【作者】 王伟；

【导师】 王华奎；

【作者基本信息】 太原理工大学 ， 电路与系统， 2011， 博士

【摘要】 无线传感器网络是由数量众多的传感器节点通过无线通信技术以自组织方式构成网络。在民用和军用方面有着非常广泛的应用前景,但是目前在无线传感器网络的研究中仍有许多问题没有解决,例如：路由协议、定位技术、网络安全等等。本文针对无线传感器网络的安全问题,主要围绕着无线传感器网络在Sybil攻击情况下,系统采取的有效检测机制和安全定位方法,其主要研究内容和创新性结果如下：定位技术是无线传感器网络的关键技术之一。传感器网络技术主要依赖节点位置建立网络的空间关系,从而报告监测事件,并且节点位置也是协助路由等网络功能的重要基础。然而由于传感器网络主要应用在无人值守的敌对环境下‘,网络节点的定位是很容易被敌方的攻击,这种脆弱性决定了安全问题在定位过程中的重要性本文研究在Sybil攻击下的传感器网络节点安全定位机制。分析了传感器网络节点定位系统可能受到的安全攻击和安全需求。由于RSSI具有能量传送功能,所以不同的传送能量将会导致产生不同的RSSI读数,而且基于RSSI解决Sybil攻击的方法不会增加WSN的负担,利用两个接收节点进行分析,比较两个接收节点的RSSI比率,以此来解决RSSI时间不一致性的问题,通过仿真结果设置门槛来检测Sybil攻击。研究表明,用RSSI从不同接收节点的比率值可以解决由于RSSI的时间差异或者传输率的非对称性引起的不可靠性的问题,通过仿真比较了接收节点数目对检测攻击效果的影响,用两个接收节点的RSSI比率值就可以准确的检测到Sybil攻击,仿真结果表明本文提出的检测方法具有可靠的安全性。在通信网络中路由算法是网络层核心问题,其主要功能是指引分组通过子网到达正确目的节点。在无线传感器网络中,消息常常需要经过若干节点才能到达目的地,而且传感器网络是具有动态性和多跳结构的特点,这样每个节点都应该具有路由功能。由于每个节点都是潜在路由节点,因此受到的攻击面会更大。首先从算法思想的总体结构出发,考虑到节点信任度评价及Sybil攻击参数对路由的建立、路径的选择及数据传输的影响。仿真表明改进后的可信DD算法在Sybil攻击下,具有良好的安全性。由于系统复杂性和用户数量增加,以及外界攻击影响,对系统的每个细节和用户进行控制就变得很困难。入侵容忍系统是第三代的网络安全技术,研究系统在已经遭受到入侵的情况下,如何能有效地屏蔽或遏制入侵所造成的破坏。Sybil攻击容忍算法是利用节点定位系统中存在冗余参照信息的特点,提出了误差假设,用方差的无偏估计作为安全性检验的依据,首先采用随机方法找一个最小安全参照集,利用基于最小安全参照集预测残差,逐个诊断剩余参照数据是否异常,这样就提高定位系统容忍攻击的能力。实验结果表明算法有效提高定位系统抵抗定位攻击能力。更多还原

【Abstract】 Wireless Sensor Network is (WSN) composed of a great number of sensor nodes by means of wireless communicational technology and self- organization mode. It has a wide applicable prospect in the civilian aspect and the military aspect, but at present, the researches about WSN still have a lot of questions to solve, such as:routing protocol, location technology, network security. The thesis is aimed at the security issue of WSN, mainly conducting a research in the effective detecting mechanism and the method of security location under condition that the WSN is attacked by Sybil. Submit the major research contents and creative results as shown below:Location technology is one of the significant technologies of WSN. WSN technology establishes spatial relationship depending on node’s position to report monitored incident. In addition, node’s position, which can help routing and other network functions, also an essential basis. However location of network node is easy to be attacked by enemies, because WSN is mainly used under the hostile and unguarded environment. The frangibility depends on the importance of security issue in the process of location.The thesis studies the security location mechanism of sensor network node under the attack of Sybil, and analyzes the safe attacks which are possibly accepted and safe requirement in the location system. Since RSSI possesses the energy transmission function, different transmission energy will cause to produce different RSSI readings. Furthermore, this kind of method can not increase burden on WSN. It conducts an analysis between two receiving nodes, compares RSSI ratios to tickle the problem of time inconsistency of RSSI, and sets a threshold to detect Sybil by the emulation results. Research shows that ratio value of different receiving nodes by using RSSI can resolve time difference because of the RSSI or unreliability which results from asymmetry of transmission ratio. The thesis makes a comparison that the number of receiving nodes has an influence on attack effect. Utilizing the RSSI ration values can exactly detect Sybil attack. Emulation findings demonstrate that the detection method put forward by the thesis owns better security.In the communication network, route algorithm is an essential problem of network layer and its main function is guiding subgroup how to reach exact destination node by sub-network. In the WSN, messages need to get pass many nodes so that they can reach destination. What’s more, WSN is characterized by dynamic feature and AD hoc network. Thus, each node is all supposed to have routing function.Because each node is potential routing node, attacked area is larger. First of all, algorithm theory based on the general structure considers credit evaluation of node and influence of Sybil attacking parameter on routing establishment, routing path choice and data transmission. Emulation results state clearly that improved and credible DD algorithm has good security under the attack of Sybil.It becomes extremely difficult to control every detail and every user from the system, partly because of the increase in systematical complex and large number of users, partly because of impact of outside attack. Intrusion Tolerance System is the third generation of network security technology, which studies how to effectively shield or stop damage caused by intrusion when system is suffering the intrusion. The tolerance algorithm of Sybil attack puts forward assumption of deviation by using redundant feature of compared message appears in the system. Utilizing unbiased estimation of variance as the basis of security inspection, the thesis finds out a smallest safe aggregation of comparison at random and uses prediction residuals to diagnose whether the rest of compared data are normal or not one by one in order to improve the ability of system tolerance attack. The experimental results state the algorithm efficiently improves the ability of resisting location attack.更多还原