无线传感器网络安全技术研究
|
摘要
由于无线传感器网络一般部署在恶劣环境、无人区域或敌方阵地中,加之无线传感器网络本身固有的限制,所以网络安全引起了人们的极大关注。在传感器节点计算能力、电源能量、通信能力和存储空间受限的情况下,传统的安全机制不适合运用于无线传感器网络中。本文根据无线传感器网络的安全需求,所面临的特殊威胁,对传感器网络密钥管理方案和安全路由算法的设计问题进行深入研究。
本文针对全网预配置密钥管理方案存在的缺点,引入混沌加密算法和临时初始密钥,提出一种全网预配置随机密钥的改进方案,实现了对称密钥和非对称密钥体制的结合,减少了密钥的存储量,可以动态地改变加密密钥,提高了网络的抗破译能力,并能使网络适时更新密钥;以MAC认证实现消息的防篡改。与目前的随机密钥类型算法相比,本方案在安全性、密钥连通概率等方面有较大的提高。
提出了一种基于可信路由表的安全路由协议。本文利用节点进行收发数据包的行为,建立节点可信模型,对节点的行为进行度量,建立可信路由表,使得节点在路由转发过程中能够选择最可信的路径,规避恶意节点,有效地提高了路由协议的安全性。通过仿真实验,显示该协议通过可信路由的优化,在降低能耗和路由安全性方面有一定的提高,有效地提高了传感器网络的安全性。
Wireless sensor networks is commonly deployed in harsh, unattended or even hostile environment, together with the intrinsic limitation of wireless sensor networks, therefore people pay attention to the security of the network. Because of the limit of the computing ability, energy, communicating ability and storage of the sensor nodes, the traditional security mechanisms are not suitable for wireless sensor networks. Based on wireless sensor networks security requirements faced by a particular threat, profound researches are the sensor network key management schemes and safety routing algorithm design problems.
In this thesis, the whole network pre-configured key management scheme for the shortcomings, the introduction of chaotic encryption algorithm and the temporary initial key , a random key pre-configured improvement scheme for wireless sensor networks was put forward, the realization of the symmetric and asymmetric key system integration, reducing the amount of storage keys, can changes the encryption key random, effectively enhance the capacity of the network of anti-decipher and enable timely update network key; MAC authentication to achieve tamper-resistant message. The random key with the current type of algorithm, the scheme performance, it has greatly improved in terms of network security, key connectivity probability, etc.
A security routing protocols based on routing trust table is presented. In this thesis, make use of nodes send and receive data packets behavior, a trust model of the nodes to establish, the behavior of the nodes to measure, routing table to establish, makes the nodes in the routing forwarding process to choose the most credible path to avoid malicious nodes, the effective improved routing protocol security. The simulation experiments showed that the protocol through a credible route optimization, in reducing energy consumption and routing security, there is a certain improvement, effectively increased the security of wireless sensor networks.
本文针对全网预配置密钥管理方案存在的缺点,引入混沌加密算法和临时初始密钥,提出一种全网预配置随机密钥的改进方案,实现了对称密钥和非对称密钥体制的结合,减少了密钥的存储量,可以动态地改变加密密钥,提高了网络的抗破译能力,并能使网络适时更新密钥;以MAC认证实现消息的防篡改。与目前的随机密钥类型算法相比,本方案在安全性、密钥连通概率等方面有较大的提高。
提出了一种基于可信路由表的安全路由协议。本文利用节点进行收发数据包的行为,建立节点可信模型,对节点的行为进行度量,建立可信路由表,使得节点在路由转发过程中能够选择最可信的路径,规避恶意节点,有效地提高了路由协议的安全性。通过仿真实验,显示该协议通过可信路由的优化,在降低能耗和路由安全性方面有一定的提高,有效地提高了传感器网络的安全性。
Wireless sensor networks is commonly deployed in harsh, unattended or even hostile environment, together with the intrinsic limitation of wireless sensor networks, therefore people pay attention to the security of the network. Because of the limit of the computing ability, energy, communicating ability and storage of the sensor nodes, the traditional security mechanisms are not suitable for wireless sensor networks. Based on wireless sensor networks security requirements faced by a particular threat, profound researches are the sensor network key management schemes and safety routing algorithm design problems.
In this thesis, the whole network pre-configured key management scheme for the shortcomings, the introduction of chaotic encryption algorithm and the temporary initial key , a random key pre-configured improvement scheme for wireless sensor networks was put forward, the realization of the symmetric and asymmetric key system integration, reducing the amount of storage keys, can changes the encryption key random, effectively enhance the capacity of the network of anti-decipher and enable timely update network key; MAC authentication to achieve tamper-resistant message. The random key with the current type of algorithm, the scheme performance, it has greatly improved in terms of network security, key connectivity probability, etc.
A security routing protocols based on routing trust table is presented. In this thesis, make use of nodes send and receive data packets behavior, a trust model of the nodes to establish, the behavior of the nodes to measure, routing table to establish, makes the nodes in the routing forwarding process to choose the most credible path to avoid malicious nodes, the effective improved routing protocol security. The simulation experiments showed that the protocol through a credible route optimization, in reducing energy consumption and routing security, there is a certain improvement, effectively increased the security of wireless sensor networks.
引文
[1] Akyildiz I F, Su W, Sankarasubramaniam Y, et al. A survey on sensor networks. IEEE Communications Magazine, 2002, 40(8): 102-114
[2] Tubaishat M, Madria S. Sensor networks: an overview. IEEE Protentials, 2003, 22(2): 20-23
[3]孙利民,李建中,陈渝.无线传感器网络[M].北京:清华大学出版社, 2005: 5-40
[4] V.Giruka, M.Singhal, J.Royalty et al. Secuirty in Wireless Sensor Networks[J].Wireless Communications and Computing, Wiley InterScience, 2006, No. 6, 1-24.
[5] Farooq Anjum, Saswati Sarkar. Security in Sensor Networks[J]. in: Mobile, Wireless and Sensor Networks: Technology, Applications and Future Directions, Wiley-IEEE ress, 2006, 283-307
[6] Perrig A, Szewczyk R, et al. SPINS: Security protocols for sensor networks[J]. Wireless Networks, 2002, 8(5): 521-534
[7]荆琦,唐礼勇,陈钟.无线传感器网络中的信任管理[J].软件学报, 2008, 19(7): 1716-1730
[8]贾玉福,董天临,石坚.无线传感器网络安全问题分析闭[J].网络安全技术与应用, 2005(1)
[9] Kulik J, Heinzelman WR, Balakrishnan H. Negotiation-based Protocols for disseminating information in wireless sensor networks[J]. Wireless Networks, 2002(8)
[10] LAkyildiz, W Su, Y Sankarasubramaniam, E Cayirci. A Survey on Sensor Networks[J]. IEEE Comm-unications Magazine. 2002(8)
[11] Camtan D, Kruus P, Matt B. Constraints and approaches for distributed sensor network secuirty. NAI Labs Technical Report# 00-010, September2000
[12]李晖,彭志威,陈克非.无线传感器网络及其安全问题[J].中兴通信技术, 2004(10): 30-34
[13] GANESAN D, et al. Highly-resilient, energy-efficient multipath routing in wireless sensor networks[J]. Mobile, Computing and Communication Review, 2001, 5(4): 10-24
[14] DEB B, et al. ReInForM: reliable information forwarding using multiple paths in sensor networks[A]. Proc 28th Annual IEEE Conf on Local Computer Networks(LCN)[C]. LosAlamitos, 2003. 406-415
[15] Tanachaiwiwat S, Dave P, Bhindwale R, Helmy A. Secure locations: routing on trust and isolating compromised sensors in location-aware sensor networks. In: Proc. of the SenSys 2003. New York: ACM Press, 2003. 324?325
[16] Tanachaiwiwat S, Dave P, Bhindwale R, Helmy A. Location-Centric isolation of misbehavior and trust routing in energy-constrained sensor networks. In: Hassanein H, Oliver RL, Richard III GG, Wilson LF, eds. Proc. of the IEEE Workshop on Energy-Efficient Wireless Communications and Networks (EWCN). Piscataway: IEEE Computer Society, 2004. 463?469
[17] Wood A, Stankovic J. Denial of Service in sensor networks. IEEE Computer, 2002, 35(10): 54- 62
[18]苏忠,林闯,封富君,任丰原.无线传感器网络密钥管理的方案和协议[J].软件学报, 2007, 18(5): 1218-1231
[19]李晓维,徐勇军,任丰原.无线传感器网络技术[M].北京:北京理工大学出版社. 2007
[20] CHAN H, et al. Random key predistribution schemes for sensor networks[A]. Proceedings of IEEE Symposium on Security and Privacy[C]. Berkeley, California, 2003. 197-213
[21] Anderson R, Perrig A. Key infection: smart trust for smart dust[C]//Proc of the 12th IEEE International Network Protocols Confe-rence. [S.l.]: IEEE Press, 2004: 206-215
[22] Liu D,Ning P. Establishing pairwise keys in distributed sensor networks. In 10th ACM Conference on Computer and Communications Security, October 2003
[23] LIU D, et al. Location-based pairwise key establishments for relatively static sensor networks[A]. ACM Workshop on Security of Ad hoc and Sensor Networks[C]. VA, USA, 2003. 61-77
[24]覃伯平.无线传感器网络安全路由的研究[D].北京:北京科技大学, 2006
[25] Yin Changqing, Huang Shaoyin, Su Pengcheng, et al. Secure routing for large-scale wireless sensor networks[C]. Proceedings of the IEEE Intenrational Conferenceon Communication Technology(ICCT'03), Bei jing, China, 2003: 1282-1286
[26] Di Pietro R, Mancini L丫Yee Wei Law. LKHW: a directed diffusion-based secure multicast scheme for wireless sensor networks[C]. Proceedings of the 2003 Intenrational Conferenceon Parallel Processing Workshops(ICPPW'2003), Los Alamitos, 2 003: 39 7-406
[27] Oberoi Vikram, Chigan Chunxiao. SPAR: A security- and power- aware routing protocol for wireless adhoc and sensor networks[C]. Proceedings of the Sensors, and Command, Control, Communications, and Intelligence(C31) Technologies for Homela nd Security and Homeland Defence IV. Orlando, FL, 2005: 863-872
[28] Oniz C C, Tasci S E, Savas E, et al. SeFER: secure, flexible and efficient routing protocol for distributed sensor networks[C]. Proceedings of the Second European Workshop on Wireless Sensor Networks(EWSN'05), Istanbul, Turkey, 2005: 246-255
[29] Brad Karp, H. T. Kung, GPSR: Greedy Perimeter Stateless Routing for Wireless Network. In: Proc. of the 6th Annual ACM/IEEE International Conference on Mobile Computing and Networking (MobiCom 2000) (2000)
[30]张化光,王智良,黄玮.混沌系统的控制理论[M].沈阳:东北大学出版社, 2003
[31]张楠,张建华,陈建英等.无线传感器网络中基于混沌的密钥预分配方案[J].计算机应用, 2007, 27(8): 1901-1903
[32]温蜜,陈克非,郑燕飞等.传感器网络中一种可靠的对密钥更新方案[J].软件学报, 2007, 18(5): 1232-1245
[33] Bollobás B, Fulton W, Katok A, Kirwan F, Sarnak P. Rand Graphs. 2nd ed, Cambridge: Cambridge University Press, 2001. 160?200
[34]王潮,贾翔宇,林强.基于可信度的无线传感器网络安全路由算法[J].通信学报, 2008, 29(11): 105-212
[35]颜振亚,郑宝玉.无线传感器网络中可信的节点选择算法[J].南京邮电大学学报, 2008, 28(2): 11-14
[36]朱程,周鸣争,许金生. BTSR:一种基于行为可信的安全数据融合与路由算法[J].计算机应用, 2008, 28(11): 2821-2824
[37]熊鹏,张卫,沈富可.传感网单跳链路的可信性研究[J].计算机应用, 2008, 28(10):2475-2478
[38]姚兰,赵志滨,于戈.无线传感器网络中基于确定度的安全路由协议的研究[J].计算机研究与发展, 2008, 43(增刊): 650-654
[39] Crosby GV, Pissinou N, Gadze J. A framework for trust-based cluster head election in wireless sensor networks. In: Proc. of the 2nd IEEE Workshop on Dependability and Security in Sensor Networks and Systems (DSSNS 2006). Piscataway: IEEE Computer Society, 2006. 13?22
[40] Cheng WF, Liao XK, Shen CX, Li SS, Peng SL. A trust-based routing framework in energy-constrained wireless sensor networks. In: Cheng XZ, Li W, Znati T, eds. Proc. of the WASA 2006. LNCS 4138, Berlin, Heidelberg: Springer-Verlag, 2006. 478?489
[41] Yao ZY, Kim DY, Lee I. A security framework with trust management for sensor networks. In: Proc. of the 1st IEEE/CREATE-NET Workshop on Security and QoS in Communication Networks Athens. Piscataway: IEEE Computer Society, 2005. 190?198
[42] Hur J, Lee Y, Hong SM, Yoon H. Trust management for resilient wireless sensor networks. In: Won DH, Kim SJ, eds. Proc. of the ICISC 2005. LNCS 3935, Berlin, Heidelberg: Springer-Verlag, 2006. 56?68
[43] Hur J, Lee Y, Yoon H, Choi D, Jun S. Trust evaluation model for wireless sensor networks. In: Proc. of the ICACT 2005. Piscataway: IEEE Computer Society, 2005. 491?496
[44]肖德琴,冯健昭,周权等.基于高斯分布的传感器网络信誉模型[J].通信学报, 2008, 29(3): 47-54
[45] Tanachaiwiwat S, Dave P, Bhindwale R, Helmy A. Secure locations: routing on trust and isolating compromised sensors in location-aware sensor networks. In: Proc. of the SenSys 2003. New York: ACM Press, 2003. 324?325
[46] Tanachaiwiwat S, Dave P, Bhindwale R, Helmy A. Location-Centric isolation of misbehavior and trust routing in energy-constrained sensor networks. In: Hassanein H, Oliver RL, Richard III GG, Wilson LF, eds. Proc. of the IEEE Workshop on Energy-Efficient Wireless Communications and Networks(EWCN). Piscataway: IEEE Computer Society, 2004. 463?469
[2] Tubaishat M, Madria S. Sensor networks: an overview. IEEE Protentials, 2003, 22(2): 20-23
[3]孙利民,李建中,陈渝.无线传感器网络[M].北京:清华大学出版社, 2005: 5-40
[4] V.Giruka, M.Singhal, J.Royalty et al. Secuirty in Wireless Sensor Networks[J].Wireless Communications and Computing, Wiley InterScience, 2006, No. 6, 1-24.
[5] Farooq Anjum, Saswati Sarkar. Security in Sensor Networks[J]. in: Mobile, Wireless and Sensor Networks: Technology, Applications and Future Directions, Wiley-IEEE ress, 2006, 283-307
[6] Perrig A, Szewczyk R, et al. SPINS: Security protocols for sensor networks[J]. Wireless Networks, 2002, 8(5): 521-534
[7]荆琦,唐礼勇,陈钟.无线传感器网络中的信任管理[J].软件学报, 2008, 19(7): 1716-1730
[8]贾玉福,董天临,石坚.无线传感器网络安全问题分析闭[J].网络安全技术与应用, 2005(1)
[9] Kulik J, Heinzelman WR, Balakrishnan H. Negotiation-based Protocols for disseminating information in wireless sensor networks[J]. Wireless Networks, 2002(8)
[10] LAkyildiz, W Su, Y Sankarasubramaniam, E Cayirci. A Survey on Sensor Networks[J]. IEEE Comm-unications Magazine. 2002(8)
[11] Camtan D, Kruus P, Matt B. Constraints and approaches for distributed sensor network secuirty. NAI Labs Technical Report# 00-010, September2000
[12]李晖,彭志威,陈克非.无线传感器网络及其安全问题[J].中兴通信技术, 2004(10): 30-34
[13] GANESAN D, et al. Highly-resilient, energy-efficient multipath routing in wireless sensor networks[J]. Mobile, Computing and Communication Review, 2001, 5(4): 10-24
[14] DEB B, et al. ReInForM: reliable information forwarding using multiple paths in sensor networks[A]. Proc 28th Annual IEEE Conf on Local Computer Networks(LCN)[C]. LosAlamitos, 2003. 406-415
[15] Tanachaiwiwat S, Dave P, Bhindwale R, Helmy A. Secure locations: routing on trust and isolating compromised sensors in location-aware sensor networks. In: Proc. of the SenSys 2003. New York: ACM Press, 2003. 324?325
[16] Tanachaiwiwat S, Dave P, Bhindwale R, Helmy A. Location-Centric isolation of misbehavior and trust routing in energy-constrained sensor networks. In: Hassanein H, Oliver RL, Richard III GG, Wilson LF, eds. Proc. of the IEEE Workshop on Energy-Efficient Wireless Communications and Networks (EWCN). Piscataway: IEEE Computer Society, 2004. 463?469
[17] Wood A, Stankovic J. Denial of Service in sensor networks. IEEE Computer, 2002, 35(10): 54- 62
[18]苏忠,林闯,封富君,任丰原.无线传感器网络密钥管理的方案和协议[J].软件学报, 2007, 18(5): 1218-1231
[19]李晓维,徐勇军,任丰原.无线传感器网络技术[M].北京:北京理工大学出版社. 2007
[20] CHAN H, et al. Random key predistribution schemes for sensor networks[A]. Proceedings of IEEE Symposium on Security and Privacy[C]. Berkeley, California, 2003. 197-213
[21] Anderson R, Perrig A. Key infection: smart trust for smart dust[C]//Proc of the 12th IEEE International Network Protocols Confe-rence. [S.l.]: IEEE Press, 2004: 206-215
[22] Liu D,Ning P. Establishing pairwise keys in distributed sensor networks. In 10th ACM Conference on Computer and Communications Security, October 2003
[23] LIU D, et al. Location-based pairwise key establishments for relatively static sensor networks[A]. ACM Workshop on Security of Ad hoc and Sensor Networks[C]. VA, USA, 2003. 61-77
[24]覃伯平.无线传感器网络安全路由的研究[D].北京:北京科技大学, 2006
[25] Yin Changqing, Huang Shaoyin, Su Pengcheng, et al. Secure routing for large-scale wireless sensor networks[C]. Proceedings of the IEEE Intenrational Conferenceon Communication Technology(ICCT'03), Bei jing, China, 2003: 1282-1286
[26] Di Pietro R, Mancini L丫Yee Wei Law. LKHW: a directed diffusion-based secure multicast scheme for wireless sensor networks[C]. Proceedings of the 2003 Intenrational Conferenceon Parallel Processing Workshops(ICPPW'2003), Los Alamitos, 2 003: 39 7-406
[27] Oberoi Vikram, Chigan Chunxiao. SPAR: A security- and power- aware routing protocol for wireless adhoc and sensor networks[C]. Proceedings of the Sensors, and Command, Control, Communications, and Intelligence(C31) Technologies for Homela nd Security and Homeland Defence IV. Orlando, FL, 2005: 863-872
[28] Oniz C C, Tasci S E, Savas E, et al. SeFER: secure, flexible and efficient routing protocol for distributed sensor networks[C]. Proceedings of the Second European Workshop on Wireless Sensor Networks(EWSN'05), Istanbul, Turkey, 2005: 246-255
[29] Brad Karp, H. T. Kung, GPSR: Greedy Perimeter Stateless Routing for Wireless Network. In: Proc. of the 6th Annual ACM/IEEE International Conference on Mobile Computing and Networking (MobiCom 2000) (2000)
[30]张化光,王智良,黄玮.混沌系统的控制理论[M].沈阳:东北大学出版社, 2003
[31]张楠,张建华,陈建英等.无线传感器网络中基于混沌的密钥预分配方案[J].计算机应用, 2007, 27(8): 1901-1903
[32]温蜜,陈克非,郑燕飞等.传感器网络中一种可靠的对密钥更新方案[J].软件学报, 2007, 18(5): 1232-1245
[33] Bollobás B, Fulton W, Katok A, Kirwan F, Sarnak P. Rand Graphs. 2nd ed, Cambridge: Cambridge University Press, 2001. 160?200
[34]王潮,贾翔宇,林强.基于可信度的无线传感器网络安全路由算法[J].通信学报, 2008, 29(11): 105-212
[35]颜振亚,郑宝玉.无线传感器网络中可信的节点选择算法[J].南京邮电大学学报, 2008, 28(2): 11-14
[36]朱程,周鸣争,许金生. BTSR:一种基于行为可信的安全数据融合与路由算法[J].计算机应用, 2008, 28(11): 2821-2824
[37]熊鹏,张卫,沈富可.传感网单跳链路的可信性研究[J].计算机应用, 2008, 28(10):2475-2478
[38]姚兰,赵志滨,于戈.无线传感器网络中基于确定度的安全路由协议的研究[J].计算机研究与发展, 2008, 43(增刊): 650-654
[39] Crosby GV, Pissinou N, Gadze J. A framework for trust-based cluster head election in wireless sensor networks. In: Proc. of the 2nd IEEE Workshop on Dependability and Security in Sensor Networks and Systems (DSSNS 2006). Piscataway: IEEE Computer Society, 2006. 13?22
[40] Cheng WF, Liao XK, Shen CX, Li SS, Peng SL. A trust-based routing framework in energy-constrained wireless sensor networks. In: Cheng XZ, Li W, Znati T, eds. Proc. of the WASA 2006. LNCS 4138, Berlin, Heidelberg: Springer-Verlag, 2006. 478?489
[41] Yao ZY, Kim DY, Lee I. A security framework with trust management for sensor networks. In: Proc. of the 1st IEEE/CREATE-NET Workshop on Security and QoS in Communication Networks Athens. Piscataway: IEEE Computer Society, 2005. 190?198
[42] Hur J, Lee Y, Hong SM, Yoon H. Trust management for resilient wireless sensor networks. In: Won DH, Kim SJ, eds. Proc. of the ICISC 2005. LNCS 3935, Berlin, Heidelberg: Springer-Verlag, 2006. 56?68
[43] Hur J, Lee Y, Yoon H, Choi D, Jun S. Trust evaluation model for wireless sensor networks. In: Proc. of the ICACT 2005. Piscataway: IEEE Computer Society, 2005. 491?496
[44]肖德琴,冯健昭,周权等.基于高斯分布的传感器网络信誉模型[J].通信学报, 2008, 29(3): 47-54
[45] Tanachaiwiwat S, Dave P, Bhindwale R, Helmy A. Secure locations: routing on trust and isolating compromised sensors in location-aware sensor networks. In: Proc. of the SenSys 2003. New York: ACM Press, 2003. 324?325
[46] Tanachaiwiwat S, Dave P, Bhindwale R, Helmy A. Location-Centric isolation of misbehavior and trust routing in energy-constrained sensor networks. In: Hassanein H, Oliver RL, Richard III GG, Wilson LF, eds. Proc. of the IEEE Workshop on Energy-Efficient Wireless Communications and Networks(EWCN). Piscataway: IEEE Computer Society, 2004. 463?469