一种基于到达时间差的无线传感器网络中Sybil攻击检测方案.docx
- 文档编号:6446795
- 上传时间:2023-01-06
- 格式:DOCX
- 页数:10
- 大小:29.86KB
一种基于到达时间差的无线传感器网络中Sybil攻击检测方案.docx
《一种基于到达时间差的无线传感器网络中Sybil攻击检测方案.docx》由会员分享,可在线阅读,更多相关《一种基于到达时间差的无线传感器网络中Sybil攻击检测方案.docx(10页珍藏版)》请在冰豆网上搜索。
一种基于到达时间差的无线传感器网络中Sybil攻击检测方案
1ProjectsupportedbytheSpecializedResearchFundfortheDoctoralProgramofHigherEducation(SRFDP,undergrantNo.20050248043.
TDOA-basedSybilAttackDetectionSchemefor
WirelessSensorNetworks1
WenMi,Lihui,ZhengYanfei,ChenKefei
Cryptography&InformationSecurityLab,ShanghaiJiaoTongUniversity,Shanghai,
China(200240
E-mail:
Abstract
Aswirelesssensornetworkaredeployedinfiremonitoring,objecttrackingapplications,securityemergesasacentralrequirement.AcasethatSybilnodeillegitimatelyreportsmessagestothemasternodewithmultiplenon-existentidentities(ID,willcauseharmfuleffectsonthedecisionmakingorresourceallocationintheseapplications.Inthispaper,wepresentanefficientandlightweightsolutionforSybilattackdetectionbasedontheTimeDifferenceofArrival(TDOAbetweenthesourcenodeandbeaconnodes.OursolutioncannotonlydetecttheexistenceofSybilattacksbutalsolocatetheSybilnodes.Andwedemonstratetheefficiencyofoursolutionthroughexperiments.TheexperimentsshowthatoursolutioncandetectSybilattackcaseswith100%completeness.
Keywords:
AttackDetection;SybilAttack;TimeDifferenceofArrival;WirelessSensorNetworks
1.IntroductionsWirelesssensornetwork(WSNhasrecentlyemergedasanimportantapplicationresultingfromthefusionofwirelesscommunicationsandembeddedcomputingtechnologies.Ithasbeenwildlyappliedinallfields,includingmonitoring,location,trackingandforesting.However,thenatureofwirelesssensornetworkmakesthemvulnerabletosecurityattacks.Especially,withoutatrustedcentralizedauthority,theSybilattackisalwayspossible.TheSybilattackintroducedin[1]denotesanattackthattheSybilnodetriestoforgemultipleidentificationstobroadcastmessagesinacertainregion.Broadcastingmessageswithmultipleidentificationscanbeexceedinglyharmfultomanyimportantfunctionsofthesensornetwork,suchasvoting,fairresourceallocation,groupbaseddecisions,routing,dataaggregation,misbehaviordetectionetc.AnumberofprotocolsforSybilattackpreventionhavebeenproposedinrecentyears.Butmostofthemaretoocostlyfortheresource-poorsensors.Douceur[1]proposesaresourcetestingmethod.Itassumesthateachphysicalentityislimitedinsomeresource.Theverifiertestswhetheridentities
correspondtodifferentphysicalentitiesby
verifyingthateachidentityhasasmuchofthetestedresourceasaphysicaldevice.Itisunsuitableforwirelesssensornetworks,becausetheattackermaybeusingaphysicaldevicewithseveralordersofmagnitudemoreresourcesthanaresourcestarvedsensornode.Karlof[2]commendstouseaNeedham-Schroederlikeprotocoltoverifyeachother’sidentityandestablishasharedkey.Consequently,itcanlimitthenumberofneighborsanodeallowedtohaveandsendanerrormessagewhenanodeexceedsit.ButthismethodjustlimitthecapabilityoftheSybilattackanditcan’tlocatetheSybilnodeandremoveit.Newsome[3]adoptskeyvalidationforrandomkeypre-distributionandregistration;however,theyconsumepreciousmemoryspaceaseverynodeisrequiredtostorepair-wisekeyswithneighbors.Bazzi[7]preventsSybilattacksviageometric
distinctnesscertification,whichteststhatamongstagroupofidentitiesalargeenoughsubsetresidesonasetofdistinctentities.It’stoocomplexandenergyconsumptive.Demirbas[8]presentsaschemebasedonthereceivedsignalstrengthindicator(RSSI
readingsofmessagestodetecttheSybilattack.Thisistheonemostclosetoours.Zhang[9]proposesasuiteoflocation-basedcompromise-tolerantsecuritymechanisms,whichbasedonanewcryptographicconceptcalledpairing.Tothebestofourknowledge,pairingisenergy-consuminganditisnotsuitableforthesensornetworks.
Themajorcontributionofthispaperisthat,itproposesaTimeDifferenceofArrival(TDOAbasedsolutionforSybilattackdetectionanddemonstratesitsefficiencybyexperiments.ThissolutioncannotonlydetecttheexistenceofSybilattacksbutalsolocatetheSybilnodes.Itrequiresminimalstorageandcommunicationoverheadforsensors,astheyarelistenedbythreebeaconnodesineachcluster,whichareassumedtoknowtheirownlocations(e.g.,throughGPSreceiversormanualconfiguration.ItalsodoesnotburdentheWSNwithsharedkeysorpiggybackingofkeystomessages.TheessentialpointoftheTDOAbasedsolutionisassociatingtheTDOAratiowiththesender’sID.OncethesameTDOAratiowithdifferentIDisreceived,thereceiverknowsthereisaSybilattack.TouseTDOAratioinsteadofTDOAtoassociatetheIDistoavoidthesensorsatthecirclecenteredatoneofthebeaconnodesbeingmisdiagnosed.
Thispaperisorganizedasfollows.Insection2wediscussthenetworkmodelandmethodology.InSection3wepresentourSybilattackdetectionschemes.InSection4wediscusstheexperimentsofoursolution,andinsection5weanalyzetheperformanceofoursolution.Finally,inSection6wegiveourconclusionandfuturework.
2.Networkmodeland
methodology
2.1Networkmodel
Weassumeastaticnetwork,whereall
nodesaredeployedrandomlyovera2-dimensionalmonitoredarea(itcanbeeasily
expandto3-dimensions.Ifthenodesaredeployedtoodense,ononehand,thepositionofmorethanonenodemaybelocatedatthesameplace.ThislocationerrormayinfluencethedetectionoftheSybilattack.Ontheotherhand,inthelargescalenetwork,whichdeployedoutdoor,it’sexpensivetodeploynodestoodensely.So,weassumethatthedensityofthesensornetworkisbeyond10m(10misthepositionaccuracyofMTS420C,whichistheMICA2GPSSensorBoardofCrossbow.Weassumetherearetimesynchronizationbetweenthesourcenodesandthebeaconnodes.Threebeaconnodes123,,SSSwithknowncoordinates(1X,1Y,(2X,2Y,and(3X,3Yrespectively,areplacedattheboundaryofthemonitoredarea(usuallyacluster,asshowninFig1.Let(x,ybetheSybilnode’slocation,whichwillbedeterminedbytime-basedpositioningschemes[4],[5].Eachnodecanreachallbeaconnodesinthecluster.NotethatSybilnodecanforgenon-existentmultipleidentities.
2.2TimeDifferenceofArrivalPrinciple
TheTDOAofamessagecanbeestimatedbyHyperbolicPositionLocationSolution(HPL[6].Assumethat1Sisthemasterbeaconnode.Thedistancebetweenthesourceandthei
thbeaconnodeis
iR=(1
Now,thedistancedifferencebetween
Fig1HyperbolicPositionLocationRedraw
[5]
beaconnodeswithrespectto1Sisgivenas,1iR=,1icd=iR−1R(2
Wherecisthesignalpropagationspeed,
1iRistherangedistancedifferencebetween1Sand(1iiS>,,1idistheestimatedTDOA
between1Sand(1iiS>.Thisdefinesthesetofnonlinearhyperbolicequationswhosesolution
givesthe2-Dcoordinatesofthesource.From(2weknowthat,
iR=,1iR+1R(3
Subtracting(1ati=1from(3resultsin2,1iR+12iRR
=
2
iX+2
iY−2,1iXx−2,1iYy−
2
1X−
2
1Y(4
Where,1iXand,1iYareequalto1iXX−and1iYY−respectively.Andwithoutlossofgenerality,weassumethebeaconnode1Sislocatedat(0,0.From(2weobtain
2221Rxy=+(5
Forathreebasestationsystem,Chan'smethod[6]producingtwoTDOAtorendersolutionforxandyintermsof1Risintheform(6as
1
22,12,12,12,121123,13,13,13,1
311*2XYRRKKxRyRXYRKK−⎫⎡⎤⎡⎤⎧−+⎡⎤⎡⎤⎪
⎪⎢⎥⎢⎥=−+⎢⎥⎨⎬⎢⎥⎢⎥⎢⎥−+⎢⎥⎣⎦⎪⎪⎣⎦⎩⎣⎦⎣⎦⎭Where,
22111KXY=+,22222KXY=+,22333KXY=+,
2,12,1,Rcd=3,13,1Rcd=
Ontherightsideofaboveequation,allthequantitiesareknownquantitiesexcept1R.Thereforesolutionofxandywillbedeterminedby1R.Whenthesevaluesofxandyaresubstitutedintotheequation(5,aquadraticequationintermsof1Risproduced.Oncetherootsof1Rareknown,valuesofxandycanbedetermined.
3.TDOA-basedSybilnodedetectionHerewefirstpresentabasicTDOA-basedSybilattackdetectionprotocolinsection3.1,andinsection3.2,weproposeanadvancedonebyconsideringtheenvironmenterrors.
3.1BasicAlgorithm
Wearegoingtousethelocalizationalgorithminsection2.2todetecttheSybilattackasfollows.Oncehearingamessage{,}ixmdataD=fromsourceS,thethreebeaconnodesrecorditsarrivingtimerespectively,forexample,123,,tttat123,,SSS.Themasterbeaconnode1ScancomputetheTimeDifferenceofArrivalwhenreceive23tandtfrom23SandSanddeducethelocationofthesourceusingequation(2and(6.Then1Sassociatesthislocationwiththesource-IDincludedinthemessage.Later,whenanothermessagewithadifferentsource-IDisreceivedandthelocationofthesourceiscomputedtobethesameasthepreviousone,thebeaconnodesdetectaSybilattack.
But,itiscostlyandveryinconvenienttocalculatethelocationofeverynodeateverycommunicationsessionusingequation(6.Infact,wedonotneedthiscomputationforSybilnodedetection,becauseitispossibletodetectSybilattackbyjustrecordingandcomparingtheratioofTDOAforthereceivedmessages.OnlyaftertheSybilattackisfoundcanweuseequation(6tolocatetheSybilone.
Suppose,aSybilnodeforgeitsIDasD1,D2…,Dxandsoon.Consideringatsession1,aSybilnodebroadcastsmessage1{,1}mdataD=withD1.WhenbeaconnodeshearthemessagefromSourcenode,theytransmittheirownIDandthearrivingtimeofmessage1mas1(1{,1,}iiireportSDt>=to1S.
1Swilluse
1
1111*(/DiiidttRRc=−=−(7
todenotetheTDOAvaluebetween(1iiS>anditself.Then,1
Scomputes
theratio
11
12,13,1/DDtrdd=(8
andstoresitlocally.
Similarly,atsession2,theSourcenode
broad
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 一种 基于 到达 时间差 无线 传感器 网络 Sybil 攻击 检测 方案