CN111770499A - A distributed spectrum cooperative detection method - Google Patents

Abstract

The invention belongs to the field of cooperative spectrum sensing in cognitive radio, and in particular relates to a distributed spectrum cooperative detection method. The invention proposes an idea based on reputation value to solve the problem that nodes suffer from continuous SSDF attacks. Only one perception is needed, and the historical propagation path of each message is used as the basis for calculating the reputation of each cognitive user. If the user knows different information about the user, there must be malicious users on the propagation path. The nodes that appear more frequently on different paths will be rewarded with reputation value, and the nodes that appear less frequently will be punished with reputation value. Finally, the true value of the tampered message is restored according to the calculated reputation value. Simulation analysis shows that the method of the present invention has a higher recovery rate for messages, and at the same time identifies malicious users in the network.

Description

A distributed spectrum cooperative detection method

technical field

The invention belongs to the field of cooperative spectrum sensing in cognitive radio, and in particular relates to a distributed spectrum cooperative detection method.

Background technique

In the past decade, the demand for wireless devices and applications has surged, and the available licensed spectrum has not been properly utilized. Spectrum sensing technology has emerged. Through spectrum sensing technology, idle spectrum in the network can be detected, cognitive By dynamically accessing the spectrum, users can improve spectrum utilization. Common single-user spectrum sensing has poor sensing performance, and there are problems such as multipath effect and shadow fading. Therefore, cooperative spectrum sensing is proposed on this basis. Among them, cooperative spectrum sensing is divided into two types: centralized and distributed. Centralized cooperative spectrum sensing must have a fusion center, and all data needs to be sent to the fusion center for processing, and the fusion center makes a decision. Centralized spectrum sensing has many limitations, so a decentralized distributed cooperative spectrum sensing is proposed. Distributed cooperative spectrum sensing has faster convergence and more reliable decision results.

Distributed cooperative spectrum sensing based on average consensus is common, but this method is vulnerable to malicious nodes in the process of message transmission. Malicious secondary user nodes (SU) will change the sensing value and forge false sensing values. That is Byzantine attack (Spectrum Sensing Data Falsification, SSDF). Therefore, some scholars recently proposed a message passing algorithm, which continuously transmits messages in SU nodes without changing the perception value, so that each SU node can finally obtain the perception value of its h-hop neighbor nodes, and use these perception values as The approximation of the perception value of the entire network, each SU node is used as a fusion center to perform a centralized algorithm, so as to obtain similar performance to the centralized algorithm.

Although the message passing algorithm can effectively resist SSDF attacks, it does not consider the situation that malicious SU nodes can tamper with the message content when transmitting messages, that is, continuous SSDF attacks.

SUMMARY OF THE INVENTION

The purpose of the present invention is to propose a distributed spectrum cooperative detection method to solve the problem that distributed cooperative spectrum sensing is vulnerable to attack by malicious SU nodes and the sensing value is tampered with, and introduces a reputation value. SU nodes with excessive deviation are excluded from consensus fusion as malicious SU nodes, which can mitigate the impact of SSDF attacks. This scheme has low overhead and can resist continuous SSDF attacks. The present invention transmits messages between SU nodes. After h iterations, each SU node has the perception results of its h-hop neighbor SU nodes. Finally, through some centralized algorithms against SSDF, such as outlier detection Algorithms, etc., identify malicious nodes and obtain the final perception result. When h is large enough (not less than the diameter of the graph), this algorithm can obtain the same performance as the centralized algorithm. The reputation value is introduced into the message passing algorithm. By comprehensively analyzing the message passing path and the perception value of the message passing, each SU node on the message passing path is given a different reputation value, and finally the malicious SU node is found by the size of the reputation value, and the Malicious SU nodes are excluded from consensus fusion. Obtaining the correct perception value of the h-hop neighbor SU node greatly increases the reliability of the decision result. , unless otherwise specified, all nodes in the present invention refer to SU nodes.

The technical scheme adopted in the present invention is:

A distributed spectrum cooperative detection method, comprising the following steps:

S1. Each node broadcasts message M to its adjacent nodes until it is broadcast to h-hop neighbor nodes, that is, all messages M will reach h-hop neighbor nodes; the format of message M is [SRC, PRE, RD] , where SRC is the originator ID of the message, PRE contains the information of SU nodes passed in the message propagation path, RD is the local original data of SRC, that is, the perception value of local detection; when the node broadcasts the message, the ID of the path node is added to In PRE; each node has a local message store for storing messages from different nodes;

S2. Calculate the reputation value of each node according to all the messages stored in the local message database, specifically:

All messages in the local message library are classified according to different SRCs. For different SRC classes, if there are N _r different RD values, and N _j ≥ 1, then go to step S21, otherwise go to step S22;

S21. Update the reputation value according to the number of occurrences of different RD values of each node existing in the propagation path of this SRC class, assuming that node j appears N _j times in this SRC classification, N _r ≥ N _j ≥ 1 , then the reputation value of node i is updated as:

Among them, R _ij is the reputation value of node i to node j, p is the reward and punishment factor, and go to step S23;

S22. This type of SRC value is the ID of the node i itself, that is, the message is transmitted back to this node through a loop. For each node j in the loop, the reputation value is:

R _ij =R _ij +p _determin

Among them, p _determin is a deterministic reward factor, and enter step S23;

S23. Step S2 is repeated until each SU obtains the reputation values of the SU for all path nodes included in all SRC classes according to the local message base, and then sorts the obtained reputation values from high to low, and ranks the reputation values with the lowest reputation value. Nodes below the set threshold are marked as malicious nodes;

S3. Perform outlier detection: Reputation value detection can only remove malicious nodes that have tampered with the perception value, but there is no way to remove malicious nodes that send large deviations in perception value, so outlier detection is used to remove such malicious nodes . After excluding the malicious nodes obtained in step S2, for the remaining nodes, each node obtains a set of energy values from its h-hop neighbors, and uses X _i =(x _i0 ,x _i1 ,x _i2 ,...x _ir ) vector to represent the received The energy value of X _i is divided into two parts, X _LHi and X _UHi in ascending order, where X _LHi is the energy value set of the lower half, X _UHi is the energy value set of the upper half, and the energy value of the lower half is divided into two parts. Denoted as (L ₁ <L ₂ <L ₃ ...L _h ), the energy value of the upper half is expressed as (U ₁ <U ₂ <U ₃ ...U _h ), respectively calculating the difference between the consecutive data points of the two parts gaps, and find the positions of the largest gaps P _LHi and P _UHi from the sets X _LHi and X _UHi respectively, mark the nodes at the position P _LHi and the nodes located to the left of them as low outliers, and the positions P _UHi and the nodes at its left Nodes on the right are marked as high outliers;

S4. After excluding the nodes marked as low outliers and high outliers, node i calculates the estimated value Y _i of the main user's perception value after averaging the remaining perception values and compares it with the set threshold value , if the estimated value Y _i is greater than the threshold value, the primary user exists; if the estimated value _Yi is less than the threshold value, the primary user does not exist. Usually, the average of the sensing values of each node can be used as the estimated value of the sensing value to make a sensing decision.

The beneficial effects of the invention are as follows: the reputation-based non-consensus message delivery algorithm proposed by the invention adopts the method of increasing the reputation value on the basis of the message delivery algorithm. The reputation value of each node on the path is different, and finally the malicious user is found by the size of the reputation value, and the correct perception value of the h-hop neighbor node is obtained. In all cases, the reputation-based messaging algorithm proposed in the present invention can effectively improve the ability to identify malicious users under malicious user attacks. It is worth mentioning that the performance of the algorithm based on the reputation value proposed in the present invention is not affected by the size of the attack launched by the malicious user, but only depends on whether the malicious user launched a malicious attack.

Description of drawings

Figure 1 is a schematic diagram of ordinary rewards and punishments;

Figure 2 is a schematic diagram of the loop reward;

Fig. 3 is the flow chart of outlier detection algorithm;

Fig. 4 is a malicious user identification performance graph;

Figure 5 is a comparison diagram of spectrum sensing performance.

Detailed ways

Below in conjunction with accompanying drawing and simulation example, the technical scheme of the present invention is described in further detail:

The method of the present invention mainly includes:

The first step generates a message M and forwards it. The message passing process is slightly different from the original message passing algorithm, each SU broadcasts a message M to neighboring SUs until it reaches h-hop neighbor nodes. The message M contains [SRC, PRE, RD], where SRC is the originator of the message, PRE is the SU node of the message transmission path, and RD is the local original data of SRC, that is, the perception value of local detection. When the SU generates the message M, it sets the ID to the SRC field and the local data to the RD. When the SU broadcasts the message, it will add the content of the PRE field of the message M through the ID of the SU node.

Each SU has a local message store for storing messages from different SUs. SU _j further checks the [SRC, RD] field of message M for the existence of a local buffer. If this field already exists, SU _j will add the node ID in the [PRE] field of the new message M that is not in the propagation path node of the message base [SRC, RD] to the propagation path; if this field does not exist, SU _j will add the node ID to the propagation path. The new message M is stored in the message library. In addition, if there is this node in the propagation path [PRE] of the message, which means that the message has passed through a loop, stop forwarding this message, otherwise, the node will add its own ID to the historical propagation path [PRE] of this message ] field and forward. In the process of cooperative spectrum sensing, each SU in the network broadcasts a message M. After h times of forwarding, all messages M will reach the h-hop neighbor SU node at this time.

The second step is to calculate the reputation value of each node based on the message. is the core of reputation-based non-consensus messaging algorithms. Different from the traditional trust-based consensus algorithm, each SU node of this algorithm not only calculates the reputation value of the neighboring SU nodes, but also calculates the reputation value of all the SU nodes in the way of the received messages. The specific rules are as follows:

(1) The message base is classified according to different SRCs. For different SRC classes, assuming that there are N _r different RD values, then according to the number of occurrences of different RD values of each node existing in the propagation path of this SRC class Update the reputation value. For example, assuming that node j appears N _j times in this SRC classification, (N _r ≥ N _j ≥ 1), the reputation value of node i is updated as:

Among them, _Rij is the reputation value of node i to node j. p is the reward and punishment factor. It can be seen that the update of the reputation value of the node is determined according to the number of times the node appears in the propagation path of different RD values. The more occurrences, the reward, the less the penalty. This is because different RD values are caused by iRDA attacks of malicious nodes. The more times a node appears in different RD propagation paths, the lower the possibility of different RD values caused by it. The fewer occurrences of different RD propagation paths, the more likely it is a malicious node.

The calculation of reputation value is explained by an example. Figure 1 is a schematic diagram of ordinary rewards and punishments. As shown in the figure, there are three paths from node i to node j. In order to more clearly represent different paths, the same node that appears in different paths will be copied and denoted by the same reference numerals. It can be seen that through different paths, the message library of node j will eventually receive two messages with the sending node i but the value RD is different. The historical propagation node sets of this node are {1,2} and {1,3 respectively. ,4,5}, it can be seen that since node 1 appears in the two path node sets, the possibility of causing the RD value is low. According to formula (4-4), the reputation value of this node will be added to 0.25p, and the rest of the nodes, since they only appear once in different path node sets, the reputation of the node will be reduced by 0.25p, that is, a penalty will be made. It is worth noting that although node 3 appears in two different paths, it only appears once in different [SRC,RD] message pairs, so this node will be penalized.

(2) Among all SRC classifications, one is special, that is, the SRC value is node i itself, and the message is transmitted back to this node through a loop. In this type of message, due to the correct RD value It is known that nodes on the propagation path have more explicit judgments. The reputation value of a propagation path node whose RD value is equal to the original RD value can be greatly increased, namely:

R _ij =R _ij +p _determin j∈N _correct (2)

Among them, p _determin is the deterministic reward factor, and N _correct is the set of path nodes containing the correct [SRC, RD] field pair [i, P _i ].

There is a special case where each node forms a loop, as shown in Figure 2. Since node i receives the correct message after passing through a loop, all nodes on the loop will be greatly rewarded.

At the same time, after the above two reward and punishment rules, each node finally sorts the reputation value of the propagation path nodes according to its own, and several nodes with lower reputation value are the detected malicious nodes. At the same time, for SRC classes with different RD values, the sum of the reputation values of the propagation path node set is calculated, and the highest one is the RD value of this SRC. The RD value is the perception value, which can be used for subsequent perception judgments.

The third step is to detect outliers, eliminate malicious user nodes, fuse the perception values of the remaining nodes, and compare them with the threshold to obtain the final decision. After the message passing process and the reputation value calculation process, each node i obtains the perception values of h-hop neighbor nodes excluding malicious users, and makes a final decision based on these perception values. Since the attack type is launched by falsifying the estimated energy value, maximum-gap bidirectional outlier detection is used to better identify malicious SUs. The specific algorithm flow is shown in Figure 3. Each node i sorts the received energy values in ascending order, and determines the outlier perception value according to the difference between adjacent energy values. Each SU _i individually performs an outlier detection algorithm to identify outliers.

At the end of the message passing process, each SU obtains a set of energy values from h-hop neighbors, _denoted by Xi = (x _i0 , x _i1 , x _i2 , . . . x _ir ). Then each SU sorts the set Xi and _{divides it} into two parts, X _LHi and X _UHi , in ascending order, where X _LHi is the set of energy values in the lower half, and X _UHi is the set of energy values in the upper half. Because _XLHi is sorted, the energy value can be expressed as (L ₁ <L ₂ <L ₃ . . . L _h ). Likewise, the upper part can be expressed as (U ₁ <U ₂ <U ₃ . . U _h ). Calculate the gap between consecutive data points of the two halves and find the location of the largest gaps P _LHi and P _UHi from the sets X _LHi and X _UHi respectively. Nodes corresponding to position _PLHi and nodes to the left of it are detected as low outliers. Likewise, nodes corresponding to positions P _UHi and those located to the right of it are detected as high outliers. The method is based on the idea that the energies of malicious nodes differ greatly from those of honest nodes, and the energies of honest nodes are close to each other. Therefore, when the energy levels are sorted (in ascending order) and the energy difference is calculated, the largest energy difference is observed where the malicious node's energy value appears. Therefore, P _LHi and all nodes to its left are low-energy injection attackers, and P _UHi and all nodes to its right are high-energy injection attackers.

After removing abnormal outliers, node i calculates the estimated value Y _i of the perceived value of the main user after averaging the remaining perceived values and compares it with the set threshold value. If the estimated value Y _i is greater than the threshold value, the primary user exists; if the estimated value _Yi is smaller than the threshold value, the primary user does not exist.

The performance simulation and analysis are carried out on the matlab platform. The network topology of the simulation experiment is randomly generated. The network parameters are as follows: the number of cognitive users is N, and the malicious users are randomly generated according to the set probability of malicious users. All cognitive users are randomly distributed in a square area with a diameter of 1000m, and the cognitive users whose distance is less than 130m are neighbor nodes and can communicate with each other reliably. All cognitive users remain in position during spectrum sensing. The main user is 5000m away from the cognitive user network, the transmit power is 60dB, the channel loss parameter α is 3, the receive signal-to-noise ratio is -10dB, the shadow fading parameter is 3dB, and the relative distance _d0 is 1000m. The reward and punishment factor p takes a value of 1, and the deterministic reward factor p _determin takes a value of 10.

The simulation example simulates the spectrum sensing performance under iRDA attack with different number of nodes. The proportion of malicious users is 0.2, and the number of message delivery hops h is 3. The malicious node chooses the type of attack based on its local perception results, that is, when the malicious user detects the existence of the main user, it launches a low-energy injection attack, and when it detects that there is no main user, it launches a high-energy injection attack. The attack constant value is -10dB. At the same time, the centralized outlier detection algorithm and the original message passing algorithm are simulated for comparison. The simulation results are shown in Figure 5.

As can be seen from Fig. 5, first, compared with the original message passing algorithm, the trust-based message passing algorithm proposed by the present invention has obvious performance improvement. Under the condition that the false alarm probability is 0.2, the detection probability of the network is improved. 0.3 or so. At the same time, the performance of the algorithm proposed in the present invention is close to the outlier detection algorithm under centralized conditions. When N=10, the performance of the network under the false alarm probability of 0.2 is only less than 0.05 from the centralized algorithm, and when N=20 When , the gap increases to close to 0.1, because when the number of network nodes is 20, the average diameter of the network is 3.478, which is slightly higher than h=3, so each node cannot obtain the information of all nodes in the entire network. Nevertheless, the perceptual performance of the proposed algorithm is still much higher than the original message passing algorithm, which proves the effectiveness of the proposed algorithm in the present invention.

Claims (1)

1. a distributed spectrum cooperative detection method, is characterized in that, comprises the following steps: S1. Each node broadcasts message M to its adjacent nodes until it is broadcast to h-hop neighbor nodes, that is, all messages M will reach h-hop neighbor nodes; the format of message M is [SRC, PRE, RD] , where SRC is the originator ID of the message, PRE contains the information of SU nodes passed in the message propagation path, RD is the local original data of SRC, that is, the perception value of local detection; when the node broadcasts the message, the ID of the path node is added to In PRE; each node has a local message store for storing messages from different nodes; S2. Calculate the reputation value of each node according to all the messages stored in the local message database, specifically: All messages in the local message library are classified according to different SRCs. For different SRC classes, if there are N _r different RD values, and N _j ≥ 1, then go to step S21, otherwise go to step S22; S21. Update the reputation value according to the number of occurrences of different RD values of each node existing in the propagation path of this SRC class, assuming that node j appears N _j times in this SRC classification, N _r ≥ N _j ≥ 1 , then the reputation value of node i is updated as:

Among them, R _ij is the reputation value of node i to node j, p is the reward and punishment factor, and go to step S23; S22. This type of SRC value is the ID of the node i itself, that is, the message is transmitted back to this node through a loop. For each node j in the loop, the reputation value is: R _ij =R _ij +p _determin Among them, p _determin is a deterministic reward factor, and enter step S23; S23. Repeat step S2 until each node obtains the reputation values of the corresponding route nodes in all SRC classes, sort the obtained reputation values from high to low, and mark the nodes whose reputation values are lower than the set threshold as malicious node; S3. Perform outlier detection: after excluding the malicious nodes obtained in step S2, for the remaining nodes, each node obtains a set of energy values from h-hop neighbors, using X _i =(x _i0 ,x _i1 ,x _i2 , ...x _ir ) vector represents the received energy value, and divides the set X _i into two parts, X _LHi and X _UHi in ascending order, where X _LHi is the energy value set of the lower half, and X _UHi is the energy value set of the upper half. , the energy value of the lower part is expressed as (L ₁ <L ₂ <L ₃ ...L _h ), and the energy value of the upper part is expressed as (U ₁ <U ₂ <U ₃ ...U _h ), and the two Part of the gap between consecutive data points, and find the position of the largest gap P _LHi and P _UHi from the sets X _LHi and X _UHi respectively, and mark the node at position P _LHi and the node located to the left of it as low outliers value, position P _UHi and nodes to the right of it are marked as high outliers; S4. After excluding the nodes marked as low outliers and high outliers, node i obtains an estimated value Y _i of the main user's perceived value after averaging the remaining perceived values, and compares it with the set threshold value, If the estimated value Y _i is greater than the threshold value, the primary user exists; if the estimated value _Yi is smaller than the threshold value, the primary user does not exist.

Images