CN115694956A - Method for evaluating confidence of Internet of things node based on fuzzy evidence theory - Google Patents

Method for evaluating confidence of Internet of things node based on fuzzy evidence theory Download PDF

Info

Publication number
CN115694956A
CN115694956A CN202211322713.0A CN202211322713A CN115694956A CN 115694956 A CN115694956 A CN 115694956A CN 202211322713 A CN202211322713 A CN 202211322713A CN 115694956 A CN115694956 A CN 115694956A
Authority
CN
China
Prior art keywords
confidence
network node
trust
fuzzy
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211322713.0A
Other languages
Chinese (zh)
Inventor
陈大龙
王计斌
詹新颖
孟维
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huasu Shulian Technology Co ltd
Original Assignee
Huasu Shulian Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huasu Shulian Technology Co ltd filed Critical Huasu Shulian Technology Co ltd
Priority to CN202211322713.0A priority Critical patent/CN115694956A/en
Publication of CN115694956A publication Critical patent/CN115694956A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a method for evaluating the confidence of nodes of the Internet of things based on a fuzzy evidence theory, which comprises the following steps: s1: defining a basic confidence function as a fuzzy membership function, carrying out grade division on the confidence of the network nodes, and calculating the value of the direct confidence of the network nodes; s2: calculating the received recommended trust of two adjacent network nodes to obtain the indirect confidence of the network node; s3: and synthesizing the direct confidence coefficient and the indirect confidence coefficient of the network node according to the combination rule to obtain the complete confidence coefficient of the network node. The method for evaluating the confidence coefficient of the internet of things node based on the fuzzy evidence theory obtains the direct confidence coefficient of the network node through comprehensive calculation of multiple confidence coefficient factors, improves the accuracy of the direct confidence coefficient of the network node, and obtains the complete confidence coefficient of the network node through a method of fusing the fuzzy theory and the D-S evidence theory.

Description

Method for evaluating confidence of Internet of things node based on fuzzy evidence theory
Technical Field
The invention belongs to the technical field of Internet of things, and particularly relates to a method for evaluating confidence of an Internet of things node based on a fuzzy evidence theory.
Background
In recent years, the internet of things (IOT) is an emerging technology, and is beginning to be applied to various fields such as energy, science and technology, medical treatment, education, and the like. In the internet of things, although the network nodes can collect required data for the carriers in real time through the sensors and various intelligent devices, great convenience is brought to realization of environment perception and intelligent decision making, and the data also comprise privacy data and confidential data. Meanwhile, due to the characteristics of the internet of things, such as open network environment, limited network node energy, various equipment services and the like, nodes in the network are very likely to be attacked by malicious nodes. Therefore, how to protect the nodes in the internet of things from being attacked by malicious nodes is an important challenge in the internet of things network deployment process. In the internet of things, because computing resources and storage capacities of different equipment nodes are greatly different, and node cooperation and resource interaction in a network are frequent, a traditional security authentication technology and an encryption technology cannot be properly deployed in the network of the internet of things because internal attacks initiated by malicious nodes cannot be timely discovered and intercepted.
Meanwhile, the trust relationship between nodes in the network is also affected by different service attributes and node confidence degrees in the network. For example, some malicious nodes hidden in the network may launch internal attacks with legitimate identities. Besides, the main threats of the network security of the internet of things include that malicious nodes acquire related services by using trust relationships among the nodes. If the malicious nodes in the internet of things network cannot be identified in time, the whole network may be attacked, so that private data and confidential data are leaked, and the network security is threatened. Therefore, the primary condition for ensuring the node security of the internet of things and improving the node cooperative relationship is to fully mine the trust relationship among the nodes in the network environment and accordingly identify the malicious nodes in the network environment.
The traditional security mechanism based on encryption and authentication can only resist external attacks, an effective resisting means is lacked for attacks inside a network, and trust management is the most commonly used algorithm for detecting internal attacks. In the method, the network nodes are evaluated and classified mainly according to different characteristics, and the transmission safety between the nodes is ensured, so that the safety of the whole network is ensured. Trust-based security mechanisms are considered an improvement over traditional cryptographic security methods. In the internet of things, cooperation and interaction among devices can be described as the trust degree of network nodes among each other, and information used in a decision making process is maintained by recording behaviors among the nodes. If the network contains malicious nodes, communication among the nodes is limited, and the success and reliability of interaction among the nodes can be guaranteed only when all the nodes in the network operate in a trustworthy mode. Therefore, the trust management mechanism is applied to enhance the safety and the robustness of the internet of things network and ensure that the safe transmission between the network nodes is a good method. The subjective ambiguity of the confidence of the network node can cause the problem that the existing node evaluation method cannot effectively deal with the malicious behavior of the node so that the internal attack of the network cannot be resisted. To solve this problem, three trust factors are defined as inputs to the model, but these three trust factors are not sufficient to describe the trust impact on the network nodes.
Disclosure of Invention
The invention aims to provide a method for evaluating the confidence coefficient of an internet of things node based on a fuzzy evidence theory.
In order to solve the technical problems, the invention adopts the technical scheme that: the method for evaluating the confidence of the internet of things node based on the fuzzy evidence theory specifically comprises the following steps:
s1: defining a basic confidence function as a fuzzy membership function, carrying out grade division on the confidence of the network nodes, and calculating the value of the direct confidence of the network nodes;
s2: calculating the received recommended trust of two adjacent network nodes to obtain the indirect confidence of the network node;
s3: and synthesizing the direct confidence coefficient and the indirect confidence coefficient of the network node according to the combination rule to obtain the complete confidence coefficient of the network node.
As a preferred technical solution of the present invention, the step S1 specifically comprises the following steps:
s11: defining a basic confidence function in a D-S evidence theory as a fuzzy membership function, carrying out grade division on the confidence of the network nodes, and determining 7 confidence factors;
s12: calculating the value of the direct confidence of the network node, and modifying the weight of the direct confidence of the network node according to the value.
As a preferred technical solution of the present invention, the step S11 specifically includes:
s111: judging the information of the network nodes by using a fuzzy set theory and adding various confidence factors; then, forming a fuzzy vector on the confidence factor according to the membership of the confidence factor of the network node on different evaluation sets, wherein the fuzzy vector represents the trust degree of the network node on the trust factor; defining a basic confidence function in a D-S evidence theory as a fuzzy membership function, and constructing a plurality of fuzzy subsets;
s112: and dividing the confidence level of the network node according to the membership degree of the confidence factor on each confidence fuzzy subset.
As a preferred technical solution of the present invention, the step S111 specifically includes:
s1111: a fuzzy relation matrix R is constructed according to the mutual evaluation among the network nodes to represent the trust relation among the network nodes,
Figure BDA0003911044860000031
wherein r is ij Representing the trust of network node i to network node j, r ij When =1,0,0,0, it represents absolute trust for the network node, r ij If the value is =0,0,0,0, the trust evaluation of the network node on the network node is represented, and the trust evaluation is set to be invalid;
s1112: defining a weight vector, and combining the weight vector and the fuzzy relation matrix by a fuzzy synthesis operator to obtain a fuzzy evaluation result of each network node;
the step S1112 specifically includes:
s11121: defining a weight vector W = [ ω ]) 1 ,ω 2 ,ω 3 ,ω 4 ]Reflecting the degree of interest in each confidence factor;
s11122: combining the weight vector W and the fuzzy relation matrix R by a fuzzy synthesis operator to obtain a fuzzy vector (fuzzy evaluation result) of each network node;
the formula is as follows:
P=W·R=[p 1 ,p 2 ,p 3 ,p 4 ] (2);
wherein: p i Fuzzy subset U representing internet of things network trust score i The membership degree of the evaluated nodes, W is a weight vector, is a fuzzy synthesis operator, and R is a fuzzy relation matrix between the network nodes;
s1113: by trust membership function mu T (A) For a certain interval of (2) determines the confidence level for a certain T a Membership of (a =1,2,3,4).
As a preferred technical solution of the present invention, the step S1113 specifically comprises the following steps:
s11131: by blurring the subset T j (j =1,2,3,4) when defining different trust sets, employing a discrete scale {1,2, …, M } to describe a level of entity trust of a network node;
Figure BDA0003911044860000041
s11132: carrying out percentage scoring according to each trust level of the network nodes by introducing quantification processing;
s11133: expressing the fuzzy classification of trust as 3 types of trust states of distrust, uncertainty and complete trust according to the scoring of the step S1232; according to the 3 types of trust levels, the trust value interval [0,1 ] of the network node]Constructing 3 fuzzy subsets T 1 ,T 2 ,T 3 The membership function is mu 1 (t), 2 (t),μ 3 (t) and has a 1 (t)+μ 2 (t)+μ 3 (t)=1。
As a preferred technical solution of the present invention, the step S11132 specifically comprises the following steps: by using
Figure BDA0003911044860000047
Indicating that there is no trust in the network,
Figure BDA0003911044860000048
represents general trust, 50 ≦ μ T 3 < 75 means very trusted, 75 ≦ μ T 4 < 100 indicates full trust, resulting in a trust level score vector
Figure BDA0003911044860000042
Based on this, a score S is calculated, the formula being:
Figure BDA0003911044860000043
because the trust level of the network node is in an interval, in order to accurately represent the trust interval to which the node belongs, a representative score S' is selected, and the formula is as follows:
Figure BDA0003911044860000044
wherein
Figure BDA0003911044860000045
An excitement level score, which is composed of the median of each confidence interval, is expressed as:
Figure BDA0003911044860000046
as a preferred technical solution of the present invention, the step S112 specifically includes:
s1121: fromSelecting 7 confidence factors from the perspective of trust accuracy and reflecting attack behaviors to divide the level of the confidence of the network node, wherein the 7 confidence factors are respectively the successful data sending rate, the data integrity, the data availability, the data receiving grouping rate, the data forwarding rate, the time factor and the security level; respectively with F 1 ,F 2 ,F 3 ,F 4 ,F 5 ,F 6 ,F 7 Represents:
Figure BDA0003911044860000051
Figure BDA0003911044860000052
Figure BDA0003911044860000053
Figure BDA0003911044860000054
Figure BDA0003911044860000055
wherein: f 1 Indicating a data transmission rate factor, ACK i,j (t) indicates the number of successfully forwarded packets between adjacent network nodes, TP i,j (t) is the number of packets that the network node is required to forward; f 2 Representing a data integrity factor, IP i,j (t) indicates the number of packets that have not been tampered with and successfully transmitted, FP i,j (t) indicates the number of packets that need to be sent; f 3 Representing a data availability factor, RACK i,j (t) indicates the number of data packets responded to, NRACK i,j (t) represents the number of unresponsive packets; f 4 Representing a data reception packet rate factor, RP i,j (t) number of packets receivedMesh, RP i,j (t-1) indicating the number of packet data packets received at the last time; f 5 Representing a data transfer rate factor, FP i,j (t) represents the number of node transport packets, FP i,j (t-1) representing the number of network nodes transmitting packets at the previous time;
s1122: verifying the rationality of the trust evaluation method, and setting different parameters in different times, wherein the parameters are defined as follows because the physical meanings of the proportion occupied by successful interaction in different node interaction times are different:
Figure BDA0003911044860000056
wherein, SR i,j (t) number of successful interactions, FR i,j (t) indicates the number of failures, SR i,j (t-1) indicates the number of successful interactions, FR, at the previous moment i,j (t-1) represents the number of failures at the previous time.
As a preferred technical solution of the present invention, the step S12 specifically includes:
s121: supposing that the network node i initiates trust evaluation on the network node j, calculating the direct confidence of the evaluated network node j by the evaluation network node i in a weighting mode, calculating the direct confidence of the network node i on the network node j at the current moment by the following formula,
Figure BDA0003911044860000061
wherein: d represents a direct confidence vector; w 1 ,W 2 ,W 3 ,W 4 ,W 5 Is a weight coefficient of a confidence factor and satisfies w 1 +w 2 +w 3 +w 4 +w 5 =1;
S122: the value of the direct confidence obtained in step S121 is corrected, and the corrected direct confidence is represented as:
Figure BDA0003911044860000062
wherein:
Figure BDA0003911044860000063
indicating a direct confidence level that is not corrected,
Figure BDA0003911044860000064
representing the historical direct confidence of the last updating period, and alpha is represented as an adaptive factor for balancing the current confidence and the historical confidence, and is defined as:
Figure BDA0003911044860000065
wherein 0 < xi 1 <ξ 2 <1,ξ 1 The value is less than xi 2 Xi is to prevent malicious nodes from accumulating their own trust values by disguising malicious acts such as spoofing 2 Value greater than xi 1 The method aims to represent the penalty on the malicious behavior of the node so as to ensure the accuracy of the trust value of the node.
As a preferred technical solution of the present invention, the step S2 specifically comprises the steps of:
s21: firstly, filtering recommendation trust collected by a network node, then distributing weight information for the recommendation trust, and then calculating the indirect confidence of the node; the calculation formula is as follows:
Figure BDA0003911044860000071
Figure BDA0003911044860000072
wherein: IT (information technology) device l,j Is the indirect confidence of node I to node j, the superscript I represents the indirect confidence vector, η k Representing the weight of a certain common node k,
Figure BDA0003911044860000073
indicating the recommendation confidence of the neighboring network node k for network node j,
Figure BDA0003911044860000074
indicating the direct confidence of network node i to network node k,
Figure BDA0003911044860000075
representing the direct confidence of network node k to network node j;
s22: correcting the indirect confidence value obtained in the step S21 to obtain the recommended trust deviation d of a certain common neighbor network node k of the network node i k Expressed as:
Figure BDA0003911044860000076
wherein: if d is k The larger the value of (d), the higher the probability that the recommendation confidence of the network node k is a false recommendation of a malicious node operation, and the lower the feasibility, in order to ensure the reliability of the recommendation trust, if d k Is greater than τ, is discarded, if d k If tau is less, storing into set C.
As a preferred technical solution of the present invention, the step S3 specifically comprises the steps of:
calculating the membership degree of the network node i according to 3 confidence states of completely untrustworthy, uncertain and completely credible by using a fuzzy membership function in a fuzzy theory; and makes it have direct confidence DT i,j Degree of membership of
Figure BDA0003911044860000077
Indirect confidence IT k,j Degree of membership of
Figure BDA0003911044860000078
Respectively expressed as:
Figure BDA0003911044860000079
wherein:
Figure BDA0003911044860000081
Figure BDA0003911044860000082
and respectively taking { -T }, { T, -T }, { T } as a basic confidence function of the classification membership function of the network node, and according to the D-S evidence theory, mu 1 Degree of acceptance, μ, representing a "completely untrusted" state 2 Degree of acceptance, μ, representing a "no trust can be determined" status 3 Representing a degree of acceptance of the "fully trustworthy" state, then there is a direct confidence level
Figure BDA0003911044860000083
And
Figure BDA0003911044860000084
are equal,
Figure BDA0003911044860000085
And
Figure BDA0003911044860000086
are equal,
Figure BDA0003911044860000087
And
Figure BDA0003911044860000088
equally, similarly, there are indirect confidences
Figure BDA00039110448600000819
And
Figure BDA0003911044860000089
are equal,
Figure BDA00039110448600000810
And
Figure BDA00039110448600000811
are equal,
Figure BDA00039110448600000812
And
Figure BDA00039110448600000813
therefore, combining the direct confidence and the indirect confidence of the previous two network nodes to obtain the current complete confidence of the network node i to the network node j is represented as:
Figure BDA00039110448600000814
wherein:
Figure BDA00039110448600000815
direct confidence for network node i to network node j;
Figure BDA00039110448600000816
is the indirect confidence of network node i to network node j;
Figure BDA00039110448600000817
θ is the weight of the direct confidence and the indirect confidence, respectively, and satisfies
Figure BDA00039110448600000818
Is provided with
Figure BDA00039110448600000820
Compared with the prior art, the invention has the following beneficial effects: the direct confidence of the network node is obtained through comprehensive calculation of multiple confidence factors, the accuracy of the direct confidence of the network node is improved, and the complete confidence of the network node is obtained through a method of fusing a fuzzy theory and a D-S evidence theory.
Drawings
FIG. 1 is a flow chart of the method for evaluating the confidence of the nodes of the Internet of things based on the fuzzy evidence theory;
FIG. 2 is a network node confidence evaluation relationship diagram of the method for evaluating the confidence of the nodes of the Internet of things based on the fuzzy evidence theory;
fig. 3 is a schematic diagram illustrating indirect confidence recommendation of the method for evaluating the confidence of the nodes of the internet of things based on the fuzzy evidence theory;
fig. 4 is a schematic diagram illustrating comparison of malicious node detection rates of an evaluation method of the confidence of the internet of things node based on the fuzzy evidence theory and an RFSN and TMS method.
Detailed Description
The following embodiments of the present invention are described in detail with reference to the accompanying drawings, and the following embodiments are only used to more clearly illustrate the technical solutions of the present invention, but not to limit the scope of the present invention.
Example (b): as shown in fig. 1, the method for evaluating the confidence of the internet of things node based on the fuzzy evidence theory specifically includes the following steps:
s1: defining a basic confidence function in a D-S evidence theory as a fuzzy membership function, carrying out grade division on the confidence of the network nodes, and calculating the value of the direct confidence of the network nodes;
the specific steps of the step S1 are as follows:
s11: defining a basic confidence function in a D-S evidence theory as a fuzzy membership function, carrying out grade division on the confidence of the network nodes, and determining 7 confidence factors;
when the node information is judged by using a fuzzy set theory, the evaluation information of the network nodes can be reflected by using the membership degree of each trust evaluation set, the membership degree of the confidence factor of the node network node on different evaluation sets can form a fuzzy vector on the factor, the trust evaluation size of the network node on the trust factor is represented, and finally the node information is divided according to the membership degree of the confidence factor on each trust fuzzy set; in order to describe the trust relationship among the network nodes, a fuzzy relationship matrix is constructed to represent the trust relationship among the nodes according to the mutual evaluation among the network nodes; the confidence evaluation relationship between the network nodes is shown in fig. 2;
the specific steps of the step S11 are as follows:
s111: judging the information of the network nodes by using a fuzzy set theory and adding various confidence factors; then, forming a fuzzy vector on the confidence factor according to the membership of the confidence factor of the network node on different evaluation sets, wherein the fuzzy vector represents the trust degree of the network node on the trust factor; defining a basic confidence function in a D-S evidence theory as a fuzzy membership function, and constructing a plurality of fuzzy subsets;
the specific steps of step S111 are:
s1111: a fuzzy relation matrix R is constructed according to the mutual evaluation among the network nodes to represent the trust relation among the network nodes,
Figure BDA0003911044860000101
wherein r is ij Representing the trust of network node i to network node j, r ij When =1,0,0,0, it represents absolute trust for the network node, r ij If =0,0,0,0, it indicates that the network node performs trust evaluation on itself, and the evaluation is set to be invalid;
s1112: defining a weight vector, and combining the weight vector and the fuzzy relation matrix by a fuzzy synthesis operator to obtain a fuzzy evaluation result of each network node;
the step S1112 specifically includes:
s11121: defining a weight vector W = [ ω ]) 1 ,ω 2 ,ω 3 ,ω 4 ]Reflecting the degree of interest in each confidence factor;
s11122: combining the weight vector W and the fuzzy relation matrix R by a fuzzy synthesis operator to obtain a fuzzy vector (fuzzy evaluation result) of each network node;
the formula is as follows:
P=W·R=[p 1 ,p 2 ,p 3 ,p 4 ] (2);
wherein: p is i Fuzzy subset U representing internet of things network trust score i The membership degree of the evaluated nodes, W is a weight vector, is a fuzzy synthesis operator, and R is a fuzzy relation matrix between the network nodes;
s1113: by trust membership function mu T (A) For a certain interval of (2) determines the confidence level for a certain T a Membership of (a =1,2,3,4);
the specific steps of the step S1113 are as follows:
s11131: by blurring the subset T j (j =1,2,3,4) when defining different trust sets, employing a discrete scale {1,2, …, M } to describe a level of entity trust of a network node;
Figure BDA0003911044860000111
s11132: in order to facilitate the direct evaluation by using numerical values, the percentage scoring is carried out according to each trust level of the network nodes by introducing quantitative processing;
s11133: expressing the fuzzy classification of trust as 3 types of trust states of distrust, uncertainty and complete trust according to the scoring of the step S1232; according to the 3 types of trust levels, the trust value interval [0,1 ] of the network node]Constructing 3 fuzzy subsets T 1 ,T 2 ,T 3 The membership function is mu 1 (t), 2 (t),μ 3 (t) and has a 1 (t)+μ 2 (t)+μ 3 (t)=1;
The specific steps of step S11132 are as follows: to facilitate direct evaluation by numerical values, use is made of
Figure BDA0003911044860000117
Indicating that there is no trust in the network,
Figure BDA0003911044860000118
represents general trust, 50 ≦ μ T 3 < 75 means very trusted, 75 ≦ μ T 4 < 100 indicates full trust, resulting in a trust level score vector
Figure BDA0003911044860000112
Based on this, a score S is calculated, the formula being:
Figure BDA0003911044860000113
because the trust level of the network node is in an interval, in order to accurately represent the trust interval to which the node belongs, a representative score S' is selected, and the formula is as follows:
Figure BDA0003911044860000114
wherein
Figure BDA0003911044860000115
The excitement level score, which is composed of the median of each confidence interval, is expressed as:
Figure BDA0003911044860000116
s112: dividing the confidence level of the network node according to the membership degree of the confidence factor on each trust fuzzy subset;
the specific steps of step S112 are:
s1121: selecting 7 confidence factors from the perspective of trust accuracy and reflecting attack behaviors to divide the level of the confidence of the network node, wherein the 7 confidence factors are respectively the successful data sending rate, the data integrity, the data availability, the data receiving grouping rate, the data forwarding rate, the time factor and the security level; respectively with F 1 ,F 2 ,F 3 ,F 4 ,F 5 ,F 6 ,F 7 Represents:
Figure BDA0003911044860000121
Figure BDA0003911044860000122
Figure BDA0003911044860000123
Figure BDA0003911044860000124
Figure BDA0003911044860000125
wherein: f 1 Indicating a data transmission rate factor, ACK i,j (t) number of successfully forwarded packets between adjacent network nodes, TP i,j (t) is the number of packets that the network node is required to forward; f 2 Representing a data integrity factor, IP i,j (t) indicates the number of packets that have not been tampered with and successfully transmitted, FP i,j (t) indicates the number of packets that need to be sent; f 3 Representing a data availability factor, RACK i,j (t) indicates the number of data packets responded to, NRACK i,j (t) represents the number of unresponsive packets; f 4 Representing a data reception packet rate factor, RP i,j (t) indicates the number of packets received, RP i,j (t-1) indicating the number of packet data packets received at the last time; f 5 Representing a data transfer rate factor, FR i,j (t) indicates the number of node transmission packets, FP i,j (t-1) represents the number of network nodes transmitting packets at the last moment in time.
S1122: verifying the rationality of the trust evaluation method, and setting different parameters in different times, wherein the parameters are defined as follows because the physical meanings of the proportion occupied by successful interaction in different node interaction times are different:
Figure BDA0003911044860000131
wherein, SR i,j (t) number of successful interactions, FR i,j (t) indicates the number of failures, SR i,j (t-1) indicates the number of successful interactions, FR, at the previous moment i,j (t-1) represents the number of failures at the previous time;
s12: calculating the value of the direct confidence of the network node, and modifying the weight of the direct confidence of the network node according to the value; in order to ensure the rationality of the trust evaluation method, different parameters are set in different times, because the physical meanings of the proportion occupied by successful interaction in different node interaction times are different; the nodes in the internet of things are also attacked by the defense switch, so that the direct confidence of the nodes is influenced to a certain extent; in order to eliminate such an influence, the value of the direct confidence obtained in step S121 is corrected;
the specific steps of the step S12 are as follows:
s121: supposing that the network node i initiates trust evaluation on the network node j, calculating the direct confidence of the evaluated network node j by the evaluation network node i in a weighting mode, calculating the direct confidence of the network node i on the network node j at the current moment by the following formula,
Figure BDA0003911044860000132
wherein: d represents a direct confidence vector; w is a 1 ,w 2 ,w 3 ,w 4 ,w 5 Is a weight coefficient of a confidence factor and satisfies w 1 +w 2 +w 3 +w 4 +w 5 =1; herein, the weight coefficients are set to w, respectively 1 =w 2 =w 3 =w 4 =w 5 =0.2;
S122: the value of the direct confidence obtained in step S121 is corrected, and the corrected direct confidence is expressed as:
Figure BDA0003911044860000133
wherein:
Figure BDA0003911044860000134
indicating a direct confidence level that is not corrected,
Figure BDA0003911044860000135
representing the historical direct confidence of the last updating period, and alpha is represented as an adaptive factor for balancing the current confidence and the historical confidence, and is defined as:
Figure BDA0003911044860000141
wherein 0 < xi 1 <ξ 2 <1,ξ 1 The value is less than xi 2 Xi is to prevent malicious nodes from accumulating their own trust values by disguising malicious acts such as spoofing 2 Value greater than xi 1 The method is used for embodying the penalty on the malicious behavior of the node so as to ensure the accuracy of the trust value of the node;
s2: calculating the received recommended trust of two adjacent network nodes to obtain the indirect confidence of the network node; FIG. 3 is a schematic diagram of indirect confidence recommendation;
the specific steps of the step S2 are as follows:
s21: firstly, filtering recommendation trust collected by a network node, then distributing weight information for the recommendation trust, and then calculating the indirect confidence of the node; the calculation formula is as follows:
Figure BDA0003911044860000142
Figure BDA0003911044860000143
wherein: IT (information technology) device l,j Is the indirect confidence of node I to node j, the superscript I represents the indirect confidence vector, η k Representing the weight of a certain common node k,
Figure BDA0003911044860000144
indicating the recommendation confidence of the neighboring network node k for network node j,
Figure BDA0003911044860000145
indicating the direct confidence of network node i to network node k,
Figure BDA0003911044860000146
representing the direct confidence of network node k to network node j; because the network has various attack types, the recommendation confidence of the network node may have a certain deviation degree, if the deviation degree is too large, the deviation degree is discarded, and the influence on the indirect confidence of the node is avoided;
s22: because various attack types exist in the network, the recommendation confidence degrees of the nodes may have certain deviation degrees, and if the deviation degrees are overlarge, the deviation degrees are discarded, so that the indirect confidence degrees of the nodes are prevented from being influenced; correcting the indirect confidence value obtained in the step S21 to obtain the recommended trust deviation d of a certain common neighbor network node k of the network node i k Expressed as:
Figure BDA0003911044860000147
wherein: if d is k The larger the value of (d), the higher the probability that the recommendation confidence of the network node k is a false recommendation of a malicious node operation, the lower the feasibility, and in order to ensure the reliability of the recommendation trust, a deviation threshold value tau =0.2 is set, and if d is k Is greater than τ, is discarded, if d k If tau is less, store it in set C;
S3: synthesizing the direct confidence coefficient and the indirect confidence coefficient of the network node according to a Dempster combination rule to obtain the complete confidence coefficient of the network node;
the specific steps of the step S3 are as follows:
calculating the membership degree of the network node i according to 3 confidence states of completely untrustworthy, uncertain and completely credible by using a fuzzy membership function in a fuzzy theory; and makes it have direct confidence DT i,j Degree of membership of
Figure BDA0003911044860000151
Indirect confidence IT k,j Degree of membership of
Figure BDA0003911044860000152
Respectively expressed as:
Figure BDA0003911044860000153
wherein:
Figure BDA0003911044860000154
Figure BDA0003911044860000155
and respectively taking { -T }, { T, -T }, { T } as a basic confidence function of the classification membership function of the network node, and according to the D-S evidence theory, mu 1 Degree of acceptance, mu, representing a "completely untrusted" state 2 Acceptance, mu, representing a "no certainty of trust" status 3 Representing a degree of acceptance of the "fully trustworthy" state, then there is a direct confidence level
Figure BDA0003911044860000156
And
Figure BDA0003911044860000157
are equal,
Figure BDA0003911044860000158
And
Figure BDA0003911044860000159
are equal,
Figure BDA0003911044860000161
And
Figure BDA0003911044860000162
equally, similarly, there are indirect confidences
Figure BDA0003911044860000163
And
Figure BDA0003911044860000164
are equal,
Figure BDA0003911044860000165
And
Figure BDA0003911044860000166
are equal,
Figure BDA0003911044860000167
And
Figure BDA0003911044860000168
therefore, combining the direct confidence and the indirect confidence of the previous two network nodes to obtain the current complete confidence of the network node i to the network node j is represented as:
Figure BDA0003911044860000169
wherein:
Figure BDA00039110448600001610
for network node i to network node jReceiving a confidence coefficient;
Figure BDA00039110448600001611
is the indirect confidence of network node i to network node j;
Figure BDA00039110448600001612
θ is the weight of the direct confidence and the indirect confidence, respectively, and satisfies
Figure BDA00039110448600001613
Is provided with
Figure BDA00039110448600001614
As shown in fig. 4, the malicious node detection rate is obtained by detecting the proportion of the malicious nodes in the network running time and comparing the method with the RFSN method and the TMS method, and the comparison result shows that the malicious node detection rate detected by the method of the present invention is higher.
The specific embodiments of the present invention described are merely illustrative of the spirit of the invention. Various modifications or additions may be made to the described embodiments or alternatives may be employed by those skilled in the art without departing from the spirit or scope of the invention as defined in the appended claims.

Claims (10)

1. A method for evaluating the confidence of an Internet of things node based on a fuzzy evidence theory is characterized by comprising the following steps:
s1: defining a basic confidence function as a fuzzy membership function, carrying out grade division on the confidence of the network nodes, and calculating the value of the direct confidence of the network nodes;
s2: calculating the received recommended trust of two adjacent network nodes to obtain the indirect confidence of the network node;
s3: and synthesizing the direct confidence coefficient and the indirect confidence coefficient of the network node according to the combination rule to obtain the complete confidence coefficient of the network node.
2. The method for evaluating the confidence of the nodes of the internet of things based on the fuzzy evidence theory according to claim 1, wherein the step S1 comprises the following specific steps:
s11: defining a basic confidence function in a D-S evidence theory as a fuzzy membership function, carrying out grade division on the confidence of the network nodes, and determining 7 confidence factors;
s12: calculating the value of the direct confidence of the network node, and modifying the weight of the direct confidence of the network node according to the value.
3. The method for evaluating the confidence of the nodes of the internet of things based on the fuzzy evidence theory according to claim 1, wherein the step S11 specifically comprises the following steps:
s111: judging the information of the network nodes by using a fuzzy set theory and adding various confidence factors; then, forming a fuzzy vector on the confidence factor according to the membership of the confidence factor of the network node on different evaluation sets, wherein the fuzzy vector represents the trust degree of the network node on the trust factor; defining a basic confidence function in a D-S evidence theory as a fuzzy membership function, and constructing a plurality of fuzzy subsets;
s112: and dividing the confidence level of the network node according to the membership degree of the confidence factor on each trust fuzzy subset.
4. The method for evaluating the confidence of the internet of things node based on the fuzzy evidence theory according to claim 2, wherein the step S111 specifically comprises the steps of:
s1111: constructing a fuzzy relation matrix R according to the mutual evaluation among the network nodes to represent the trust relation among the network nodes;
Figure FDA0003911044850000021
wherein r is ij Representing the trust of network node i to network node j, r ij When =1,0,0,0, it represents absolute trust for the network node, r ij If =0,0,0,0, it indicates that the network node performs trust evaluation on itself, and the evaluation is set to be invalid;
s1112: defining a weight vector, and combining the weight vector and the fuzzy relation matrix by a fuzzy synthesis operator to obtain a fuzzy evaluation result of each network node;
the step S1112 specifically includes:
s11121: defining a weight vector W = [ ω ]) 1 ,ω 2 ,ω 3 ,ω 4 ]Reflecting the degree of interest in the respective confidence factors,
s11122: combining the weight vector W and the fuzzy relation matrix R by a fuzzy synthesis operator to obtain a fuzzy vector (fuzzy evaluation result) of each network node;
the formula is as follows:
P=W·R=[p 1 ,p 2 ,p 3 ,p 4 ] (2);
wherein: p i Fuzzy subset U representing internet of things network trust score i The membership degree of the evaluated nodes, W is a weight vector, is a fuzzy synthesis operator, and R is a fuzzy relation matrix between the network nodes;
s1113: by trust membership function mu T (A) For a certain interval of (2) judging the confidence level to a certain T a Membership of (a =1,2,3,4).
5. The method for evaluating the confidence of the internet of things node based on the fuzzy evidence theory according to claim 4, wherein the step S1113 specifically comprises the following steps:
s11131: by blurring the subset T j (j =1,2,3,4) when defining different trust sets, employing a discrete scale {1,2, …, M } to describe a level of entity trust of a network node;
Figure FDA0003911044850000031
s11132: carrying out percentage scoring according to each trust level of the network nodes by introducing quantification processing;
s11133: expressing the fuzzy classification of trust as 3 types of trust states of distrust, uncertainty and complete trust according to the scoring of the step S1232; according to the 3 types of trust levels, the trust value interval [0,1 ] of the network node]Constructing 3 fuzzy subsets T 1 ,T 2 ,T 3 The membership function is mu 1 (t), 2 (t),μ 3 (t) and has a 1 (t)+μ 2 (t)+μ 3 (t)=1。
6. The method for evaluating the confidence of the internet of things node based on the fuzzy evidence theory according to claim 5, wherein the step S11132 specifically comprises the steps of: by using
Figure FDA0003911044850000032
Indicating that there is no trust in the network,
Figure FDA0003911044850000033
represents general trust, 50 ≦ μ T 3 < 75 means very trusted, 75 ≦ μ T 4 < 100 indicates full trust, resulting in a trust level score vector
Figure FDA0003911044850000034
And calculating a trust score S according to the trust level score vector C, wherein the formula is as follows:
Figure FDA0003911044850000035
because the trust level of the network node is in an interval, in order to accurately represent the trust interval to which the node belongs, a representative score S' is selected, and the formula is as follows:
Figure FDA0003911044850000036
wherein
Figure FDA0003911044850000037
The excitement level score, which is composed of the median of each confidence interval, is expressed as:
Figure FDA0003911044850000038
7. the method for evaluating the confidence of the internet of things node based on the fuzzy evidence theory according to claim 3, wherein the step S112 specifically comprises the following steps:
s1121: selecting 7 confidence factors from the perspective of trust accuracy and reflecting attack behaviors to divide the level of the confidence of the network node, wherein the 7 confidence factors are respectively the successful data sending rate, the data integrity, the data availability, the data receiving grouping rate, the data forwarding rate, the time factor and the security level; respectively with F 1 ,F 2 ,F 3 ,F 4 ,F 5 ,F 6 ,F 7 Represents:
Figure FDA0003911044850000041
Figure FDA0003911044850000042
Figure FDA0003911044850000043
Figure FDA0003911044850000044
Figure FDA0003911044850000045
wherein, F 1 Indicating a data transmission rate factor, ACK i,j (t) indicates the number of successfully forwarded packets between adjacent network nodes, TP i,j (t) is the number of packets that the network node is required to forward; f 2 Representing a data integrity factor, IP i,j (t) indicates the number of packets that have not been tampered with and successfully transmitted, FP i,j (t) indicates the number of packets that need to be sent; f 3 Representing a data availability factor, RACK i,j (t) indicates the number of data packets responded to, NRACK i,j (t) represents the number of unresponsive packets; f 4 Representing a data reception packet rate factor, RP i,j (t) indicates the number of packets received, RP i,j (t-1) indicating the number of packet data packets received at the last time; f 5 Representing a data transfer rate factor, FP i,j (t) indicates the number of node transmission packets, FP i,j (t-1) representing the number of network nodes transmitting packets at the previous time;
s1122: verifying the rationality of the trust evaluation method, setting different parameters in different time, and defining the parameters as follows:
Figure FDA0003911044850000051
wherein, SR i,j (t) number of successful interactions, FR i,j (t) indicates the number of failures, SR i,j (t-1) indicates the number of successful interactions, FR, at the previous moment i,j (t-1) represents the number of failures at the previous time.
8. The method for evaluating the confidence of the internet of things node based on the fuzzy evidence theory according to claim 7, wherein the step S12 specifically comprises the steps of:
s121: supposing that the network node i initiates trust evaluation on the network node j, calculating the direct confidence of the evaluated network node j by the evaluation network node i in a weighting mode, calculating the direct confidence of the network node i on the network node j at the current moment by the following formula,
Figure FDA0003911044850000052
wherein: d represents a direct confidence vector; w is a 1 ,w 2 ,w 3 ,w 4 ,w 5 Is a weight coefficient of a confidence factor and satisfies w 1 +w 2 +w 3 +w 4 +w 5 =1;
S122: the value of the direct confidence obtained in step S121 is corrected, and the corrected direct confidence is represented as:
Figure FDA0003911044850000053
wherein:
Figure FDA0003911044850000054
indicating a direct confidence level that is not corrected,
Figure FDA0003911044850000055
representing the historical direct confidence of the last updating period, and alpha is represented as an adaptive factor for balancing the current confidence and the historical confidence, and is defined as:
Figure FDA0003911044850000056
wherein 0 < xi 1 <ξ 2 <1,ξ 1 The value is less than xi 2 The method is to prevent malicious nodes from accumulating self trust values through malicious behaviors such as spoofing and deception, and xi 2 Value greater than xi 1 The method aims to represent the penalty on the malicious behavior of the node so as to ensure the accuracy of the trust value of the node.
9. The method for evaluating the confidence of the nodes of the internet of things based on the fuzzy evidence theory according to claim 2, wherein the step S2 specifically comprises the following steps:
s21: firstly, filtering recommendation trust collected by a network node, then distributing weight information for the recommendation trust, and then calculating the indirect confidence of the node; the calculation formula is as follows:
Figure FDA0003911044850000061
Figure FDA0003911044850000062
wherein: IT (information technology) device l,j Is the indirect confidence of node I to node j, the superscript I represents the indirect confidence vector, η k Representing the weight of a certain common node k,
Figure FDA0003911044850000063
indicating the recommendation confidence of the neighboring network node k for network node j,
Figure FDA0003911044850000064
indicating the direct confidence of network node i to network node k,
Figure FDA0003911044850000065
representing the direct confidence of network node k to network node j;
s22: correcting the indirect confidence value obtained in the step S21 to obtain the recommended trust deviation d of a certain common neighbor network node k of the network node i k Expressed as:
Figure FDA0003911044850000066
wherein: if d is k The larger the value of (a), the more likely it is that the recommendation confidence of the network node k is a false recommendation of a malicious node operation, the lower its feasibility.
10. The method for evaluating the confidence of the nodes of the internet of things based on the fuzzy evidence theory according to claim 2, wherein the step S3 specifically comprises the following steps:
calculating the membership degree of the network node i according to 3 confidence states of completely untrustworthy, uncertain and completely credible by using a fuzzy membership function in a fuzzy theory; and makes it have direct confidence DT i,j Degree of membership of
Figure FDA0003911044850000067
Indirect confidence IT k,j Degree of membership of
Figure FDA0003911044850000068
Respectively expressed as:
Figure FDA0003911044850000071
wherein:
Figure FDA0003911044850000072
Figure FDA0003911044850000073
and respectively taking { -T }, { T, -T }, { T } as a basic confidence function of the classification membership function of the network node, and according to the D-S evidence theory, mu 1 Means "totally untrustedDegree of acceptance of State, mu 2 Representing "uncertain Trust", acceptance of State, μ 3 Representing "fully trusted", the degree of acceptance of the state, then there is a direct confidence level
Figure FDA0003911044850000074
And
Figure FDA0003911044850000075
are equal,
Figure FDA0003911044850000076
And
Figure FDA0003911044850000077
are equal,
Figure FDA0003911044850000078
And
Figure FDA0003911044850000079
equally, similarly, there are indirect confidences
Figure FDA00039110448500000710
And
Figure FDA00039110448500000711
are equal,
Figure FDA00039110448500000712
And
Figure FDA00039110448500000713
are equal,
Figure FDA00039110448500000714
And
Figure FDA00039110448500000715
therefore, combining the direct confidence and the indirect confidence of the previous two network nodes to obtain the current complete confidence of the network node i to the network node j is represented as:
Figure FDA00039110448500000716
wherein:
Figure FDA0003911044850000081
direct confidence for network node i to network node j;
Figure FDA0003911044850000082
is the indirect confidence of network node i to network node j;
Figure FDA0003911044850000083
θ is the weight of the direct confidence and the indirect confidence, respectively, and satisfies
Figure FDA0003911044850000084
CN202211322713.0A 2022-10-27 2022-10-27 Method for evaluating confidence of Internet of things node based on fuzzy evidence theory Pending CN115694956A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211322713.0A CN115694956A (en) 2022-10-27 2022-10-27 Method for evaluating confidence of Internet of things node based on fuzzy evidence theory

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211322713.0A CN115694956A (en) 2022-10-27 2022-10-27 Method for evaluating confidence of Internet of things node based on fuzzy evidence theory

Publications (1)

Publication Number Publication Date
CN115694956A true CN115694956A (en) 2023-02-03

Family

ID=85099871

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211322713.0A Pending CN115694956A (en) 2022-10-27 2022-10-27 Method for evaluating confidence of Internet of things node based on fuzzy evidence theory

Country Status (1)

Country Link
CN (1) CN115694956A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117768247A (en) * 2024-02-22 2024-03-26 广东电网有限责任公司中山供电局 security detection method and device for market transaction Internet of things data and electronic equipment

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117768247A (en) * 2024-02-22 2024-03-26 广东电网有限责任公司中山供电局 security detection method and device for market transaction Internet of things data and electronic equipment
CN117768247B (en) * 2024-02-22 2024-05-14 广东电网有限责任公司中山供电局 Security detection method and device for market transaction Internet of things data and electronic equipment

Similar Documents

Publication Publication Date Title
Borkar et al. A novel clustering approach and adaptive SVM classifier for intrusion detection in WSN: A data mining concept
Patil et al. DoS attack prevention technique in wireless sensor networks
Khoei et al. Ensemble learning methods for anomaly intrusion detection system in smart grid
CN109257750B (en) Intrusion detection method of multi-protocol layer based on trust and noise point detection technology
Farhat et al. Comparative study of classification algorithms for cloud ids using nsl-kdd dataset in weka
Wu et al. Multi-source fusion-based security detection method for heterogeneous networks
Wang et al. Towards fast detecting intrusions: using key attributes of network traffic
Hagos et al. Enhancing security attacks analysis using regularized machine learning techniques
CN115694956A (en) Method for evaluating confidence of Internet of things node based on fuzzy evidence theory
CN114285606A (en) DDoS (distributed denial of service) multi-point cooperative defense method for Internet of things management
Fenil et al. Towards a secure software defined network with adaptive mitigation of dDoS attacks by machine learning approaches
Darwish et al. Attack detection and mitigation techniques in industrial control system-smart grid dnp3
Chandan Consensus routing and environmental discrete trust based secure AODV in MANETs
Moudni et al. Fuzzy logic based intrusion detection system against black hole attack in mobile ad hoc networks
Thamilarasu Genetic algorithm based intrusion detection system for wireless body area networks
Devi et al. An integrated intelligent paradigm to detect DDoS attack in mobile ad hoc networks
Song Feature selection for intrusion detection system
Balarengadurai et al. Fuzzy based detection and prediction of DDoS attacks in IEEE 802.15. 4 low rate wireless personal area network
Pandey et al. A Trust-based Security Aware Congestion Control Algorithm for Wireless Sensor Networks.
Prajisha et al. An intrusion detection system for blackhole attack detection and isolation in RPL based IoT using ANN
Dinh et al. Economic Denial of Sustainability (EDoS) detection using GANs in SDN-based cloud
CN115802358A (en) Multi-step DDoS prediction poisoning attack based on reinforcement learning and defense method thereof
Sahu et al. A survey on detection of malicious nodes in wireless sensor networks
Sivanesan et al. Performance analysis of machine learning-based detection of sinkhole network layer attack in MANET
Igbe Artificial immune system based approach to cyber attack detection

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination