基于逻辑拓扑的虫孔攻击检测

Logic topology based method for wormhole attack detection

虫孔攻击(wormhole attack)是一种主要针对无线传感器网络的重大安全威胁,通常难以检测和预防.分析了虫孔攻击对于网络节点邻居数目的影响,提出了一种基于网络逻辑拓扑的攻击检测方法.在假设实现了某种邻居节点发现过程的前提下,首先对网络节点进行邻居数目判断和连通性检测,筛选出可能的受攻击节点集合;随后根据攻击特征对候选节点集合进行分析判断,从而确定是否存在虫孔攻击.与现有检测算法相比,该方法能进一步区分位于隧道两端的受攻击节点集合,从而降低相应的安全风险.初步分析表明,虽然可能受节点密度、攻击半径、攻击位置以及其他随机因素的影响,但通过必要的修正措施仍然可以得到较为可信的检测结果.该方法无时间同步和节点定位要求,算法复杂度大致为O(n).

Wormhole attack is a serious security threat mainly for wireless sensor networks, usually being difficult to detect and prevent. The influence of wormhole attack on the node＇s number of neighbors is analyzed, and a logic topology based method is proposed for attack detection. On the assumption that nodes can find their neighbors in some way, the candidate sets of attacked nodes are firstly constructed by testing the node＇s number of neighbors and connectivity among nodes, then every candidate set is given an in-depth analysis through a feature-detection procedure to ascertain the existence of wormhole attack. Compared with the existing detection algorithms, the method can further distinguish the attacked node sets at two ends of the tunnel, thereby reducing the corresponding security risks. Preliminary analysis indicates that, although the method may get interfered by node density, attack radius, attack location and other random factors, reliable conclusions are still available after adopting some necessary corrective measures. Finally, the method requires neither time synchronization nor node location devices, also the algorithm complexity gets reduced to O（n） approximately.