CN104822143A - Source node position privacy protection method with anti-flow-analysis-attack function - Google Patents

Source node position privacy protection method with anti-flow-analysis-attack function Download PDF

Info

Publication number
CN104822143A
CN104822143A CN201510222526.9A CN201510222526A CN104822143A CN 104822143 A CN104822143 A CN 104822143A CN 201510222526 A CN201510222526 A CN 201510222526A CN 104822143 A CN104822143 A CN 104822143A
Authority
CN
China
Prior art keywords
node
pseudo
source node
source
bunch
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510222526.9A
Other languages
Chinese (zh)
Other versions
CN104822143B (en
Inventor
黄杰
张丽
孙雄
陈叶蓉
李凡
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southeast University
Original Assignee
Southeast University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southeast University filed Critical Southeast University
Priority to CN201510222526.9A priority Critical patent/CN104822143B/en
Publication of CN104822143A publication Critical patent/CN104822143A/en
Application granted granted Critical
Publication of CN104822143B publication Critical patent/CN104822143B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention, which belongs to the location safety field of the internet-of-things sensing layer, discloses a source node position privacy protection method with an anti-flow-analysis-attack function. According to the method, on the basis of a clustering network structure of a wireless sensor network, pseudo source nodes are selected by using a cluster head according to a certain rule and a behavior of data packet sending by a source node is simulated, thereby ensuring dispersed positions of the pseudo source nodes in the network. Meanwhile, the pseudo source nodes simulate a moving characteristic of a monitored object by using neighboring nodes, thereby reducing the possibility of true and false node distinguishment by an attacker. With the method, the flow analysis of a global attacker can be effectively resisted; the balance of the communication cost and the position safety protection degree can be realized; and the flexibility is high.

Description

The source node location method for secret protection that a kind of anti-current component analysis is attacked
Technical field
The present invention relates to thing network sensing layer security technology area, particularly relate to the source node location method for secret protection that a kind of anti-current component analysis is attacked.
Background technology
Society, Internet of Things is fast-developing, and the safety problem of its sensing layer more and more obtains the concern of domestic and international researcher.The advantages such as its node volume of wireless sensor network because is little, cheap are widely used in target monitoring and military field etc., the node monitoring target become source node by multi-hop wireless transmission means by Packet Generation to aggregation node, but node is often through powered battery, energy resource is limited, and the design therefore determining location security strategy will take into full account energy problem.
In the application of some sensor networks, assailant disposes a large amount of audiomonitors in a network, obtains the communication flows information of whole network, infers source position, can bring threat to monitoring objective.Existing resisting in the source position Preservation tactics of global traffic analysis uses multiple pseudo-source node to produce the position that false data bag carrys out hiding true information source; maximum shortcoming is that energy consumption is too high; although there is researcher to propose to utilize agent node to filter out a part of false data bag; but the selection of agent node is a np problem, and is not suitable for large-scale sensor network.Therefore, how when protecting node location privacy, the balance realizing energy consumption and safeguard protection degree is a problem needing solution badly.
Summary of the invention
The invention provides the source node location method for secret protection that a kind of anti-current component analysis is attacked; the method is based on Cluster Networks; the pseudo-source node analog source utilizing bunch head to select multiple position to disperse sends the behavior of packet; and utilize multiple pseudo-source node to simulate the mobility of target simultaneously; thus effectively stop assailant to utilize flow analysis to infer the position of source node, solve the problem that energy ezpenditure is excessive.
For achieving the above object, the present invention adopts following technical scheme:
(1) pseudo-source node is selected: ordinary node receives after bunch head invites the message REQ to add bunch, and the dump energy, position coordinates, the acknowledge message ACK that whether monitors the information such as target and No. id that comprise oneself are sent to bunch head that will add.Leader cluster node elects pseudo-source node when being the peer distribution tdma slot in its bunch, the message identifier position flag containing whether as pseudo-source node in TDMA.The process of the pseudo-source node of described election is, bunch head be bunch in each node generate random number p between 0 to 1, and to compare with pseudo-source behavior asset pricing P, if p is less than P, then send to the flag of the TDMA message of this node to be 1.
(2) injection of false data: according to the TDMA message received, node judges that whether oneself is as pseudo-source node, if it is send false data bag according to pre-set frequency of giving out a contract for a project to a bunch hair.Data packet format is E k(ID||type||flag||IDdest||data), data wherein in the packet that sends of true source node is the data collected, and the data of pseudo-source node are the ordered series of numbers of skimble-skamble stochastic generation, when flag is 1, represent true data bag, be 0 and represent false data bag.
(3) the simulaed path stage: hypothetical target on average can be arrived by L node monitors in moving process, the operating time t of each node.In this chapter after the pseudo-source node work t time, an integer TTL between stochastic generation one [0, L], then Stochastic choice node in its neighbours joint, sends packet PK={E to it km (), h_r, nx_id}, comprising the message E after secret key encryption k(m), the hop count variable h_r that packets need forwards, the id nx_id of next-hop node.H_r is initially TTL, and packet often forwards a TTL and subtracts 1, until be counted as 0, then stops forwarding.The frequency that the node receiving packet PK sends packet according to source node send packet to its bunch of hair.After this node work t time, packet PK is transmitted to any one in neighbor node.
The present invention adopts technique scheme, there is following beneficial effect: in the present invention, by the multiple pseudo-source node of bunch head Stochastic choice, achieve the position dispersion of pseudo-source node in network, utilize the co-operation of pseudo-source node neighbor node simultaneously, simulate the mobility of target, add assailant distinguishable go out the number of transmission path, effective increase assailant finds the difficulty of true transmission path, and can reasonably adjust pseudo-source behavior asset pricing P according to safeguard protection degree, realize the balance of network security and energy consumption, therefore the location security protection for node is a beneficial complement.
Accompanying drawing explanation
Fig. 1 is source node location method for secret protection principle flow chart in the present invention;
Fig. 2 is simulaed path schematic diagram in the present invention;
Fig. 3 is the schematic diagram of source node location method for secret protection in the present invention.
Embodiment
Below in conjunction with specific embodiment, illustrate the present invention further, these embodiments should be understood only be not used in for illustration of the present invention and limit the scope of the invention, after having read the present invention, the amendment of those skilled in the art to the various equivalent form of value of the present invention has all fallen within the application's claims limited range.
Specific embodiments of the invention are as follows:
Fig. 1 is the flow chart of the source node location method for secret protection that anti-current component analysis is according to an embodiment of the invention attacked, and Fig. 3 is the schematic diagram of the source node location method for secret protection that anti-current component analysis is according to an embodiment of the invention attacked.As shown in Figure 1, the source node location method for secret protection attacked according to the anti-current component analysis of the embodiment of the present invention comprises the following steps:
1, a bunch head selects pseudo-source node, to determine pseudo-source node in network.
Particularly, first ordinary node receives after bunch head invites the message REQ to add bunch, and the acknowledge message ACK of the information such as dump energy, position coordinates and No. id comprising oneself is sent to bunch head that will add.Acknowledge message ACK form is as shown in the table:
ACK flag Node i d Position coordinates Dump energy
Wherein flag flag bit represents whether node is source node, and flag is 1 and represents that this node is source node, is 0 and represents that node is not source node.
Then, pseudo-source node is elected when leader cluster node is peer distribution tdma slot in its bunch.Bunch head is that the message format of each node sending time slots is as shown in the table.Flag represents whether node is chosen as pseudo-source node, and 1 represents that this node is as pseudo-source node, and 0 represents normal work as ordinary node.
TDMA flag Bunch head id Node i d Time slot
Select in the process of pseudo-source node at bunch head, for each bunch of interior nodes generates the random number p between 0 to 1, and compare with pseudo-source threshold value P, if random number p is less than pseudo-source threshold value P, then send to flag in the TDMA message of this node to be 1, become pseudo-source node.
2, the injection of false data, to hide real data packet transmission.
After pseudo-source node is determined, the frequency that pseudo-source node sends packet according to the time slot distributed according to source node send false data bag to its bunch of hair.In order to content and the destination of hiding data bag, the content of each node to packet is encrypted, and concrete form is: E k(ID||type||flag||IDdest||data), data wherein in the packet that sends of true source node is the data collected, and the data of pseudo-source node are the ordered series of numbers of skimble-skamble stochastic generation, when flag is 1, represent true data bag, be 0 and represent false data bag.Bunch head by packet random cache in the message queue of oneself, Deng bunch in message collection complete after, leader cluster node judges whether there is real packet in this bunch, if there is True Data bag, True Data is carried out fusion encryption by leader cluster node, sends to bunch head or the aggregation node of its down hop.If do not have real packet in bunch, a bunch head packet spoof sends to down hop.Bunch head receives the false data bag that other bunch of head transmits, and is directly abandoned.
3, the simulaed path stage, forge the characteristic of target movement, make pseudo-source node more credible.
Fig. 2 is the simulaed path schematic diagram in the source node location method for secret protection of the attack of anti-current component analysis according to an embodiment of the invention.
Hypothetical target on average can be arrived by L node monitors in moving process, the operating time t of each node.In this chapter after the pseudo-source node work t time, an integer TTL between stochastic generation one [0, L], then Stochastic choice node in its neighbours joint, sends packet PK={E to it km (), h_r, nx_id}, comprising the message E after secret key encryption k(m), the hop count variable h_r that packets need forwards, the id nx_id of next-hop node.H_r is initially TTL, and packet often forwards a TTL and subtracts 1, until be counted as 0, then stops forwarding.The frequency that the node receiving packet PK sends packet according to source node send packet to its bunch of hair.After this node work t time, packet PK is transmitted to any one in neighbor node.In Fig. 2, F10 is as the transmission packet behavior selecting its neighbor node F11 to continue Reality simulation information source after the pseudo-source node work t time of election of cluster head.

Claims (4)

1. a source node location method for secret protection for anti-current component analysis attack, it is characterized in that, described method comprises:
(1) the pseudo-source node choice phase: be based upon on Cluster Networks basis, the pseudo-source node that election of cluster head position disperses is utilized;
(2) mobility of simulated target, pseudo-source node utilizes its neighbor node to simulate the mobility of monitored target, increases the credibility of pseudo-source node.
2. the source node location method for secret protection of a kind of anti-current component analysis attack according to claim 1, is characterized in that: the pseudo-source node of described step (1) is selected to comprise the steps:
First, bunch interior nodes receive bunch head add message REQ after, send acknowledge message ACK to a bunch hair, content comprise oneself energy, position coordinates, No. ID and whether monitor target identification flag;
Then, bunch head be bunch in each node generate a random number p between 0 and 1, if p is less than the pseudo-source behavior asset pricing P preset, then this node is as pseudo-source node, when bunch head is bunch interior nodes distribution T DMA time slot, informs that this node is as pseudo-source.
3. the source node location method for secret protection of a kind of anti-current component analysis attack according to claim 1, is characterized in that: the mobility of described step (3) simulated target comprises:
Hypothetical target on average can be arrived by L node monitors in moving process, the operating time t of each node.In this chapter after the pseudo-source node work t time, stochastic generation one [0, L] between an integer TTL, then Stochastic choice node in its neighbours joint, packet PK={Ek (m) is sent to it, h_r, nx_id}, comprising the message Ek (m) after secret key encryption, the hop count variable that packets need forwards, the id nx_id of next-hop node, be initially TTL, packet often forwards a TTL and subtracts 1, until be counted as 0, then stop forwarding, the frequency that the node receiving packet PK sends packet according to source node send packet to its bunch of hair.
4. the source node location method for secret protection of a kind of anti-current component analysis attack according to claim 1, is characterized in that: described pseudo-source behavior asset pricing P is arranged according to corresponding according to the degree of protection of location privacy.
CN201510222526.9A 2015-05-04 2015-05-04 A kind of source node location method for secret protection of anti-current amount analytical attack Active CN104822143B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510222526.9A CN104822143B (en) 2015-05-04 2015-05-04 A kind of source node location method for secret protection of anti-current amount analytical attack

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510222526.9A CN104822143B (en) 2015-05-04 2015-05-04 A kind of source node location method for secret protection of anti-current amount analytical attack

Publications (2)

Publication Number Publication Date
CN104822143A true CN104822143A (en) 2015-08-05
CN104822143B CN104822143B (en) 2018-08-21

Family

ID=53732285

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510222526.9A Active CN104822143B (en) 2015-05-04 2015-05-04 A kind of source node location method for secret protection of anti-current amount analytical attack

Country Status (1)

Country Link
CN (1) CN104822143B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105243501A (en) * 2015-10-13 2016-01-13 重庆大学 Spatial crowdsourcing network node position privacy protection method
CN105979508A (en) * 2016-07-27 2016-09-28 河海大学常州校区 Node privacy protection method based on directional random routing in wireless sensor network
CN106878930A (en) * 2017-03-15 2017-06-20 中南大学 The method for converging the source position secret protection of collection of energy sensor network based on branch
CN108769040A (en) * 2018-06-06 2018-11-06 中国联合网络通信集团有限公司 A kind of method and device of identification camouflage cluster interior nodes
CN111431630A (en) * 2020-05-25 2020-07-17 河海大学常州校区 AUV (autonomous underwater vehicle) cooperation source node position privacy protection method based on anonymous cluster in UASNs (Universal asynchronous receiver network)
CN111885009A (en) * 2020-07-03 2020-11-03 南京大学 System and method for protecting user privacy by misleading network sniffing tool in smart home environment
CN112907321A (en) * 2021-02-03 2021-06-04 珠海市鸿瑞信息技术股份有限公司 Big data-based information security anomaly sensing platform for data mining and analysis

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030151513A1 (en) * 2002-01-10 2003-08-14 Falk Herrmann Self-organizing hierarchical wireless network for surveillance and control
CN102843673A (en) * 2012-09-10 2012-12-26 江苏科技大学 Network position privacy protection method of wireless sensor
CN103327486A (en) * 2013-05-16 2013-09-25 浙江工商大学 Sink node position privacy protection method for wireless sensor network
CN103458478A (en) * 2013-09-03 2013-12-18 清华大学 Source hiding method and system based on dynamic forged sources

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030151513A1 (en) * 2002-01-10 2003-08-14 Falk Herrmann Self-organizing hierarchical wireless network for surveillance and control
CN102843673A (en) * 2012-09-10 2012-12-26 江苏科技大学 Network position privacy protection method of wireless sensor
CN103327486A (en) * 2013-05-16 2013-09-25 浙江工商大学 Sink node position privacy protection method for wireless sensor network
CN103458478A (en) * 2013-09-03 2013-12-18 清华大学 Source hiding method and system based on dynamic forged sources

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
KIRAN MEHTA ET AL: "Protecting Location Privacy in Sensor Networks against a Global Eavesdropper", 《IEEE TRANSACTIONS ON MOBILE COMPUTING》 *

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105243501A (en) * 2015-10-13 2016-01-13 重庆大学 Spatial crowdsourcing network node position privacy protection method
CN105243501B (en) * 2015-10-13 2018-11-09 重庆大学 Space crowdsourcing network node location method for secret protection
CN105979508A (en) * 2016-07-27 2016-09-28 河海大学常州校区 Node privacy protection method based on directional random routing in wireless sensor network
CN105979508B (en) * 2016-07-27 2019-05-03 河海大学常州校区 Node method for secret protection based on orientation stochastic route in wireless sensor network
CN106878930B (en) * 2017-03-15 2020-05-01 中南大学 Method for protecting privacy of source position of sensor network based on branch convergence energy collection
CN106878930A (en) * 2017-03-15 2017-06-20 中南大学 The method for converging the source position secret protection of collection of energy sensor network based on branch
CN108769040A (en) * 2018-06-06 2018-11-06 中国联合网络通信集团有限公司 A kind of method and device of identification camouflage cluster interior nodes
CN108769040B (en) * 2018-06-06 2021-03-19 中国联合网络通信集团有限公司 Method and device for identifying nodes in disguised cluster
CN111431630A (en) * 2020-05-25 2020-07-17 河海大学常州校区 AUV (autonomous underwater vehicle) cooperation source node position privacy protection method based on anonymous cluster in UASNs (Universal asynchronous receiver network)
CN111431630B (en) * 2020-05-25 2021-05-11 河海大学常州校区 AUV (autonomous underwater vehicle) cooperation source node position privacy protection method based on anonymous cluster in UASNs (Universal asynchronous receiver network)
CN111885009A (en) * 2020-07-03 2020-11-03 南京大学 System and method for protecting user privacy by misleading network sniffing tool in smart home environment
CN111885009B (en) * 2020-07-03 2021-12-17 南京大学 System and method for protecting privacy through misleading sniffing tool in smart home environment
CN112907321A (en) * 2021-02-03 2021-06-04 珠海市鸿瑞信息技术股份有限公司 Big data-based information security anomaly sensing platform for data mining and analysis
CN112907321B (en) * 2021-02-03 2021-08-27 珠海市鸿瑞信息技术股份有限公司 Big data-based information security anomaly sensing platform for data mining and analysis

Also Published As

Publication number Publication date
CN104822143B (en) 2018-08-21

Similar Documents

Publication Publication Date Title
CN104822143A (en) Source node position privacy protection method with anti-flow-analysis-attack function
Khamayseh et al. Ensuring survivability against Black Hole Attacks in MANETS for preserving energy efficiency
CN102843673B (en) Network position privacy protection method of wireless sensor
CN102244658B (en) Partitioned type dynamic safety routing method for wireless sensor network on basis of hash chains
Dong et al. Preserving source-location privacy through redundant fog loop for wireless sensor networks
Ngai et al. On providing location privacy for mobile sinks in wireless sensor networks
Hiremani et al. Eliminating co-operative blackhole and grayhole attacks using modified EDRI table in MANET
Khamayseh et al. Intelligent black hole detection in mobile AdHoc networks
Mahajan et al. Design and simulation of a blacklisting technique for detection of hello flood attack on LEACH protocol
Prabhu et al. Trust based secure routing mechanisms for wireless sensor networks: A survey
Sony et al. On-Off attack management based on trust
Krishnan et al. A QOS parameter based solution for black hole denial of service attack in wireless sensor networks
Kafil et al. Modeling Sybil attacker behavior in VANETs
Makin et al. A Trust-Based Secure Data Aggregation Protocol for Wireless Sensor Networks.
Kumar et al. To mitigate black hole attack in AODV
Tayebi et al. Wireless sensor network attacks: An overview and critical analysis with detailed investigation on jamming attack effects
Sangeetha et al. Detection of malicious node in mobile ad-hoc network
Kuriakose et al. Effective defending against flood attack using stream-check method in tolerant network
Vijayalakshmi et al. Hierarchical key management scheme using hyper elliptic curve cryptography in wireless sensor networks
Khayati et al. Security Study of Routing Attacks in Vehicular Ad-Hoc Networks (vanets)
Baburaj et al. An efficient secure routing mechanism for preventing wormhole and black hole attacks in a trusted DTN environment
Theresa et al. A Collaborative Approach for Secured Routing in Mobile Ad-Hoc Network.
Yassein et al. Improved AODV Protocol to Detect and Avoid Black Hole Nodes in MANETs
Priyadarshini et al. Concealing of the base station's location for preserving privacy in Wireless Sensor Network by mitigating traffic patterns
Wang et al. Location privacy protecting based on anonymous technology in wireless sensor networks

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
EXSB Decision made by sipo to initiate substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant