CN103701771A - Novel method for detecting Sybil attack in Internet of Things - Google Patents

Novel method for detecting Sybil attack in Internet of Things Download PDF

Info

Publication number
CN103701771A
CN103701771A CN201310605262.6A CN201310605262A CN103701771A CN 103701771 A CN103701771 A CN 103701771A CN 201310605262 A CN201310605262 A CN 201310605262A CN 103701771 A CN103701771 A CN 103701771A
Authority
CN
China
Prior art keywords
node
sybil
things
internet
attack
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201310605262.6A
Other languages
Chinese (zh)
Inventor
王江涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China MCC17 Group Co Ltd
Original Assignee
China MCC17 Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China MCC17 Group Co Ltd filed Critical China MCC17 Group Co Ltd
Priority to CN201310605262.6A priority Critical patent/CN103701771A/en
Publication of CN103701771A publication Critical patent/CN103701771A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • Y02B60/50

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a novel method for detecting a Sybil attack in the Internet of Things. According to the method, the Sybil attack in the Internet of Things is judged comprehensively according to the energy of a node and the intensity value of a received signal by adopting a method of carrying detection parameters at the tail part of a data packet in a protocol implementation stage, and the detection precision is improved by the mutual supervision of a cluster head node and a member node. A practical and feasible method for detecting the Sybil attack is provided for networks, particularly the Internet of Things, the safety of the Internet of Things can be improved effectively, such as routing, resource allocation, abnormal behavior detection. The novel method has the advantages of easiness in implementation, high detection efficiency, high anti-attack capacity and the like.

Description

A kind of for detection of Internet of Things Sybil attack new method
Technical field
The present invention be a kind of for information network, particularly detect Internet of Things Routing Protocol and be subject to the new method that Sybil attacks, belong to Internet of Things safety applications technical field.
Background technology
Internet of Things is a kind of can structure under the environment of network infrastructure in advance, the network that the peer to peer network being comprised of mobile node is a kind of self-organizing temporarily, manage certainly.In network, each node can add at any time and exit, topological structure frequent variations, and because the communication overlay face of each node is little, inter-node communication usually will forward through the multi-hop of other node.These features make Internet of Things except having the multiple threat such as information leakage, the information that general wireless network faces is distorted, Replay Attack, denial of service, Internet of Things also faces the easy victim physical manipulation of node, and obtain and revise all information that are stored in Internet of things node, thereby the threat of control section network, it is also a kind of of the attack pattern that is wherein harmful to very much that Sybil attacks.The target that Sybil attacks is to destroy the Distributed-solution that relies on multinode cooperation and multipath route.In Sybil attacks, malicious node is stated false identity by playing the part of other node or passing through, thereby other node table in network is revealed to multiple identities.The a series of nodes that exist Sybil node puppet to create at other node, but in fact those nodes do not exist, and all data that mail to those nodes, will be obtained by Sybil node.
Three kinds of characteristic features during Sybil attacks are: direct communication and indirect communication, the identity of forging and usurping, attack are simultaneously attacked with non-simultaneously.
(1) direct and indirect communication
Direct communication: a kind of method of implementing Sybil attack is that Sybil node and other legal node directly communicate, when legal node sends information to Sybil node, malicious node can be monitored these information.Equally, the information sent from Sybil node is actually to be sent by malicious node.
Indirect communication: in this attack pattern, do not have legal node can be directly and Sybil node communicate, yet one or more malicious node is claimed and can be arrived Sybil node.Therefore the information that mails to Sybil node is routed to these malicious nodes.
(2) identity of forging and stealing
Forged identity: in some cases, assailant can construct a plurality of ID of Sybil arbitrarily.Such as, if node ID is comprised of 32 integers, assailant only need just can obtain node ID by 32 random numbers of simple generation so.
Usurp identity: if there is security mechanism to identify the legitimacy of node ID in Internet of Things, assailant is just difficult to forge new ID so.Such as, itself just has the security mechanism that prevents from inserting new ID the name space of identity ID.In this case, assailant must usurp the legal identity of other node.
(3) attack simultaneously and non-attack simultaneously
Attack: assailant may attempt to utilize its all identity ID that have participation network communication simultaneously simultaneously, yet for a specific physical equipment, at a time, can only there is an identity, assailant can be by recycling different identity, and form the illusion of simultaneously using a plurality of ID.
Non-attack simultaneously: although assailant may have a plurality of identity, in a specific period, assailant only uses one of them identity.Assailant can be by an identity is exitted network, and utilize another one identity to rejoin network and realize this attack pattern.An identity can leave and add network repeatedly, also may only use once.
Summary of the invention
Object of the present invention will overcome the above problems exactly, provide a kind of and attack new method for detection of Internet of Things Sybil, employing in the agreement execution phase in the packet afterbody method of detected parameters information incidentally, according to the member node state information of storing in node received signal strength and node, comprehensively judge that the Sybil in Internet of Things attacks; And improve accuracy of detection by the mutual supervision of leader cluster node and member node.
Technical scheme of the present invention is achieved in that a kind of for detection of Internet of Things Sybil attack new method, is characterized in: the detection to Sybil node:
1) by node energy, the abnormal nodes in judgement Internet of Things;
2) by the Sybil in the received signal strength value judgement Internet of Things of node, attack, by the nodal distance receiving with the front once nodal distance value of record
Figure 760388DEST_PATH_IMAGE004
compare, if think Sybil attack has occurred over threshold value;
3), by four detection node, adopt the method for triangle location to complete the detection that Sybil is attacked;
4) the mutual supervision and by leader cluster node and member node has improved accuracy of detection;
5) adopt in the agreement execution phase in the packet afterbody method of detected parameters information incidentally, effectively reduce network energy consumption;
So just can complete and in Internet of Things, detect Sybil attack.
Meaning of the present invention is as wireless communication networks, particularly Internet of Things provides the method that the detection Sybil of a practical attacks, for the attack detecting in information security field provides new method, with more flexibly, the detection that Sybil is attacked of the thinking Design and implementation of more realistic reality, concrete beneficial effect:
1) according to node energy value and received signal strength, focus on to detect for Internet of Things route and endanger large Sybil attack, comprehensively improve routing protocol security performance.
2) for the Sybil of Internet of Things leader cluster node and member node, attack, the mutual supervision by leader cluster node and member node is to improve accuracy of detection.
3) employing, in the agreement execution phase in the incidentally method detection Sybil attack of detected parameters information of packet afterbody, has effectively reduced energy consumption.
4) to attack be the maximum a kind of attack of harm in Internet of Things to Sybil, other attack method mostly therewith attack method be combined with, reach the object of attack, so resolve Sybil, attack guaranteeing that the safety of the whole network has great meaning.
Accompanying drawing explanation
Fig. 1 is that four nodes detect Sybil attack schematic diagram.
Embodiment
According to the position of the signal strength signal intensity computing node of receiving node, can judge whether Internet of Things Sybil occurs and attack.Suppose to have following network environment: a two dimensional surface bunch network; All nodes have identical primary power, computing capability, communication capacity; Once node deployment completes, its position is fixed; Before node initializing completes, network is safe.Introduce the detection method that Sybil attacks below.
In the Jakes of Internet of Things channel space, the signal strength signal intensity that reception antenna receives
Figure 509513DEST_PATH_IMAGE006
it is transmitting-receiving range dfunction, the received signal strength of node is:
Figure 331976DEST_PATH_IMAGE008
(1)
In formula,
Figure 536692DEST_PATH_IMAGE010
for transmit signal strength (
Figure 735592DEST_PATH_IMAGE012
), now suppose that transmit receive antenna gain is 1,
Figure 342154DEST_PATH_IMAGE014
the channel gain of Rayleigh distributed, hthe impulse response of channel model,
Figure 273201DEST_PATH_IMAGE016
for the attenuation gradient of distance-energy,
Figure 27530DEST_PATH_IMAGE018
the received power of node, received power is with the distance of large scale decline drelevant, simultaneously also relevant with the Jakes channel model of Rayleigh distributed.
According to formula (1), obtain node iwith node jthe ratio of received signal strength:
Figure 702225DEST_PATH_IMAGE020
(2)
In the time of in the early stage, the initial energy value of node can be thought identical, and Internet of Things is a static network, internodal relative position does not change substantially, so again by formula (2) can think RSSI ratio only and distance dependent be.Transmission information in bunch head is in the situation that energy is identical, and the ratio of the receiving intensity of signal is only proportional to the ratio of distance
Figure 225611DEST_PATH_IMAGE022
, from formula (2)
Figure 593138DEST_PATH_IMAGE024
, now
Figure 772447DEST_PATH_IMAGE026
represent node ireceive another node jsignal strength signal intensity during signal.
Node location is changeless, and it should have unique positional information so.Sybil attacks a node while occurring and forges a plurality of effective No. ID, sends harmful information.So only need to prove a plurality of No. ID only corresponding to same node, so just can think Sybil attack.
Four nodes just can be determined the geographical position of the node being associated with it, detect Sybil attack method as shown in Figure 1.Wherein
Figure 47570DEST_PATH_IMAGE028
with
Figure 628724DEST_PATH_IMAGE030
two identity that a node has,
Figure 916222DEST_PATH_IMAGE032
,
Figure 645144DEST_PATH_IMAGE034
,
Figure 661641DEST_PATH_IMAGE036
,
Figure 159619DEST_PATH_IMAGE038
four detection node.
Figure DEST_PATH_IMAGE039
with
Figure 806632DEST_PATH_IMAGE040
two different identity of a node, when Sybil attacking network, with capital sends information.
Figure DEST_PATH_IMAGE043
Figure DEST_PATH_IMAGE045
Figure DEST_PATH_IMAGE047
(3)
If above formula is set up, because positional information is unique node, but have two No. ID, illustrate that Sybil attack has occurred this Internet of Things.
New method of the present invention is divided into election of cluster head, bunch foundation, and tdma slot distributes and transfer of data four-stage.For the ease of being formulated detection algorithm, some parameters that table 1 provides algorithm to be used while realizing.
The parameter that table 1 detection algorithm is used
Parameter name Functional description
Figure DEST_PATH_IMAGE049
 Leader cluster node
Figure DEST_PATH_IMAGE051
Figure DEST_PATH_IMAGE053
 Member node
Figure DEST_PATH_IMAGE055
 Represent node
Figure 615429DEST_PATH_IMAGE056
No. ID
Represent node vNo. ID
Figure 933595DEST_PATH_IMAGE060
 Leader cluster node receives
Figure 291895DEST_PATH_IMAGE053
Energy value while once sending information before node
Figure 764464DEST_PATH_IMAGE062
 Leader cluster node receives
Figure 815597DEST_PATH_IMAGE053
Energy value during this transmission information of node
Figure 740828DEST_PATH_IMAGE064
 Leader cluster node records
Figure 902819DEST_PATH_IMAGE053
RSSI value while once sending information before node
Leader cluster node records
Figure 186350DEST_PATH_IMAGE053
RSSI value during this transmission information of node
Message(
Figure 598876DEST_PATH_IMAGE053
) 		Node
Figure 564558DEST_PATH_IMAGE053
The information gathering
Location(
Figure 746141DEST_PATH_IMAGE053
) 		Node
Figure 876427DEST_PATH_IMAGE053
Positional information
Figure 713933DEST_PATH_IMAGE068
 The warning message that node sends
Figure 280043DEST_PATH_IMAGE070
 The threshold value of energy abnormality juding
Figure 519395DEST_PATH_IMAGE072
 The threshold value of RSSI abnormality juding
Figure 879969DEST_PATH_IMAGE074
 The threshold value that range error is judged
What in Internet of Things, Sybil attacked harm maximum is outside invasion, and external node has been intercepted and captured the key of legal node, and the inner node that disguises oneself as endangers network, and the present invention mainly discusses this attack.In experiment, choose at random several leader cluster nodes, network is divided into several bunches, leader cluster node is directly communicated by letter with member node, and member node is only communicated by letter with the leader cluster node of affiliated bunch.Because the function of two kinds of nodes is different, so the method that judgement Sybil attacks is also different.Member node judges (impact of network environment is larger owing to being subject to, and energy value and RSSI value are all averaged) from the variation of energy value and RSSI value.Leader cluster node adopts the detection method of multi-parameter, to increase the precision of detection.Below provide respectively the detection method of member node and leader cluster node.
(1) detect member node the algorithm that Sybil attacks occurs
Suppose certain member node only and a node direct communication (this node can be leader cluster node, can be also member node, detects principle identical, supposes that this node is leader cluster node herein), provide concrete detection method below:
STEP1: member node
Figure 204771DEST_PATH_IMAGE053
to leader cluster node
Figure 574572DEST_PATH_IMAGE056
send detection information:
STEP2: leader cluster node the energy value of sending and RSSI value are compared to judgement
Figure 746425DEST_PATH_IMAGE053
whether be abnormal node:
Figure 919917DEST_PATH_IMAGE078
(4)
Figure 868282DEST_PATH_IMAGE080
(5)
If all set up formula (4), (5), this node is abnormal nodes, thinks that so Sybil attack has occurred this node.
STEP3: by leader cluster node
Figure 773921DEST_PATH_IMAGE056
the issue information of flooding is notified its adjacent leader cluster node
Figure 870053DEST_PATH_IMAGE082
, inform
Figure 516410DEST_PATH_IMAGE053
there is Sybil and attack in node.
Figure 381598DEST_PATH_IMAGE084
(2) detect leader cluster node the algorithm that Sybil attacks occurs
Suppose a leader cluster node and 4 above member node direct communications, provide concrete detection method below:
STEP1: leader cluster node
Figure 458138DEST_PATH_IMAGE056
to member node
Figure 41566DEST_PATH_IMAGE086
send control information:
Figure 228965DEST_PATH_IMAGE088
STEP2: the RSSI value and the energy value that send according to leader cluster node, member node
Figure DEST_PATH_IMAGE089
according to formula (1), calculate the nodal distance that makes new advances and receive
Figure 151922DEST_PATH_IMAGE002
, will
Figure 399364DEST_PATH_IMAGE090
with the front once nodal distance value of record
Figure DEST_PATH_IMAGE091
compare:
Figure DEST_PATH_IMAGE093
(6)
If formula (6) is set up
Figure 407771DEST_PATH_IMAGE089
think that leader cluster node is abnormal.
STEP3: so
Figure DEST_PATH_IMAGE095
node sends abnormal information to adjacent member node
Figure DEST_PATH_IMAGE097
:
Figure DEST_PATH_IMAGE099
STEP4: by
Figure DEST_PATH_IMAGE101
node detects leader cluster node again:
Figure DEST_PATH_IMAGE103
(7)
If formula (7) is set up
Figure DEST_PATH_IMAGE105
think that leader cluster node is abnormal.
STEP5: so
Figure 203121DEST_PATH_IMAGE106
node sends abnormal information to adjacent member node
Figure 42901DEST_PATH_IMAGE108
:
Figure 84413DEST_PATH_IMAGE110
Above formula indicate 2 member node (
Figure 314537DEST_PATH_IMAGE053
with
Figure 171635DEST_PATH_IMAGE097
) think that leader cluster node is abnormal.
STEP6: if
Figure 803604DEST_PATH_IMAGE112
information occurs, illustrated that 4 member node think that leader cluster node is abnormal.
STEP7: if
Figure 455166DEST_PATH_IMAGE114
,
Figure 438165DEST_PATH_IMAGE116
, set up, show that so leader cluster node Sybil occurs and attacks.
STEP8: Internet of Things re-establishes new bunch head, the node of new bunch of first generation Sybil attack is notified to neighbor node around, and the node that Sybil attack occurs is excluded to network.
Figure 319850DEST_PATH_IMAGE120
Detect Sybil attack step:
(1) the election of cluster head stage
Candidate cluster head node, to the information of the whole network broadcast oneself, announces oneself to be leader cluster node.Synchronization can only have the information of a leader cluster node broadcast oneself.Candidate cluster head node huse plaintext broadcasting packet
Figure 407892DEST_PATH_IMAGE122
give own node around, tell when front-wheel number
Figure 612608DEST_PATH_IMAGE124
with a bunch head
Figure 811509DEST_PATH_IMAGE126
.
1) now carry out leader cluster node detection algorithm.Suppose a leader cluster node and four above member node direct communications: leader cluster node to member node
Figure 152491DEST_PATH_IMAGE128
send control information, member node the energy value of sending and RSSI value are compared to judgement bunch head
Figure DEST_PATH_IMAGE131
whether be abnormal node, if abnormal nodes member node no longer to this leader cluster node, send data.
2) the RSSI value and the energy value that according to leader cluster node, send, member node
Figure 349117DEST_PATH_IMAGE129
the nodal distance that calculating makes new advances and receives
Figure 44060DEST_PATH_IMAGE002
, will
Figure 781071DEST_PATH_IMAGE002
with the front once nodal distance value of record
Figure 242140DEST_PATH_IMAGE091
compare, if be greater than detection threshold,
Figure 671984DEST_PATH_IMAGE129
think that leader cluster node is abnormal.
3) node sends abnormal information to adjacent member node, by
Figure 126416DEST_PATH_IMAGE132
node detects leader cluster node again, if be greater than detection threshold
Figure DEST_PATH_IMAGE133
think that leader cluster node is abnormal.
4)
Figure 707570DEST_PATH_IMAGE101
node sends abnormal information to adjacent member node
Figure DEST_PATH_IMAGE135
, now indicate 2 member node (
Figure DEST_PATH_IMAGE136
with
Figure DEST_PATH_IMAGE138
) think that leader cluster node is abnormal.
5) if information occurs, illustrate that 4 member node think that leader cluster node is abnormal, now can show that Sybil attack occurs leader cluster node.
6) one take turns later Internet of Things and re-elect a bunch head, the node that new bunch of first generation Sybil attacks is notified to node around, and excludes network by there is the node that Sybil attacks.
(2) bunch establishment stage
Each non-leader cluster node determines oneself to belong to which bunch.Each node may be received several broadcasting packets from different leader cluster nodes , node is just strong and weak according to the signal of receiving message, chooses the transmission source of the broadcasting packet that signal is the strongest as the leader cluster node of oneself.Then register the cipher key flag of this leader cluster node
Figure 855786DEST_PATH_IMAGE126
, and send
Figure DEST_PATH_IMAGE143
to leader cluster node notice, add this bunch.
(3) tdma slot allocated phase
Each leader cluster node according to be registered to it bunch node number, create the time slot allocation of a TDMA.Leader cluster node sends a schedule information to bunch member node, thereby guarantees that each bunch of member has the time period of own transmission data.
(4) data transfer phase
After bunch foundation completes, the TDMA that bunch member node starts at oneself image data send to a bunch head in the time period.A bunch service data blending algorithm after a frame end, sends to base station the data after merging.Each bunch is assigned with a different CDMA code word, so the transfer of data of each bunch can not affect the transfer of data of other bunch.In this stage, can carry out member node detection algorithm.
1) member node
Figure 522391DEST_PATH_IMAGE053
to leader cluster node
Figure DEST_PATH_IMAGE144
send detection information, bunch head
Figure DEST_PATH_IMAGE145
right
Figure DEST_PATH_IMAGE146
the energy value of sending and RSSI value compare judges member
Figure DEST_PATH_IMAGE147
whether there is Sybil attack.
2) if there is Sybil attack, by leader cluster node issue big vast model information and notify its adjacent leader cluster node
Figure DEST_PATH_IMAGE150
, inform
Figure DEST_PATH_IMAGE151
there is Sybil attack in node.Adjacent node cut off with
Figure DEST_PATH_IMAGE152
writing to each other of node.

Claims (1)

1. for detection of Internet of Things Sybil, attack a new method, it is characterized in that: the detection to Sybil node:
A) by node energy, the abnormal nodes in judgement Internet of Things;
B) by the Sybil in the received signal strength value judgement Internet of Things of node, attack, by the nodal distance receiving with the front once nodal distance value of record
Figure 184868DEST_PATH_IMAGE004
compare, if think Sybil attack has occurred over threshold value;
C), by four detection node, adopt the method for triangle location to complete the detection that Sybil is attacked;
D) the mutual supervision and by leader cluster node and member node has improved accuracy of detection;
E) adopt in the agreement execution phase in the packet afterbody method of detected parameters information incidentally, effectively reduce network energy consumption;
So just can complete and in Internet of Things, detect Sybil attack.
CN201310605262.6A 2013-11-26 2013-11-26 Novel method for detecting Sybil attack in Internet of Things Pending CN103701771A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310605262.6A CN103701771A (en) 2013-11-26 2013-11-26 Novel method for detecting Sybil attack in Internet of Things

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310605262.6A CN103701771A (en) 2013-11-26 2013-11-26 Novel method for detecting Sybil attack in Internet of Things

Publications (1)

Publication Number Publication Date
CN103701771A true CN103701771A (en) 2014-04-02

Family

ID=50363168

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310605262.6A Pending CN103701771A (en) 2013-11-26 2013-11-26 Novel method for detecting Sybil attack in Internet of Things

Country Status (1)

Country Link
CN (1) CN103701771A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105635072A (en) * 2014-11-06 2016-06-01 阿里巴巴集团控股有限公司 Controlled account identification method and device
CN105636053A (en) * 2016-02-04 2016-06-01 中国人民解放军装甲兵工程学院 Detection method oriented to Sybil attack in WSN
CN112653682A (en) * 2020-12-16 2021-04-13 深圳前海微众银行股份有限公司 Method and device for detecting block chain eclipse attack
CN113225741A (en) * 2021-05-17 2021-08-06 国网山东省电力公司济南供电公司 Distributed hybrid Sybil attack detection method and system for mobile self-organizing network
CN115866605A (en) * 2023-02-14 2023-03-28 东南大学 Sybil attack detection and isolation method based on signal intensity

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070094494A1 (en) * 2005-10-26 2007-04-26 Honeywell International Inc. Defending against sybil attacks in sensor networks
KR100892086B1 (en) * 2007-07-09 2009-04-06 에스케이 텔레콤주식회사 Method for Detecting Sybil Attack in Ubiquitous Sensor Networks
CN101478756A (en) * 2009-01-16 2009-07-08 南京邮电大学 Method for detecting Sybil attack

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070094494A1 (en) * 2005-10-26 2007-04-26 Honeywell International Inc. Defending against sybil attacks in sensor networks
KR100892086B1 (en) * 2007-07-09 2009-04-06 에스케이 텔레콤주식회사 Method for Detecting Sybil Attack in Ubiquitous Sensor Networks
CN101478756A (en) * 2009-01-16 2009-07-08 南京邮电大学 Method for detecting Sybil attack

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王江涛,杨庚,孙源,陈生寿: "攻击检测安全LEACH路由协议", 《应用科学学报》 *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105635072A (en) * 2014-11-06 2016-06-01 阿里巴巴集团控股有限公司 Controlled account identification method and device
CN105635072B (en) * 2014-11-06 2018-11-27 阿里巴巴集团控股有限公司 Regulated account recognition methods and device
CN105636053A (en) * 2016-02-04 2016-06-01 中国人民解放军装甲兵工程学院 Detection method oriented to Sybil attack in WSN
CN105636053B (en) * 2016-02-04 2019-03-29 中国人民解放军装甲兵工程学院 A kind of detection method attacked towards Sybil in WSN
CN112653682A (en) * 2020-12-16 2021-04-13 深圳前海微众银行股份有限公司 Method and device for detecting block chain eclipse attack
CN113225741A (en) * 2021-05-17 2021-08-06 国网山东省电力公司济南供电公司 Distributed hybrid Sybil attack detection method and system for mobile self-organizing network
CN115866605A (en) * 2023-02-14 2023-03-28 东南大学 Sybil attack detection and isolation method based on signal intensity
CN115866605B (en) * 2023-02-14 2023-05-09 东南大学 Method for detecting and isolating witches attack based on signal intensity

Similar Documents

Publication Publication Date Title
CN101478756A (en) Method for detecting Sybil attack
Dong et al. Preserving source-location privacy through redundant fog loop for wireless sensor networks
CN107835510B (en) Phantom routing-based wireless sensor network source node position privacy protection method
Baadache et al. Struggling against simple and cooperative black hole attacks in multi-hop wireless ad hoc networks
Athmani et al. Hierarchical energy efficient intrusion detection system for black hole attacks in WSNs
CN103701771A (en) Novel method for detecting Sybil attack in Internet of Things
El Kaissi et al. DAWWSEN: A defense mechanism against wormhole attacks in wireless sensor networks
Choudhary et al. Preventing black hole attack in AODV using timer-based detection mechanism
Hiremani et al. Eliminating co-operative blackhole and grayhole attacks using modified EDRI table in MANET
Raju et al. A simple and efficient mechanism to detect and avoid wormhole attacks in mobile ad hoc networks
Nitnaware et al. Black hole attack detection and prevention strategy in DYMO for MANET
Heurtefeux et al. Enhancing RPL resilience against routing layer insider attacks
Raje et al. Routing in wireless sensor network using fuzzy based trust model
Moudni et al. Modified AODV routing protocol to improve security and performance against black hole attack
Gambhir et al. PPN: Prime product number based malicious node detection scheme for MANETs
Virmani et al. Exponential trust based mechanism to detect black hole attack in wireless sensor network
Sharma et al. Modified AODV Protocol to Prevent Black Hole Attack in Mobile Ad-hoc Network
Sun et al. Self-propagating mal-packets in wireless sensor networks: Dynamics and defense implications
Upadhyay et al. Detecting and avoiding wormhole attack in MANET using statistical analysis approach
Kumar et al. Consensus based algorithm to detecting malicious nodes in mobile adhoc network
Kamatchi et al. Securing data from black hole attack using aodv routing for mobile ad hoc networks
Rana et al. Wireless ad hoc network: detection of malicious node by using neighbour-based authentication approach
Singh et al. An approach to improve the performance of WSN during wormhole attack using promiscuous mode
Chaba et al. Performance Analysis of Disable IP Broadcast Technique for Prevention of Flooding-Based DDoS Attack in MANET.
FIHRI et al. The impact of black-hole attack on AODV protocol

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20140402