CN104079483B

CN104079483B - Multistage safety routing method based on network code in a kind of Delay Tolerant Network

Info

Publication number: CN104079483B
Application number: CN201310107131.5A
Authority: CN
Inventors: 张舒; 暴建民; 王堃; ***
Original assignee: Nanjing Post and Telecommunication University
Current assignee: Nanjing Post and Telecommunication University
Priority date: 2013-03-29
Filing date: 2013-03-29
Publication date: 2017-12-29
Anticipated expiration: 2033-03-29
Also published as: CN104079483A

Abstract

The present invention provides the multistage safety routing method based on network code in a kind of Delay Tolerant Network, pass through Optimized Coding Based allocation of packets, according to the needs of max-forwards performance between node, devise a kind of multistage route for the impaired probability of node that met based on probability, reduce message and be damaged probability, improve overall network handling capacity；In the design of network code, mixed security network coding scheme in DTN is realized, various attacks can be boycotted, such as：Eavesdrop attack, Sybil attack, Byzantium's attack and abandon attack etc..Abandon and attack for selective data, in good time increases limited redundancy factor to improve the fault-tolerant ability of link failure in source node dynamic；Checking each other between via node is attacked with resisting witch and Byzantium, reduces the expense with source node certification in conventional scheme；Design dual combination and resist strategy, reduce node is influenceed by Byzantium's attack.

Description

Multi-stage safety routing method based on network coding in delay tolerant network

Technical Field

The invention discloses a multi-stage secure routing algorithm based on network coding and multi-attack resistance, and belongs to the field of secure routing algorithms in delay tolerant networks.

Background

A Delay/Disruption Tolerant Network (DTN) is a "Constrained Network (CN)" which mainly focuses on high-latency space communication and heterogeneous Network cooperative work environments lacking continuous connections. Communication of DTNs is based on information exchange, data units may be information, packets or bundles, a bundle referring to information units that are grouped together for transmission. Unlike the hierarchy of traditional networks, Burleigh et al propose an end-to-end overlay network protocol called "bundling" on a DTN network layer basis.

Network Coding (NC) is an effective algorithm first proposed by ahlsweede et al for efficient transmission of information in a large distributed system without central scheduling. The network coding supports the relay node to recode the data packet, when the source node sends the data packet to the destination node, all or part of the rest relay nodes on the path between the two nodes are combined into a linear coding packet (similar to an exclusive-or operation) which forwards the received message to the next node with a certain probability. The destination node receives enough linear independent coded beams, and a Gaussian elimination method (which is used for solving thousands of equations and unknowns, and solving a huge equation set of millions of equations by an iterative method) is used for converting a decoding matrix into a triangular matrix, and finally all original messages are decoded. Compared with the traditional scheme, the network coding can calculate the scheduling strategy to optimize and utilize limited available network resources, improve the throughput and the topology robustness of a network system, reduce the overall energy consumption of the wireless network nodes in the special environment and have potential safety advantages.

At present, most researches on delay tolerant networks are based on an ideal assumption that nodes are completely reliable, or the researches are focused on pursuing good performance and neglecting security problems, so that a plurality of security holes appear in the system; or the security is concerned, but the network performance is ignored, so that the advantages of the network coding in the aspect of improving the network performance cannot be fully exerted.

The present invention addresses the problems set forth above, namely (1) the lack of a continuous reliable connection; (2) actual environment nodes are not necessarily reliable; (3) the performance and the safety of network coding cannot be considered at the same time; (4) conventional routing schemes are not suitable for compromised delay tolerant network environments. According to the characteristics of storage-carrying-forwarding opportunistic routing of the delay tolerant network node, a network coding scheme of a damaged environment is provided, and a source node dynamically adds redundancy factors to a network in time to resist discarding attack and improve the fault tolerance of a link; the messages are mutually verified among the nodes to resist pollution attack and Sybil attack, and excessive dependence on source nodes in the traditional method is avoided; and designing a multi-stage route taking the damage probability of the probability encountering nodes as a measure, and further improving the network throughput.

Model definition

Network model

The communication network model under the condition of the delay-tolerant network environment is represented by a directed graph G = (V, E), wherein V represents a set of nodes in the network, and E represents a set of directed links (or channels) in the network. The present invention is based on a bundle session between a unique source node S and one or more destination nodes D. P represents the set of paths between S and D. From S along the pathThe number of the shared paths traversing to D is s_kA linkThe reliability probability isThe upstream node risk probability of link e is considered herein asPath of wayThe probability of damage is。Indicating the rate of transmission of the data packets,in order to achieve a high throughput for the network,representing a compromise between security and performance.

Node model

The source node sends a message containing t messages to be transmittedThe composed messages are bundled to a destination node, the messages form a matrix O, and the same bundle of messages has the same unique universal identifier. For simplicity, it is assumed that all messages are equal in length. The relay node can generate and propagate the information belonging to the same groupLinear combination of messages, the coded packet being a tupleWhereinIs a front of message OThe number of the elements is one,is the authentication information.

Aggressor model

In the model, it is assumed that an attacker is all-round, that is, the attacker has the capability of eavesdropping each link in the DTN and knows the coding and decoding algorithm between the source node S and the destination node D, and different attackers can apply 1 or more attacks, and at most a damaged data packet can be injected into the network, and the matrix a is assumed to be formed. It can inject corrupted packets into any link in the network, pretending that they are part of the S-to-D data flow by disguising or misappropriating the identity. Meanwhile, it is assumed that in our protocol design there is at most one attacker per selected path from S to D. The set of paths from S to D can be derived by traffic analysis and estimation by an attacker. In addition, since the selected path is a node-disjoint path, an attacker who is hooked with each other attacks only one attacker at most on one path. In addition, there are 2 network impairment conditions in this scheme. The path-damaging condition is if and only ifAt least one link ofWhen the glass is damaged,path k above is subject to a corruption attack. The whole network damage condition is that when the number of damaged shared paths is more than or equal to the number of messages in a bundle of data of the source nodeAll messages transmitted by the source node S to the destination node D along the set of paths P are then vulnerable to corruption.

Optimized distribution model of coded packets of each transmission path

In the present model, a total of | L | paths L with mutually disjoint nodes from S to D are assumed₁,l₂,...,l_|L|. The core of research is how to select a secure transmission path from S to D, and the source node message copies are distributed on the selected disjoint paths after being encoded, so that the DTN message transmission security risk is minimized, and meanwhile, an ideal transmission rate and network throughput are obtained.

The routing protocol is a multi-stage routing protocol depending on paths, and is transmitted on paths with a plurality of nodes not intersected, so that data transmitted on different paths can be jointly encoded and subjected to security protection.

In this routing protocol, the destination node needs to jointly decode a set of encoded packets if it wants to recover the original message. Data packet distribution on a path set is formalized, the safety risk of routing is reduced as much as possible, and meanwhile, the transmission rate is reducedLimited to below the ideal value. In an effort to improve security risk and reachability, the above description may build an optimization model that represents the probability of reliability of a reservable portion of the network：

Thus, an optimized packet allocation optimized doublet can be obtained，The number of packets on each path is allocated to the source node to the destination node,is a pathProbability of damage:

meanwhile, the number n of packets finally generated after encoding of the source node is represented by the following formula, wherein | P^*| is the number of paths selected for transmission sharing,is a member of P^*The path of the upper side of the optical fiber,as a compromise factor:

satisfy derived r^*On the premise, the optimal path set P for solving from S to D is provided^*If the path k ∈ P is satisfied, the path is reserved in P, a new path P value is returned, and P is made to satisfy the inequality constraint condition^*=P。

Multi-stage routing design scheme based on secure network coding

In the part, an identifier bit and an authentication information bit are added in the data packet design, so that the anti-eavesdropping characteristic of a link is improved; meanwhile, a DTN hybrid secure network coding scheme is introduced to jointly resist various attacks, such as: eavesdropping attacks, witch attacks, byzantine attacks, discarding attacks, and the like.

The safety network coding scheme aims at selective data discarding attack and increases limited redundancy factors dynamically at a source node in time to improve the fault tolerance of link failure; mutual authentication among the relay nodes is carried out to resist Sybil and Byzantine attacks, so that the cost of authentication with the source node in the conventional scheme is reduced; and designing a dual joint resistance strategy to reduce the influence of Byzantine attack on the nodes. For simplicity, a bundle processing flow is studied in the invention, and transmission between a source node and a destination node is considered, but the scheme is also applicable to the multicast streaming environment.

Disclosure of Invention

Based on the above analysis, the present invention provides a multi-stage secure routing method based on network coding in a delay tolerant network, which includes the following steps:

the first step is as follows: source node encoding and processing;

one data packet comprises m finite fields F_qSymbol of (1), additionA redundant flag; representing a bundle of data by a matrix O, the matrixRow i of (a) represents the ith message in a bundle of data, and to the right of the matrix O is aAn identity matrix of order; the z data packets injected by the attacker into each bundle of data are represented by a matrix a:

by a matrixAs can be seen, the original message length of a bundle of data isSolving a matrix equationAvailable redundancyA column vector;

wherein R isOrder redundancy matrix, R is from finite fieldSelected from the independent standard random symbols;is to beThe column vectors of the matrix are obtained by superposing one by one;

according to the above matrix equation, the source node bundles the dataIs coded intoAn encoded packet to be transmitted, whereinRepresentation matrixTo (1) aThe rows of the image data are, in turn,coefficients representing the random linear coding of the message in the original data packet;

finally, S transmits the encoded n encoded packets to D, and distributes the number of data packets on each path from the source node to the destination nodeCan be determined by the above-described introduction equation and the multi-stage routing algorithm;

source nodeThe point is signed first, and the signature scheme is in a bilinear primitive ancestorIs performed in whichIs of the same prime orderSets of cyclic multiplications, the computational logarithmic problem in these sets being considered computationally infeasible,is an efficient computable mapping with bilinear and non-degenerate properties,is an efficient computable isomorphism;

source node has secret keyPublic key pairWhereinIt uses a homomorphic hash function：

Wherein,is thatA random element known to all of the nodes in the tree,is a cryptographic hash function of the hash,for message length, with indicationOf a messageThe signature of (a) is the following formula:

；

the second step is that: relay node coding and processing;

similar to hashing, signatures are also isomorphic, for signature packagesThe signature is the following formula:

the relay node only receives the coding packets from the same source node in a routing process, and judges whether the newly received coding packets and the existing coding packets in the memory are from the same source node by verifying whether the following formula is met or not;

combined standAnd the above formula can deduce another form of node packet verification, as shown in the following formula; the relay node receives the coded packet M transmitted by the upstream node₁Then, if the buffer memory of the relay node is empty, the coding packet is directly stored in the memory; otherwise, firstly extracting the bundle identifier id hash value of 33-48 bits of the code packet and the existing code packet M in the memory₂Comparing the bundle identifier id hash values, if the bundle identifier id hash values meet the following formula, successfully authenticating the signature packet, indicating that the two encoding packets come from the same source node and are not damaged packets injected by pollution attack or Sybil attackers, and further jointly encoding the encoding packets with the same bundle identifier id hash values;

then, if s_k ^*≧ 2, each relay node on path k combines the received data packets with the output related to the number of transmitted data packets in linear coding; otherwise, the relay node does not perform any processing on the received data packet;

therefore, other additional verification conditions and the participation of the source node are not needed, and after the relay node receives the coding packet, whether the coding packet can be received and further coded can be judged only through mutual verification, so that Sybil attack in the delay tolerant network is avoided to a limited extent;

the third step: decoding and processing by the destination node;

firstly, a destination node needs to detect a link; when a selective data drop attack occurs, it is required to measure the transmission rate of one flow and transmit the estimated transmission rate to a transmitting node; when the sending node receives the feedback of the receiving end, the sending node dynamically adjusts the redundancy coefficient to slow down the transmission rate reduction caused by the attack; assume that the average transmission rate observed by the receiver isThe corresponding redundancy coefficient is(ii) a Redundancy coefficient of transmitting nodeIs calculated as follows, whereinRepresents the currently observed transmission rate of the receiving node transmission whenFor a period of time less thanWhen the network is in use, the destination node informs the source node to inject redundancy factors into the network;

the decoding process is based on a decoding scheme; a bundle of data in the DTN is transformed according to the following equation, wherein O represents an original data packet sent by a source node, T represents linear transformation from the source node to a destination node, and T represents linear transformation_aThen a linear transformation from the attacker to the destination node is represented;

destination node D slave matrixWherein k + z linearly independent columns are arbitrarily selected to form a matrixWherein at the source node the packet matrix O and the attackerInjecting selected relevant column vectors in the data packet matrix A into the network for use respectivelyAndtherefore, the above equation is further rewritten as follows:

if matrixIf present, the following holds:

the first m-k columns of matrix E are denoted as E^’The matrix O is written as O = [ O ]₁,O₂,O₃]Form (b) wherein O₁Associated with the first z column of matrix O, O₃Relating to the k-last column of matrix O, the above equation can be converted to the following equation; wherein, O_k ^zRepresentation matrix O_kFirst z column of (E)_z ^’Representation matrix E^’First z column of (E)_i ^’Representation matrix E^’The following i columns:

combined standAnd the above formula gives the following formula; wherein,matrix Y representing the composition of the coded packets received by the destination nodeThe columns of the image data are,coded packet matrix representing destination node receptionThe remaining part of the mixture is then,representing a column-by-column superposition matrixThe resulting column vector is then used to generate a vector,representation matrixI is a k-dimensional identity matrix and the dimension of the zero matrix isUnit matrixIs of dimension；

Thus, if the destination node receives a coded packet that is related to the source node transmission and the aggressor injected pollution packet, when the destination node receives at least one bundle of k + z data packets of data, and matrix B is column-full rank, equation (22) has and only has a unique solution; therefore, even if the pollution packets which are maliciously injected by attackers and are not verified and eliminated by the relay nodes exist, the destination node can still successfully decode the original data packet sent by the source node, and the double resistance to the packet pollution attack is realized;

the fourth step: multi-stage route forwarding;

in the multi-stage routing forwarding of the message by the probability encountering node damage probability, only the source node is assumed to be a trusted node, namely any node can receive the message from the source node; byIt can be known that, in two nodes related to the link e, the risk probability risk of an upstream node is the following formula;

when a node with the risk probability meets an attacker, the probability that a message copy is sent to the attacker is risk; the probability of impairment risk for nodes in the network may be group-based, which makes the transmission of coded packets more challenging; the source node is targeted to transmit the message to the destination node while preventing its exposure to an attacker;

in the scheme, the update strategy of the node-encountering probability damage probability of the nodes is that the initial damage probability of each node and the node which is likely to encounter is risk, and the node n to be relayed_i-1After routing, if the node n at the other end of the selected path is selected_iThe actual overhead of this transmission of a unit of data is denoted c_iThen n after completing one route_i-1N is stored in_iThe node damage probability is updated to risk-0.001c_i；

Since the reliability probability of the upstream node of the link e is r_eAnalyzing the effect of the attacker on the safe transmission, and determining the expiration time t of the message_dBefore, the transmission rate is d_rAs requiredNumber of message copies L_minIs represented by the formula, whereinIs an exponential distribution law of the number of times of encounters between nodes,the number of attackers in the current network:

setting the probability of the nodes in the first stage of multi-stage routing to meet the node damage probability after the nodes are arranged in sequenceNodes being trusted nodes, carrying copies of messages, i.e.(ii) a The probability of the nodes in the second stage is after the probability of the nodes meeting the damage probabilityBeing part of a trusted node, carrying a copy of the message, i.e.The number of nodes carrying message copies is as follows:(ii) a To obtain a target transmission rateStart time of the second phaseThe following constant inequality is satisfied:

the process is briefly demonstrated as follows: setting random variablesA multi-stage route target transmission rate is shown,representing the probability density function of any one of the L nodes encountering the destination node,a cumulative distribution function of the probability that any one of the L nodes does not meet the common set point; in the first stage, the distribution function is accumulatedWith followingIncreasing; however, if no transmission occurs in the first stage (with a probability of) At the beginning of the second phase, the probability density function is transmitted byIndividual node determining transmission risk from each transmission nodeDetermining a value;

since this value needs to be greater than a given transmission rateThus, TTL can be obtained₁An inequality is satisfied; from the above analysis, it can be seen that for a given set of parametersIn order to make the multi-stage routing possible to obtain a higher transmission rate, the third stage start timeShould not be less than the following constant inequality:

under the DTN network environment and the transmission target, in order to realize the compromise of network performance and safety, a multi-stage routing algorithm for meeting the node damage probability based on the node probability is provided; the input parameter at the entrance is the node to be forwardedA probability value of impairment with which the node may meet; then, to the nodePerforming one-time rapid sequencing on the damaged probability values in the memory; in the first step of routing, the nodeAccording to FTS model, only transmitting the copy of the coding packet to the node with the maximum damage probability value, and simultaneously starting a timer to setIf atIf the most damaged nodes can not be met within the time, the second step of routing is carried out; in the second step, the nodeAccording to TFS model, only transmitting the coding packet copy to the next damaged node (the damaged probability value is located at the node of the first three bits of the ordered group), and simultaneously starting a timer and settingIf atIf the most damaged nodes can not meet within the time limit, the routing of the third step is carried out; the subsequent route adopts an AS model, namely the node transmits the coding packet to the first encountered node after the AS route model is opened; in order to optimize the performance of the network,andis taken to be the minimum value within its defined range.

The multi-stage routing refers to setting reasonable forwarding time waiting intervals among different stages and setting reasonable routing forwarding modes in different forwarding stages on the basis of comprehensively considering network completeness and performance compromise, so that the combination of a network coding mechanism and a traditional delay tolerant network routing scheme is realized, and the routing efficiency and the safety performance are improved.

The invention relates to a multi-stage routing method based on secure network coding in a delay tolerant network, aiming at the problems of reduced routing efficiency and possibly generated security in the delay tolerant network due to intermittent connectivity and long time delay in the delay tolerant network, and a node determines whether to allow the received data packet to be coded or not by utilizing mutual verification of the network coding and the coded data packets of other nodes, and selects a proper probability meeting node to forward a message according to a multi-stage routing rule. Then, modifying the damage probability of the probability meeting node, and reestablishing a routing path according to the damage probability of the probability meeting node by the node in the next routing selection process; based on the problems of low efficiency, easy security threat and small network throughput of most delay tolerant network routing algorithms, establishing an optimized coding packet distribution mechanism of each path, providing a network coding scheme under the environment of the damaged delay tolerant network, performing multi-stage routing forwarding of message bundles according to the damaged probability of the node encountered with the probability, and establishing a safe and efficient node routing forwarding scheme under the environment of the delay tolerant network by utilizing a resisting mechanism of each node when being attacked and an updating mechanism of the damaged probability of the node encountered with the probability after the multi-stage routing forwarding.

Has the advantages that: aiming at the opportunistic routing of 'storage-carrying-forwarding' of the delay tolerant network node, the invention provides a network coding scheme of the damaged environment, and the source node resists discarding attack by timely and dynamically increasing redundancy factors, thereby improving the fault-tolerant capability of the link; the messages are mutually verified among the nodes to resist pollution attack and Sybil attack, and excessive dependence on source nodes is avoided; and designing a multi-stage route taking the damage probability of the probability encountering nodes as a measure, and further improving the overall routing performance of the network. The safety analysis and simulation results show that the combined attack can be effectively resisted and the network performance can be optimized by reasonably selecting the balance coefficient. Meanwhile, compared with the existing scheme, the algorithm of the invention has obvious improvement on routing performance parameters such as routing overhead, transmission delay, transmission risk, effective transmission rate, network throughput and the like.

Drawings

Fig. 1 is a network node code graph.

Fig. 2 is a flowchart of an optimal path set solving algorithm.

Fig. 3 is an encoded packet format.

Fig. 4 is a relay node encoding process flow diagram.

Fig. 5 is a multi-stage routing algorithm flow diagram.

FIG. 6 is a graph of routing overhead versus simulation time.

Fig. 7 is a graph of throughput versus simulation time.

Fig. 8 is a graph of effective transmission rate as a function of number of aggressors.

Fig. 9 is a graph of transmission delay as a function of number of aggressors.

Fig. 10 is a graph of single transmission risk as a function of number of attackers.

FIG. 11 is a graph of joint transmission risk as a function of number of attackers.

FIG. 12 is a graph of trade-off coefficients versus network performance and risk.

Detailed Description

The invention is described in further detail below with reference to the accompanying drawings.

Example one

Network coding implementation scheme

The network coding supports the relay node to re-encode the data packet, and when the source node sends the data packet to the destination node, all or part of the rest relay nodes on the path between the two nodes are combined into a linear coding packet (similar to an exclusive or operation) which forwards the received message to the next node with a certain probability, as shown in fig. 1. The destination node receives enough linear independent coded beams, and a Gaussian elimination method (which is used for solving thousands of equations and unknowns, and solving a huge equation set of millions of equations by an iterative method) is used for converting a decoding matrix into a triangular matrix, and finally all original messages are decoded. Compared with the traditional scheme, the network coding can calculate the scheduling strategy to optimize and utilize limited available network resources, improve the throughput and the topology robustness of a network system, reduce the overall energy consumption of the wireless network nodes in the special environment and have potential safety advantages.

Transmission path coded packet optimization distribution model

On the premise of satisfying the following formula

We propose solving the set of optimal paths S to DAlgorithm 1 flow of (a) is shown in fig. 2. The entry parameters of which establish path sets for a multi-path routing algorithmSimultaneously storing the damage probability values of the neighbor nodes in the memory of each node, if the pathContinuously judging whether the inequality constraint condition (4) is met,

if so, inReserve the path and return to the new pathValue, simultaneously order。

Routing algorithm data packet format design

Packet format definition as shown in fig. 3, the data packet has a total word length of l =96 subsections: each group of linear coding coefficients used by the coding vector nodes for recoding the original message occupy 8 bits, and the front of the insufficient bits is filled with 0 (the same below); the authentication information is a parameter for mutual authentication between messages, and occupies 8 bits; the field of the processing control symbol occupies 16 bits and stores various control symbols, if the field supports the managed transmission, whether the field needs to be confirmed, and the like; the bundle identifier id field occupies 16 bits and stores the hash value corresponding to the bundle, thereby facilitating the mutual authentication between the nodes; the probability of the damaged nodes meeting is 16 bits, and the damaged probability of the nodes meeting is stored; the data segment stores the content of the message and is a 32-bit variable length field.

Relay node network coding processing flow

The relay node processing flow is shown in fig. 4. The relay node receives the coded packet M transmitted by the upstream node₁Then, if the buffer memory of the relay node is empty, the coding packet is directly stored in the memory; otherwise, firstly extracting the bundle identifier id hash value of 33-48 bits of the code packet and the existing code packet M in the memory₂And comparing the bundle identifier id hash values, if the bundle identifier id hash values meet the following formula, successfully authenticating the signature packet, and indicating that the two encoding packets come from the same source node and are not damaged packets injected by pollution attack or Sybil attackers, namely, further jointly encoding the encoding packets with the same bundle identifier id hash values.

Then, if s_k ^*≧ 2, each relay node on path k combines the received data packets with the output related to the number of transmitted data packets in linear coding; otherwise, the relay node does not perform any processing on the received data packet.

Multi-stage efficient secure routing algorithm flow

Fig. 5 is a flow chart of a multi-stage routing algorithm for meeting the node damage probability based on the node probability. The input parameter at the entrance is the damage probability value of the node a to be forwarded and the node a to be forwarded possibly meeting the node. Then, damage is done to the memory of node aThe probability values are quickly sorted once. During the first step of routing, the node a only transmits the copy of the coding packet to the node with the maximum damaged probability value according to the FTS model, and simultaneously, a timer is started and set as TTL₁If at TTL₁And if the most damaged node is not met within the time, performing the second step of routing. In the second step of routing, the node a only transmits the copy of the coding packet to the next damaged node (the node with damaged probability value in the first three bits of the ranking group) according to the TFS model, and simultaneously starts a timer and sets TTL₂If at TTL₂And if the most damaged nodes can not be met within the time limit, the third step of routing is carried out. The subsequent route adopts an AS model, namely the node transmits the coding packet to the first encountered node after the AS route model is opened. To optimize network performance, TTL₁And TTL₂Is taken to be the minimum value within its defined range.

Experimental environmental parameter settings

The experiment is realized by means of an Opnet simulation platform, 150 common mobile nodes are deployed in a range of 3000m by 3000m, the radio frequency power range of each node is 20m (note that the parameters form DTNs with sparse nodes, which are common in practical environments), the channel capacity is 2Mbps, and the nodes are assumed to be completely the same. The MAC layer protocol uses an IEEE802.11 wireless local area network standard protocol, a network topology structure is generated randomly, simulation running time is set to be 2h, seed number is set to be 13, and table 1 is set for simulation key parameters.

TABLE 1 simulation Key parameter configuration

The network performance and the safety of the proposed scheme and an injection routing algorithm (SRNC) based on network coding and an intelligent routing algorithm (IRNC) based on network coding are evaluated through 6 parameters such as routing overhead, transmission delay, transmission risk, effective transmission rate, throughput, trade-off coefficient and the like. At configuration time, we pass through the normal distributionWe have simulated the assumption that the transmission is established in the worst case, i.e., all aggressors know the path set and there is at most one aggressor on each path^*The medium maximum number of paths is 13.

Routing overhead and throughput

The route cost refers to the quotient of the total hop count from a source node to a destination node in the multi-path route and the minimum hop count in the single-path route, and the route cost c calculation formula of the multi-stage routing algorithm for the node-encountering node damage probability based on the node probability is as follows:

fig. 6 shows that the routing overhead increases with simulation time, and generally increases with simulation time. In the SRNC scheme, as simulation time progresses, an attacker starts to exist in a network, so that more and more discarded data packets are obtained, that is, more overhead is required for a coding packet of a source node to reach a destination node, and even when a part of coding packets are discarded seriously, routing overhead is infinite, that is, the destination node cannot be reached at all. The IRNC scheme shows that the routing overhead is gradually increased along with the simulation time, but relatively good routing overhead is shown when the simulation time is long due to the fact that the source node is injected with the redundant packets, and the routing overhead is large due to the fact that the redundant packets exist at the beginning of the simulation. In the MRNC scheme, the destination node informs the source node to generate a redundancy factor to improve the link disconnection property only when detecting that selective data discarding attack occurs in the network, and the route selection rationality is optimized through multi-stage routing based on the damage probability of adjacent nodes, so that the influence of the routing overhead along with the increase of simulation time is small.

The throughput in the simulation refers to the amount of coded packets passing through the DTN network in a unit time, and is represented by the equation

We can further make the following derivation:

when in useThe throughput of the routing network in the first stage is V₁Calculating a formula; network throughput V of second stage routing₂Push to similar. Since the AS model is adopted for the third-stage routing, the throughput can be approximately regarded AS a constantSo that the total network throughput V is V₁、V₂Andand (4) summing.

As can be seen from fig. 7, the SRNC scheme realizes delivery of packets as much as possible by injection routing due to completely neglecting security performance, so that the network throughput is larger in the initial stage of simulation, but as the simulation time goes on, an attacker appears in the network, and the network throughput shows a negative increase trend. In the IRNC scheme, only the completely damaged node is selected each time, so the network throughput is small and the variation is small. The initial network throughput is not large due to the fact that parameters such as damage probability of adjacent nodes of each node need to be calculated at the beginning of the scheme, and the scheme has a great advantage in the aspect of network throughput in the later period of simulation due to the fact that multi-stage safety routing is adopted along with the lapse of simulation time.

Effective transmission rate and transmission delay

In order to observe the change relationship between the effective transmission rate and the transmission delay along with the number of the attackers more clearly, the number of the attackers is respectively set to be 0,2,4,6,8,10 and 12 in the simulation. Meanwhile, the effective transmission rate of a node is the quotient of a data packet arriving at a destination node and all data packets generated by a source node, and is calculated as follows:

in order to be able to clearly compare the effective transmission rates of the three schemes, two configurations are made: when the number of attackers is not more than 4, introducing 1 ferry node into the network; when the number of the attackers is larger than 4, 3 ferry nodes are introduced. The ferry node is characterized in that controllable mobile equipment in a simulation tool is used for moving among different geographic areas according to a preset path, node information is collected and forwarded when a target node is met, and other common nodes are not required to execute a routing function except the ferry node, so that a DTN routing protocol is simplified, and the change of an effective transmission rate can be obtained more clearly. As can be seen from fig. 8, as the simulation time increases, the effective transmission rate of our scheme does not significantly decrease compared to the other two schemes.

Due to the nature of the network-delay tolerant intermittent connections, their transmission delays are typically large. Transmission delay t_delayRefers to the time when a message is transmitted from a source node to a destination node, and is calculated as follows, wherein t_sTime of transmission of message from source node, t_rTime message time received by the destination node is t, which is the number of messages to be transmitted.

As can be seen from fig. 9, in the SRNC scheme, a node usually routes a message copy with any encountering node, so that each node in the network participates in routing with approximately the same probability, and most of the transmission delay is consumed in both message waiting and transmission between nodes. But in a compromised DTN environment, its transmission delay is greatly affected by the presence of the attacker. In the IRNC scheme, the nodes forward data packets according to a certain strategy, and transmission delay is mainly consumed in three aspects of strategy execution, message waiting and transmission among the nodes, so that the delay is greater than that of the SRNC scheme when the number of attackers is small, but the strategy weakens the influence of attack behaviors on the transmission delay to a certain extent along with the increase of the number of the attackers in a network, and the transmission delay of the SRNC scheme is shown in the later period. In the MRNC scheme, although partial time is consumed in hash of the id by the source node and mutual authentication between the nodes, the transmission delay performance is good when multiple attack resistance is considered, and the probability of the destination node of data packet transmission is improved by combining multi-stage routing, so that the network delay is further reduced.

Risk of transmission

In order to observe the change relationship between the transmission risk and the effective transmission rate along with the number of the attackers more clearly, the number of the attackers is respectively set to be 0,2,4,6,8,10 and 12 in the simulation, and the risk types are divided into single risk and joint risk. The single transmission risk refers to the probability that a message is damaged in the transmission process under a certain attack threat. Single transmission risk_sThe calculation formula is related to a risk value of a node risk at each link end of a transmission path. Fig. 10 shows the single transmission risk at different numbers of attackers (each attacker attacks the same type). The figure shows that as the number of attackers increases, the single transmission risk rises significantly. Obviously, the risk value of our proposed scheme is much smaller than that of SRNC and IRNC schemes, and this value is not the optimal value of our algorithm. Simulation knotIt turns out that our solution further enhances the security of DTN in worst case environments.

(34)

(35)

Joint transmission risk refers to the probability that a message is damaged in the transmission process under 1 or more attack threats. Joint transmission risk_jAssociated with the ability of the various paths in the network to defend against the threats mentioned above. Fig. 11 shows that the joint transmission risk under different numbers of attackers (including more than 1 attack type) is compared with the SRNC and IRNC schemes, and the performance of our scheme in resisting the joint risk is very outstanding, and the transmission risk is not very obvious when multiple threats exist simultaneously. However, if the number of attackers t ≧ P_*All but one of the encoded packets may be corrupted.

Coefficient of trade-off

Utilizing trade-off factors in simulationsTo measure the trade-off between network performance and transmission risk. Optimizing the data packet number formula finally generated by encoding of the source node in the encoding packet distribution model according to each pathFurther derivation shows that:

in simulation, define. With trade-off factorFrom 0.65 to 0.75, it can be seen that the transmission risk value is decreasing and the network performance is also decreasing, i.e. the above-mentioned values of throughput, transmission delay and effective transmission rate are decreasing. By adjustingWe can get a better security risk value, as analyzed with respect to the number n of packets eventually generated by encoding of the source node of the equationThe safety risk and the transmission rate may decrease. As can be seen from the three-dimensional relationship in fig. 12, in our MRNC scheme, the overall network performance and the transmission risk both have the same trend with the change of the trade-off coefficient. Thus, it turns out that our solution achieves the best compromise of network performance and transmission risk.

Claims

1. A multi-stage safety routing method based on network coding in a delay tolerant network is characterized by comprising the following steps:

the first step is as follows: source node encoding and processing;

one data packet comprises m finite fields F_qSymbol of (1), additionA redundant flag; a bundle of data is represented by a matrix O, the ith row of the matrix O represents the ith message in the bundle of data, and the matrixAnd the right side of the O is an identity matrix of k × k orders, and z data packets injected into each beam of data by an attacker are represented by a matrix A:

<mrow> <mi>O</mi> <mo>=</mo> <munderover> <mo>&Sigma;</mo> <mrow> <mi>i</mi> <mo>=</mo> <mn>1</mn> </mrow> <mi>t</mi> </munderover> <msub> <mi>&beta;</mi> <mi>i</mi> </msub> <msub> <mi>m</mi> <mi>i</mi> </msub> <mo>=</mo> <mfenced open = "(" close = ")"> <mtable> <mtr> <mtd> <msub> <mi>a</mi> <mn>11</mn> </msub> </mtd> <mtd> <msub> <mi>a</mi> <mn>12</mn> </msub> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <msub> <mi>a</mi> <mrow> <mn>1</mn> <mrow> <mo>(</mo> <mi>m</mi> <mo>-</mo> <mi>k</mi> <mo>)</mo> </mrow> </mrow> </msub> </mtd> <mtd> <mn>1</mn> </mtd> <mtd> <mn>0</mn> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mn>0</mn> </mtd> </mtr> <mtr> <mtd> <msub> <mi>a</mi> <mn>21</mn> </msub> </mtd> <mtd> <msub> <mi>a</mi> <mn>22</mn> </msub> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <msub> <mi>a</mi> <mrow> <mn>2</mn> <mrow> <mo>(</mo> <mi>m</mi> <mo>-</mo> <mi>k</mi> <mo>)</mo> </mrow> </mrow> </msub> </mtd> <mtd> <mn>0</mn> </mtd> <mtd> <mn>1</mn> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mn>0</mn> </mtd> </mtr> <mtr> <mtd> <mn>...</mn> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mn>...</mn> </mtd> </mtr> <mtr> <mtd> <msub> <mi>a</mi> <mrow> <mi>k</mi> <mn>1</mn> </mrow> </msub> </mtd> <mtd> <msub> <mi>a</mi> <mrow> <mi>k</mi> <mn>2</mn> </mrow> </msub> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <msub> <mi>a</mi> <mrow> <mi>k</mi> <mrow> <mo>(</mo> <mi>m</mi> <mo>-</mo> <mi>k</mi> <mo>)</mo> </mrow> </mrow> </msub> </mtd> <mtd> <mn>0</mn> </mtd> <mtd> <mn>0</mn> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mn>1</mn> </mtd> </mtr> </mtable> </mfenced> </mrow>

according to the matrix O, the original message length of a bundle of data isSolving a matrix equationAvailable redundancyA column vector;

wherein R isA redundancy matrix of order R from the finite field F_qSelected from the independent standard random symbols;the method is obtained by superposing the column vectors of an O matrix one by one;

according to the above matrix equation, the source node encodes the data beam O into n encoded packets to be transmitted, where B_iI-th row, e, of the matrix O_ijN, i ═ 1, 2.. n; j 1, 2.. k represents the coefficient of the message in the original data packet for random linear coding;

the source node firstly carries out signature, and the signature scheme is in a bilinear primitive ancestorIs performed, wherein G₁,G₂,G_TAre cyclic multiplication groups of the same prime order p, the arithmetic logarithmic problem in these groups being considered computationally infeasible, e: G₁×G₂→G_TIs an efficient computable mapping with bilinear and non-degenerate properties,G₂→G₁is an efficient computable isomorphism;

source node has key α∈ F_pPublic key pair (h, u ∈ G)₂) Wherein h is_αU, it uses a isomorphic hash function H:

<mrow> <mi>H</mi> <mrow> <mo>(</mo> <msub> <mi>m</mi> <mi>i</mi> </msub> <mo>,</mo> <mi>i</mi> <mi>d</mi> <mo>)</mo> </mrow> <mo>=</mo> <munderover> <mo>&Sigma;</mo> <mrow> <mi>j</mi> <mo>=</mo> <mn>1</mn> </mrow> <mi>k</mi> </munderover> <mi>H</mi> <msup> <mrow> <mo>(</mo> <mi>i</mi> <mi>d</mi> <mo>|</mo> <mo>|</mo> <mi>j</mi> <mo>)</mo> </mrow> <mrow> <msub> <mi>m</mi> <mi>i</mi> </msub> <mo>,</mo> <mi>N</mi> <mo>-</mo> <mi>k</mi> <mo>+</mo> <mi>j</mi> </mrow> </msup> <munderover> <mo>&Pi;</mo> <mrow> <mi>l</mi> <mo>=</mo> <mn>1</mn> </mrow> <mrow> <mi>N</mi> <mo>-</mo> <mi>k</mi> </mrow> </munderover> <msubsup> <mi>g</mi> <mi>l</mi> <mrow> <msub> <mi>m</mi> <mi>i</mi> </msub> <mo>,</mo> <mi>l</mi> </mrow> </msubsup> </mrow>

wherein, g₁,g₂,...,g_N-kIs G₁Random element known to all nodes in H: Z × Z → G₁Is a cryptographic hash function, N is the message length, and the message m with the label id_iThe signature of not equal to 0 is the following formula:

σ_i＝H(m_i,id)^α；

the second step is that: relay node coding and processing;

<mrow> <mi>&sigma;</mi> <mo>=</mo> <munderover> <mo>&Pi;</mo> <mrow> <mi>i</mi> <mo>=</mo> <mn>1</mn> </mrow> <mi>k</mi> </munderover> <msubsup> <mi>&sigma;</mi> <mi>i</mi> <msup> <mi>&beta;</mi> <mi>i</mi> </msup> </msubsup> </mrow>

e(σ,h)＝e(H(M,id),u)

simultaneous sigma_iAnd the above formula can deduce another form of node packet verification, as shown in the following formula; the relay node receives the coded packet M transmitted by the upstream node₁Then, if the buffer memory of the relay node is empty, the coding packet is directly stored in the memory; otherwise, firstly extracting the bundle identifier id hash value of 33-48 bits of the code packet and the existing code packet M in the memory₂Comparing the bundle identifier id hash values, if the bundle identifier id hash values meet the following formula, successfully authenticating the signature packet, indicating that the two encoding packets come from the same source node and are not damaged packets injected by pollution attack or Sybil attackers, and further jointly encoding the encoding packets with the same bundle identifier id hash values;

the third step: decoding and processing by the destination node;

firstly, a destination node needs to detect a link; when a selective data drop attack occurs, it is required to measure the transmission rate of one flow and transmit the estimated transmission rate to a transmitting node; when the sending node receives the feedback of the receiving end, the sending node dynamically adjusts the redundancy coefficient to slow down the transmission rate reduction caused by the attack; falseThe average transmission rate observed by the receiver is determined to beThe corresponding redundancy coefficient isRedundancy coefficient of transmitting nodeIs calculated as follows, whereinRepresents the currently observed transmission rate of the receiving node transmission whenFor a period of time less thanWhen the network is in use, the destination node informs the source node to inject redundancy factors into the network;

the decoding process is based on the decoding scheme in the above; a bundle of data in the DTN is transformed according to the following equation, wherein O represents an original data packet sent by a source node, T represents linear transformation from the source node to a destination node, and T represents linear transformation_aThen a linear transformation from the attacker to the destination node is represented;

the destination node D randomly selects k + z linearly independent columns from the matrix Y to form a matrix Y_kWherein the relevant column vectors selected from the source node data packet matrix O and the attacker injecting the data packet matrix A into the network are respectively X_kAnd A_kTherefore, the above equation is further rewritten as follows:

<mrow> <msub> <mi>Y</mi> <mi>i</mi> </msub> <mo>=</mo> <mo>&lsqb;</mo> <mi>T</mi> <mo>|</mo> <msub> <mi>T</mi> <mi>a</mi> </msub> <mo>&rsqb;</mo> <mfenced open = "[" close = "]"> <mtable> <mtr> <mtd> <msub> <mi>O</mi> <mi>k</mi> </msub> </mtd> </mtr> <mtr> <mtd> <msub> <mi>A</mi> <mi>k</mi> </msub> </mtd> </mtr> </mtable> </mfenced> <mo>&DoubleRightArrow;</mo> <mi>Y</mi> <mo>=</mo> <mo>&lsqb;</mo> <mi>T</mi> <mo>|</mo> <msub> <mi>T</mi> <mi>a</mi> </msub> <mo>&rsqb;</mo> <mfenced open = "[" close = "]"> <mtable> <mtr> <mtd> <mrow> <msub> <mi>O</mi> <mi>k</mi> </msub> <mi>E</mi> </mrow> </mtd> </mtr> <mtr> <mtd> <mrow> <msub> <mi>A</mi> <mi>k</mi> </msub> <mi>E</mi> </mrow> </mtd> </mtr> </mtable> </mfenced> <mo>,</mo> <mi>Y</mi> <mo>=</mo> <msub> <mi>Y</mi> <mi>k</mi> </msub> <mi>E</mi> </mrow>

if the matrix [ T |)_a]^-1If present, the following holds:

X＝X_kE

the first m-k column of matrix E is denoted as E', and matrix O is written as O ═ O₁,O₂,O₃]Form (b) wherein O₁Associated with the first z column of matrix O, O₃Relating to the k-last column of matrix O, the above equation can be converted to the following equation; wherein, O_k ^zRepresentation matrix O_kFirst z column of (E)_z'denotes the first z column of the matrix E', E_i'the last i column of the matrix E':

<mrow> <mfenced open = "[" close = "]"> <mtable> <mtr> <mtd> <msub> <mi>O</mi> <mn>1</mn> </msub> </mtd> <mtd> <msub> <mi>O</mi> <mn>2</mn> </msub> </mtd> </mtr> </mtable> </mfenced> <mo>=</mo> <msubsup> <mi>O</mi> <mi>k</mi> <mi>z</mi> </msubsup> <msubsup> <mi>E</mi> <mi>z</mi> <mo>&prime;</mo> </msubsup> <mo>+</mo> <msubsup> <mi>E</mi> <mi>i</mi> <mo>&prime;</mo> </msubsup> </mrow>

combined standAnd the above formula gives the following formula; wherein, Y₂Indicating the last k x k columns of the matrix Y formed by the coded packets received by the destination node, Y₁Representing the remainder of the encoded packet matrix Y received by the destination node,representing a column-wise superimposed matrix O₁Obtained column vector, e'_ijRepresents matrix E'_zI is an identity matrix of dimension k, the dimension of the zero matrix is zk × k (m-z-k), and the identity matrix I^*Is k × k (m-z-k);

<mrow> <mi>B</mi> <mfenced open = "[" close = "]"> <mtable> <mtr> <mtd> <msub> <mover> <mi>O</mi> <mo>&RightArrow;</mo> </mover> <mn>1</mn> </msub> </mtd> </mtr> <mtr> <mtd> <msub> <mover> <mi>O</mi> <mo>&RightArrow;</mo> </mover> <mn>2</mn> </msub> </mtd> </mtr> </mtable> </mfenced> <mo>=</mo> <mfenced open = "(" close = ")"> <mtable> <mtr> <mtd> <msubsup> <mover> <mi>E</mi> <mo>&RightArrow;</mo> </mover> <mi>i</mi> <mo>&prime;</mo> </msubsup> </mtd> </mtr> <mtr> <mtd> <mrow> <mo>-</mo> <msub> <mi>Y</mi> <mn>2</mn> </msub> <mover> <mi>I</mi> <mo>&RightArrow;</mo> </mover> </mrow> </mtd> </mtr> </mtable> </mfenced> <mo>,</mo> <mi>B</mi> <mo>=</mo> <mfenced open = "(" close = ")"> <mtable> <mtr> <mtd> <mtable> <mtr> <mtd> <mtable> <mtr> <mtd> <mrow> <mo>(</mo> <mn>1</mn> <mo>-</mo> <msubsup> <mi>e</mi> <mrow> <mn>1</mn> <mo>,</mo> <mn>1</mn> </mrow> <mo>&prime;</mo> </msubsup> <mo>)</mo> <mi>I</mi> </mrow> </mtd> <mtd> <mrow> <mo>-</mo> <msubsup> <mi>e</mi> <mrow> <mn>2</mn> <mo>,</mo> <mn>1</mn> </mrow> <mo>&prime;</mo> </msubsup> <mi>I</mi> </mrow> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mrow> <mo>-</mo> <msubsup> <mi>e</mi> <mrow> <mi>z</mi> <mo>,</mo> <mn>1</mn> </mrow> <mo>&prime;</mo> </msubsup> <mi>I</mi> </mrow> </mtd> </mtr> <mtr> <mtd> <mn>...</mn> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mn>...</mn> </mtd> </mtr> <mtr> <mtd> <mrow> <mn>1</mn> <mo>-</mo> <msubsup> <mi>e</mi> <mrow> <mn>1</mn> <mo>,</mo> <mi>z</mi> </mrow> <mo>&prime;</mo> </msubsup> <mi>I</mi> </mrow> </mtd> <mtd> <mrow> <mo>-</mo> <msubsup> <mi>e</mi> <mrow> <mn>2</mn> <mo>,</mo> <mi>z</mi> </mrow> <mo>&prime;</mo> </msubsup> <mi>I</mi> </mrow> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mrow> <mo>(</mo> <mn>1</mn> <mo>-</mo> <msubsup> <mi>e</mi> <mrow> <mi>z</mi> <mo>,</mo> <mi>z</mi> </mrow> <mo>&prime;</mo> </msubsup> <mo>)</mo> <mi>I</mi> </mrow> </mtd> </mtr> </mtable> </mtd> <mtd> <mn>0</mn> </mtd> </mtr> </mtable> </mtd> </mtr> <mtr> <mtd> <mtable> <mtr> <mtd> <mtable> <mtr> <mtd> <mrow> <msubsup> <mi>e</mi> <mrow> <mn>1</mn> <mo>,</mo> <mi>z</mi> <mo>+</mo> <mn>1</mn> </mrow> <mo>&prime;</mo> </msubsup> <mi>I</mi> </mrow> </mtd> <mtd> <mrow> <mo>-</mo> <msubsup> <mi>e</mi> <mrow> <mn>2</mn> <mo>,</mo> <mi>z</mi> <mo>+</mo> <mn>1</mn> </mrow> <mo>&prime;</mo> </msubsup> <mi>I</mi> </mrow> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mrow> <mo>-</mo> <msubsup> <mi>e</mi> <mrow> <mi>z</mi> <mo>,</mo> <mi>z</mi> <mo>+</mo> <mn>1</mn> </mrow> <mo>&prime;</mo> </msubsup> <mi>I</mi> </mrow> </mtd> </mtr> <mtr> <mtd> <mn>...</mn> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mn>...</mn> </mtd> </mtr> <mtr> <mtd> <mrow> <mo>-</mo> <msubsup> <mi>e</mi> <mrow> <mn>1</mn> <mo>,</mo> <mi>m</mi> <mo>-</mo> <mi>k</mi> </mrow> <mo>&prime;</mo> </msubsup> <mi>I</mi> </mrow> </mtd> <mtd> <mrow> <mo>-</mo> <msubsup> <mi>e</mi> <mrow> <mn>2</mn> <mo>,</mo> <mi>m</mi> <mo>-</mo> <mi>k</mi> </mrow> <mo>&prime;</mo> </msubsup> <mi>I</mi> </mrow> </mtd> <mtd> <mn>...</mn> </mtd> <mtd> <mrow> <mo>-</mo> <msubsup> <mi>e</mi> <mrow> <mi>z</mi> <mo>,</mo> <mi>m</mi> <mo>-</mo> <mi>k</mi> </mrow> <mo>&prime;</mo> </msubsup> <mi>I</mi> </mrow> </mtd> </mtr> </mtable> </mtd> <mtd> <msup> <mi>I</mi> <mo>*</mo> </msup> </mtd> </mtr> </mtable> </mtd> </mtr> <mtr> <mtd> <msub> <mi>Y</mi> <mn>1</mn> </msub> </mtd> </mtr> </mtable> </mfenced> </mrow>

thus, if the destination node receives a coded packet that is related to a source node transmission and an attacker injected pollution packet, when the destination node receives at least k + z data packets of a bundle of data, and the matrix B is column-full rank, the equation

There is and only a unique solution; therefore, even if the pollution packets which are maliciously injected by attackers and are not verified and eliminated by the relay nodes exist, the destination node can still successfully decode the original data packet sent by the source node, and the double resistance to the packet pollution attack is realized;

the fourth step: multi-stage route forwarding;

in the multi-stage routing forwarding of the message based on the probability of the damage of the meeting node, only the source node is assumed to be a trusted node, namely any node can receive the message from the source node; byIt can be known that, in two nodes related to the link e, the risk probability risk of an upstream node is the following formula;

<mrow> <mi>r</mi> <mi>i</mi> <mi>s</mi> <mi>k</mi> <mo>=</mo> <mn>1</mn> <mo>-</mo> <msub> <mi>r</mi> <mi>e</mi> </msub> <mo>=</mo> <mn>1</mn> <mo>-</mo> <munder> <mo>&Sigma;</mo> <mrow> <mi>k</mi> <mo>&Element;</mo> <mi>P</mi> </mrow> </munder> <msub> <mi>s</mi> <mi>k</mi> </msub> <mrow> <mo>(</mo> <mn>0.5</mn> <mo>+</mo> <mn>0.5</mn> <munder> <mo>&Pi;</mo> <mrow> <mi>e</mi> <mo>&Element;</mo> <mi>k</mi> </mrow> </munder> <msub> <mi>r</mi> <mi>e</mi> </msub> <mo>)</mo> </mrow> <msub> <mi>c</mi> <mi>k</mi> </msub> </mrow>

the node probability encounter node damage probability updating strategy is that the initial damage probability of each node and the possible encounter nodes is risk, and the node n to be relayed_i-1After routing, if the node n at the other end of the selected path is selected_iThe actual overhead of this transmission of a unit of data is denoted c_iThen n after completing one route_i-1N is stored in_iThe node damage probability is updated to risk-0.001c_i；

Since the reliability probability of the upstream node of the link e is r_eAnalyzing the effect of the attacker on the safe transmission, and determining the expiration time t of the message_dBefore, the transmission rate is d_rNumber of message copies L required_minIs shown in the following formula, wherein λ is the exponential distribution law of the number of times of encounters between nodes, n_aThe number of attackers in the current network:

setting the probability of the nodes in the first stage of the multi-stage routing to meet the node damage probability and then positioning the node damage probability after the node damage probability is sequenced to be L_minNodes being trusted nodes, carrying copies of messages, i.e. L_u＝L_min(ii) a The probability of the nodes in the second stage is positioned in the last 3L after the nodes are sequenced_minBeing part of a trusted node, carrying a copy of the message, i.e. L_t＝3L_minThe number of nodes carrying message copies is as follows: l is_a＝L_u+L_t(ii) a In order to obtain a target transmission rate d_rSecond stage start time TTL₁The following constant inequality is satisfied:

<mrow> <msub> <mi>TTL</mi> <mn>1</mn> </msub> <mo>&GreaterEqual;</mo> <mfrac> <mrow> <mo>-</mo> <mi>ln</mi> <mrow> <mo>(</mo> <mo>(</mo> <mrow> <mn>1</mn> <mo>-</mo> <msub> <mi>d</mi> <mi>r</mi> </msub> </mrow> <mo>)</mo> <mo>(</mo> <mrow> <mfrac> <msub> <mi>L</mi> <mi>a</mi> </msub> <mrow> <msub> <mi>npL</mi> <mi>u</mi> </msub> </mrow> </mfrac> <mo>+</mo> <mn>1</mn> </mrow> <mo>)</mo> <mo>)</mo> </mrow> </mrow> <mrow> <msub> <mi>&lambda;L</mi> <mi>t</mi> </msub> </mrow> </mfrac> </mrow>

the process is briefly demonstrated as follows: setting a random variable X₂Indicating a multi-stage route target transmission rate, L.lambda.e^-LλxRepresenting the probability density function of any of the L nodes encountering the destination node, e^-LpnλxA cumulative distribution function of the probability that any one of the L nodes does not meet the common set point; in the first stage, the distribution function is accumulatedWith followingIncreasing; however, if no transmission occurs in the first stage, the probability isAt the beginning of the second phase, the probability density function is transmitted by L_aDetermining a transmission risk by each node, wherein the transmission risk is determined by the risk value of each transmission node;

<mfenced open = "" close = ""> <mtable> <mtr> <mtd> <mrow> <msub> <mi>F</mi> <msub> <mi>X</mi> <mn>2</mn> </msub> </msub> <mrow> <mo>(</mo> <mi>x</mi> <mo>)</mo> </mrow> <mo>=</mo> <mn>1</mn> <mo>-</mo> <msup> <mi>e</mi> <mrow> <mo>-</mo> <msub> <mi>&lambda;L</mi> <mi>t</mi> </msub> <msub> <mi>TTL</mi> <mn>1</mn> </msub> </mrow> </msup> <mo>+</mo> <msup> <mi>e</mi> <mrow> <mo>-</mo> <msub> <mi>&lambda;L</mi> <mi>t</mi> </msub> <msub> <mi>TTL</mi> <mn>1</mn> </msub> </mrow> </msup> <mrow> <mo>(</mo> <mi>s</mi> <mo>)</mo> </mrow> </mrow> </mtd> </mtr> <mtr> <mtd> <mrow> <mo>&DoubleRightArrow;</mo> <mi>s</mi> <mo>=</mo> <msubsup> <mo>&Integral;</mo> <mn>0</mn> <mrow> <mi>x</mi> <mo>-</mo> <msub> <mi>t</mi> <mn>2</mn> </msub> </mrow> </msubsup> <msub> <mi>L</mi> <mi>a</mi> </msub> <msup> <mi>&lambda;e</mi> <mrow> <mo>-</mo> <msub> <mi>L</mi> <mi>a</mi> </msub> <mi>&lambda;</mi> <mi>x</mi> </mrow> </msup> <mrow> <mo>(</mo> <msup> <mi>e</mi> <mrow> <mo>-</mo> <msub> <mi>L</mi> <mi>u</mi> </msub> <mi>n</mi> <mi>p</mi> <mi>&lambda;</mi> <mi>x</mi> </mrow> </msup> <mo>)</mo> </mrow> <msub> <mi>d</mi> <mi>x</mi> </msub> <mo>=</mo> <mfrac> <msub> <mi>L</mi> <mi>a</mi> </msub> <mrow> <msub> <mi>L</mi> <mi>a</mi> </msub> <mo>+</mo> <msub> <mi>npL</mi> <mi>n</mi> </msub> </mrow> </mfrac> <mrow> <mo>(</mo> <mn>1</mn> <mo>-</mo> <msup> <mi>e</mi> <mrow> <mo>-</mo> <mrow> <mo>(</mo> <msub> <mi>L</mi> <mi>a</mi> </msub> <mo>+</mo> <msub> <mi>npL</mi> <mi>n</mi> </msub> <mo>)</mo> </mrow> <mi>&lambda;</mi> <mrow> <mo>(</mo> <mi>x</mi> <mo>-</mo> <msub> <mi>TTL</mi> <mn>1</mn> </msub> <mo>)</mo> </mrow> </mrow> </msup> <mo>)</mo> </mrow> </mrow> </mtd> </mtr> </mtable> </mfenced>

since this value needs to be greater than a given transmission rate d_rThus, TTL can be obtained₁An inequality is satisfied; from the above analysis, for a given set of parameters (L)_t,L_u,TTL₁) Third stage start time TTL for achieving higher transmission rates for multi-stage routing₂Should not be less than the following constant inequality:

<mrow> <msub> <mi>TTL</mi> <mn>2</mn> </msub> <mo>&GreaterEqual;</mo> <msub> <mi>TTL</mi> <mn>1</mn> </msub> <mo>+</mo> <mfrac> <mrow> <mi>ln</mi> <mrow> <mo>(</mo> <mn>1</mn> <mo>+</mo> <mfrac> <msub> <mi>L</mi> <mi>a</mi> </msub> <mrow> <msub> <mi>L</mi> <mi>u</mi> </msub> <mi>n</mi> <mi>p</mi> </mrow> </mfrac> <mo>)</mo> </mrow> </mrow> <mrow> <msub> <mi>&lambda;L</mi> <mi>t</mi> </msub> </mrow> </mfrac> </mrow>

under the DTN network environment and the transmission target, in order to realize the compromise of network performance and safety, a multi-stage routing algorithm for meeting the node damage probability based on the node probability is provided; the input parameter at the entrance is the damage probability value of the node a to be forwarded and the node possibly encountered by the node a; secondly, performing one-time rapid sequencing on the damaged probability value in the memory of the node a; in the first step of routing, only the coding packet copy is transmitted to the node with the maximum damaged probability value, and simultaneously, a timer is started and set as TTL₁s, if at TTL₁If the most damaged nodes can not be met within the time, the second step of routing is carried out; in the second step of routing, the node a only transmits the coding packet copy to the TFS modelNext damaged node, node with damaged probability value in the first three bits of the ordered group, starting timer and setting TTL₂s if at TTL₂If the most damaged nodes can not meet within the time limit, the routing of the third step is carried out; the node transmits the coding packet to the first encountered node after the routing model is started; to optimize network performance, TTL₁And TTL₂All take the minimum value in the limited range, wherein S represents a source node, D represents a destination node, E represents a directed link or channel set in the network, and O_kA matrix is represented.