CN112533170A - Malicious node identification method based on time credit sequence - Google Patents

Malicious node identification method based on time credit sequence Download PDF

Info

Publication number
CN112533170A
CN112533170A CN202011424377.1A CN202011424377A CN112533170A CN 112533170 A CN112533170 A CN 112533170A CN 202011424377 A CN202011424377 A CN 202011424377A CN 112533170 A CN112533170 A CN 112533170A
Authority
CN
China
Prior art keywords
node
reputation
value
nodes
malicious
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011424377.1A
Other languages
Chinese (zh)
Inventor
朱伟华
宋宇
田磊
王俊尧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jilin Technology College Of Electronic Information
Original Assignee
Jilin Technology College Of Electronic Information
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jilin Technology College Of Electronic Information filed Critical Jilin Technology College Of Electronic Information
Priority to CN202011424377.1A priority Critical patent/CN112533170A/en
Publication of CN112533170A publication Critical patent/CN112533170A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/38Services specially adapted for particular environments, situations or purposes for collecting sensor information

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a malicious node identification method based on a time credit sequence, which relates to the safety technology of an infinite ultrasonic sensor and comprises the steps of calculating a node credit value according to the communication frequency ratio, calculating a node credit threshold value, dividing credit intervals, judging and dividing nodes and the like. The method mainly identifies the malicious nodes by judging the similarity of the node reputation value sequence and dividing the reputation interval through the calculation of the threshold value, has the advantages of low calculation complexity, high identification accuracy and high efficiency, and overcomes the defects of low identification rate and low identification speed caused by insufficient data volume of the malicious nodes.

Description

Malicious node identification method based on time credit sequence
Technical Field
The invention relates to an infinite ultrasonic sensor safety technology, in particular to a wireless ultrasonic sensor malicious node identification method based on a time credit sequence.
Background
At present, with the wide application of Wireless Sensor Networks (WSNs) in various fields, the requirements of users on the security of sensor nodes are increasingly improved, and whether sensors are safe or not determines the practicability of the Wireless Sensor Networks (WSNs) in a certain sense.
Due to long-term exposure to a harsh deployment environment and the open nature of WSNs, it is decided that a node is in an environment that may be destroyed or trapped at any time, starting from the runtime of the node. When the WSN is captured, an attacker can decrypt the node and maliciously tamper with the program and put the node back into the network again, the captured and tampered node becomes a malicious node, and the captured and tampered node can launch almost all attacks on the network with the aim of destroying the WSN. Therefore, a security mechanism based on cryptography cannot defend a malicious node from entering the wireless sensor network to launch an attack behavior, and an effective and reliable identification method is needed to solve the problem. How to quickly and efficiently identify the malicious attacks and isolate the nodes becomes a key for preventing and controlling the malicious node attacks and improving the safety.
Because the attack methods adopt a mode of capturing nodes and have the same ID and key information and the like as those of legal nodes, the traditional cryptology security mechanism cannot identify the attack methods. But the reputation value of the node is calculated through the evaluation of the communication behavior of the node in a period of time, and the normal communication times and the total communication times of the node are sorted. And further identifying malicious nodes and sub-attack nodes through interval division. The method has the advantages of no need of complex distribution and encryption operation, rapidness and high efficiency, and is very suitable for maintaining a node network which is relatively stable.
Disclosure of Invention
The invention mainly aims to provide a wireless ultrasonic sensor malicious node identification method based on a time credit sequence. And further identifying malicious nodes and sub-attack nodes through interval division.
The technical scheme adopted by the invention is as follows: a malicious node identification method based on a time reputation sequence comprises the following steps:
step 1, calculating node reputation value
Figure 493195DEST_PATH_IMAGE001
The reputation value of the node is the evaluation of the communication behavior of the node in a period of time, and the influence of the current communication behavior on the reputation value of the node is calculated according to the normal communication times and the total communication times of the node, so that the influence of the historical behavior is reduced;
step 2, calculating node reputation span threshold
Figure 365336DEST_PATH_IMAGE002
If the node reputation sequence similarity is positive similarity or
Figure 217754DEST_PATH_IMAGE003
If the node reputation sequence similarity is negative, the node is judged to be a normal node, and if the node reputation sequence similarity is negative, the node reputation sequence similarity is judged to be normal
Figure 50712DEST_PATH_IMAGE004
The node enters the observation period and passesfIf the credit value of the nodes in each observation period is still not increased, judging the nodes as malicious nodes;
step 3, dividing the reputation interval into a low reputation interval, a medium reputation interval and a high reputation interval, wherein the node with the reputation value in the low reputation interval is regarded as a malicious node, the node with the reputation value in the high reputation interval is judged as a normal node, and a sub-aggressive node with the reputation value in the medium reputation interval is further identified;
step 4, aiming at the nodes of the middle reputation area, the reputation value of each node is in the same time interval∆tPerforming periodic update every timenThe node reputations for each time interval form a reputation sequence:
step 5, calculating the node reputation time sequence
Figure 256566DEST_PATH_IMAGE005
Similarity of from
Figure 514372DEST_PATH_IMAGE006
To represent the similarity of two time series;
step 6, if the cluster is judged to be a malicious node, pulling the malicious node into a blacklist by the cluster head, and broadcasting the relevant information of the malicious node to members in the cluster; if the node is determined to be a normal node, the parameters of the node are updated to enter the next evaluation period.
Further, the step 1 comprises:
calculating a node reputation value according to the formula:
Figure 537691DEST_PATH_IMAGE007
wherein, let i, j, k be three arbitrary nodes, T1For direct reputation evaluation of node i to node j, T2Indicating that i gets an indirect reputation value for j through k,T tru representing a node credit value, c representing a confidence factor of the node i for evaluating the node, if the value of c is higher, indicating that the node judges the node more believable; the lower the value of c is, the more untrustworthy the value of c is, and the value of c is related to the times of successful communication between the nodes.
Further, the step 2 includes:
calculating a node reputation span threshold phi as shown in the formula:
Figure 982579DEST_PATH_IMAGE008
whereinδAndψfor setting the dual threshold, exp represents an exponential function with e as base, xtIs the t-th sampling value of the signal to be detected,
Figure 864560DEST_PATH_IMAGE009
a second set of time series averages representing node N, phi being a node reputation span threshold.
Still further, the step 3 includes: judging nodeNThe reputation interval in which the reputation value is located,T tru greater than a threshold valueψNode ofNDetermining the node when the credit value is in the high credit areaNIs a normal node;T tru less than thresholdδNode ofNThe credit value is in a low credit area, and judgment is madeFixed nodeNIs a malicious node;T tru less than thresholdψAnd is greater thanδThe node is in a medium reputation region.
Still further, the step 4 includes: for nodes of a single reputation region, the reputation value of each node is at the same time interval∆tPerforming periodic update every timenThe node reputations for a time interval constitute one
A reputation sequence, then nodeNGroup i time series ofA i N A reputation matrix can be definedT(A i N ):
Figure 976873DEST_PATH_IMAGE010
Wherein the content of the first and second substances,
Figure 171094DEST_PATH_IMAGE011
is a nodeNIn the first placeinThe node reputation value for the group time,
Figure 368857DEST_PATH_IMAGE012
is a nodeNIn the first placein+A node reputation value for a set of 1 times,
Figure 791879DEST_PATH_IMAGE013
is a nodeNIn the first placein+2The node reputation value for the group time,
Figure 758698DEST_PATH_IMAGE014
is a nodeNIn the first placein+n-Node reputation values for 1 set of times.
Still further, the step 5 includes: if the node reputation sequence similarity is positive similarity or
Figure 858241DEST_PATH_IMAGE015
If the node reputation sequence similarity is negative, the node is judged to be a normal node, and if the node reputation sequence similarity is negative, the node reputation sequence similarity is judged to be normal
Figure 808879DEST_PATH_IMAGE016
The node enters the observation period and passesfIf the credit value of the nodes in each observation period is still not increased, judging the nodes as malicious nodes;
the sequence nodes are determined according to the following formula:
Figure 160226DEST_PATH_IMAGE017
wherein the content of the first and second substances,
Figure 856918DEST_PATH_IMAGE018
if two time series
Figure 268308DEST_PATH_IMAGE019
Then, then
Figure 299718DEST_PATH_IMAGE020
Indicating that they are identical if the two time series are identical
Figure 189176DEST_PATH_IMAGE021
Then, then
Figure 271533DEST_PATH_IMAGE022
Indicating a negative correlation between them.
The invention has the advantages that:
the invention calculates the credit value of the node by evaluating the communication behavior of the node in a period of time, and arranges the normal communication times and the total communication times of the node. And further identifying malicious nodes and sub-attack nodes through interval division. The method has the advantages of low calculation complexity, high identification accuracy and high speed, and the classification of the nodes is concise, concise and clearer due to the division of the intervals.
In addition to the objects, features and advantages described above, other objects, features and advantages of the present invention are also provided. The present invention will be described in further detail below with reference to the drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this application, illustrate embodiments of the invention and, together with the description, serve to explain the invention and not to limit the invention.
FIG. 1 is a flow chart of a malicious node identification method based on a time reputation sequence according to the present invention;
FIG. 2 is a diagram of different node reputation intervals of the present invention;
FIG. 3 is a graph of the relationship between threshold and number of malicious nodes in a high reputation interval according to the present invention;
fig. 4 is a malicious node identification rate graph of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Referring to fig. 1 to 4, a malicious node identification method based on a time-reputation sequence includes the following steps:
step 1, calculating node reputation value
Figure 588245DEST_PATH_IMAGE001
The reputation value of the node is the evaluation of the communication behavior of the node in a period of time, and the influence of the current communication behavior on the reputation value of the node is calculated according to the normal communication times and the total communication times of the node, so that the influence of the historical behavior is reduced;
step 2, calculating node reputation span threshold
Figure 106951DEST_PATH_IMAGE002
If the node reputation sequence similarity is positive similarity or
Figure 800100DEST_PATH_IMAGE003
If the node reputation sequence similarity is negative, the node is judged to be a normal node, and if the node reputation sequence similarity is negative, the node reputation sequence similarity is judged to be normal
Figure 468455DEST_PATH_IMAGE004
The node enters the observation period and passesfIf the credit value of the nodes in each observation period is still not increased, judging the nodes as malicious nodes;
step 3, dividing the reputation interval into a low reputation interval, a medium reputation interval and a high reputation interval, wherein the node with the reputation value in the low reputation interval is regarded as a malicious node, the node with the reputation value in the high reputation interval is judged as a normal node, and a sub-aggressive node with the reputation value in the medium reputation interval is further identified;
step 4, aiming at the nodes of the middle reputation area, the reputation value of each node is in the same time interval∆tPerforming periodic update every timenThe node reputations for each time interval form a reputation sequence:
step 5, calculating the node reputation time sequence
Figure 221647DEST_PATH_IMAGE005
Similarity of from
Figure 227649DEST_PATH_IMAGE006
To represent the similarity of two time series;
step 6, if the cluster is judged to be a malicious node, pulling the malicious node into a blacklist by the cluster head, and broadcasting the relevant information of the malicious node to members in the cluster; if the node is determined to be a normal node, the parameters of the node are updated to enter the next evaluation period.
The invention calculates the credit value of the node by evaluating the communication behavior of the node in a period of time, and arranges the normal communication times and the total communication times of the node. And further identifying malicious nodes and sub-attack nodes through interval division. The method has the advantages of low calculation complexity, high identification accuracy and high speed, and the classification of the nodes is concise, concise and clearer due to the division of the intervals.
The malicious nodes are nodes which are intercepted by an attacker and then are replaced after being tampered in a certain network, and have serious threats to the network and users, after being replaced in the network, the malicious nodes can prevent data transmission and input forged data or insert malicious codes into the whole wireless sensor network, and as each node in the sensor network has expansibility, namely the codes injected by the malicious nodes can be spread at a very high speed and influence adjacent nodes, so that the codes can be spread and potentially damage the whole wireless sensor network, and the malicious nodes can further cause great waste of the limited node resources.
A wireless sensor malicious node detection scheme based on a statistical method is designed by a Sliva team of foreign scholars, namely, a set of rules are defined by communication behaviors of normal nodes, next nodes are judged according to the defined rules, if the rules are not met, the nodes are defined as malicious nodes, the malicious nodes can be identified to a certain degree by the scheme, but the scheme also has certain defects, namely, the problems and influences caused by node interaction cannot be processed. The method adopts a mode of setting the threshold value by using the control precision, can judge the attribute of the node more accurately, and effectively avoids the problem of node interaction.
Specifically, the method is embodied as follows:
computing node reputation valuesT tru The reputation value of the node is the evaluation of the communication behavior of the node in a period of time, and the influence of the current communication behavior on the reputation value of the node is calculated according to the normal communication times and the total communication times of the node, so that the influence of the historical behavior is reduced. Calculating a node reputation value according to the formula:
Figure 458910DEST_PATH_IMAGE007
wherein, let i, j, k be three arbitrary nodes, T1For direct reputation evaluation of node i to node j, T2Indicating that i gets an indirect reputation value for j through k,T tru representing a node credit value, c representing a confidence factor of the node i for evaluating the node, if the value of c is higher, indicating that the node judges the node more believable; the lower the value of c is, the more untrustworthy the value of c is, and the value of c is related to the times of successful communication between the nodes.
ComputingNode reputation span threshold phi and carrying out interval division on the nodes, if the node reputation sequence similarity is positive similarity or
Figure DEST_PATH_IMAGE023
If the node reputation sequence similarity is negative, the node is judged to be a normal node, and if the node reputation sequence similarity is negative, the node reputation sequence similarity is judged to be normal
Figure 453542DEST_PATH_IMAGE024
The node enters the observation period and passesfAnd if the reputation value of the node in each observation period is still not increased, judging the node as a malicious node.
The specific formula is as follows:
Figure 502270DEST_PATH_IMAGE008
whereinδAndψfor setting the dual threshold, exp represents an exponential function with e as base, xtIs the t-th sampling value of the signal to be detected,
Figure 605355DEST_PATH_IMAGE009
a second set of time series averages representing node N, phi being a node reputation span threshold.
Dividing the reputation interval into a low reputation interval, a medium reputation interval and a high reputation interval, wherein the node with the reputation value in the low reputation interval is regarded as a malicious node, the node with the reputation value in the high reputation interval is judged as a normal node, and a sub-aggressive node with the reputation value in the medium reputation interval is further identified (a)T tru Greater than a threshold valueψNode ofNDetermining the node when the credit value is in the high credit areaNIs a normal node;T tru less than thresholdδNode ofNDetermining the node when the credit value is in the low credit areaNIs a malicious node;T tru less than thresholdψAnd is greater thanδAnd the node is in the medium reputation region).
For nodes of a single reputation region, the reputation value of each node is at the same time interval∆tCarry out periodic cleaningNew, each timenThe node reputations of a time interval form a reputation sequence, and then the nodesNGroup i time series ofA i N A reputation matrix can be definedT(A i N ):
Figure 515673DEST_PATH_IMAGE010
Wherein the content of the first and second substances,
Figure 614079DEST_PATH_IMAGE011
is a nodeNIn the first placeinThe node reputation value for the group time,
Figure 318861DEST_PATH_IMAGE012
is a nodeNIn the first placein+A node reputation value for a set of 1 times,
Figure 440401DEST_PATH_IMAGE013
is a nodeNIn the first placein+2The node reputation value for the group time,
Figure 13465DEST_PATH_IMAGE014
is a nodeNIn the first placein+n-Node reputation values for 1 set of times.
Computing node reputation time seriesT(AN 2) AndT'(AN 2) Similarity of from
Figure DEST_PATH_IMAGE025
To represent the similarity of two time series.
Wherein the similarity
Figure 231956DEST_PATH_IMAGE026
Is calculated by the formula
Figure 370289DEST_PATH_IMAGE017
Wherein the content of the first and second substances,
Figure 713546DEST_PATH_IMAGE018
if two time series
Figure 480514DEST_PATH_IMAGE019
Then, then
Figure 960036DEST_PATH_IMAGE020
Indicating that they are identical if the two time series are identical
Figure 272200DEST_PATH_IMAGE021
Then, then
Figure 837174DEST_PATH_IMAGE022
Indicating a negative correlation between them.
If a certain node is judged to be a malicious node, pulling the malicious node into a blacklist by the cluster head, and broadcasting the position and other related information of the malicious node to members in the cluster; if the node is determined to be a normal node, the parameters of the node are updated to enter the next evaluation period.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.

Claims (6)

1. A malicious node identification method based on a time reputation sequence is characterized by comprising the following steps
The following steps:
step 1, calculating node reputation value
Figure 924601DEST_PATH_IMAGE001
The reputation value of the node is the evaluation of the communication behavior of the node in a period of time, and the influence of the current communication behavior on the reputation value of the node is calculated according to the normal communication times and the total communication times of the node, so that the influence of the historical behavior is reduced;
step 2, calculating node reputation span threshold
Figure 348629DEST_PATH_IMAGE002
If the node reputation sequence similarity is positive similarity or
Figure 529075DEST_PATH_IMAGE003
If the node reputation sequence similarity is negative, the node is judged to be a normal node, and if the node reputation sequence similarity is negative, the node reputation sequence similarity is judged to be normal
Figure 128684DEST_PATH_IMAGE004
The node enters the observation period and passesfIf the credit value of the nodes in each observation period is still not increased, judging the nodes as malicious nodes;
step 3, dividing the reputation interval into a low reputation interval, a medium reputation interval and a high reputation interval, wherein the node with the reputation value in the low reputation interval is regarded as a malicious node, the node with the reputation value in the high reputation interval is judged as a normal node, and a sub-aggressive node with the reputation value in the medium reputation interval is further identified;
step 4, aiming at the nodes of the middle reputation area, the reputation value of each node is in the same time interval∆tPerforming periodic update every timenThe node reputations for each time interval form a reputation sequence:
step 5, calculating the node reputation time sequence
Figure 611749DEST_PATH_IMAGE005
Similarity of from
Figure 664018DEST_PATH_IMAGE006
To represent the similarity of two time series;
step 6, if the cluster is judged to be a malicious node, pulling the malicious node into a blacklist by the cluster head, and broadcasting the relevant information of the malicious node to members in the cluster; if the node is determined to be a normal node, the parameters of the node are updated to enter the next evaluation period.
2. The method of claim 1 for identifying malicious nodes based on temporal reputation sequences, which
Characterized in that the step 1 comprises:
calculating a node reputation value according to the formula:
Figure 507209DEST_PATH_IMAGE007
wherein, let i, j, k be three arbitrary nodes, T1For direct reputation evaluation of node i to node j, T2Indicating that i gets an indirect reputation value for j through k,T tru representing a node credit value, c representing a confidence factor of the node i for evaluating the node, if the value of c is higher, indicating that the node judges the node more believable; the lower the value of c is, the more untrustworthy the value of c is, and the value of c is related to the times of successful communication between the nodes.
3. The method of claim 1 for identifying malicious nodes based on temporal reputation sequences, which
Characterized in that the step 2 comprises:
calculating a node reputation span threshold phi as shown in the formula:
Figure 961324DEST_PATH_IMAGE008
whereinδAndψfor setting the dual threshold, exp represents an exponential function with e as base, xtIs the t-th sampling value of the signal to be detected,
Figure 615291DEST_PATH_IMAGE009
a second set of time series averages representing node N, phi being a node reputation span threshold.
4. The method of claim 1 for identifying malicious nodes based on temporal reputation sequences, which
Characterized in that said step 3 comprises: judging nodeNReputation value being atThe interval of the reputation of (a),T tru greater than a threshold valueψNode ofNDetermining the node when the credit value is in the high credit areaNIs a normal node;T tru less than thresholdδNode ofNDetermining the node when the credit value is in the low credit areaNIs a malicious node;T tru less than thresholdψAnd is greater thanδThe node is in a medium reputation region.
5. The method of claim 1 for identifying malicious nodes based on temporal reputation sequences, which
Characterized in that the step 4 comprises: for nodes of a single reputation region, the reputation value of each node is at the same time interval∆tPerforming periodic update every timenThe node reputations for a time interval constitute one
A reputation sequence, then nodeNGroup i time series ofA i N A reputation matrix can be definedT(A i N ):
Figure 154857DEST_PATH_IMAGE010
Wherein the content of the first and second substances,
Figure 801739DEST_PATH_IMAGE011
is a nodeNIn the first placeinThe node reputation value for the group time,
Figure 110360DEST_PATH_IMAGE012
is a nodeNIn the first placein+A node reputation value for a set of 1 times,
Figure 932298DEST_PATH_IMAGE013
is a nodeNIn the first placein+2The node reputation value for the group time,
Figure 552635DEST_PATH_IMAGE014
is just a sectionDotNIn the first placein+n-Node reputation values for 1 set of times.
6. The method of claim 1 for identifying malicious nodes based on temporal reputation sequences, which
Characterized in that said step 5 comprises: if the node reputation sequence similarity is positive similarity or
Figure 878574DEST_PATH_IMAGE015
If the node reputation sequence similarity is negative, the node is judged to be a normal node, and if the node reputation sequence similarity is negative, the node reputation sequence similarity is judged to be normal
Figure 307282DEST_PATH_IMAGE016
The node enters the observation period and passesfIf the credit value of the nodes in each observation period is still not increased, judging the nodes as malicious nodes;
the sequence nodes are determined according to the following formula:
Figure 37471DEST_PATH_IMAGE017
wherein the content of the first and second substances,
Figure 410684DEST_PATH_IMAGE018
if two time series
Figure 274735DEST_PATH_IMAGE019
Then, then
Figure 167736DEST_PATH_IMAGE020
Indicating that they are identical if the two time series are identical
Figure 724619DEST_PATH_IMAGE021
Then, then
Figure 585127DEST_PATH_IMAGE022
Indicating a negative correlation between them.
CN202011424377.1A 2020-12-08 2020-12-08 Malicious node identification method based on time credit sequence Pending CN112533170A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011424377.1A CN112533170A (en) 2020-12-08 2020-12-08 Malicious node identification method based on time credit sequence

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011424377.1A CN112533170A (en) 2020-12-08 2020-12-08 Malicious node identification method based on time credit sequence

Publications (1)

Publication Number Publication Date
CN112533170A true CN112533170A (en) 2021-03-19

Family

ID=74998240

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011424377.1A Pending CN112533170A (en) 2020-12-08 2020-12-08 Malicious node identification method based on time credit sequence

Country Status (1)

Country Link
CN (1) CN112533170A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108763925A (en) * 2018-05-16 2018-11-06 首都师范大学 A kind of sensor attack detection method measured based on fusion interval and history
CN114189381A (en) * 2021-12-10 2022-03-15 哈尔滨工程大学 Identification method for Tor anonymous communication network malicious exit relay node

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107404718A (en) * 2017-08-16 2017-11-28 中国民航大学 A kind of wireless sensor network malicious node detection method
CN108124261A (en) * 2017-12-11 2018-06-05 重庆邮电大学 It is a kind of to merge credit assessment and the safe clustering method of wireless sense network for mechanism of patrolling
CN108391300A (en) * 2018-03-15 2018-08-10 东北大学 Credible routing algorithm based on credit worthiness in a kind of opportunistic network
CN111510502A (en) * 2020-04-28 2020-08-07 吉林科创电力有限公司 PBFT consensus propagation optimization method based on dynamic reputation value

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107404718A (en) * 2017-08-16 2017-11-28 中国民航大学 A kind of wireless sensor network malicious node detection method
CN108124261A (en) * 2017-12-11 2018-06-05 重庆邮电大学 It is a kind of to merge credit assessment and the safe clustering method of wireless sense network for mechanism of patrolling
CN108391300A (en) * 2018-03-15 2018-08-10 东北大学 Credible routing algorithm based on credit worthiness in a kind of opportunistic network
CN111510502A (en) * 2020-04-28 2020-08-07 吉林科创电力有限公司 PBFT consensus propagation optimization method based on dynamic reputation value

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
滕志军,庞宝贺,孙铭阳,谢露莹,郭力文: "基于环境参数优化和时间信誉序列的恶意节点识别模型", 《西北工业大学学报》 *
胡向东,邢有权,何文祥: "融合信誉评估与巡查机制的WSN能量高效安全成簇算法", 《电讯技术》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108763925A (en) * 2018-05-16 2018-11-06 首都师范大学 A kind of sensor attack detection method measured based on fusion interval and history
CN114189381A (en) * 2021-12-10 2022-03-15 哈尔滨工程大学 Identification method for Tor anonymous communication network malicious exit relay node
CN114189381B (en) * 2021-12-10 2023-08-01 哈尔滨工程大学 Method for identifying malicious exit relay node of Tor anonymous communication network

Similar Documents

Publication Publication Date Title
Huang et al. A dynamic games approach to proactive defense strategies against advanced persistent threats in cyber-physical systems
Khan et al. An enhanced multi-stage deep learning framework for detecting malicious activities from autonomous vehicles
Qassim et al. Anomalies Classification Approach for Network-based Intrusion Detection System.
CN112671701B (en) Vehicle-mounted terminal intrusion detection method based on vehicle-mounted network abnormal behavior feature driving
US8307459B2 (en) Botnet early detection using hybrid hidden markov model algorithm
CN112533170A (en) Malicious node identification method based on time credit sequence
US11115823B1 (en) Internet-of-things device classifier
CN104899513A (en) Data diagram detection method for industrial control system malicious data attack
CN110768946A (en) Industrial control network intrusion detection system and method based on bloom filter
Hui et al. Research intrusion detection techniques from the perspective of machine learning
Hammad et al. Intrusion detection system using feature selection with clustering and classification machine learning algorithms on the unsw-nb15 dataset
Shang et al. Discovering unknown advanced persistent threat using shared features mined by neural networks
Marchetti et al. Identification of correlated network intrusion alerts
Chourib Detecting selected network covert channels using machine learning
Nguyen et al. A new anomaly traffic detection based on fuzzy logic approach in wireless sensor networks
AsSadhan et al. A robust anomaly detection method using a constant false alarm rate approach
Jeevaraj Feature Selection Model using Naive Bayes ML Algorithm for WSN Intrusion Detection System
Ahmed et al. Enhancing intrusion detection using statistical functions
CN113709097B (en) Network risk sensing method and defense method
Saini et al. Modelling intrusion detection system using hidden Markov model: A review
Song et al. Hidden target recognition method for high-speed network security threats based on attack graph theory
KR100656340B1 (en) Apparatus for analyzing the information of abnormal traffic and Method thereof
Al-Dayil et al. Detecting social media mobile botnets using user activity correlation and artificial immune system
Shan-Shan et al. The APT detection method based on attack tree for SDN
Xu et al. Multi-Dimensional Security Indicator Design and Optimization for DDoS Detection in Edge Computing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20210319