一种基于安全区域的WSN流量分析聚合方法

doi:10.3969/j.issn.1671-1122.2021.09.012

摘要/Abstract

摘要：

聚类是无线传感器网络中最重要的任务,其特点是通过簇头（Cluster Head,CH）进行数据聚合,降低了通信成本。由于无线传感器网络部署在远程和敌对环境中进行敏感信息的传输,使得传感器节点更容易受到虚假的数据注入攻击。为克服这些问题,提高网络的安全性,文章提出一种基于安全区域的无线传感器网络流量分析聚类方法。将传感器网络聚类成小簇,每个簇都有一个CH来管理和收集来自正常传感器节点的信息。根据预定义的时隙、簇中心和最高剩余能量来选择CH。基于流量分析和一次性密钥生成过程对收集到的数据进行验证,以识别路由上的恶意节点,提供一个安全的数据收集过程,提高能源效率。仿真结果表明,与现有的安全数据聚合技术相比,文章所提基于安全区域的流量分析聚类方法具有更低的平均能耗、更低的端到端延迟、更高的平均剩余能量、更高的数据聚合精度和错误数据检测率。

关键词: 假数据注入攻击, 数据聚合, 一次性密钥生成, 无线传感器网络

Abstract:

Clustering is the most important task in wireless sensor network (WSN), which is characterized by data aggregation through each cluster head (CH), and reduces transportation costs. Because wireless sensor network is deployed in remote and hostile environments to transmit sensitive information, sensor nodes are more vulnerable to false data injection attacks. To overcome these existing issues and enhance the network security, this paper proposes a secure area based clustering approach for data aggregation using traffic analysis (SAC-TA) in WSN. The sensor network is grouped into small clusters, each of which has a CH to manage and collect information from normal sensor nodes. The CH is selected according to the predefined time slot, cluster center and maximum residual energy. The collected data is verified based on traffic analysis and one-time key generation process to identify malicious nodes on the route, provide a secure data collection process and improve energy efficiency. The simulation results show that compared with the existing secure data aggregation technology (SDAT), SAC-TA has lower average energy consumption rate, lower end-to-end delay, higher average residual energy, higher data aggregation accuracy and error data detection rate.

Key words: false data injection attacks, data aggregation, one-time key generation, wireless sensor network

中图分类号:

TP309

张永棠. 一种基于安全区域的WSN流量分析聚合方法[J]. 信息网络安全, 2021, 21(9): 80-89.

ZHANG Yongtang. A Secure Area Based Clustering Approach for Traffic Analysis in WSN[J]. Netinfo Security, 2021, 21(9): 80-89.

图/表 10

图1

图2

图3

图4

表1

图5

图6

图7

图8

图9

参考文献 22

[1]	GOPIKRISHNAN S, PRIAKANTH P. HSDA: Hybrid Communication for Secure Data Aggregation in Wireless Sensor Network[J]. Wireless Networks, 2017, 22(3): 1-18. doi: 10.1007/s11276-015-0946-8 URL
[2]	YU Xiuwu, XIE Xiaoyong, LIANG Beikong, et al. A Deep Mine WSN Localization Algorithm Based on Both Particle Swarm Optimization and Tunnel Partition[J]. China Safety Science Journal, 2019, 29(2): 170-175.
	余修武, 谢晓永, 梁北孔, 等. 基于粒子群优化和巷道分区的深井WSN定位算法[J]. 中国安全科学学报, 2019, 29(2): 170-175.
[3]	XIAN Guangli, WEI Dengjia, YU Benzhi, et al. Aggregation Tree Statistical Computing Based on Functional Encryption[J]. Wuhan University Journal of Natural Sciences, 2019, 24(2): 116-124. doi: 10.1007/s11859-019-1376-8 URL
[4]	HU Xiangdong, XING Youquan, HE Wenxiang. An Energy-efficient Secure Clustering Algorithm Fusing Reputation Evaluation and Patrol Mechanism for WSN[J]. Telecommunication Engineering, 2019, 59(2): 125-132.
	胡向东, 邢有权, 何文祥. 融合信誉评估与巡查机制的WSN能量高效安全成簇算法[J]. 电讯技术, 2019, 59(2): 125-132.
[5]	CHEN Xingshu, CHEN Jinghan, SHAO Guolin, et al. A Covert Communication Behavior Detection Method Based on Session Flow Aggregation[J]. Journal of University of Electronic Science and Technology of China, 2019, 48(3): 388-396.
	陈兴蜀, 陈敬涵, 邵国林, 等. 基于会话流聚合的隐蔽性通信行为检测方法[J]. 电子科技大学学报, 2019, 48(3): 388-396.
[6]	YING Kezhen, ZHOU Xiannian, MAO Keji. Data Acquisition Algorithm in Wireless Sensor Network Based on Improved Region Growing Method[J]. Journal of Chinese Computer Systems, 2019, 40(3): 567-572.
	应可珍, 周贤年, 毛科技, 等. 一种改进区域生长法的WSN数据采集算法研究[J]. 小型微型计算机系统, 2019, 40(3): 567-572.
[7]	MA Dongchao, SUN Xingguo, MA Li. A Regulatable Model Based on Data Aggregation in WSN[J]. Chinese Journal of Computers, 2019, 42(2): 437-452.
	马东超, 孙兴国, 马礼. 一种基于数据聚合的传感器网络可调模型[J]. 计算机学报, 2019, 42(2): 437-452.
[8]	WARD J R, YOUNIS M. Cross-layer Traffic Analysis Countermeasures Against Adaptive Attackers of Wireless Sensor Networks[J]. Wireless Networks, 2019, 25(5): 2869-2887. doi: 10.1007/s11276-019-02003-9 URL
[9]	ISLAM M, FAHMIN A, HOSSAIN M S, et al. Denial-of-Service Attacks on Wireless Sensor Network and Defense Techniques[J]. Wireless Personal Communications, 2021, 116(4): 1-29. doi: 10.1007/s11277-020-07702-7 URL
[10]	SONG W, BEASLEY M, PRZYSTUPA K, et al. A Software Deep Packet Inspection System for Network Traffic Analysis and Anomaly Detection[J]. Sensors, 2020, 20(6): 1637-1678. doi: 10.3390/s20061637 URL
[11]	HAJIAN R, ERFANI S H. CHESDA: Continuous Hybrid And Energy-efficient Secure Data Aggregation For WSN[J]. The Journal of Supercomputing, 2021, 77(5): 5045-5075. doi: 10.1007/s11227-020-03455-z URL
[12]	PANKHURST R J. Key Generation by Computer[J]. Nature, 2019, 227(5264): 1269-1270. doi: 10.1038/2271269a0 URL
[13]	SONI A, UPADHYAY R, KUMAR A. Performance Improvement of Wireless Secret Key Generation with Colored Noise for IoT[J]. International Journal of Communication Systems, 2019, 32(8): 4124-4137.
[14]	LI GANG, ZHANG ZHE, YU YANG, et al. A Hybrid Information Reconciliation Method for Physical Layer Key Generation[J]. Entropy, 2019, 21(7): 84-90. doi: 10.3390/e21010084 URL
[15]	BALDI M, CHIARALUCE F, INCIPINI L, et al. Code-based Physical Layer Secret Key Generation in Passive Optical Networks[J]. Ad Hoc Networks, 2019, 89(6): 1-8. doi: 10.1016/j.adhoc.2019.02.003 URL
[16]	JIAO LING, WANG NING, WANG Peng, et al. Physical Layer Key Generation in 5G Wireless Networks[J]. IEEE Wireless Communications, 2019, 26(5): 48-54. doi: 10.1109/MWC.7742 URL
[17]	HAZAY C, MIKKELSEN G L, RABIN T, et al. Efficient RSA Key Generation and Threshold Paillier in the Two-party Setting[J]. Journal of Cryptology, 2019, 32(2): 265-323. doi: 10.1007/s00145-017-9275-7 URL
[18]	ZHANG Yongtang. C-RAN Dynamic Resource Allocation Method for DRL. Journal of Chinese Computer Systems, 2021, 42(1): 132-136.
	张永棠. 一种深度强化学习的C-RAN动态资源分配方法[J]. 小型微型计算机系统, 2021, 42(1): 132-136.
[19]	CHEN Liangchen, GAO Shu, LIU Baoxu, et al. Research Status and Development Trends on Network Encrypted Traffic Identification[J]. Netinfo Security, 2019, 19(3): 25-31.
	陈良臣, 高曙, 刘宝旭, 等. 网络加密流量识别研究进展及发展趋势[J]. 信息网络安全, 2019, 19(3): 25-31.
[20]	WANG Lele, WANG Binqiang, LIU Jiangang, et al. Study on Malicious Program Detection Based on Recurrent Neural Network[J]. Computer Science, 2019, 46(7): 92-96.
	王乐乐, 汪斌强, 刘建港, 等. 基于递归神经网络的恶意程序检测研究[J]. 计算机科学, 2019, 46(7): 92-96.
[21]	SINGH P, GUPTA A K, SINGH R. Improved Priority-based Data Aggregation Congestion Control Protocol[J]. Modern Physics Letters B, 2019, 34(2): 1-19.
[22]	CHANG J, LIU F. A Byzantine Sensing Network Based on Majority-ponsensus Data Aggregation Mechanism[J]. Sensors, 2021, 21(1): 248-264. doi: 10.3390/s21010248 URL

参数	值
仿真区域大小	500×500 m²
节点总数	200个
仿真时长	100 s
发送的数据包总数	600个