and countermeasure of node misbehaviour in clustered wireless sensor network
Gao et al. Scale‐free topology security mechanism of wireless sensor network against cascade failure
Ridwan et al. Optimization of the LEACH Protocol to Increase Stability on the Wireless Sensor Network
Alheeti et al. Intelligent Internet of Things for energy conservation based on routing protocol
Katiyar et al. Efficient multilevel clustering for large-scale heterogeneous wireless sensor networks
Fan et al. A new dynamic energy-based clustering model for wireless sensor networks
Muhammad et al. Information and communication technology issues & challenges for wireless sensor networks: SAJSET-01-2023-0012
Kishtwal et al. A review: wireless sensor networks (WSN) and security aspects
Dissanayake et al. A generation of dataset towards an Anomaly-Based Intrusion Detection System to detect Denial of Sleep Attacks in Internet of Things (IoT)
Abouelkhair et al. Hierarchal energy efficient network protocol for wireless sensing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20160803

Termination date: 20191121

CF01 Termination of patent right due to non-payment of annual fee