计算机科学 ›› 2019, Vol. 46 ›› Issue (6): 153-161.doi: 10.11896/j.issn.1002-137X.2019.06.023
张光华1,2, 杨耀红1, 张冬雯1, 李军3
ZHANG Guang-hua1,2, YANG Yao-hong1, ZHANG Dong-wen1, LI Jun3
摘要: 在开放的物联网环境下,节点在路由过程中极易遭到恶意丢包攻击(包括黑洞攻击和灰洞攻击),这将严重影响网络的连通性,并导致网络的数据包投递率下降以及端到端延时增加。为此,在RPL协议的基础上,提出了一种基于信任的安全路由机制。根据节点在数据转发过程中的行为表现,引入惩罚因子来评估节点间的直接信任关系,通过熵为直接信任值和间接信任值分配权重,进而得到被评估节点的综合信任值。利用模糊集合理论对节点间的信任关系进行等级划分,为路由节点选取信任等级较高的邻居节点进行数据转发,而信任等级较低的邻居节点将被隔离出网络。此外,为了避免正常节点由于某些非入侵因素而被当作恶意节点隔离出网络,为这类节点提供一个给定的恢复时间,从而进一步判断是否将其隔离出网络。利用Contiki操作系统及其自带的Cooja网络模拟器对所提方案进行仿真,实验结果表明,在节点数目和恶意节点比例不同时,本方案的恶意节点检测率、误检率、数据包投递率和端到端延时4个指标均有所改善。在安全性方面,本方案的恶意节点检测率和误检率明显优于tRPL协议;在路由性能方面,本方案的数据包投递率和端到端延时明显优于tRPL协议和MRHOF-RPL协议。仿真分析结果充分说明:所提方案不仅能够有效识别恶意节点,而且能够在恶意攻击存在的情况下保持较好的路由性能。
中图分类号:
[1]ZHANG Y Q,ZHOU W,PENG A N.Survey of Internet of Things Security [J].Journal of Computer Research and Deve-lopment,2017,54(10):2130-2143.(in Chinese) 张玉清,周威,彭安妮.物联网安全综述[J].计算机研究与发展,2017,54(10):2130-2143. [2]LIN J,YU W,ZHANG N,et al.A Survey on Internet of Things:Architecture,Enabling Technologies,Security and Privacy,and Applications[J].IEEE Internet of Things Journal,2017,4(5):1125-1142. [3]ISLAM S M R,KWAK D,KABIR M H,et al.The Internet of Things for Health Care:A Comprehensive Survey [J].IEEE Access,2017,3:678-708. [4]KURT M N,YILMAZ Y,WANG X.Distributed Quickest Detection of Cyber-Attacks in Smart Grid [J].IEEE Transactions on Information Forensics and Security,2018,13(99):1-16. [5]ALFONSO V,JAMES F H,HUNG L H,et al.Predicts 2015:The Internet of Things[EB/OL].(2014-12-30) [2018-07-28].https://www.gartner.com/doc/2952822/predicts-internet-things. [6]KSHIRSAGAR V H,KANTHE A M,SIMUNIC D.Trust Based Detection and Elimination of Packet Drop Attack in the Mobile Ad-Hoc Networks [J].Wireless Personal Communications,2018,100(2):311-320. [7]HAN G,JIANG J,SHU L,et al.Management and Applications of Trust in Wireless Sensor Networks:A survey [J].Journal of Computer and System Sciences,2014,80(3):602-617. [8]BAO F,CHEN I R,CHANG M,et al,Hierarchical Trust Mana-gement for Wireless Sensor Networks and Its Application to Trust-based Routing [C]∥Proceedings of ACM Symposium on Applied Computing.Taiwan:ACM,2011,1732-1738. [9]BAO F,CHEN I R,CHANG M J,et al.Hierarchical Trust Management for Wireless Sensor Networks and its Applications to Trust-Based Routing and Intrusion Detection [J].IEEE Transactions on Network & Service Management,2012,9(2):169-183. [10]HE D,CHEN C,CHAN S,et al.ReTrust:Attack-Resistant and Lightweight Trust Management for Medical Sensor Networks [J].IEEE Transactions on Information Technology in Biomedicine,2012,16(4):623-632. [11]YANG B,YAMAMOTO R,TANAKA Y.Dempster-Shafer Evi-dence Theory based Trust Management Strategy against Coo-perative Black Hole Attacks and Gray Hole Attacks in MANETs[C]∥16th International Conference on Advanced Communi-cation Technology.Pyeongchang:IEEE,2014:223-232. [12]WANG B,CHEN X,CHANG W.A Light-weight Trust-based QoS Routing Algorithm for Ad Hoc Networks [J].Pervasive and Mobile Computing,2014,13(2014):164-180. [13]BAO F,CHEN I R.Trust Management for the Internet of Things and Its Application to Service Composition [C]∥2012 IEEE International Symposium on a World of Wireless,Mobile and Multimedia Networks (WoWMoM).San Francisco:IEEE,2012:1-6. [14]YAN Z,ZHANG P,VASILAKOS A V.A Survey on Trust Management for Internet of Things [J].Journal of Network and Computer Applications,2014,42(3):120-134. [15]KARKAZIS P,LELIGOU H C,SARAKIS L,et al.Design of Primary and Composite Routing Metrics for RPL-compliant Wireless Sensor Networks [C]∥2012 International Conference on Telecommunications and Multimedia (TEMU).Chania:IEEE,2012:13-18. [16]SEEBER S,SEHGAL A,STELTE B,et al.Towards a Trust Computing Architecture for RPL in Cyber Physical Systems [C]∥Proceedings of the 9th International Conference on Network and Service Management (CNSM 2013).Zurich:IEEE,2013:134-137. [17]DJEDJIG N,TANDJAOUI D,MEDJEK F.Trust-based RPL for the Internet of Things [C]∥2015 IEEE Symposium on Computers and Communication (ISCC).Larnaca:IEEE,2016:962-967. [18]KHAN Z A,HERRMANN P.A Trust Based Distributed Intrusion Detection Mechanism for Internet of Things [C]∥2017 IEEE 31st International Conference on Advanced Information Networking and Applications (AINA).Taipei:IEEE,2017:1169-1176. [19]KHAN Z A,ULLRICH J,VOYIATZIS A G,et al.A Trust-based Resilient Routing Mechanism for the Internet of Things [C]∥Proceedings of the 12th International Conference on Availability,Reliability and Security (ARES’17).Reggio Calabria:ACM,2017:1-6. [20]THUBERT P,WINTER T,BRANDT A,et al.RPL:IPv6 Routing Protocol for Low power and Lossy Networks [J].Internet Requests for Comment,2012,6550(5):853-861. [21]LUO J,LIU X,FAN M.A Trust Model based on Fuzzy Recommendation for Mobile Ad-hoc Networks [J].Computer Networks,2009,53(14):2396-2407. [22]ZHOU Z P,SHAO N N.An Improved Trust Evaluation Model Based on Bayesian for WSNs [J].Chinese Journal of Sensors and Actuators,2016,29(6):927-933.(in Chinese) 周治平,邵楠楠.基于贝叶斯的改进WSNs信任评估模型[J].传感技术学报,2016,29(6):927-933. [23]WU G,DU Z,HU Y,et al.A Dynamic Trust Model Exploiting the Time Slice in WSNs [J].Soft Computing,2014,18(9):1829-1840. [24]VASSEUR J P,KIM M,PISTER K,et al.Routing Metrics Used for Path Calculation in Low-Power and Lossy Networks [S/OL].[2018-07-28].https://tools.ietf.org/pdf/rfc6551.pdf. [25]OSTERLIND F,DUNKELS A,ERIKSSON J,et al.Cross-Level Sensor Network Simulation with COOJA [C]∥Proceedings.2006 31st IEEE Conference on Local Computer Networks.Tampa:IEEE,2011:641-648. [26]QASEM M,ALTAWSSI H,YASSIEN M B,et al.Performance Evaluation of RPL Objective Functions [C]∥IEEE Internatio-nal Conference on Computer and Information Technology;Ubiquitous Computing and Communications;Dependable,Autonomic and Secure Computing;Pervasive Intelligence and Computing.Liverpool:IEEE,2015:1606-1613. |
[1] | 张翀宇, 陈彦明, 李炜. 边缘计算中面向数据流的实时任务调度算法 Task Offloading Online Algorithm for Data Stream Edge Computing 计算机科学, 2022, 49(7): 263-270. https://doi.org/10.11896/jsjkx.210300195 |
[2] | 张翕然, 刘万平, 龙华. 物联网僵尸网络病毒的传播动力学模型与分析 Dynamic Model and Analysis of Spreading of Botnet Viruses over Internet of Things 计算机科学, 2022, 49(6A): 738-743. https://doi.org/10.11896/jsjkx.210300212 |
[3] | 周天清, 岳亚莉. 超密集物联网络中多任务多步计算卸载算法研究 Multi-Task and Multi-Step Computation Offloading in Ultra-dense IoT Networks 计算机科学, 2022, 49(6): 12-18. https://doi.org/10.11896/jsjkx.211200147 |
[4] | 董丹丹, 宋康. RIS辅助双向物联网通信系统性能分析 Performance Analysis on Reconfigurable Intelligent Surface Aided Two-way Internet of Things Communication System 计算机科学, 2022, 49(6): 19-24. https://doi.org/10.11896/jsjkx.220100064 |
[5] | 沈家芳, 钱丽萍, 杨超. 面向集能型中继窄带物联网的非正交多址接入和多维网络资源优化 Non-orthogonal Multiple Access and Multi-dimension Resource Optimization in EH Relay NB-IoT Networks 计算机科学, 2022, 49(5): 279-286. https://doi.org/10.11896/jsjkx.210400239 |
[6] | 张振超, 刘亚丽, 殷新春. 适用于物联网环境的无证书广义签密方案 New Certificateless Generalized Signcryption Scheme for Internet of Things Environment 计算机科学, 2022, 49(3): 329-337. https://doi.org/10.11896/jsjkx.201200256 |
[7] | 张叶, 李志华, 王长杰. 基于核密度估计的轻量级物联网异常流量检测方法 Kernel Density Estimation-based Lightweight IoT Anomaly Traffic Detection Method 计算机科学, 2021, 48(9): 337-344. https://doi.org/10.11896/jsjkx.200600108 |
[8] | 李贝贝, 宋佳芮, 杜卿芸, 何俊江. DRL-IDS:基于深度强化学习的工业物联网入侵检测系统 DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things 计算机科学, 2021, 48(7): 47-54. https://doi.org/10.11896/jsjkx.210400021 |
[9] | 李嘉明, 赵阔, 屈挺, 刘晓翔. 基于知识图谱的区块链物联网领域研究分析 Research and Analysis of Blockchain Internet of Things Based on Knowledge Graph 计算机科学, 2021, 48(6A): 563-567. https://doi.org/10.11896/jsjkx.200600071 |
[10] | 王卫红, 陈震宇. 基于改进区块链的智能制造安全模型 Intelligent Manufacturing Security Model Based on Improved Blockchain 计算机科学, 2021, 48(2): 295-302. https://doi.org/10.11896/jsjkx.191200159 |
[11] | 刘新, 黄缘缘, 刘子昂, 周睿. IoTGuardEye:一种面向物联网服务的Web攻击检测方法 IoTGuardEye:A Web Attack Detection Method for IoT Services 计算机科学, 2021, 48(2): 324-329. https://doi.org/10.11896/jsjkx.200800030 |
[12] | 王锡龙, 李鑫, 秦小麟. 电力物联网下分布式状态感知的源网荷储协同调度 Collaborative Scheduling of Source-Grid-Load-Storage with Distributed State Awareness UnderPower Internet of Things 计算机科学, 2021, 48(2): 23-32. https://doi.org/10.11896/jsjkx.200900209 |
[13] | 张育龙, 王强, 陈明康, 孙静涛. 图像去雨算法在云物联网应用中的研究综述 Survey of Intelligent Rain Removal Algorithms for Cloud-IoT Systems 计算机科学, 2021, 48(12): 231-242. https://doi.org/10.11896/jsjkx.201000055 |
[14] | 宗思洁, 覃天, 贺龙兵. 面向IOT芯片的安全启动算法分析与应用 Analysis and Application of Secure Boot Algorithm Based on IOT Chip 计算机科学, 2021, 48(11A): 552-556. https://doi.org/10.11896/jsjkx.210300237 |
[15] | 刘炜, 阮敏捷, 佘维, 张志鸿, 田钊. 面向物联网的PBFT优化共识算法 PBFT Optimized Consensus Algorithm for Internet of Things 计算机科学, 2021, 48(11): 151-158. https://doi.org/10.11896/jsjkx.210500038 |
|