基于信任机制的无线传感器网络多协议层入侵检测方法

Multi-Protocol Layer Intrusion Detection Method for Wireless Sensor Networks Based on Trust Mechanism

无线传感器网络的单层攻击检测方法中仅考虑某一层次的攻击,具有局限性,而在跨层攻击的检测方法中存在较高的误报率和漏报率。针对这些问题,本文提出了一种结合信任机制和噪声检测技术的多协议层入侵检测方法(T-MPNID)。该方法中通过计算物理层、MAC层和网络层中多个关键参数的相对偏差值得到信任值,利用加权法建立各协议层的信任值,融合协议层的评估值得到融合信任值。本文引入数据噪声检测技术,对簇内节点各协议层的关键参数进行检测,然后对存在异常关键参数的节点平均融合信任值进行惩罚得到全局信任值。各协议层的关键参数作为噪声检测数据,平均融合信任值为噪声检测提供了数据的可信的权值和惩罚机制中节点惩罚力度。仿真实验表明,在典型的单层和跨层攻击中,本文提出的入侵检测方法(T-MPNID)有较高的检测率,较低的误报率和漏报率。

The limitation of single-layer attack detection method of wireless sensor network lies in that it only considers the attack of one specific layer of network protocol. On the other hand,the detection method of cross-layer attack has higher false positive and false negative rate. To solve these issues,this paper proposes a multi-protocol layer intrusion detection method(T-MPNID)combining trust system and noise detection technology. In the proposed method,the trust value can be calculated by computing the relative deviation of several key parameters in physical layer,MAC layer and network layer,and the trust value of each protocol layer is established using the weighting method for multiple key parameters of each layer. Every protocol layer ’ s assessment of value is fused to get the overall trust metric of a sensor node. Data noise detection technology is introduced to detect the key parameters of the protocol layer of nodes in the cluster,and the global trust value is obtained by punishing the average fusion trust value of nodes with abnormal key parameters. The key parameters of each protocol layer provides data for noise point detection,and the average fusion trust value provides the credible weights of data and penalties for nodes in the punishing mechanism. Simulation results show that T-MPNID has higher detection rate,lower false positive rate and lower false negative rate in typical single-layer and cross-layer attacks.