CN103957525A - Malicious node detection method based on clustering trust evaluation in internet of vehicles - Google Patents

Malicious node detection method based on clustering trust evaluation in internet of vehicles Download PDF

Info

Publication number
CN103957525A
CN103957525A CN201410198919.6A CN201410198919A CN103957525A CN 103957525 A CN103957525 A CN 103957525A CN 201410198919 A CN201410198919 A CN 201410198919A CN 103957525 A CN103957525 A CN 103957525A
Authority
CN
China
Prior art keywords
cluster
trust
node
mrow
cluster head
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201410198919.6A
Other languages
Chinese (zh)
Other versions
CN103957525B (en
Inventor
陈向益
邬海琴
陈龙
王良民
贾雪丹
熊书明
王新胜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu University
Original Assignee
Jiangsu University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu University filed Critical Jiangsu University
Priority to CN201410198919.6A priority Critical patent/CN103957525B/en
Publication of CN103957525A publication Critical patent/CN103957525A/en
Application granted granted Critical
Publication of CN103957525B publication Critical patent/CN103957525B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention relates to the field of network communication safety of the internet of vehicles, in particular to a malicious node detection method based on clustering trust evaluation in the internet of vehicles. The malicious node detection method comprises the following steps of clustering and cluster head selection; cluster head node trust evaluation; trust evaluation on member nodes in clusters; cluster trust evaluation and node trust update. A network is divided into a plurality of clusters, intra-cluster nodes are communicated, and different clusters are communicated through cluster heads. The method can adapt to a large VANET network and is good in extendibility, and the communication cost of different intra-cluster member nodes is reduced. In addition, a recommendation chain on the aspect of recommendation trust computation is simplified, and the computation is performed by directly using packet loss rate.

Description

Malicious node detection method based on clustering trust evaluation in Internet of vehicles
Technical Field
The invention relates to the field of Internet of vehicles network communication safety, in particular to a malicious node detection method based on clustering trust evaluation in the Internet of vehicles.
Background
The internet of vehicles is a vehicle-mounted self-organizing network, is a fast-moving broadband multi-hop wireless network, and is used for realizing communication between vehicles and between the vehicles and roadside infrastructure in a moving process, so that the vehicles in a certain range can exchange mutual condition information and road traffic information, the traffic efficiency can be improved, and the driving safety of a driver can be ensured. However, the characteristics of the car networking network such as openness, fast topology change and high autonomy make the car networking network face more serious security challenges than a general mobile ad hoc network, such as the problems that malicious vehicles spread false road information, and selfish vehicles refuse to cooperate with other vehicles.
The architecture of a conventional Ad-hoc network can be classified into a planar structure and a hierarchical structure. In the plane structure, the positions of the nodes are relatively equal, the network topology is simple, robust and convenient to maintain, but when the number of the nodes is large, large overhead is caused, the processing capacity is weakened, and even a path is interrupted, so the plane structure is mainly suitable for a small network. Aiming at the defects, a hierarchical structure suitable for a large-scale network is provided, the network is divided into a plurality of clusters, data communication among member nodes of different clusters is realized through cluster head nodes in each cluster, the method has good expandability, communication overhead among the member nodes in different clusters is reduced, and mobility management among the nodes is facilitated.
The traditional security mechanism, such as an authentication protocol, a digital signature, key management and the like, has a certain precaution effect on external attacks of the network, but in the face of internal attacks of malicious nodes in the network, such as malicious packet loss, data tampering, false information provision and the like, the existing security mechanism is difficult to effectively resist, so that a new scheme needs to be adopted to detect the malicious nodes in the network, and the security of the internet of vehicles is ensured.
Most of the currently proposed malicious node detection methods are in the context of wireless sensor networks, such as a detection algorithm based on multivariate classification [ liuhuabo, build-up, sannhong, a wireless sensor network malicious node detection algorithm based on multivariate classification [ J ]. sensory technical report [ 2011(05) ], a detection method based on reputation [ forest, research on a malicious node identification method based on a reputation mechanism in a mobile AdHoc network [ D ]. harbin industrial university 2010], a detection method based on node behaviors [ huilong, detection of malicious nodes based on node behavior classification in a wireless sensor network [ D ]. china metering institute 2013], while in vehicle networking (VANET), most of the detection methods also consider the nodes in the network to be at the same level, and in large networks, large expenses are caused.
George et al propose a trust model based on semi-ring algebraic theory. In this model, the computational reasoning of trust is analogous to finding the shortest path problem on weighted directed graph G (V, E). Points in the graph represent nodes in the network, directed edges represent trust relationships, and the trust value between the two nodes is calculated by using a semi-ring algebraic theory and is evaluated. The weighted edges of node i to node j represent the view of node i to node j. The weight function is defined as I (I, j): V multiplied by V → S, and S is an idea space and consists of two components of trust estimation value trust and confidence value confidence, wherein the confidence value is the reliability of trust estimation established after the two nodes are interacted for a plurality of times and represents the quality of trust. In the model method, the trust degree given to the destination node by the source node is calculated according to the trust degree of the intermediate nodes, and when a plurality of intermediate nodes exist, the whole recommendation chain is long and the calculation is complex. In the method, all vehicle nodes are in the same level, unified management is lacked, when the network scale is large and the number of the vehicle nodes is large, the control and routing overhead is large, the expandability is poor, and the relation that trust changes along with time is not considered, so that the situation that the original normal nodes are changed into malicious nodes cannot be detected.
Disclosure of Invention
The invention aims to provide a malicious node detection method suitable for large-scale vehicle networking. As shown in figure 1, the network is divided into a plurality of clusters, the nodes in the clusters communicate, and the cluster heads communicate among different clusters, so that the method has good expandability, reduces the communication overhead among the member nodes in different clusters, calculates the trust value according to the trust model by the communication result, and considers the node as a malicious node and removes the node from the network when the trust value of the node is lower than the preset threshold value.
In order to achieve the purpose, the invention provides a malicious node detection method based on clustering trust evaluation in the internet of vehicles, which comprises the following steps:
(1) clustering, selecting a cluster head: initializing a network, forming nodes with small mobility in all nodes of the network into a cluster, and selecting the node with the minimum mobility change relative to a neighbor as a cluster head;
(2) and (3) evaluating trust of cluster head nodes: the cluster head nodes are managed by the base station, and the comprehensive trust value is evaluated according to the direct trust value of the base station and the recommended trust values of other cluster head nodes; the direct trust value is an objective statistical result and is calculated according to the successful times and the failed times of interaction between the base station node and the cluster head node; calculating the recommended trust value by using packet loss rate;
(3) and (3) evaluating trust of member nodes in the cluster: the member nodes in the cluster are managed by the cluster head node, and the comprehensive trust value of the member nodes in the cluster comprises a direct trust value of the cluster head node to the member nodes and recommended trust values of other nodes in the cluster; the direct trust value is an objective statistical result and is calculated according to the interactive success times and the interactive failure times of the cluster head node and the member nodes; calculating the recommended trust value by using packet loss rate;
(4) cluster trust evaluation: the trust value of the cluster is jointly determined by the cluster head node and all member nodes in the cluster;
(5) and (3) updating node trust: and updating trust at intervals of T, and selecting the highest trust in each cluster as a cluster head on the basis of an initial cluster head selection algorithm.
Further, the above step (1) relative mobility calculation formula is:
<math> <mrow> <msubsup> <mi>M</mi> <mi>Y</mi> <mi>rel</mi> </msubsup> <mrow> <mo>(</mo> <mi>x</mi> <mo>)</mo> </mrow> <mo>=</mo> <mn>10</mn> <msub> <mi>log</mi> <mn>10</mn> </msub> <mfrac> <mrow> <msub> <mi>R</mi> <mi>x</mi> </msub> <msub> <mrow> <mo>(</mo> <msubsup> <mi>P</mi> <mi>r</mi> <mrow> <mi>X</mi> <mo>&RightArrow;</mo> <mi>Y</mi> </mrow> </msubsup> <mo>)</mo> </mrow> <mi>new</mi> </msub> </mrow> <mrow> <msub> <mi>R</mi> <mi>x</mi> </msub> <msub> <mrow> <mo>(</mo> <msubsup> <mi>p</mi> <mi>r</mi> <mrow> <mi>X</mi> <mo>&RightArrow;</mo> <mi>Y</mi> </mrow> </msubsup> <mo>)</mo> </mrow> <mi>old</mi> </msub> </mrow> </mfrac> <mo>.</mo> </mrow> </math>
wherein,indicating the relative mobility of node neighbor node X to node Y,indicating the magnitude of the information power received from the neighboring node X at the last time instant Y,the value of the power of the information received from the neighbor node X at the current moment Y after the delta t time;the smaller the value, the smaller the change in the motion of the relative adjacent point, ifThen X will be1And selecting the cluster head.
Further, the direct trust value, the recommended trust value and the comprehensive trust value in the step (2) are obtained by the following formulas:
setting the base station to perform x times of behavior observation on the cluster head node, wherein the number of times of obtaining the normal behavior (namely, successful interaction) of the cluster head node is u, the number of times of interaction failure is f, and then the direct trust value calculation formula of the base station i on the cluster head node h is as followsLambda is negative event influence strength;
the recommended trust value calculation formula of other cluster head nodes isWherein N isfThe actual forwarded data packet number of the cluster head node h is Nr, and the received data packet statistical value which is required to be forwarded from each cluster head node is Nr;
the comprehensive trust value calculation formula of the cluster head node h is Th=w1 *dih+(1-w1 )rhWherein w is1Weight occupied by direct trust value, dihDirect trust value, r, for base station i to cluster head node hhAnd recommending trust values for other nodes in the cluster.
More further, the direct trust value, the recommended trust value and the comprehensive trust value in the step (3) are obtained by the following formulas:
setting a cluster head to observe the behavior of member nodes in the cluster for x times, wherein the number of times of obtaining the normal behavior of the member nodes in the cluster is u, iIf the number of the regular behaviors is f, the direct trust value of the cluster head node h to the member node k in the cluster is calculated according to the formulaLambda is negative event influence strength;
the recommended trust value calculation formula of other member nodes in the cluster isWherein N isfNumber of packets actually sent for member node k in the cluster, NrStatistics for received data packets from member nodes in each cluster;
the calculation formula of the comprehensive trust value of the member nodes in the cluster is Tk=w2dhk+(1-w2)rkWherein d ishkDirect trust value, r, for cluster head node h to member node k in the clusterkRecommending trust values, w, for other nodes in the cluster2Weight occupied by direct trust value of cluster head node, w2Comprehensive trust value T with cluster head node hhIn connection with, if ThIf it is greater than the predetermined threshold value, w2The value is larger, otherwise, the threshold is selected to be 0.6, the node with the trust degree lower than the threshold is considered as a malicious node, the node with the trust degree higher than the threshold is considered as a normal node, and the trust degree is 1 at most.
Further, the formula for calculating the trust value of the cluster in the step (4) isWherein, let cluster be i, total n nodes (including cluster head node) in cluster i, ThIs the integrated trust value, w, of the cluster head node3Is the proportion of the cluster head trust value in the cluster head, w3The larger the cluster trust value representing the cluster is more dependent on the cluster head node, the trust value of the cluster can be used as a reference for the whole cluster, and when the cluster trust value is lower than the threshold value, the cluster trust value is removed from the network.
The existing malicious node detection method based on trust is mostly based on a network plane structure, when the number of network nodes is large, particularly in the mobile environment of the vehicular networking VANET, the detection cost is large. And the recommendation chain is simplified in the aspect of recommendation trust calculation, and the packet loss rate is directly used for calculation.
Drawings
FIG. 1 is a schematic diagram of a clustering structure.
FIG. 2 is a flow chart of the detection method of the present invention.
FIG. 3 is a diagram of node X1,X2Schematic diagram of relative movement.
Detailed Description
As shown in fig. 2, the detection method of the present invention has 5 steps, which are respectively:
(1) clustering, selecting a cluster head: initializing a network, forming nodes with small mobility in all nodes of the network into a cluster, and selecting the node with the minimum mobility change relative to a neighbor as a cluster head;
(2) and (3) evaluating trust of cluster head nodes: the cluster head nodes are managed by the base station, and the comprehensive trust value is evaluated according to the direct trust value of the base station and the recommended trust values of other cluster head nodes; the direct trust value is an objective statistical result and is calculated according to the successful times and the failed times of interaction between the base station node and the cluster head node; calculating the recommended trust value by using packet loss rate;
(3) and (3) evaluating trust of member nodes in the cluster: the member nodes in the cluster are managed by the cluster head node, and the comprehensive trust value of the member nodes in the cluster comprises a direct trust value of the cluster head node to the member nodes and recommended trust values of other nodes in the cluster; the direct trust value is an objective statistical result and is calculated according to the interactive success times and the interactive failure times of the cluster head node and the member nodes; calculating the recommended trust value by using packet loss rate;
(4) cluster trust evaluation: the trust value of the cluster is jointly determined by the cluster head node and all member nodes in the cluster;
(5) and (3) updating node trust: and updating trust at intervals of T, and selecting the highest trust in each cluster as a cluster head on the basis of an initial cluster head selection algorithm.
The invention is further illustrated below with reference to specific embodiments and the accompanying drawings.
Assuming that the number of mobile vehicle nodes on a highway is 50, dividing the vehicle nodes with smaller mobility into a cluster, and selecting the node with the minimum mobility relative to the neighbor nodes as a cluster head, according to the specific method, in a time delta t, the power ratio of two continuous received messages is used as the basis for measuring the relative mobility of the nodes, as shown in fig. 3, n nodes (only two nodes are shown in the figure) are arranged around a node Y, and the relative mobility calculation method is as follows:
<math> <mrow> <msubsup> <mi>M</mi> <mi>Y</mi> <mi>rel</mi> </msubsup> <mrow> <mo>(</mo> <mi>x</mi> <mo>)</mo> </mrow> <mo>=</mo> <mn>10</mn> <msub> <mi>log</mi> <mn>10</mn> </msub> <mfrac> <mrow> <msub> <mi>R</mi> <mi>x</mi> </msub> <msub> <mrow> <mo>(</mo> <msubsup> <mi>P</mi> <mi>r</mi> <mrow> <mi>X</mi> <mo>&RightArrow;</mo> <mi>Y</mi> </mrow> </msubsup> <mo>)</mo> </mrow> <mi>new</mi> </msub> </mrow> <mrow> <msub> <mi>R</mi> <mi>x</mi> </msub> <msub> <mrow> <mo>(</mo> <msubsup> <mi>p</mi> <mi>r</mi> <mrow> <mi>X</mi> <mo>&RightArrow;</mo> <mi>Y</mi> </mrow> </msubsup> <mo>)</mo> </mrow> <mi>old</mi> </msub> </mrow> </mfrac> <mo>.</mo> </mrow> </math>
in the formula,indicating the relative mobility of the neighbor node X to node Y,indicating the magnitude of the information power received from the neighboring node X at the last time instant Y,the value of the power of the information received from the neighbor node X at the current moment Y after the delta t time;the smaller the value, the smaller the change in the motion of the relative adjacent point, ifThen X will be1And selecting the cluster head.
The method comprises the following specific steps:
(1) all nodes send or receive HELLO messages to or from neighbor nodes. Each node calculates the power of two consecutive messages received from the neighbor nodes and their relative mobility metrics according to the above equation. Then according to M Y = var { M Y rel ( X j ) } j = 1 n = E { ( M Y rel ) 2 } A set of relative mobility metrics M is calculated.
(2) All nodes set the initial state as the non-cluster state, and each node broadcasts a HELLO message to a neighbor of one hop in each broadcast interval, wherein the HELLO message comprises the mobility metric M (initially set to 0). And stores it in the neighbor list along with the timeout timer.
(3) And if the M value of the node is lower than the M values of all other neighbors, selecting the node as a cluster head, otherwise, selecting the node as a cluster member.
And (3) evaluating trust of cluster head nodes: because the node trust is directly evaluated according to historical experience, the base station and the cluster head node need a recording table to record the number of successful times, failure times, the number of successfully forwarded data packets and the total number of data packets required to be forwarded during the past period of time and the direct interaction with other nodes. And (3) within a certain period of time, directly interacting the base station and a cluster head node h successfully U times and failing f times, obeying uniform distribution U (0,1) according to the prior probability of successful interaction between the base station and the cluster head node h assumed by Bayes, marking as pi (p), and deducing to obtain the beta distribution obeyed by the posterior probability. After the base station carries out x-time interaction on the cluster head node, a new event R occurs, wherein R is that the x-time interaction occurs u times successfully, and P (R | P) ═ Pu(1-p)x-uFrom a continuous form of the total probability formula
<math> <mrow> <mi>P</mi> <mrow> <mo>(</mo> <mi>R</mi> <mo>)</mo> </mrow> <mo>=</mo> <msubsup> <mo>&Integral;</mo> <mn>0</mn> <mn>1</mn> </msubsup> <mi>P</mi> <mrow> <mo>(</mo> <mi>R</mi> <mo>|</mo> <mi>p</mi> <mo>)</mo> </mrow> <mi>&pi;</mi> <mrow> <mo>(</mo> <mi>p</mi> <mo>)</mo> </mrow> <mi>dp</mi> <mo>=</mo> <mfrac> <mrow> <mrow> <mo>(</mo> <mi>x</mi> <mo>-</mo> <mi>u</mi> <mo>)</mo> </mrow> <mo>!</mo> <mi>u</mi> <mo>!</mo> </mrow> <mrow> <mrow> <mo>(</mo> <mi>x</mi> <mo>+</mo> <mn>1</mn> <mo>)</mo> </mrow> <mo>!</mo> </mrow> </mfrac> </mrow> </math>
The posterior probability represents the update probability after the occurrence of the event R, and according to the bayes theorem, the density function is as follows:
<math> <mrow> <mi>P</mi> <mrow> <mo>(</mo> <mi>p</mi> <mo>|</mo> <mi>R</mi> <mo>)</mo> </mrow> <mo>=</mo> <mfrac> <mrow> <mi>&Gamma;</mi> <mrow> <mo>(</mo> <mi>u</mi> <mo>+</mo> <mrow> <mo>(</mo> <mi>x</mi> <mo>-</mo> <mi>u</mi> <mo>)</mo> </mrow> <mo>+</mo> <mn>2</mn> <mo>)</mo> </mrow> </mrow> <mrow> <mi>&Gamma;</mi> <mrow> <mo>(</mo> <mi>u</mi> <mo>+</mo> <mn>1</mn> <mo>)</mo> </mrow> <mi>&Gamma;</mi> <mrow> <mo>(</mo> <mrow> <mo>(</mo> <mi>x</mi> <mo>-</mo> <mi>u</mi> <mo>)</mo> </mrow> <mo>+</mo> <mn>1</mn> <mo>)</mo> </mrow> </mrow> </mfrac> <msup> <mi>p</mi> <mi>u</mi> </msup> <msup> <mrow> <mo>(</mo> <mn>1</mn> <mo>-</mo> <mi>p</mi> <mo>)</mo> </mrow> <mrow> <mi>x</mi> <mo>-</mo> <mi>u</mi> </mrow> </msup> </mrow> </math>
it can be seen that the posterior probability density of p is not uniformly distributed any more, but is Beta distributed, and Beta (u +1, x-u +1) is satisfied, the future success event is predicted by the above formula, and p (x) is "the probability that x times of successful interaction, i.e. x +1 times of successful interaction, are known, i.e. the direct trust value: <math> <mrow> <mi>P</mi> <mo>=</mo> <mi>E</mi> <mrow> <mo>(</mo> <mi>&beta;</mi> <mrow> <mo>(</mo> <mi>u</mi> <mo>+</mo> <mn>1</mn> <mo>,</mo> <mi>x</mi> <mo>-</mo> <mi>u</mi> <mo>+</mo> <mn>1</mn> <mo>)</mo> </mrow> <mo>)</mo> </mrow> <mo>=</mo> <mfrac> <mrow> <mi>u</mi> <mo>+</mo> <mn>1</mn> </mrow> <mrow> <mi>x</mi> <mo>+</mo> <mn>2</mn> </mrow> </mfrac> <mo>=</mo> <mfrac> <mrow> <mi>u</mi> <mo>+</mo> <mn>1</mn> </mrow> <mrow> <mi>u</mi> <mo>+</mo> <mi>f</mi> <mo>+</mo> <mn>2</mn> </mrow> </mfrac> <mo>.</mo> </mrow> </math>
considering that in the real world, a malicious behavior can greatly reduce the trust evaluation of the subject on the object, namely, the influence of a negative event on the trust is larger than that of a positive event, the influence of the negative event is introduced to correct a direct trust value, and thenThe direct trust value of the base station i to the cluster head node h isWherein, the negative event influence strength lambda is 2c(c is more than or equal to 0), c is a continuous packet loss counter, the initial value of c is 0, the increment is 1 when packet loss occurs for the first time, then c is counted up after continuous packet loss, the lambda value is increased exponentially rapidly, the influence of continuous packet loss on the trust value is amplified rapidly, and when no packet loss occurs in observation of two continuous time periods, c is decreased by 1 until the value is decreased to 1, the lambda is also decreased slowly, the influence of a packet loss event is weakened slowly, and the direct trust value is enabled to show the characteristics of rapid decrease and slow recovery by introducing negative event influence lambda so as to accord with the change rule of the trust of the real world.
Recommending trust values of cluster head nodes are obtained by recommending other cluster head nodes, in order to simplify the model, the recommending trust values are calculated by applying packet loss rate, and N is assumedfNumber of packets actually forwarded for cluster head node h, NrFor the received data packet statistics value required to be forwarded from each cluster head node, the recommended trust value of the cluster head node h is
The comprehensive trust value of the cluster head node h is Th=w1 *dih+(1-w1 )rhWherein w is1Taking w as the weight of the direct trust value and considering that the proportion of the direct trust value is larger1Is 0.7. If the trust value is lower than the specified threshold value of 0.6, the node is removed, otherwise, the trust value is stored in the record table of the cluster head node h.
And (3) evaluating trust of member nodes in the cluster: the evaluation method is the same as that of a cluster head node, the cluster head is set to carry out x times of behavior observation on member nodes in the cluster, wherein the number of times of obtaining the normal behavior of the member nodes in the cluster is u, and then the direct trust value calculation formula of the member nodes in the cluster k by the cluster head node h isThe recommended trust value calculation formula of other member nodes in the cluster isWherein N isfNumber of packets actually forwarded for member node k in the cluster, NrThe statistics of the received data packets which come from member nodes in each cluster and require to be forwarded; the calculation formula of the comprehensive trust value of the member nodes in the cluster is Tk=w2dhk+(1-w2)rkWherein d ishkDirect trust value, r, for cluster head node h to member node k in the clusterkRecommended trust value, w, for nodes k in other clusters2Weight occupied by direct trust value of cluster head node, w2Comprehensive trust value T with cluster head node hhIn connection with, if ThIf it is greater than the predetermined threshold value, w2The value is larger, otherwise, the value is smaller, the threshold is selected to be 0.6, if the comprehensive trust degree is lower than the threshold, the node is considered to be a malicious node, if the comprehensive trust degree is higher than the threshold, the node is a normal node, and the trust degree is 1 at most. And if the comprehensive trust value of the member node in the cluster is lower than a specified threshold value, removing the node, otherwise, storing the node in the cluster head node record table.
Cluster trust evaluation: the trust value of the cluster is jointly determined by the cluster head node and all member nodes in the cluster. If n nodes (including cluster head nodes) in the cluster i are set, the trust vector of the whole cluster is Tiv=(T1,T2,...,Tn-1,Th) And combining the trust values of the nodes to obtain the trust value of the cluster i as follows:
<math> <mrow> <msub> <mi>C</mi> <mi>i</mi> </msub> <mo>=</mo> <mfrac> <mrow> <munderover> <mi>&Sigma;</mi> <mrow> <mi>j</mi> <mo>=</mo> <mn>1</mn> </mrow> <mrow> <mi>n</mi> <mo>-</mo> <mn>1</mn> </mrow> </munderover> <msub> <mi>T</mi> <mi>j</mi> </msub> </mrow> <mrow> <mi>n</mi> <mo>-</mo> <mn>1</mn> </mrow> </mfrac> <mo>*</mo> <mrow> <mo>(</mo> <mn>1</mn> <mo>-</mo> <msub> <mi>w</mi> <mn>3</mn> </msub> <mo>)</mo> </mrow> <mo>+</mo> <msub> <mi>w</mi> <mn>3</mn> </msub> <msub> <mi>T</mi> <mi>h</mi> </msub> <mo>,</mo> </mrow> </math>
wherein w3Is the proportion of the cluster head trust value in the cluster head, w3The larger the cluster trust value representing the cluster is more heavily focused on the cluster head node. The trust value of a cluster may be used as a reference for the entire cluster and when it is below a threshold, it is removed from the network.
And (3) updating node trust: due to the mobile characteristic of the nodes, the network topology structure changes dynamically, the node trust value needs to be updated at intervals of a period T, when a member node with lower node trust degree enters a cluster where a cluster head with higher node trust degree is located, the original cluster head node does not change, when a member node with higher trust degree enters a cluster with lower cluster head trust degree, the cluster head node needs to be updated, and on the basis of an initial cluster head selection algorithm, the cluster head with higher trust degree is selected.

Claims (5)

1. A malicious node detection method based on clustering trust evaluation in Internet of vehicles is characterized by comprising the following steps:
(1) clustering, selecting a cluster head: initializing a network, forming nodes with small mobility in all nodes of the network into a cluster, and selecting the node with the minimum mobility change relative to a neighbor as a cluster head;
(2) and (3) evaluating trust of cluster head nodes: the cluster head nodes are managed by the base station, and the comprehensive trust value is evaluated according to the direct trust value of the base station and the recommended trust values of other cluster head nodes; the direct trust value is an objective statistical result and is calculated according to the successful times and the failed times of interaction between the base station node and the cluster head node; calculating the recommended trust value by using packet loss rate;
(3) and (3) evaluating trust of member nodes in the cluster: the member nodes in the cluster are managed by the cluster head node, and the comprehensive trust value of the member nodes in the cluster comprises a direct trust value of the cluster head node to the member nodes and recommended trust values of other nodes in the cluster; the direct trust value is an objective statistical result and is calculated according to the interactive success times and the interactive failure times of the cluster head node and the member nodes; calculating the recommended trust value by using packet loss rate;
(4) cluster trust evaluation: the trust value of the cluster is jointly determined by the cluster head node and all member nodes in the cluster;
(5) and (3) updating node trust: and updating trust at intervals of T, and selecting the highest trust in each cluster as a cluster head on the basis of an initial cluster head selection algorithm.
2. The method for detecting the malicious node based on the clustering trust evaluation in the internet of vehicles according to claim 1, wherein the relative mobility calculation formula in the step (1) is as follows:
<math> <mrow> <msubsup> <mi>M</mi> <mi>Y</mi> <mi>rel</mi> </msubsup> <mrow> <mo>(</mo> <mi>x</mi> <mo>)</mo> </mrow> <mo>=</mo> <mn>10</mn> <msub> <mi>log</mi> <mn>10</mn> </msub> <mfrac> <mrow> <msub> <mi>R</mi> <mi>x</mi> </msub> <msub> <mrow> <mo>(</mo> <msubsup> <mi>P</mi> <mi>r</mi> <mrow> <mi>X</mi> <mo>&RightArrow;</mo> <mi>Y</mi> </mrow> </msubsup> <mo>)</mo> </mrow> <mi>new</mi> </msub> </mrow> <mrow> <msub> <mi>R</mi> <mi>x</mi> </msub> <msub> <mrow> <mo>(</mo> <msubsup> <mi>p</mi> <mi>r</mi> <mrow> <mi>X</mi> <mo>&RightArrow;</mo> <mi>Y</mi> </mrow> </msubsup> <mo>)</mo> </mrow> <mi>old</mi> </msub> </mrow> </mfrac> </mrow> </math>
wherein,indicating the relative mobility of node neighbor node X to node Y,indicating the magnitude of the information power received from the neighboring node X at the last time instant Y,the value of the power of the information received from the neighbor node X at the current moment Y after the delta t time;the smaller the value, the smaller the change in the motion of the relative adjacent point, ifThen X will be1And selecting the cluster head.
3. The method for detecting the malicious nodes based on the clustering trust evaluation in the internet of vehicles according to claim 1, wherein the direct trust value, the recommended trust value and the comprehensive trust value in the step (2) are obtained by the following formulas:
setting the base station to perform x times of behavior observation on the cluster head node, wherein the number of times of obtaining the normal behavior (namely, successful interaction) of the cluster head node is u, the number of times of interaction failure is f, and then the direct trust value calculation formula of the base station i on the cluster head node h is as followsLambda is negative event influence strength;
the recommended trust value calculation formula of other cluster head nodes isWherein N isfNumber of packets actually forwarded for cluster head node h, NrThe statistics of the data packets which are required to be forwarded for the received data packets from each cluster head node;
the comprehensive trust value calculation formula of the cluster head node h is Th=w1 *dih+(1-w1 )rhWherein w is1Weight occupied by direct trust value, dihDirect trust value, r, for base station i to cluster head node hhAnd recommending trust values for other nodes in the cluster.
4. The malicious node detection method based on the clustered trust evaluation in the internet of vehicles according to claim 1, wherein the direct trust value, the recommended trust value and the comprehensive trust value in the step (3) are obtained by the following formulas:
setting a cluster head to perform x times of behavior observation on member nodes in the cluster, wherein the number of times of obtaining normal behaviors of the member nodes in the cluster is u, the number of times of obtaining abnormal behaviors is f, and then the direct trust value calculation formula of the member nodes in the cluster k by the cluster head node h is as followsLambda is negative event influence strength;
the recommended trust value calculation formula of other member nodes in the cluster isWherein N isfNumber of packets actually forwarded for member node k in the cluster, NrThe statistics of the received data packets which are from member nodes in the cluster and require to be forwarded;
the calculation formula of the comprehensive trust value of the member nodes in the cluster is Tk=w2dhk+(1-w2)rkWherein d ishkDirect trust value, r, for cluster head node h to member node k in the clusterkRecommending trust values, w, for other nodes in the cluster2Weight occupied by direct trust value of cluster head node, w2Comprehensive trust value T with cluster head node hhlIn connection with, if ThlIf it is greater than the predetermined threshold value, w2The value is larger, otherwise, the threshold is selected to be 0.6, the node with the trust degree lower than the threshold is considered as a malicious node, the node with the trust degree higher than the threshold is considered as a normal node, and the trust degree is 1 at most.
5. The method for detecting malicious nodes in the internet of vehicles based on clustering trust evaluation as claimed in claim 1, wherein the trust value calculation formula of the cluster in the step (4) isWherein, let cluster be i, total n nodes (including cluster head node) in cluster i, w3Is the proportion of the cluster head trust value in the cluster head, w3The larger the cluster trust value representing the cluster is more dependent on the cluster head node, the trust value of the cluster can be used as a reference for the whole cluster, and when the cluster trust value is lower than the threshold value, the cluster trust value is removed from the network.
CN201410198919.6A 2014-05-12 2014-05-12 Malicious node detection method based on sub-clustering trust evaluation in car networking Expired - Fee Related CN103957525B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410198919.6A CN103957525B (en) 2014-05-12 2014-05-12 Malicious node detection method based on sub-clustering trust evaluation in car networking

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410198919.6A CN103957525B (en) 2014-05-12 2014-05-12 Malicious node detection method based on sub-clustering trust evaluation in car networking

Publications (2)

Publication Number Publication Date
CN103957525A true CN103957525A (en) 2014-07-30
CN103957525B CN103957525B (en) 2018-02-27

Family

ID=51334728

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410198919.6A Expired - Fee Related CN103957525B (en) 2014-05-12 2014-05-12 Malicious node detection method based on sub-clustering trust evaluation in car networking

Country Status (1)

Country Link
CN (1) CN103957525B (en)

Cited By (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104333596A (en) * 2014-11-11 2015-02-04 安徽大学 Information reliability assessment method in Internet of vehicles environment
CN104935412A (en) * 2015-06-09 2015-09-23 同济大学 Reliable data transmission method based on large scale MIMO in vehicle networking communication
CN105303836A (en) * 2015-11-23 2016-02-03 重庆大学 Vehicle cluster information transmission method based on health state of vehicle
CN105897715A (en) * 2016-04-12 2016-08-24 成都景博信息技术有限公司 Method of intelligently processing Internet of Vehicles data
WO2016206289A1 (en) * 2015-06-26 2016-12-29 中兴通讯股份有限公司 Method and apparatus for managing vehicles in a vehicle network
CN106792963A (en) * 2016-12-06 2017-05-31 淮阴工学院 A kind of car networking sub-clustering car car multi-hop routing method based on particle group optimizing
CN106961697A (en) * 2017-05-12 2017-07-18 河海大学常州校区 A kind of wireless sensor network interference region mapping method of distributed structure/architecture
CN107251519A (en) * 2015-03-18 2017-10-13 赫尔实验室有限公司 The system and method for analyzing to detect the attack to mobile wireless network based on network controllability
CN108712758A (en) * 2018-04-27 2018-10-26 中山大学 It is a kind of to be applied to dynamic stability cluster-dividing method safe in vehicular ad hoc network network
CN108932842A (en) * 2018-08-06 2018-12-04 深圳市创艺工业技术有限公司 Urban highway traffic pollutant emission intelligent monitor system
CN109040998A (en) * 2018-07-11 2018-12-18 浙江理工大学 A kind of collecting method based on the deployment of honeycomb grid static state cluster head
CN109195162A (en) * 2018-10-12 2019-01-11 暨南大学 It polymerize the message reliability appraisal procedure of two kinds of trust evaluations in a kind of car networking
CN110049530A (en) * 2019-05-24 2019-07-23 西安电子科技大学 Method for routing based on Q study and trust model in vehicular ad hoc network
CN110177370A (en) * 2019-05-31 2019-08-27 长安大学 A kind of collusion malice vehicle node detection method towards car networking
WO2019178766A1 (en) * 2018-03-21 2019-09-26 Nokia Technologies Oy Remote attestation in network
CN110351686A (en) * 2018-04-02 2019-10-18 京东方科技集团股份有限公司 Method, on board unit and the car networking data transmission system implemented in car networking data transmission system
CN110446204A (en) * 2019-09-11 2019-11-12 南通大学 A kind of trust value computing method suitable for car networking network vehicle node
CN110445788A (en) * 2019-08-09 2019-11-12 西安电子科技大学 The trust evaluation system and method for content oriented under a kind of vehicular ad hoc network environment
CN110830998A (en) * 2019-05-28 2020-02-21 南通大学 Vehicle networking malicious node identification method based on trust mechanism
CN111510883A (en) * 2020-04-26 2020-08-07 苏州鸿链信息科技有限公司 Internet of vehicles oriented layered trust model and trust value calculation method thereof
CN111859031A (en) * 2020-07-15 2020-10-30 中国安全生产科学研究院 Accident failure factor analysis method for oil and gas pipeline
CN112689258A (en) * 2019-10-18 2021-04-20 北京大唐高鸿数据网络技术有限公司 Internet of vehicles communication method and equipment
CN113038474A (en) * 2021-02-06 2021-06-25 南京航空航天大学 Low-power-consumption wireless sensor network route control method based on trust evaluation
CN113158234A (en) * 2021-03-29 2021-07-23 上海雾帜智能科技有限公司 Method, device, equipment and medium for quantifying occurrence frequency of security event
CN113366887A (en) * 2019-01-04 2021-09-07 株式会社Ntt都科摩 Wireless communication method and device
CN114040362A (en) * 2021-09-18 2022-02-11 清华大学 Method and device for establishing dynamic credible relationship of vehicle in vehicle-road cooperative environment
CN114339732A (en) * 2021-12-07 2022-04-12 重庆邮电大学 Vehicle-mounted network anonymous trust management method based on attribute signature
CN114844641A (en) * 2022-02-28 2022-08-02 北京交通大学 Trust management method and device for industrial Internet and electronic equipment
CN117641363A (en) * 2024-01-25 2024-03-01 东北大学 Cluster-based internet-of-vehicles trust management method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101835158A (en) * 2010-04-12 2010-09-15 北京航空航天大学 Sensor network trust evaluation method based on node behaviors and D-S evidence theory
CN102065003A (en) * 2010-08-24 2011-05-18 吉林大学 Method, system and equipment for realizing trusted secure routing of vehicular information system
CN102916889A (en) * 2012-09-29 2013-02-06 西安电子科技大学 Instant route selection based on multi-path communication time and credibility in VANET (Vehicular Ad-Hoc Network)
CN103297956A (en) * 2013-05-06 2013-09-11 北京航空航天大学 Dynamic lightweight class trust evaluation method based on Bayesian theory and entropy theory

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101835158A (en) * 2010-04-12 2010-09-15 北京航空航天大学 Sensor network trust evaluation method based on node behaviors and D-S evidence theory
CN102065003A (en) * 2010-08-24 2011-05-18 吉林大学 Method, system and equipment for realizing trusted secure routing of vehicular information system
CN102916889A (en) * 2012-09-29 2013-02-06 西安电子科技大学 Instant route selection based on multi-path communication time and credibility in VANET (Vehicular Ad-Hoc Network)
CN103297956A (en) * 2013-05-06 2013-09-11 北京航空航天大学 Dynamic lightweight class trust evaluation method based on Bayesian theory and entropy theory

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
DEEPIKA SARASWAT ETC: "AHP Based Trust Model in VANETs", 《2013 5TH INTERNATIONAL CONFERENCE ON CICN》 *
田俊峰: "基于推荐的信任链管理模型", 《通信学报》 *
胡玲珑 ETC: ".无线传感器网络中基于信誉的恶意节点检测方法", 《中国计量学院学报》 *

Cited By (53)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104333596A (en) * 2014-11-11 2015-02-04 安徽大学 Information reliability assessment method in Internet of vehicles environment
CN104333596B (en) * 2014-11-11 2017-06-16 安徽大学 Information reliability assessment method in Internet of vehicles environment
CN107251519A (en) * 2015-03-18 2017-10-13 赫尔实验室有限公司 The system and method for analyzing to detect the attack to mobile wireless network based on network controllability
CN107251519B (en) * 2015-03-18 2020-06-12 赫尔实验室有限公司 Systems, methods, and media for detecting attacks of fake information on a communication network
CN104935412A (en) * 2015-06-09 2015-09-23 同济大学 Reliable data transmission method based on large scale MIMO in vehicle networking communication
CN104935412B (en) * 2015-06-09 2018-02-09 同济大学 Reliable data transmission method based on extensive MIMO in car networking communication
CN106332122B (en) * 2015-06-26 2019-01-25 中兴通讯股份有限公司 The management method and device of vehicle in car networking
WO2016206289A1 (en) * 2015-06-26 2016-12-29 中兴通讯股份有限公司 Method and apparatus for managing vehicles in a vehicle network
CN106332122A (en) * 2015-06-26 2017-01-11 中兴通讯股份有限公司 Method and device for managing vehicles in Internet of Vehicles
CN105303836B (en) * 2015-11-23 2017-11-21 重庆大学 Vehicle sub-clustering information transferring method based on vehicle health state
CN105303836A (en) * 2015-11-23 2016-02-03 重庆大学 Vehicle cluster information transmission method based on health state of vehicle
CN105897715B (en) * 2016-04-12 2018-12-18 广东原尚物流股份有限公司 Car networking intelligent data processing method
CN105897715A (en) * 2016-04-12 2016-08-24 成都景博信息技术有限公司 Method of intelligently processing Internet of Vehicles data
CN106792963A (en) * 2016-12-06 2017-05-31 淮阴工学院 A kind of car networking sub-clustering car car multi-hop routing method based on particle group optimizing
CN106792963B (en) * 2016-12-06 2019-10-18 淮阴工学院 A kind of car networking sub-clustering Che-vehicle multi-hop routing method based on particle group optimizing
CN106961697A (en) * 2017-05-12 2017-07-18 河海大学常州校区 A kind of wireless sensor network interference region mapping method of distributed structure/architecture
CN106961697B (en) * 2017-05-12 2020-04-07 河海大学常州校区 Wireless sensor network interference area mapping method of distributed architecture
WO2019178766A1 (en) * 2018-03-21 2019-09-26 Nokia Technologies Oy Remote attestation in network
CN111869162A (en) * 2018-03-21 2020-10-30 诺基亚技术有限公司 Remote attestation in a network
CN111869162B (en) * 2018-03-21 2023-06-30 诺基亚技术有限公司 Remote attestation in a network
CN110351686A (en) * 2018-04-02 2019-10-18 京东方科技集团股份有限公司 Method, on board unit and the car networking data transmission system implemented in car networking data transmission system
CN110351686B (en) * 2018-04-02 2021-10-26 京东方科技集团股份有限公司 Method implemented in internet of vehicles data transmission system, vehicle-mounted unit and internet of vehicles data transmission system
US11557155B2 (en) 2018-04-02 2023-01-17 Beijing Boe Technology Development Co., Ltd. Method performed in internet of vehicles data transmission system, on-board unit and internet of vehicles data transmission system
CN108712758B (en) * 2018-04-27 2021-07-27 中山大学 Safe dynamic stable clustering method applied to vehicle-mounted ad hoc network
CN108712758A (en) * 2018-04-27 2018-10-26 中山大学 It is a kind of to be applied to dynamic stability cluster-dividing method safe in vehicular ad hoc network network
CN109040998B (en) * 2018-07-11 2021-05-18 浙江理工大学 Data acquisition method based on static cluster head deployment of cellular grid
CN109040998A (en) * 2018-07-11 2018-12-18 浙江理工大学 A kind of collecting method based on the deployment of honeycomb grid static state cluster head
CN108932842A (en) * 2018-08-06 2018-12-04 深圳市创艺工业技术有限公司 Urban highway traffic pollutant emission intelligent monitor system
CN109195162B (en) * 2018-10-12 2020-05-08 暨南大学 Message reliability assessment method for aggregating two kinds of trust assessment in Internet of vehicles
CN109195162A (en) * 2018-10-12 2019-01-11 暨南大学 It polymerize the message reliability appraisal procedure of two kinds of trust evaluations in a kind of car networking
CN113366887A (en) * 2019-01-04 2021-09-07 株式会社Ntt都科摩 Wireless communication method and device
CN110049530A (en) * 2019-05-24 2019-07-23 西安电子科技大学 Method for routing based on Q study and trust model in vehicular ad hoc network
CN110830998A (en) * 2019-05-28 2020-02-21 南通大学 Vehicle networking malicious node identification method based on trust mechanism
CN110830998B (en) * 2019-05-28 2023-04-18 南通大学 Vehicle networking malicious node identification method based on trust mechanism
CN110177370B (en) * 2019-05-31 2022-06-14 长安大学 Internet-of-vehicles-oriented collusion malicious vehicle node detection method
CN110177370A (en) * 2019-05-31 2019-08-27 长安大学 A kind of collusion malice vehicle node detection method towards car networking
CN110445788A (en) * 2019-08-09 2019-11-12 西安电子科技大学 The trust evaluation system and method for content oriented under a kind of vehicular ad hoc network environment
CN110446204A (en) * 2019-09-11 2019-11-12 南通大学 A kind of trust value computing method suitable for car networking network vehicle node
CN110446204B (en) * 2019-09-11 2022-10-04 南通大学 Trust value calculation method suitable for Internet of vehicles network vehicle node
CN112689258A (en) * 2019-10-18 2021-04-20 北京大唐高鸿数据网络技术有限公司 Internet of vehicles communication method and equipment
CN112689258B (en) * 2019-10-18 2023-04-07 中信科智联科技有限公司 Internet of vehicles communication method and equipment
CN111510883A (en) * 2020-04-26 2020-08-07 苏州鸿链信息科技有限公司 Internet of vehicles oriented layered trust model and trust value calculation method thereof
CN111859031A (en) * 2020-07-15 2020-10-30 中国安全生产科学研究院 Accident failure factor analysis method for oil and gas pipeline
CN111859031B (en) * 2020-07-15 2023-06-20 中国安全生产科学研究院 Method for analyzing accident failure factors of oil and gas pipeline
CN113038474A (en) * 2021-02-06 2021-06-25 南京航空航天大学 Low-power-consumption wireless sensor network route control method based on trust evaluation
CN113158234B (en) * 2021-03-29 2022-09-27 上海雾帜智能科技有限公司 Method, device, equipment and medium for quantifying occurrence frequency of security event
CN113158234A (en) * 2021-03-29 2021-07-23 上海雾帜智能科技有限公司 Method, device, equipment and medium for quantifying occurrence frequency of security event
CN114040362A (en) * 2021-09-18 2022-02-11 清华大学 Method and device for establishing dynamic credible relationship of vehicle in vehicle-road cooperative environment
CN114339732A (en) * 2021-12-07 2022-04-12 重庆邮电大学 Vehicle-mounted network anonymous trust management method based on attribute signature
CN114339732B (en) * 2021-12-07 2023-10-20 重庆邮电大学 Vehicle network anonymous trust management method based on attribute signature
CN114844641A (en) * 2022-02-28 2022-08-02 北京交通大学 Trust management method and device for industrial Internet and electronic equipment
CN117641363A (en) * 2024-01-25 2024-03-01 东北大学 Cluster-based internet-of-vehicles trust management method
CN117641363B (en) * 2024-01-25 2024-05-10 东北大学 Cluster-based internet-of-vehicles trust management method

Also Published As

Publication number Publication date
CN103957525B (en) 2018-02-27

Similar Documents

Publication Publication Date Title
CN103957525B (en) Malicious node detection method based on sub-clustering trust evaluation in car networking
Khan et al. ETERS: A comprehensive energy aware trust-based efficient routing scheme for adversarial WSNs
Nazib et al. Reinforcement learning-based routing protocols for vehicular ad hoc networks: A comparative survey
Mehdi et al. A game theory based trust model for Vehicular Ad hoc Networks (VANETs)
Şen et al. Intrusion detection in mobile ad hoc networks
Farzaneh et al. An anomaly-based IDS for detecting attacks in RPL-based internet of things
Rmayti et al. A stochastic approach for packet dropping attacks detection in mobile Ad hoc networks
Sedjelmaci et al. A new intrusion detection framework for vehicular networks
CN108092826B (en) Wireless sensor network security model based on backbone node security role hierarchy
Baiad et al. Cooperative cross layer detection for blackhole attack in VANET-OLSR
Abboud et al. Impact of microscopic vehicle mobility on cluster-based routing overhead in VANETs
Naveena et al. Analysis and countermeasures of black-hole attack in manet by employing trust-based routing
Gazdar et al. A trust-based architecture for managing certificates in vehicular ad hoc networks
Liu et al. Improved AODV routing protocol based on restricted broadcasting by communication zones in large-scale VANET
Hussain et al. Energy efficient hierarchical cluster-based routing for wireless sensor networks
CN113207124A (en) Vehicle-mounted ad hoc network data packet transmission method and device
Xu et al. An algorithm for determining data forwarding strategy based on recommended trust value in MANET
Korba et al. Anomaly-based intrusion detection system for ad hoc networks
Sharah et al. Selfish dynamic punishment scheme: Misbehavior detection in MANETs using cooperative repeated game
Rmayti et al. Denial of Service (DoS) attacks detection in MANETs through statistical models
Singh et al. Reinforcement learning-based real time search algorithm for routing optimisation in wireless sensor networks using fuzzy link cost estimation
Begriche et al. Bayesian-based model for a reputation system in vehicular networks
Sonekar et al. Mitigating packet dropping problem and malicious node detection mechanism in ad hoc wireless networks
John et al. Trust model for secure routing in wireless sensor network using AI technique
Thandapani et al. An approach to data redundancy reduction and secured data delivery using spatial‐temporal correlation factors in heterogeneous Mobile Wireless Sensor Network

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20180227

Termination date: 20190512