CN115694956A - Method for evaluating confidence of Internet of things node based on fuzzy evidence theory - Google Patents
Method for evaluating confidence of Internet of things node based on fuzzy evidence theory Download PDFInfo
- Publication number
- CN115694956A CN115694956A CN202211322713.0A CN202211322713A CN115694956A CN 115694956 A CN115694956 A CN 115694956A CN 202211322713 A CN202211322713 A CN 202211322713A CN 115694956 A CN115694956 A CN 115694956A
- Authority
- CN
- China
- Prior art keywords
- confidence
- network node
- trust
- fuzzy
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method for evaluating the confidence of nodes of the Internet of things based on a fuzzy evidence theory, which comprises the following steps: s1: defining a basic confidence function as a fuzzy membership function, carrying out grade division on the confidence of the network nodes, and calculating the value of the direct confidence of the network nodes; s2: calculating the received recommended trust of two adjacent network nodes to obtain the indirect confidence of the network node; s3: and synthesizing the direct confidence coefficient and the indirect confidence coefficient of the network node according to the combination rule to obtain the complete confidence coefficient of the network node. The method for evaluating the confidence coefficient of the internet of things node based on the fuzzy evidence theory obtains the direct confidence coefficient of the network node through comprehensive calculation of multiple confidence coefficient factors, improves the accuracy of the direct confidence coefficient of the network node, and obtains the complete confidence coefficient of the network node through a method of fusing the fuzzy theory and the D-S evidence theory.
Description
Technical Field
The invention belongs to the technical field of Internet of things, and particularly relates to a method for evaluating confidence of an Internet of things node based on a fuzzy evidence theory.
Background
In recent years, the internet of things (IOT) is an emerging technology, and is beginning to be applied to various fields such as energy, science and technology, medical treatment, education, and the like. In the internet of things, although the network nodes can collect required data for the carriers in real time through the sensors and various intelligent devices, great convenience is brought to realization of environment perception and intelligent decision making, and the data also comprise privacy data and confidential data. Meanwhile, due to the characteristics of the internet of things, such as open network environment, limited network node energy, various equipment services and the like, nodes in the network are very likely to be attacked by malicious nodes. Therefore, how to protect the nodes in the internet of things from being attacked by malicious nodes is an important challenge in the internet of things network deployment process. In the internet of things, because computing resources and storage capacities of different equipment nodes are greatly different, and node cooperation and resource interaction in a network are frequent, a traditional security authentication technology and an encryption technology cannot be properly deployed in the network of the internet of things because internal attacks initiated by malicious nodes cannot be timely discovered and intercepted.
Meanwhile, the trust relationship between nodes in the network is also affected by different service attributes and node confidence degrees in the network. For example, some malicious nodes hidden in the network may launch internal attacks with legitimate identities. Besides, the main threats of the network security of the internet of things include that malicious nodes acquire related services by using trust relationships among the nodes. If the malicious nodes in the internet of things network cannot be identified in time, the whole network may be attacked, so that private data and confidential data are leaked, and the network security is threatened. Therefore, the primary condition for ensuring the node security of the internet of things and improving the node cooperative relationship is to fully mine the trust relationship among the nodes in the network environment and accordingly identify the malicious nodes in the network environment.
The traditional security mechanism based on encryption and authentication can only resist external attacks, an effective resisting means is lacked for attacks inside a network, and trust management is the most commonly used algorithm for detecting internal attacks. In the method, the network nodes are evaluated and classified mainly according to different characteristics, and the transmission safety between the nodes is ensured, so that the safety of the whole network is ensured. Trust-based security mechanisms are considered an improvement over traditional cryptographic security methods. In the internet of things, cooperation and interaction among devices can be described as the trust degree of network nodes among each other, and information used in a decision making process is maintained by recording behaviors among the nodes. If the network contains malicious nodes, communication among the nodes is limited, and the success and reliability of interaction among the nodes can be guaranteed only when all the nodes in the network operate in a trustworthy mode. Therefore, the trust management mechanism is applied to enhance the safety and the robustness of the internet of things network and ensure that the safe transmission between the network nodes is a good method. The subjective ambiguity of the confidence of the network node can cause the problem that the existing node evaluation method cannot effectively deal with the malicious behavior of the node so that the internal attack of the network cannot be resisted. To solve this problem, three trust factors are defined as inputs to the model, but these three trust factors are not sufficient to describe the trust impact on the network nodes.
Disclosure of Invention
The invention aims to provide a method for evaluating the confidence coefficient of an internet of things node based on a fuzzy evidence theory.
In order to solve the technical problems, the invention adopts the technical scheme that: the method for evaluating the confidence of the internet of things node based on the fuzzy evidence theory specifically comprises the following steps:
s1: defining a basic confidence function as a fuzzy membership function, carrying out grade division on the confidence of the network nodes, and calculating the value of the direct confidence of the network nodes;
s2: calculating the received recommended trust of two adjacent network nodes to obtain the indirect confidence of the network node;
s3: and synthesizing the direct confidence coefficient and the indirect confidence coefficient of the network node according to the combination rule to obtain the complete confidence coefficient of the network node.
As a preferred technical solution of the present invention, the step S1 specifically comprises the following steps:
s11: defining a basic confidence function in a D-S evidence theory as a fuzzy membership function, carrying out grade division on the confidence of the network nodes, and determining 7 confidence factors;
s12: calculating the value of the direct confidence of the network node, and modifying the weight of the direct confidence of the network node according to the value.
As a preferred technical solution of the present invention, the step S11 specifically includes:
s111: judging the information of the network nodes by using a fuzzy set theory and adding various confidence factors; then, forming a fuzzy vector on the confidence factor according to the membership of the confidence factor of the network node on different evaluation sets, wherein the fuzzy vector represents the trust degree of the network node on the trust factor; defining a basic confidence function in a D-S evidence theory as a fuzzy membership function, and constructing a plurality of fuzzy subsets;
s112: and dividing the confidence level of the network node according to the membership degree of the confidence factor on each confidence fuzzy subset.
As a preferred technical solution of the present invention, the step S111 specifically includes:
s1111: a fuzzy relation matrix R is constructed according to the mutual evaluation among the network nodes to represent the trust relation among the network nodes,
wherein r is ij Representing the trust of network node i to network node j, r ij When =1,0,0,0, it represents absolute trust for the network node, r ij If the value is =0,0,0,0, the trust evaluation of the network node on the network node is represented, and the trust evaluation is set to be invalid;
s1112: defining a weight vector, and combining the weight vector and the fuzzy relation matrix by a fuzzy synthesis operator to obtain a fuzzy evaluation result of each network node;
the step S1112 specifically includes:
s11121: defining a weight vector W = [ ω ]) 1 ,ω 2 ,ω 3 ,ω 4 ]Reflecting the degree of interest in each confidence factor;
s11122: combining the weight vector W and the fuzzy relation matrix R by a fuzzy synthesis operator to obtain a fuzzy vector (fuzzy evaluation result) of each network node;
the formula is as follows:
P=W·R=[p 1 ,p 2 ,p 3 ,p 4 ] (2);
wherein: p i Fuzzy subset U representing internet of things network trust score i The membership degree of the evaluated nodes, W is a weight vector, is a fuzzy synthesis operator, and R is a fuzzy relation matrix between the network nodes;
s1113: by trust membership function mu T (A) For a certain interval of (2) determines the confidence level for a certain T a Membership of (a =1,2,3,4).
As a preferred technical solution of the present invention, the step S1113 specifically comprises the following steps:
s11131: by blurring the subset T j (j =1,2,3,4) when defining different trust sets, employing a discrete scale {1,2, …, M } to describe a level of entity trust of a network node;
s11132: carrying out percentage scoring according to each trust level of the network nodes by introducing quantification processing;
s11133: expressing the fuzzy classification of trust as 3 types of trust states of distrust, uncertainty and complete trust according to the scoring of the step S1232; according to the 3 types of trust levels, the trust value interval [0,1 ] of the network node]Constructing 3 fuzzy subsets T 1 ,T 2 ,T 3 The membership function is mu 1 (t), 2 (t),μ 3 (t) and has a 1 (t)+μ 2 (t)+μ 3 (t)=1。
As a preferred technical solution of the present invention, the step S11132 specifically comprises the following steps: by usingIndicating that there is no trust in the network,represents general trust, 50 ≦ μ T 3 < 75 means very trusted, 75 ≦ μ T 4 < 100 indicates full trust, resulting in a trust level score vectorBased on this, a score S is calculated, the formula being:
because the trust level of the network node is in an interval, in order to accurately represent the trust interval to which the node belongs, a representative score S' is selected, and the formula is as follows:
whereinAn excitement level score, which is composed of the median of each confidence interval, is expressed as:
as a preferred technical solution of the present invention, the step S112 specifically includes:
s1121: fromSelecting 7 confidence factors from the perspective of trust accuracy and reflecting attack behaviors to divide the level of the confidence of the network node, wherein the 7 confidence factors are respectively the successful data sending rate, the data integrity, the data availability, the data receiving grouping rate, the data forwarding rate, the time factor and the security level; respectively with F 1 ,F 2 ,F 3 ,F 4 ,F 5 ,F 6 ,F 7 Represents:
wherein: f 1 Indicating a data transmission rate factor, ACK i,j (t) indicates the number of successfully forwarded packets between adjacent network nodes, TP i,j (t) is the number of packets that the network node is required to forward; f 2 Representing a data integrity factor, IP i,j (t) indicates the number of packets that have not been tampered with and successfully transmitted, FP i,j (t) indicates the number of packets that need to be sent; f 3 Representing a data availability factor, RACK i,j (t) indicates the number of data packets responded to, NRACK i,j (t) represents the number of unresponsive packets; f 4 Representing a data reception packet rate factor, RP i,j (t) number of packets receivedMesh, RP i,j (t-1) indicating the number of packet data packets received at the last time; f 5 Representing a data transfer rate factor, FP i,j (t) represents the number of node transport packets, FP i,j (t-1) representing the number of network nodes transmitting packets at the previous time;
s1122: verifying the rationality of the trust evaluation method, and setting different parameters in different times, wherein the parameters are defined as follows because the physical meanings of the proportion occupied by successful interaction in different node interaction times are different:
wherein, SR i,j (t) number of successful interactions, FR i,j (t) indicates the number of failures, SR i,j (t-1) indicates the number of successful interactions, FR, at the previous moment i,j (t-1) represents the number of failures at the previous time.
As a preferred technical solution of the present invention, the step S12 specifically includes:
s121: supposing that the network node i initiates trust evaluation on the network node j, calculating the direct confidence of the evaluated network node j by the evaluation network node i in a weighting mode, calculating the direct confidence of the network node i on the network node j at the current moment by the following formula,
wherein: d represents a direct confidence vector; w 1 ,W 2 ,W 3 ,W 4 ,W 5 Is a weight coefficient of a confidence factor and satisfies w 1 +w 2 +w 3 +w 4 +w 5 =1;
S122: the value of the direct confidence obtained in step S121 is corrected, and the corrected direct confidence is represented as:
wherein:indicating a direct confidence level that is not corrected,representing the historical direct confidence of the last updating period, and alpha is represented as an adaptive factor for balancing the current confidence and the historical confidence, and is defined as:
wherein 0 < xi 1 <ξ 2 <1,ξ 1 The value is less than xi 2 Xi is to prevent malicious nodes from accumulating their own trust values by disguising malicious acts such as spoofing 2 Value greater than xi 1 The method aims to represent the penalty on the malicious behavior of the node so as to ensure the accuracy of the trust value of the node.
As a preferred technical solution of the present invention, the step S2 specifically comprises the steps of:
s21: firstly, filtering recommendation trust collected by a network node, then distributing weight information for the recommendation trust, and then calculating the indirect confidence of the node; the calculation formula is as follows:
wherein: IT (information technology) device l,j Is the indirect confidence of node I to node j, the superscript I represents the indirect confidence vector, η k Representing the weight of a certain common node k,indicating the recommendation confidence of the neighboring network node k for network node j,indicating the direct confidence of network node i to network node k,representing the direct confidence of network node k to network node j;
s22: correcting the indirect confidence value obtained in the step S21 to obtain the recommended trust deviation d of a certain common neighbor network node k of the network node i k Expressed as:
wherein: if d is k The larger the value of (d), the higher the probability that the recommendation confidence of the network node k is a false recommendation of a malicious node operation, and the lower the feasibility, in order to ensure the reliability of the recommendation trust, if d k Is greater than τ, is discarded, if d k If tau is less, storing into set C.
As a preferred technical solution of the present invention, the step S3 specifically comprises the steps of:
calculating the membership degree of the network node i according to 3 confidence states of completely untrustworthy, uncertain and completely credible by using a fuzzy membership function in a fuzzy theory; and makes it have direct confidence DT i,j Degree of membership ofIndirect confidence IT k,j Degree of membership ofRespectively expressed as:
wherein:
and respectively taking { -T }, { T, -T }, { T } as a basic confidence function of the classification membership function of the network node, and according to the D-S evidence theory, mu 1 Degree of acceptance, μ, representing a "completely untrusted" state 2 Degree of acceptance, μ, representing a "no trust can be determined" status 3 Representing a degree of acceptance of the "fully trustworthy" state, then there is a direct confidence levelAndare equal,Andare equal,Andequally, similarly, there are indirect confidencesAndare equal,Andare equal,Andtherefore, combining the direct confidence and the indirect confidence of the previous two network nodes to obtain the current complete confidence of the network node i to the network node j is represented as:
wherein:direct confidence for network node i to network node j;is the indirect confidence of network node i to network node j;θ is the weight of the direct confidence and the indirect confidence, respectively, and satisfiesIs provided with
Compared with the prior art, the invention has the following beneficial effects: the direct confidence of the network node is obtained through comprehensive calculation of multiple confidence factors, the accuracy of the direct confidence of the network node is improved, and the complete confidence of the network node is obtained through a method of fusing a fuzzy theory and a D-S evidence theory.
Drawings
FIG. 1 is a flow chart of the method for evaluating the confidence of the nodes of the Internet of things based on the fuzzy evidence theory;
FIG. 2 is a network node confidence evaluation relationship diagram of the method for evaluating the confidence of the nodes of the Internet of things based on the fuzzy evidence theory;
fig. 3 is a schematic diagram illustrating indirect confidence recommendation of the method for evaluating the confidence of the nodes of the internet of things based on the fuzzy evidence theory;
fig. 4 is a schematic diagram illustrating comparison of malicious node detection rates of an evaluation method of the confidence of the internet of things node based on the fuzzy evidence theory and an RFSN and TMS method.
Detailed Description
The following embodiments of the present invention are described in detail with reference to the accompanying drawings, and the following embodiments are only used to more clearly illustrate the technical solutions of the present invention, but not to limit the scope of the present invention.
Example (b): as shown in fig. 1, the method for evaluating the confidence of the internet of things node based on the fuzzy evidence theory specifically includes the following steps:
s1: defining a basic confidence function in a D-S evidence theory as a fuzzy membership function, carrying out grade division on the confidence of the network nodes, and calculating the value of the direct confidence of the network nodes;
the specific steps of the step S1 are as follows:
s11: defining a basic confidence function in a D-S evidence theory as a fuzzy membership function, carrying out grade division on the confidence of the network nodes, and determining 7 confidence factors;
when the node information is judged by using a fuzzy set theory, the evaluation information of the network nodes can be reflected by using the membership degree of each trust evaluation set, the membership degree of the confidence factor of the node network node on different evaluation sets can form a fuzzy vector on the factor, the trust evaluation size of the network node on the trust factor is represented, and finally the node information is divided according to the membership degree of the confidence factor on each trust fuzzy set; in order to describe the trust relationship among the network nodes, a fuzzy relationship matrix is constructed to represent the trust relationship among the nodes according to the mutual evaluation among the network nodes; the confidence evaluation relationship between the network nodes is shown in fig. 2;
the specific steps of the step S11 are as follows:
s111: judging the information of the network nodes by using a fuzzy set theory and adding various confidence factors; then, forming a fuzzy vector on the confidence factor according to the membership of the confidence factor of the network node on different evaluation sets, wherein the fuzzy vector represents the trust degree of the network node on the trust factor; defining a basic confidence function in a D-S evidence theory as a fuzzy membership function, and constructing a plurality of fuzzy subsets;
the specific steps of step S111 are:
s1111: a fuzzy relation matrix R is constructed according to the mutual evaluation among the network nodes to represent the trust relation among the network nodes,
wherein r is ij Representing the trust of network node i to network node j, r ij When =1,0,0,0, it represents absolute trust for the network node, r ij If =0,0,0,0, it indicates that the network node performs trust evaluation on itself, and the evaluation is set to be invalid;
s1112: defining a weight vector, and combining the weight vector and the fuzzy relation matrix by a fuzzy synthesis operator to obtain a fuzzy evaluation result of each network node;
the step S1112 specifically includes:
s11121: defining a weight vector W = [ ω ]) 1 ,ω 2 ,ω 3 ,ω 4 ]Reflecting the degree of interest in each confidence factor;
s11122: combining the weight vector W and the fuzzy relation matrix R by a fuzzy synthesis operator to obtain a fuzzy vector (fuzzy evaluation result) of each network node;
the formula is as follows:
P=W·R=[p 1 ,p 2 ,p 3 ,p 4 ] (2);
wherein: p is i Fuzzy subset U representing internet of things network trust score i The membership degree of the evaluated nodes, W is a weight vector, is a fuzzy synthesis operator, and R is a fuzzy relation matrix between the network nodes;
s1113: by trust membership function mu T (A) For a certain interval of (2) determines the confidence level for a certain T a Membership of (a =1,2,3,4);
the specific steps of the step S1113 are as follows:
s11131: by blurring the subset T j (j =1,2,3,4) when defining different trust sets, employing a discrete scale {1,2, …, M } to describe a level of entity trust of a network node;
s11132: in order to facilitate the direct evaluation by using numerical values, the percentage scoring is carried out according to each trust level of the network nodes by introducing quantitative processing;
s11133: expressing the fuzzy classification of trust as 3 types of trust states of distrust, uncertainty and complete trust according to the scoring of the step S1232; according to the 3 types of trust levels, the trust value interval [0,1 ] of the network node]Constructing 3 fuzzy subsets T 1 ,T 2 ,T 3 The membership function is mu 1 (t), 2 (t),μ 3 (t) and has a 1 (t)+μ 2 (t)+μ 3 (t)=1;
The specific steps of step S11132 are as follows: to facilitate direct evaluation by numerical values, use is made ofIndicating that there is no trust in the network,represents general trust, 50 ≦ μ T 3 < 75 means very trusted, 75 ≦ μ T 4 < 100 indicates full trust, resulting in a trust level score vectorBased on this, a score S is calculated, the formula being:
because the trust level of the network node is in an interval, in order to accurately represent the trust interval to which the node belongs, a representative score S' is selected, and the formula is as follows:
whereinThe excitement level score, which is composed of the median of each confidence interval, is expressed as:
s112: dividing the confidence level of the network node according to the membership degree of the confidence factor on each trust fuzzy subset;
the specific steps of step S112 are:
s1121: selecting 7 confidence factors from the perspective of trust accuracy and reflecting attack behaviors to divide the level of the confidence of the network node, wherein the 7 confidence factors are respectively the successful data sending rate, the data integrity, the data availability, the data receiving grouping rate, the data forwarding rate, the time factor and the security level; respectively with F 1 ,F 2 ,F 3 ,F 4 ,F 5 ,F 6 ,F 7 Represents:
wherein: f 1 Indicating a data transmission rate factor, ACK i,j (t) number of successfully forwarded packets between adjacent network nodes, TP i,j (t) is the number of packets that the network node is required to forward; f 2 Representing a data integrity factor, IP i,j (t) indicates the number of packets that have not been tampered with and successfully transmitted, FP i,j (t) indicates the number of packets that need to be sent; f 3 Representing a data availability factor, RACK i,j (t) indicates the number of data packets responded to, NRACK i,j (t) represents the number of unresponsive packets; f 4 Representing a data reception packet rate factor, RP i,j (t) indicates the number of packets received, RP i,j (t-1) indicating the number of packet data packets received at the last time; f 5 Representing a data transfer rate factor, FR i,j (t) indicates the number of node transmission packets, FP i,j (t-1) represents the number of network nodes transmitting packets at the last moment in time.
S1122: verifying the rationality of the trust evaluation method, and setting different parameters in different times, wherein the parameters are defined as follows because the physical meanings of the proportion occupied by successful interaction in different node interaction times are different:
wherein, SR i,j (t) number of successful interactions, FR i,j (t) indicates the number of failures, SR i,j (t-1) indicates the number of successful interactions, FR, at the previous moment i,j (t-1) represents the number of failures at the previous time;
s12: calculating the value of the direct confidence of the network node, and modifying the weight of the direct confidence of the network node according to the value; in order to ensure the rationality of the trust evaluation method, different parameters are set in different times, because the physical meanings of the proportion occupied by successful interaction in different node interaction times are different; the nodes in the internet of things are also attacked by the defense switch, so that the direct confidence of the nodes is influenced to a certain extent; in order to eliminate such an influence, the value of the direct confidence obtained in step S121 is corrected;
the specific steps of the step S12 are as follows:
s121: supposing that the network node i initiates trust evaluation on the network node j, calculating the direct confidence of the evaluated network node j by the evaluation network node i in a weighting mode, calculating the direct confidence of the network node i on the network node j at the current moment by the following formula,
wherein: d represents a direct confidence vector; w is a 1 ,w 2 ,w 3 ,w 4 ,w 5 Is a weight coefficient of a confidence factor and satisfies w 1 +w 2 +w 3 +w 4 +w 5 =1; herein, the weight coefficients are set to w, respectively 1 =w 2 =w 3 =w 4 =w 5 =0.2;
S122: the value of the direct confidence obtained in step S121 is corrected, and the corrected direct confidence is expressed as:
wherein:indicating a direct confidence level that is not corrected,representing the historical direct confidence of the last updating period, and alpha is represented as an adaptive factor for balancing the current confidence and the historical confidence, and is defined as:
wherein 0 < xi 1 <ξ 2 <1,ξ 1 The value is less than xi 2 Xi is to prevent malicious nodes from accumulating their own trust values by disguising malicious acts such as spoofing 2 Value greater than xi 1 The method is used for embodying the penalty on the malicious behavior of the node so as to ensure the accuracy of the trust value of the node;
s2: calculating the received recommended trust of two adjacent network nodes to obtain the indirect confidence of the network node; FIG. 3 is a schematic diagram of indirect confidence recommendation;
the specific steps of the step S2 are as follows:
s21: firstly, filtering recommendation trust collected by a network node, then distributing weight information for the recommendation trust, and then calculating the indirect confidence of the node; the calculation formula is as follows:
wherein: IT (information technology) device l,j Is the indirect confidence of node I to node j, the superscript I represents the indirect confidence vector, η k Representing the weight of a certain common node k,indicating the recommendation confidence of the neighboring network node k for network node j,indicating the direct confidence of network node i to network node k,representing the direct confidence of network node k to network node j; because the network has various attack types, the recommendation confidence of the network node may have a certain deviation degree, if the deviation degree is too large, the deviation degree is discarded, and the influence on the indirect confidence of the node is avoided;
s22: because various attack types exist in the network, the recommendation confidence degrees of the nodes may have certain deviation degrees, and if the deviation degrees are overlarge, the deviation degrees are discarded, so that the indirect confidence degrees of the nodes are prevented from being influenced; correcting the indirect confidence value obtained in the step S21 to obtain the recommended trust deviation d of a certain common neighbor network node k of the network node i k Expressed as:
wherein: if d is k The larger the value of (d), the higher the probability that the recommendation confidence of the network node k is a false recommendation of a malicious node operation, the lower the feasibility, and in order to ensure the reliability of the recommendation trust, a deviation threshold value tau =0.2 is set, and if d is k Is greater than τ, is discarded, if d k If tau is less, store it in set C;
S3: synthesizing the direct confidence coefficient and the indirect confidence coefficient of the network node according to a Dempster combination rule to obtain the complete confidence coefficient of the network node;
the specific steps of the step S3 are as follows:
calculating the membership degree of the network node i according to 3 confidence states of completely untrustworthy, uncertain and completely credible by using a fuzzy membership function in a fuzzy theory; and makes it have direct confidence DT i,j Degree of membership ofIndirect confidence IT k,j Degree of membership ofRespectively expressed as:
wherein:
and respectively taking { -T }, { T, -T }, { T } as a basic confidence function of the classification membership function of the network node, and according to the D-S evidence theory, mu 1 Degree of acceptance, mu, representing a "completely untrusted" state 2 Acceptance, mu, representing a "no certainty of trust" status 3 Representing a degree of acceptance of the "fully trustworthy" state, then there is a direct confidence levelAndare equal,Andare equal,Andequally, similarly, there are indirect confidencesAndare equal,Andare equal,Andtherefore, combining the direct confidence and the indirect confidence of the previous two network nodes to obtain the current complete confidence of the network node i to the network node j is represented as:
wherein:for network node i to network node jReceiving a confidence coefficient;is the indirect confidence of network node i to network node j;θ is the weight of the direct confidence and the indirect confidence, respectively, and satisfiesIs provided with
As shown in fig. 4, the malicious node detection rate is obtained by detecting the proportion of the malicious nodes in the network running time and comparing the method with the RFSN method and the TMS method, and the comparison result shows that the malicious node detection rate detected by the method of the present invention is higher.
The specific embodiments of the present invention described are merely illustrative of the spirit of the invention. Various modifications or additions may be made to the described embodiments or alternatives may be employed by those skilled in the art without departing from the spirit or scope of the invention as defined in the appended claims.
Claims (10)
1. A method for evaluating the confidence of an Internet of things node based on a fuzzy evidence theory is characterized by comprising the following steps:
s1: defining a basic confidence function as a fuzzy membership function, carrying out grade division on the confidence of the network nodes, and calculating the value of the direct confidence of the network nodes;
s2: calculating the received recommended trust of two adjacent network nodes to obtain the indirect confidence of the network node;
s3: and synthesizing the direct confidence coefficient and the indirect confidence coefficient of the network node according to the combination rule to obtain the complete confidence coefficient of the network node.
2. The method for evaluating the confidence of the nodes of the internet of things based on the fuzzy evidence theory according to claim 1, wherein the step S1 comprises the following specific steps:
s11: defining a basic confidence function in a D-S evidence theory as a fuzzy membership function, carrying out grade division on the confidence of the network nodes, and determining 7 confidence factors;
s12: calculating the value of the direct confidence of the network node, and modifying the weight of the direct confidence of the network node according to the value.
3. The method for evaluating the confidence of the nodes of the internet of things based on the fuzzy evidence theory according to claim 1, wherein the step S11 specifically comprises the following steps:
s111: judging the information of the network nodes by using a fuzzy set theory and adding various confidence factors; then, forming a fuzzy vector on the confidence factor according to the membership of the confidence factor of the network node on different evaluation sets, wherein the fuzzy vector represents the trust degree of the network node on the trust factor; defining a basic confidence function in a D-S evidence theory as a fuzzy membership function, and constructing a plurality of fuzzy subsets;
s112: and dividing the confidence level of the network node according to the membership degree of the confidence factor on each trust fuzzy subset.
4. The method for evaluating the confidence of the internet of things node based on the fuzzy evidence theory according to claim 2, wherein the step S111 specifically comprises the steps of:
s1111: constructing a fuzzy relation matrix R according to the mutual evaluation among the network nodes to represent the trust relation among the network nodes;
wherein r is ij Representing the trust of network node i to network node j, r ij When =1,0,0,0, it represents absolute trust for the network node, r ij If =0,0,0,0, it indicates that the network node performs trust evaluation on itself, and the evaluation is set to be invalid;
s1112: defining a weight vector, and combining the weight vector and the fuzzy relation matrix by a fuzzy synthesis operator to obtain a fuzzy evaluation result of each network node;
the step S1112 specifically includes:
s11121: defining a weight vector W = [ ω ]) 1 ,ω 2 ,ω 3 ,ω 4 ]Reflecting the degree of interest in the respective confidence factors,
s11122: combining the weight vector W and the fuzzy relation matrix R by a fuzzy synthesis operator to obtain a fuzzy vector (fuzzy evaluation result) of each network node;
the formula is as follows:
P=W·R=[p 1 ,p 2 ,p 3 ,p 4 ] (2);
wherein: p i Fuzzy subset U representing internet of things network trust score i The membership degree of the evaluated nodes, W is a weight vector, is a fuzzy synthesis operator, and R is a fuzzy relation matrix between the network nodes;
s1113: by trust membership function mu T (A) For a certain interval of (2) judging the confidence level to a certain T a Membership of (a =1,2,3,4).
5. The method for evaluating the confidence of the internet of things node based on the fuzzy evidence theory according to claim 4, wherein the step S1113 specifically comprises the following steps:
s11131: by blurring the subset T j (j =1,2,3,4) when defining different trust sets, employing a discrete scale {1,2, …, M } to describe a level of entity trust of a network node;
s11132: carrying out percentage scoring according to each trust level of the network nodes by introducing quantification processing;
s11133: expressing the fuzzy classification of trust as 3 types of trust states of distrust, uncertainty and complete trust according to the scoring of the step S1232; according to the 3 types of trust levels, the trust value interval [0,1 ] of the network node]Constructing 3 fuzzy subsets T 1 ,T 2 ,T 3 The membership function is mu 1 (t), 2 (t),μ 3 (t) and has a 1 (t)+μ 2 (t)+μ 3 (t)=1。
6. The method for evaluating the confidence of the internet of things node based on the fuzzy evidence theory according to claim 5, wherein the step S11132 specifically comprises the steps of: by usingIndicating that there is no trust in the network,represents general trust, 50 ≦ μ T 3 < 75 means very trusted, 75 ≦ μ T 4 < 100 indicates full trust, resulting in a trust level score vectorAnd calculating a trust score S according to the trust level score vector C, wherein the formula is as follows:
because the trust level of the network node is in an interval, in order to accurately represent the trust interval to which the node belongs, a representative score S' is selected, and the formula is as follows:
whereinThe excitement level score, which is composed of the median of each confidence interval, is expressed as:
7. the method for evaluating the confidence of the internet of things node based on the fuzzy evidence theory according to claim 3, wherein the step S112 specifically comprises the following steps:
s1121: selecting 7 confidence factors from the perspective of trust accuracy and reflecting attack behaviors to divide the level of the confidence of the network node, wherein the 7 confidence factors are respectively the successful data sending rate, the data integrity, the data availability, the data receiving grouping rate, the data forwarding rate, the time factor and the security level; respectively with F 1 ,F 2 ,F 3 ,F 4 ,F 5 ,F 6 ,F 7 Represents:
wherein, F 1 Indicating a data transmission rate factor, ACK i,j (t) indicates the number of successfully forwarded packets between adjacent network nodes, TP i,j (t) is the number of packets that the network node is required to forward; f 2 Representing a data integrity factor, IP i,j (t) indicates the number of packets that have not been tampered with and successfully transmitted, FP i,j (t) indicates the number of packets that need to be sent; f 3 Representing a data availability factor, RACK i,j (t) indicates the number of data packets responded to, NRACK i,j (t) represents the number of unresponsive packets; f 4 Representing a data reception packet rate factor, RP i,j (t) indicates the number of packets received, RP i,j (t-1) indicating the number of packet data packets received at the last time; f 5 Representing a data transfer rate factor, FP i,j (t) indicates the number of node transmission packets, FP i,j (t-1) representing the number of network nodes transmitting packets at the previous time;
s1122: verifying the rationality of the trust evaluation method, setting different parameters in different time, and defining the parameters as follows:
wherein, SR i,j (t) number of successful interactions, FR i,j (t) indicates the number of failures, SR i,j (t-1) indicates the number of successful interactions, FR, at the previous moment i,j (t-1) represents the number of failures at the previous time.
8. The method for evaluating the confidence of the internet of things node based on the fuzzy evidence theory according to claim 7, wherein the step S12 specifically comprises the steps of:
s121: supposing that the network node i initiates trust evaluation on the network node j, calculating the direct confidence of the evaluated network node j by the evaluation network node i in a weighting mode, calculating the direct confidence of the network node i on the network node j at the current moment by the following formula,
wherein: d represents a direct confidence vector; w is a 1 ,w 2 ,w 3 ,w 4 ,w 5 Is a weight coefficient of a confidence factor and satisfies w 1 +w 2 +w 3 +w 4 +w 5 =1;
S122: the value of the direct confidence obtained in step S121 is corrected, and the corrected direct confidence is represented as:
wherein:indicating a direct confidence level that is not corrected,representing the historical direct confidence of the last updating period, and alpha is represented as an adaptive factor for balancing the current confidence and the historical confidence, and is defined as:
wherein 0 < xi 1 <ξ 2 <1,ξ 1 The value is less than xi 2 The method is to prevent malicious nodes from accumulating self trust values through malicious behaviors such as spoofing and deception, and xi 2 Value greater than xi 1 The method aims to represent the penalty on the malicious behavior of the node so as to ensure the accuracy of the trust value of the node.
9. The method for evaluating the confidence of the nodes of the internet of things based on the fuzzy evidence theory according to claim 2, wherein the step S2 specifically comprises the following steps:
s21: firstly, filtering recommendation trust collected by a network node, then distributing weight information for the recommendation trust, and then calculating the indirect confidence of the node; the calculation formula is as follows:
wherein: IT (information technology) device l,j Is the indirect confidence of node I to node j, the superscript I represents the indirect confidence vector, η k Representing the weight of a certain common node k,indicating the recommendation confidence of the neighboring network node k for network node j,indicating the direct confidence of network node i to network node k,representing the direct confidence of network node k to network node j;
s22: correcting the indirect confidence value obtained in the step S21 to obtain the recommended trust deviation d of a certain common neighbor network node k of the network node i k Expressed as:
wherein: if d is k The larger the value of (a), the more likely it is that the recommendation confidence of the network node k is a false recommendation of a malicious node operation, the lower its feasibility.
10. The method for evaluating the confidence of the nodes of the internet of things based on the fuzzy evidence theory according to claim 2, wherein the step S3 specifically comprises the following steps:
calculating the membership degree of the network node i according to 3 confidence states of completely untrustworthy, uncertain and completely credible by using a fuzzy membership function in a fuzzy theory; and makes it have direct confidence DT i,j Degree of membership ofIndirect confidence IT k,j Degree of membership ofRespectively expressed as:
wherein:
and respectively taking { -T }, { T, -T }, { T } as a basic confidence function of the classification membership function of the network node, and according to the D-S evidence theory, mu 1 Means "totally untrustedDegree of acceptance of State, mu 2 Representing "uncertain Trust", acceptance of State, μ 3 Representing "fully trusted", the degree of acceptance of the state, then there is a direct confidence levelAndare equal,Andare equal,Andequally, similarly, there are indirect confidencesAndare equal,Andare equal,Andtherefore, combining the direct confidence and the indirect confidence of the previous two network nodes to obtain the current complete confidence of the network node i to the network node j is represented as:
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211322713.0A CN115694956A (en) | 2022-10-27 | 2022-10-27 | Method for evaluating confidence of Internet of things node based on fuzzy evidence theory |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211322713.0A CN115694956A (en) | 2022-10-27 | 2022-10-27 | Method for evaluating confidence of Internet of things node based on fuzzy evidence theory |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115694956A true CN115694956A (en) | 2023-02-03 |
Family
ID=85099871
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211322713.0A Pending CN115694956A (en) | 2022-10-27 | 2022-10-27 | Method for evaluating confidence of Internet of things node based on fuzzy evidence theory |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115694956A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117768247A (en) * | 2024-02-22 | 2024-03-26 | 广东电网有限责任公司中山供电局 | security detection method and device for market transaction Internet of things data and electronic equipment |
-
2022
- 2022-10-27 CN CN202211322713.0A patent/CN115694956A/en active Pending
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117768247A (en) * | 2024-02-22 | 2024-03-26 | 广东电网有限责任公司中山供电局 | security detection method and device for market transaction Internet of things data and electronic equipment |
CN117768247B (en) * | 2024-02-22 | 2024-05-14 | 广东电网有限责任公司中山供电局 | Security detection method and device for market transaction Internet of things data and electronic equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Borkar et al. | A novel clustering approach and adaptive SVM classifier for intrusion detection in WSN: A data mining concept | |
Patil et al. | DoS attack prevention technique in wireless sensor networks | |
Khoei et al. | Ensemble learning methods for anomaly intrusion detection system in smart grid | |
CN109257750B (en) | Intrusion detection method of multi-protocol layer based on trust and noise point detection technology | |
Farhat et al. | Comparative study of classification algorithms for cloud ids using nsl-kdd dataset in weka | |
Wu et al. | Multi-source fusion-based security detection method for heterogeneous networks | |
Wang et al. | Towards fast detecting intrusions: using key attributes of network traffic | |
Hagos et al. | Enhancing security attacks analysis using regularized machine learning techniques | |
CN115694956A (en) | Method for evaluating confidence of Internet of things node based on fuzzy evidence theory | |
CN114285606A (en) | DDoS (distributed denial of service) multi-point cooperative defense method for Internet of things management | |
Fenil et al. | Towards a secure software defined network with adaptive mitigation of dDoS attacks by machine learning approaches | |
Darwish et al. | Attack detection and mitigation techniques in industrial control system-smart grid dnp3 | |
Chandan | Consensus routing and environmental discrete trust based secure AODV in MANETs | |
Moudni et al. | Fuzzy logic based intrusion detection system against black hole attack in mobile ad hoc networks | |
Thamilarasu | Genetic algorithm based intrusion detection system for wireless body area networks | |
Devi et al. | An integrated intelligent paradigm to detect DDoS attack in mobile ad hoc networks | |
Song | Feature selection for intrusion detection system | |
Balarengadurai et al. | Fuzzy based detection and prediction of DDoS attacks in IEEE 802.15. 4 low rate wireless personal area network | |
Pandey et al. | A Trust-based Security Aware Congestion Control Algorithm for Wireless Sensor Networks. | |
Prajisha et al. | An intrusion detection system for blackhole attack detection and isolation in RPL based IoT using ANN | |
Dinh et al. | Economic Denial of Sustainability (EDoS) detection using GANs in SDN-based cloud | |
CN115802358A (en) | Multi-step DDoS prediction poisoning attack based on reinforcement learning and defense method thereof | |
Sahu et al. | A survey on detection of malicious nodes in wireless sensor networks | |
Sivanesan et al. | Performance analysis of machine learning-based detection of sinkhole network layer attack in MANET | |
Igbe | Artificial immune system based approach to cyber attack detection |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |