CN117201042B - Automatic equipment verification method based on node information credibility metering - Google Patents
Automatic equipment verification method based on node information credibility metering Download PDFInfo
- Publication number
- CN117201042B CN117201042B CN202311447337.2A CN202311447337A CN117201042B CN 117201042 B CN117201042 B CN 117201042B CN 202311447337 A CN202311447337 A CN 202311447337A CN 117201042 B CN117201042 B CN 117201042B
- Authority
- CN
- China
- Prior art keywords
- verification
- node
- neighbor
- equipment
- verifier
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012795 verification Methods 0.000 title claims abstract description 189
- 238000000034 method Methods 0.000 title claims abstract description 36
- 238000004891 communication Methods 0.000 claims description 7
- 238000004364 calculation method Methods 0.000 claims description 4
- 238000005259 measurement Methods 0.000 claims description 4
- 230000001960 triggered effect Effects 0.000 claims description 3
- 238000012545 processing Methods 0.000 abstract description 4
- 230000006870 function Effects 0.000 description 10
- 230000008569 process Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 239000002360 explosive Substances 0.000 description 1
- 238000011835 investigation Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Abstract
The invention discloses an automatic equipment verification method based on node information credibility metering, which comprises the following steps: determining node equipment to be deployed in a network manager, a verifier and an equipment group, and initializing the node equipment; deploying node equipment and defining the equipment; the node equipment registers with a verifier; randomly setting a verification time interval for each node device, and verifying the node device once every time when the verification time interval passes; if the verification of the node equipment is not passed, generating a problem report, executing a collection protocol, and calculating the credibility metering. The invention can automatically verify the equipment node, lighten the burden of a network manager and reduce the operation difficulty. Meanwhile, by adopting a credibility metering method, the possibility that useless information reaches a network manager is effectively reduced, and the reliability and the processing efficiency of the whole system are improved.
Description
Technical Field
The invention relates to the technical field of information security of the Internet of things, in particular to an automatic equipment verification method based on node information credibility metering.
Background
In recent years, with the rapid development of technology, the number of embedded devices is increased in an explosive manner, and meanwhile, the embedded devices are spread to a plurality of different application fields, such as intelligent home, intelligent factories, environment monitoring, internet of vehicles and the like, so that wireless self-organizing network application based on interconnection of various embedded devices is formed. Meanwhile, with the maturity of the application technology of the embedded equipment, various linkage schemes are provided for the actual application scene requirements, such as an automatic driving vehicle self-organizing network and unmanned aerial vehicle cluster movement. However, these applications present more security threats while providing efficient and convenient services to production and life. In these applications, embedded devices mainly perform the task of collecting, processing and exchanging sensitive information, and therefore, these devices must operate in a secure environment to prevent information leakage or tampering. During operation, these devices need to allow external devices to remotely access and control them, but it is these operations that enlarge the attack surface and amplify the consequences of a successful attack, so the system security risk is very serious.
Hostile device malicious software attacks, in most cases modifying the device's software or device firmware. In embedded devices, however, complex security features on general purpose computers are not possible to implement on most embedded devices due to limited hardware resources. Which makes them very vulnerable to hostile attacks. On the other hand, the number of these embedded network devices may be thousands, and their operating environment may be very harsh, and when these devices are not within physical security boundaries, they are likely to be subject to capture by an adversary or physical attack.
In recent years, researchers in various countries have put great effort and have made great contributions to the remote attestation of devices, a special security service, whose purpose is to detect the security of remote devices and potentially compromised devices. There are three general types of remote attestation protocols currently in use, software-based, hardware-based, and hybrid (software/hardware co-design-based). At present, mixed proof is considered as the most research potential method, because it not only provides a strong security guarantee, but at the same time, only needs to satisfy a small amount of Read Only Memory (ROM) and a simple Memory Protection Unit (MPU) for embedded devices.
However, most of the remote attestation schemes now suffer from a variety of problems:
(1) The conventional remote authentication method is based on a unified proving period, and the method does not consider different security requirements among heterogeneous devices, and the security certification is obviously unreasonable for different devices by using the same proving period.
(2) The conventional remote authentication method is to find a network device by a verifier and then initiate a certification, and the certification mode greatly increases the risk of the system from DDoS attack.
(3) The conventional remote authentication method is mainly aimed at a single prover, and as the network scale increases, the single prover proves to be inefficient and only returns single information, which is unfavorable for a network manager or a device manager to conduct problem investigation on problem devices.
Noun interpretation:
the verifier: it is mainly responsible for verifying and auditing certificates and related information from other participants, ensuring validity and correctness of group certificates. The role of the verifier may be played by different entities, such as servers in the network, blockchain nodes, or other legitimate participants. The verifier typically has some computational and memory resources to execute the verification algorithm and store the relevant verification information.
Network manager: is a security entity that we assume, all devices in the group are initialized and deployed by it, mainly responsible for distributing keys and distributing security certificates. The network manager is in an absolutely secure environment, so that in this solution, the adversary's software attacks and physical attacks on him are not considered.
Device group: refers to a collection of multiple participants. These participants may be individuals, devices, nodes, or other entities that may cooperate and cooperate with each other. In the scheme, a network consisting of various heterogeneous embedded devices is specified.
Hash function: is an algorithm that converts input data (messages, files, etc.) into fixed-length output values. The output value of a hash function is often referred to as a hash value, digest, or hash value. The hash function maps the input data to a short, fixed-length binary string, which is ideally unique. The present invention requires the use of hash functions in both generating the initial software configuration digest c and the current software configuration digest.
Node devices within a group are numerous common devices in a network. The system is composed of a network of a plurality of nodes, each node device having its own independent and unique device number ID. Each node device needs to maintain a list of neighbor devices, e.g., node device D i Is A i The list records information of all neighbor devices of the node device. These devices may be heterogeneous, but they must have the lightest security framework, including read only memory ROM, memory protection unit MPU, and clocks with write protection. Furthermore, these devices may be geographically distributed over a wide area. The ROM, the MPU and the clocks with write protection function are used to indicate that each device needs to have these physical protection functions, such as a write protection clock, to prevent an intruder from modifying the later used time stamp.
Disclosure of Invention
The invention aims to provide an automatic verification method for the equipment based on the node information credibility metering, which solves the problems, realizes automatic remote verification or authentication of embedded equipment with inconsistent safety requirements in the equipment group, and processes the problem nodes through the reliability metering of the report node information so as to ensure the group safety.
In order to achieve the above purpose, the technical scheme adopted by the invention is as follows: an automatic equipment verification method based on node information credibility metering comprises the following steps:
(1) Determining node equipment to be deployed in a network manager, a verifier and an equipment group, and initializing the node equipment;
wherein a node device initialization includes: the network manager generates a signature key pair (SK, PK), a public key certificate cert (PK), an initial software configuration digest c, a software configuration digest certificate cert (c) and a communication key of the node device and a verifier for each node device;
(2) Deploying node devices and performing device definition, wherein the device definition comprises:
creating a neighbor topology table, a verification success table and a verification failure table for each node device, and creating a neighbor key table Q;
each node device collects own neighbor nodes, and stores neighbor node information into a neighbor topology table, wherein the neighbor nodes are node devices which directly establish communication connection with the node device, and the neighbor node information comprises the device ID of the node device and an initial software configuration abstract c;
each node device and the neighbor node generate a shared key and store the shared key in a neighbor key table Q;
(3) The node equipment registers with a verifier;
(4) Randomly setting a verification time interval for each node device, and verifying the node device once every time the verification time interval passes, wherein one node device D i The method for verifying once is as follows;
(41)D i at verification time interval T i Temporary to its neighbor topology table a i All neighbor nodes in (B) send D i Authentication request information M of (1) i ;
(42) Neighbor node receives M i For M respectively i Performing security verification, returning own verification request information if the verification is passed, otherwise, not returning;
(43)D i sequentially carrying out security verification on the returned verification request information, and adding the neighbor node passing the verification into D i Verification success Table B i Taking neighbor nodes which are not passed by verification and do not return verification request information as problem nodes, and adding the problem nodes into the D i Verification failure table C of (1) i ;
(44) If D i All neighbor nodes pass the verification, D i The verification passes and waits for the next T i Repeating steps (41) - (43) for re-verification, otherwise, going to step (5);
(5) Executing a collection protocol;
(51)D i generating a problem report for the problem node and sending the problem report to A i Neighbor nodes except the problem node;
(52) Neighbor nodes receiving the problem report attach their pairs D to the problem report i Forming a verification report by the security verification result of (2) and sending the verification report to a verifier;
(6) Calculation D i Reliability metering TU of (1) i According to TU i Selecting whether to trust D i Is a problem report of (2);
(61) The verifier calculates D according to the following i Reliability metering TU of (1) i ;
TU i =(n i ×count i )/N i 2, In count i To verify the number of passing neighbor nodes, n i For the total number of verification reports received by the verifier, N i Is A i Subtracting the total number of problem nodes from the total number of neighbor nodes;
(62) Presetting a credibility threshold TU;
if TU is i > TU, then verifier trust D i Is sent to a network manager;
if TU is i TU is not more than and waits for the next T i Repeating steps (41) - (43) for re-verification.
Preferably, when new node equipment is accessed in the equipment group, initializing the node, defining the equipment and registering with a verifier according to the steps (1) - (3), and triggering a roaming protocol;
triggering a roaming protocol when node equipment in the equipment group moves;
the triggering roaming protocol is specifically as follows;
(a1) Marking the node equipment triggering the roaming protocol as roaming equipment;
(a2) Authentication is performed as per steps (41) - (43) with the neighboring node.
Preferably, in step (1), for a node device,
an initial software configuration digest c, generated by a hash function for each node device according to the initial software configuration;
a software configuration digest certificate cert (c), a certificate that the network administrator signed the initial software configuration digest c using its public key PKo;
in the signature key pair (SK, PK), SK is a private key of the node equipment, and PK is a public key of the node equipment;
the public key certificate cert (PK) is a certificate signed by the network administrator using its public key PKo.
Preferably, in step (2), the shared key is established using an authenticated key agreement protocol based on private keys, public key certificates of the two node devices, or obtained using a key pre-distribution technique.
Preferably, in step (3), the node device sends the device ID, the initial software configuration digest c, and the neighbor topology table to the verifier, and registers the device ID and the initial software configuration digest c.
Preferably, D i Is set to be a verification time interval T of (1) i Satisfy T p <T i <2T p ,T p For D i The broadcast is sent at the device group, the maximum time required to reach the edge node device.
Preferably, in step (41), D i Authentication request information M of (1) i Comprises D i Heartbeat message hb i Verification message u i Initial software configuration digest c i Software-configured digest certificate cert (c) i ) And a message type;
said heartbeat message hb i From ID i 、t i 、c i ' and cert (c) i ) A constitution in which ID i For D i Device ID, t of (a) i For D i To D i Time stamp for transmitting security verification information, c i ' configure digest for current software, is D i Generating through a hash function according to the current software configuration;
the verification message u i For D i For hb i Generating a mac digest using a mac algorithm;
the message type is an authentication request;
neighbor node pair D i Security verification is carried out when the heartbeat message hb i Verification message u i Initial software configuration digest c i Software-configured digest certificate cert (c) i ) D when the verification is passed and the message type is the verification request i Verification passes, wherein:
for hb i If hb i Medium ID i 、cert(c i ) Are all D i Of t of i Corresponding T i ,c i ’=c i Then hb i Verification is passed;
for u i Neighbor node pair hb i Re-generation of mac digest u using mac algorithm i ', if u i =u i ', u i Verification passes.
The verification idea of the invention is as follows: when the authentication time interval of a node device is set, the node device performs authentication once, and for convenience of description, we refer to the node device performing authentication as an authentication node. In the invention, after the verification node discovers the problem node, the problem is not directly reported to the verifier, but a collection protocol is triggered, the problem report is firstly sent to the neighbor nodes except the problem node, after the verification result of the verification node is added by the neighbor nodes to generate the verification report, the verification report is then sent to the verifier, the verifier can firstly carry out safety verification on the received verification report, after the information safety is ensured, the problem report of the problem node by the verification node is known from the verification report of the neighbor node, the reliability measurement is carried out on the verification result of the verification node by combining the neighbor node, and finally whether the verification node is trusted or not is selected according to the reliability measurement result and is reported to a network manager.
Compared with the prior art, the invention has the advantages that:
(1) The invention provides a new full-automatic verification method, each node device performs verification temporarily at the self verification time interval, after finding out the problem node, the node device does not report the problem to the verifier directly, but triggers a collection protocol, firstly, the problem report is sent to part of neighbor nodes, the verification result of the node device is generated by the node device and the neighbor nodes, then the verification report is sent to the verifier, the verifier indirectly obtains the report of the node device to the problem node through the report of the neighbor nodes, the neighbor nodes are synthesized to measure the reliability of the verification result of the node device, and finally, whether to trust the verification node is selected according to the result of the reliability measurement and reported to a network manager. Thereby the reported result has higher credibility.
(2) In the invention, each node device automatically operates and executes the corresponding protocol according to the actual situation, so that the verifier is not required to initiate challenges to start the protocol, and the influence caused by DDoS attack from the external device can be effectively relieved.
(3) After the equipment is initialized and registration is completed, security verification among the equipment nodes is initiated by a clock after random time, a complete verification period is not needed, and communication overhead of a network can be effectively reduced.
(4) By adopting the means of neighbor node verification, problem node reporting and the like, the invention can effectively verify the integrity state of node equipment in the group, ensure the validity of the identity of the node equipment and the correctness of the running software thereof, and effectively prevent various malicious attacks of adversary equipment on the node equipment.
In conclusion, the invention can automatically verify in an automatic running state, and the network manager only needs to process the problem reported by the verifier, thereby reducing the burden of the network manager and lowering the operation difficulty. By adopting the credibility metering method, the possibility that the useless information reaches the network manager is effectively reduced, and the reliability and the processing efficiency of the whole system are improved.
Drawings
FIG. 1 is a schematic diagram of a group of devices according to the present invention;
fig. 2 is a flow chart of the present invention.
Detailed Description
The invention will be further described with reference to the accompanying drawings.
Example 1: referring to fig. 1 and 2, an automatic device verification method based on node information credibility metering comprises the following steps:
(1) Determining node equipment to be deployed in a network manager, a verifier and an equipment group, and initializing the node equipment;
wherein a node device initialization includes: the network manager generates a signature key pair (SK, PK), a public key certificate cert (PK), an initial software configuration digest c, a software configuration digest certificate cert (c) and a communication key of the node device and a verifier for each node device;
(2) Deploying node devices and performing device definition, wherein the device definition comprises:
creating a neighbor topology table, a verification success table and a verification failure table for each node device, and creating a neighbor key table Q;
each node device collects own neighbor nodes, and stores neighbor node information into a neighbor topology table, wherein the neighbor nodes are node devices which directly establish communication connection with the node device, and the neighbor node information comprises the device ID of the node device and an initial software configuration abstract c;
each node device and the neighbor node generate a shared key and store the shared key in a neighbor key table Q;
(3) The node equipment registers with a verifier;
(4) Randomly setting a verification time interval for each node device, and verifying the node device once every time the verification time interval passes, wherein one node device D i The method for verifying once is as follows;
(41)D i at verification time interval T i Temporary to its neighbor topology table a i All neighbor nodes in (B) send D i Authentication request information M of (1) i ;
(42) Neighbor node receives M i For M respectively i Performing security verification, returning own verification request information if the verification is passed, otherwise, not returning;
(43)D i sequentially carrying out security verification on the returned verification request information, and adding the neighbor node passing the verification into D i Verification success Table B i Taking neighbor nodes which are not passed by verification and do not return verification request information as problem nodes, and adding the problem nodes into the D i Verification failure table C of (1) i ;
(44) If D i All neighbor nodes pass the verification, D i The verification passes and waits for the next T i Repeating steps (41) - (43) for re-verification, otherwise, going to step (5);
(5) Executing a collection protocol;
(51)D i generating a problem report for the problem node and sending the problem report to A i Neighbor nodes except the problem node;
(52) Neighbor nodes receiving the problem report attach their pairs D to the problem report i Forming a verification report by the security verification result of (2) and sending the verification report to a verifier;
(6) Calculation D i Reliability metering TU of (1) i According to TU i Selecting whether to trust D i Is a problem report of (2);
(61) The verifier calculates D according to the following i Reliability metering TU of (1) i ;
TU i =(n i ×count i )/N i 2,
In count i To verify the number of passing neighbor nodes, n i For the total number of verification reports received by the verifier, N i Is A i Subtracting the total number of problem nodes from the total number of neighbor nodes;
(62) Presetting a credibility threshold TU;
if TU is i > TU, then verifier trust D i Is sent to a network manager;
if TU is i TU is not more than and waits for the next T i Repeating steps (41) - (43) for re-verification.
In step (1), for a node device,
an initial software configuration digest c, generated by a hash function for each node device according to the initial software configuration;
a software configuration digest certificate cert (c), a certificate that the network administrator signed the initial software configuration digest c using its public key PKo;
in the signature key pair (SK, PK), SK is a private key of the node equipment, and PK is a public key of the node equipment;
the public key certificate cert (PK) is a certificate signed by the network administrator using its public key PKo.
In step (2), the shared key is established using an authenticated key agreement protocol based on private keys and public key certificates of two node devices, or obtained using a key pre-distribution technique.
And (3) specifically, the node equipment sends the equipment ID, the initial software configuration abstract c and the neighbor topology table to the verifier for registration.
In the present embodiment, D i Is set to be a verification time interval T of (1) i Satisfy T p <T i <2T p ,T p For D i The broadcast is sent at the device group, the maximum time required to reach the edge node device.
In step (41), D i Authentication request information M of (1) i Comprises D i Heartbeat message hb i Verification message u i Initial software configuration digest c i Software-configured digest certificate cert (c) i ) And a message type;
said heartbeat message hb i From ID i 、t i 、c i ' and cert (c) i ) A constitution in which ID i For D i Device ID, t of (a) i For D i To D i Time stamp for transmitting security verification information, c i ' configure digest for current software, is D i Generating through a hash function according to the current software configuration;
the verification message u i For D i For hb i Generating a mac digest using a mac algorithm;
the message type is an authentication request;
neighbor node pair D i Security verification is carried out when the heartbeat message hb i Verification message u i Initial software configuration digest c i Software-configured digest certificate cert (c) i ) D when the verification is passed and the message type is the verification request i Verification passes, wherein:
for hb i If hb i Medium ID i 、cert(c i ) Are all D i Of t of i Corresponding T i ,c i ’=c i Then hb i Verification is passed;
for u i Neighbor node pair hb i Re-generation of mac digest u using mac algorithm i ', if u i =u i ', u i Verification passes.
Here, ti corresponds to Ti and means: assuming that step (41) is performed, di sends verification request information Mi of Di to all neighbor nodes in its neighbor topology table Ai when a verification time interval Ti comes; mi contains Ti, which must be a time after 9.02 minutes and 34 seconds, provided that Ti passes, the time to begin verification is just 9.02 minutes and 34 seconds.
Example 2: referring to fig. 1 and 2, we present a more specific embodiment on the basis of example 1. An automatic equipment verification method based on node information credibility metering comprises the following steps of;
(1) Step (1) is the same as embodiment 1, wherein the number of node devices to be deployed in this embodiment is 8, and each node device is D 1 To D 8 In this step, the connection relation of each node device needs to be preset. For example, set D 1 Directly with D 2 、D 3 Connection, D 2 And D 1 、D 3 、D 4 、D 5 Connection, D 3 And D 1 、D 2 Connection, D 4 And D 6 、D 7 Connection, etc.
(2) Step (2) was performed as in example 1. The deployment process is performed according to the preset connection relationship in the step (1), so as to obtain the device group in fig. 2.
When the equipment is defined, each node equipment collects own neighbor nodes, stores neighbor node information into a neighbor topology table, and calculates D 2 The neighbor topology table contains D 1 、D 3 、D 4 、D 5 And an initial software configuration digest c; d (D) 4 With D 2 、D 6 、D 7 Device I of (2)D and an initial software configuration digest c.
(3) The node equipment registers with a verifier;
(4) Step (4) of example 1, herein denoted as D 2 Giving a process of verifying the same once for an example;
(41)D 2 at verification time interval T 2 Temporary to its neighbor topology table a 2 All neighbor nodes in (B) send D 2 Authentication request information M of (1) 2 ;
(42) Four neighbor nodes D 1 、D 3 、D 4 、D 5 Receipt of M i For M respectively i Performing security verification, returning own verification request information if the verification is passed, otherwise, not returning; wherein, if D 1 If the verification is passed, returning to D 1 Authentication request information M of (1) 1 ,D 3 If the verification is not passed, no information is returned;
(43)D 2 sequentially carrying out security verification on the returned verification request information, and adding the neighbor node passing the verification into D 2 Verification success Table B 2 Taking neighbor nodes which are not passed by verification and do not return verification request information as problem nodes, and adding the problem nodes into the D 2 Verification failure table C of (1) 2 ;
(44) If D 2 All neighbor nodes D 1 、D 3 、D 4 、D 5 All verify pass, D 2 The verification passes and waits for the next T 2 Repeating steps (41) - (43) for re-verification, otherwise, going to step (5);
(5) Executing a collection protocol;
(51) Suppose D 3 If the verification is not passed, the problem node is D 3 ,D 2 Generating a problem report for the problem node and sending the problem report to the neighbor node D 1 、D 4 、D 5 The method comprises the steps of carrying out a first treatment on the surface of the When generating the problem report, the problem node may be classified, for example, if the problem of the problem node is that verification is not passed, the problem report type msgtype=verfail, and if the problem of the problem node is that no verification request is returned, the problem report type msgtype=timeout;
(52)D 1 、D 4 、D 5 after receiving the problem report, add its pair D to the problem report 2 Forming a verification report by the security verification result of (2) and sending the verification report to a verifier;
(6) Calculation D 2 Reliability metering TU of (1) 2 According to TU 2 Selecting whether to trust D 2 Is a problem report of (2);
in this step, for D 2 Verifying the number count of neighbor nodes passing through 2 =3, total number of verification reports n received by verifier 2 =3,A 2 The total number of neighbor nodes minus the total number of problem nodes is 4-1=3, so TU is calculated 2 =(3×3)/3 2 ;
(62) Preset confidence threshold tu=0.9, due to TU 2 =1 > 0.9, verifier trust D 2 And sends the report of the problem to the network manager.
Example 3: referring to FIG. 2, based on example 2, we further use D 4 For example, a process of verification, collection, reporting is enumerated.
D 4 Including D 2 、D 6 、D 7 At D 4 At verification time interval T 4 Temporary, D 4 Performing one verification according to the step (4), and assuming D between the current verification and the last verification 2 Dropped or invaded, D is the time of verification 4 In pair D 2 、D 6 、D 7 When the verification is performed one by one, D is found 2 Without a reply, this problem is recorded.
Executing the collection protocol according to the step (5). D (D) 4 To its neighbor node D 6 、D 7 Reporting the problem, i.e. sending a problem report, D 6 、D 7 Attach self pair D after receiving 4 Two verification reports are formed and sent to a verifier.
D is calculated according to the step (6) 4 Reliability metering TU of (1) 4 Since the neighbor node passing the verification is D 6 、D 7 Count 4 =2, receiving two verification reports,then n 4 =2,A 4 The total number of neighbor nodes minus the total number of problem nodes is 3-1=2, TU 4 =2×2/2 2 =1; also greater than the confidence threshold tu=0.9, then the verifier trusts D 4 And sends the report of the problem to the network manager.
It should be noted that in the present invention, D 4 Instead of directly sending the problem report to the verifier, the problem report is sent to the neighbor node D after triggering the collection protocol 6 、D 7 Then from D 6 、D 7 Add self pair D 4 After the verification result of (2) generating a verification report and sending the verification report to a verifier, wherein the verifier performs security verification on the received verification report to ensure the information security, and then sends the verification report to the verifier from D 6 、D 7 Is aware of D in the verification report of (2) 4 Pair D 2 Is combined with D 6 、D 7 Pair D 4 And (3) carrying out credibility metering on the verification result of the (4).
Example 4: referring to FIG. 2, on the basis of example 3, again in D 4 For example, if D 2 After a period of time, D 4 Opening authentication protocol, discovery D 2 No answer is given, at this time D 4 To its neighbor node D 6 、D 7 Sending problem reports, normally D 6 、D 7 Attach self pair D after receiving 4 Two verification reports are formed and sent to a verifier, and the verification result flag=1 is assumed to pass verification.
First case: at this time D 6 Has been controlled by adversary, D 6 Is not passed by verification of D 4 Is verified as passing, and the verifier counts N after receiving the report i =2,n i =2,count i =1,TU 4 =(1×2)/2 2 =0.75 < confidence threshold tu=0.9, then D is considered to be 4 Is not trusted, although it is not true for D at this time 2 Do the processing, but follow-up D 1 、D 3 、D 5 Will find D successively 2 Reporting also, so D 2 The problem of (c) is eventually dealt with.
Second case: d (D) 4 To itNeighbor node D of (a) 6 、D 7 Transmitting information about D 2 But D 4 Has been trapped by itself, at which point D 6 、D 7 Pair D 4 The verification results of (a) are all not passed, namely flag=0;
after D 6 、D 7 Will send a report to the verifier, who counts N i =2,n i =2,count i =0;TU 4 =(2×0)/2 2 =0; distrust D 4 Is reported as a problem, which may occur at D 4 Other node devices have raised an alarm after being trapped but the verifier has not handled the situation.
Example 5: referring to fig. 1 and 2, on the basis of embodiments 1 and 2, we present embodiments related to roaming agreements.
When a new node device is accessed within the device group, it is assumed that node device D is joined 9 Then the step (1) - (3) is followed for D 9 The point initializes, device defines and registers with the verifier, and triggers the roaming agreement.
When node device in device group moves, roaming protocol is triggered, assuming node device D 2 A change in location may trigger a roaming agreement.
The roaming agreement procedure is:
(a1) Marking the node equipment triggering the roaming protocol as roaming equipment;
(a2) Authentication is performed as per steps (41) - (43) with the neighboring node.
The foregoing description of the preferred embodiments of the invention is not intended to be limiting, but rather is intended to cover all modifications, equivalents, and alternatives falling within the spirit and principles of the invention.
Claims (7)
1. An automatic equipment verification method based on node information credibility metering is characterized by comprising the following steps:
(1) Determining node equipment to be deployed in a network manager, a verifier and an equipment group, and initializing the node equipment;
wherein a node device initialization includes: the network manager generates a signature key pair (SK, PK), a public key certificate cert (PK), an initial software configuration digest c, a software configuration digest certificate cert (c) and a communication key of the node device and a verifier for each node device;
(2) Deploying node devices and performing device definition, wherein the device definition comprises:
creating a neighbor topology table, a verification success table and a verification failure table for each node device, and creating a neighbor key table Q;
each node device collects own neighbor nodes, and stores neighbor node information into a neighbor topology table, wherein the neighbor nodes are node devices which directly establish communication connection with the node device, and the neighbor node information comprises the device ID of the node device and an initial software configuration abstract c;
each node device and the neighbor node generate a shared key and store the shared key in a neighbor key table Q;
(3) The node equipment registers with a verifier;
(4) Randomly setting a verification time interval for each node device, and verifying the node device once every time the verification time interval passes, wherein one node device D i The method for verifying once is as follows;
(41)D i at verification time interval T i Temporary to its neighbor topology table a i All neighbor nodes in (B) send D i Authentication request information M of (1) i ;
(42) Neighbor node receives M i For M respectively i Performing security verification, returning own verification request information if the verification is passed, otherwise, not returning;
(43)D i sequentially carrying out security verification on the returned verification request information, and adding the neighbor node passing the verification into D i Verification success Table B i Taking neighbor nodes which are not passed by verification and do not return verification request information as problem nodes, and adding the problem nodes into the D i Verification failure table C of (1) i ;
(44) If D i All neighbor nodes pass the verification, D i The verification passes and waits for the next T i Repeating steps (41) - (43) for re-verification, otherwise, going to step (5);
(5) Executing a collection protocol;
(51)D i generating a problem report for the problem node and sending the problem report to A i Neighbor nodes except the problem node;
(52) Neighbor nodes receiving the problem report attach their pairs D to the problem report i Forming a verification report by the security verification result of (2) and sending the verification report to a verifier;
(6) Calculation D i Reliability metering TU of (1) i According to TU i Selecting whether to trust D i Is a problem report of (2);
(61) The verifier calculates D according to the following i Reliability metering TU of (1) i ;
TU i =(n i ×count i )/N i 2
In count i To verify the number of passing neighbor nodes, n i For the total number of verification reports received by the verifier, N i Is A i Subtracting the total number of problem nodes from the total number of neighbor nodes;
(62) Presetting a credibility threshold TU;
if TU is i > TU, then verifier trust D i Is sent to a network manager;
if TU is i TU is not more than and waits for the next T i Repeating steps (41) - (43) for re-verification.
2. The method for automatically verifying a device based on node information reliability measurement according to claim 1, wherein when a new node device is accessed in the device group, the node is initialized, defined and registered with a verifier according to steps (1) - (3), and then a roaming protocol is triggered;
triggering a roaming protocol when node equipment in the equipment group moves;
the triggering roaming protocol is specifically as follows;
(a1) Marking the node equipment triggering the roaming protocol as roaming equipment;
(a2) Authentication is performed as per steps (41) - (43) with the neighboring node.
3. The method for automatically verifying a node information reliability measure-based device of claim 1, wherein in the step (1), the node information is automatically verified for the node device,
an initial software configuration digest c, generated by a hash function for each node device according to the initial software configuration;
a software configuration digest certificate cert (c), a certificate that the network administrator signed the initial software configuration digest c using its public key PKo;
in the signature key pair (SK, PK), SK is a private key of the node equipment, and PK is a public key of the node equipment;
the public key certificate cert (PK) is a certificate signed by the network administrator using its public key PKo.
4. The method for automatically verifying a device based on node information trust metering of claim 1, wherein in step (2), the shared key is established using an authenticated key agreement protocol based on private keys, public key certificates of two node devices, or obtained using a key pre-distribution technique.
5. The method for automatically verifying the device based on the node information credibility metering according to claim 1, wherein in the step (3), the node device sends the device ID, the initial software configuration digest c and the neighbor topology table to the verifier for registration.
6. The method for automatically verifying a node information reliability measure-based device of claim 1, wherein D i Is set to be a verification time interval T of (1) i Satisfy T p <T i <2T p ,T p For D i Transmitting a broadcast in a device groupAnd broadcasting the maximum time required for reaching the edge node device.
7. The method for automatic verification of a node information reliability measure-based apparatus according to claim 1, wherein in step (41), D i Authentication request information M of (1) i Comprises D i Heartbeat message hb i Verification message u i Initial software configuration digest c i Software-configured digest certificate cert (c) i ) And a message type;
said heartbeat message hb i From ID i 、t i 、c i ' and cert (c) i ) A constitution in which ID i For D i Device ID, t of (a) i For D i To D i Time stamp for transmitting security verification information, c i ' configure digest for current software, is D i Generating through a hash function according to the current software configuration;
the verification message u i For D i For hb i Generating a mac digest using a mac algorithm;
the message type is an authentication request;
neighbor node pair D i Security verification is carried out when the heartbeat message hb i Verification message u i Initial software configuration digest c i Software-configured digest certificate cert (c) i ) D when the verification is passed and the message type is the verification request i Verification passes, wherein:
for hb i If hb i Medium ID i 、cert(c i ) Are all D i Of t of i Corresponding T i ,c i ’=c i Then hb i Verification is passed;
for u i Neighbor node pair hb i Re-generation of mac digest u using mac algorithm i ', if u i =u i ', u i Verification passes.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311447337.2A CN117201042B (en) | 2023-11-02 | 2023-11-02 | Automatic equipment verification method based on node information credibility metering |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311447337.2A CN117201042B (en) | 2023-11-02 | 2023-11-02 | Automatic equipment verification method based on node information credibility metering |
Publications (2)
Publication Number | Publication Date |
---|---|
CN117201042A CN117201042A (en) | 2023-12-08 |
CN117201042B true CN117201042B (en) | 2024-01-02 |
Family
ID=88987215
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202311447337.2A Active CN117201042B (en) | 2023-11-02 | 2023-11-02 | Automatic equipment verification method based on node information credibility metering |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN117201042B (en) |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102572822A (en) * | 2010-12-15 | 2012-07-11 | 中国科学技术大学 | Method and device for realizing security routing |
CN104335546A (en) * | 2012-05-22 | 2015-02-04 | 思科技术公司 | Using neighbor discovery to create trust information for other applications |
CN111614650A (en) * | 2020-05-14 | 2020-09-01 | 长沙学院 | Method and device for detecting compromised nodes in wireless sensor network |
CN112468448A (en) * | 2020-11-05 | 2021-03-09 | 中国电子信息产业集团有限公司 | Processing method and device of communication network, electronic equipment and readable storage medium |
CN112565230A (en) * | 2020-11-30 | 2021-03-26 | 国网山东省电力公司电力科学研究院 | Software-defined Internet of things network topology data transmission safety management method and system |
CN112911549A (en) * | 2021-02-25 | 2021-06-04 | 南通大学 | GPSR (gigabit passive sr) secure routing protocol implementation method based on block chain trust model |
CN114553458A (en) * | 2021-12-16 | 2022-05-27 | 国网河北省电力有限公司信息通信分公司 | Method for establishing and dynamically maintaining credible group in power Internet of things environment |
WO2023117157A1 (en) * | 2021-12-20 | 2023-06-29 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and apparatus for verifying a channel quality indicator measurement |
CN116916319A (en) * | 2023-08-11 | 2023-10-20 | 湘潭大学 | Malicious node identification method based on subjective logic trust evaluation algorithm in VANET environment |
-
2023
- 2023-11-02 CN CN202311447337.2A patent/CN117201042B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102572822A (en) * | 2010-12-15 | 2012-07-11 | 中国科学技术大学 | Method and device for realizing security routing |
CN104335546A (en) * | 2012-05-22 | 2015-02-04 | 思科技术公司 | Using neighbor discovery to create trust information for other applications |
CN111614650A (en) * | 2020-05-14 | 2020-09-01 | 长沙学院 | Method and device for detecting compromised nodes in wireless sensor network |
CN112468448A (en) * | 2020-11-05 | 2021-03-09 | 中国电子信息产业集团有限公司 | Processing method and device of communication network, electronic equipment and readable storage medium |
CN112565230A (en) * | 2020-11-30 | 2021-03-26 | 国网山东省电力公司电力科学研究院 | Software-defined Internet of things network topology data transmission safety management method and system |
CN112911549A (en) * | 2021-02-25 | 2021-06-04 | 南通大学 | GPSR (gigabit passive sr) secure routing protocol implementation method based on block chain trust model |
CN114553458A (en) * | 2021-12-16 | 2022-05-27 | 国网河北省电力有限公司信息通信分公司 | Method for establishing and dynamically maintaining credible group in power Internet of things environment |
WO2023117157A1 (en) * | 2021-12-20 | 2023-06-29 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and apparatus for verifying a channel quality indicator measurement |
CN116916319A (en) * | 2023-08-11 | 2023-10-20 | 湘潭大学 | Malicious node identification method based on subjective logic trust evaluation algorithm in VANET environment |
Non-Patent Citations (3)
Title |
---|
Network performance reliability evaluation based on network reduction;Hui Zhang et al.;2014 Reliability and Maintainability Symposium;全文 * |
可信链在Ad Hoc网络的传递;刘静等;计算机工程与应用;全文 * |
移动自组网安全技术研究;张鹏等;计算机科学(第07期);全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN117201042A (en) | 2023-12-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6971028B1 (en) | System and method for tracking the source of a computer attack | |
Newsome et al. | The sybil attack in sensor networks: analysis & defenses | |
EP1203280B1 (en) | System and method for protecting a computer network against denial of service attacks | |
KR101995339B1 (en) | A IoT sensor authentication method based on block-chain | |
Benenson et al. | User authentication in sensor networks | |
WO2007120313A2 (en) | Insider attack defense for network client validation of network management frames | |
Udgata et al. | Wireless sensor network security model using zero knowledge protocol | |
Sani et al. | Xyreum: A high-performance and scalable blockchain for iiot security and privacy | |
CN114915970B (en) | PUF-based lightweight intelligent meter batch authentication method and gateway | |
CN112436940A (en) | Internet of things equipment trusted boot management method based on zero-knowledge proof | |
Huang et al. | Key-free authentication protocol against subverted indoor smart devices for smart home | |
CN113873508A (en) | Edge computing bidirectional authentication method and system based on user double public and private keys | |
Soni et al. | A L-IDS against dropping attack to secure and improve RPL performance in WSN aided IoT | |
Selvarathinam et al. | Evil twin attack detection using discrete event systems in IEEE 802.11 wi-fi networks | |
Kumar et al. | A secure and efficient computation based multifactor authentication scheme for Intelligent IoT-enabled WSNs | |
Weimerskirch et al. | Identity certified authentication for ad-hoc networks | |
Alsadeh et al. | Cryptographically Generated Addresses (CGAs): Possible attacks and proposed mitigation approaches | |
Chiu et al. | NoPKI-a point-to-point trusted third party service based on blockchain consensus algorithm | |
CN117201042B (en) | Automatic equipment verification method based on node information credibility metering | |
Ghasemzadeh et al. | Key management system for WSNs based on hash functions and elliptic curve cryptography | |
Aftab et al. | Towards a distributed ledger based verifiable trusted protocol for VANET | |
CN117097488B (en) | Equipment group security verification method based on node path finding | |
Lukaj et al. | Gateway-Based Certification Approach to Include IoT Nodes in a Trusted Edge/Cloud Environment | |
Sieka | Using radio device fingerprinting for the detection of impersonation and sybil attacks in wireless networks | |
Salami et al. | Past Event Recall Test for Mitigating Session Hijacking and Cross-Site Request Forgery |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |