CN112689281B - Sensor network malicious node judgment method based on two-type fuzzy system - Google Patents

Sensor network malicious node judgment method based on two-type fuzzy system Download PDF

Info

Publication number
CN112689281B
CN112689281B CN202011518969.XA CN202011518969A CN112689281B CN 112689281 B CN112689281 B CN 112689281B CN 202011518969 A CN202011518969 A CN 202011518969A CN 112689281 B CN112689281 B CN 112689281B
Authority
CN
China
Prior art keywords
trust
node
data
trust value
value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011518969.XA
Other languages
Chinese (zh)
Other versions
CN112689281A (en
Inventor
杨柳
施学鸿
张平
程琪
姜法勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing University of Post and Telecommunications
Original Assignee
Chongqing University of Post and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing University of Post and Telecommunications filed Critical Chongqing University of Post and Telecommunications
Priority to CN202011518969.XA priority Critical patent/CN112689281B/en
Publication of CN112689281A publication Critical patent/CN112689281A/en
Application granted granted Critical
Publication of CN112689281B publication Critical patent/CN112689281B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention belongs to the field of trust management mechanisms of network information security, and particularly relates to a sensor network malicious node judgment method based on a two-type fuzzy system, which comprises the following steps: constructing a two-type fuzzy system, and obtaining a trust value of a node through behavior data fuzzification, reasoning, type reduction and defuzzification processing; performing two-stage fusion on the node trust value, extracting data characteristics, and finally performing aggregation and outlier analysis on the trust value by using a mean shift method so as to judge malicious nodes in the wireless sensor network; according to the invention, by constructing the two-type fuzzy system and carrying out fusion, trust value feature extraction and outlier analysis on the multi-source trust of the node, the node trust value evaluation precision and the safety performance of the wireless sensor network are improved.

Description

Sensor network malicious node judgment method based on two-type fuzzy system
Technical Field
The invention belongs to the field of trust management mechanisms of network information security, and particularly relates to a method for judging malicious nodes of a sensor network based on a two-type fuzzy system.
Background
The wireless sensor network is vulnerable due to the particularity of the application environment, and particularly is vulnerable to physical capture to become a compromised node, while the traditional security technology cannot be directly applied to the wireless sensor network to solve the security problem, so that a new security mechanism is necessary to encrypt the wireless sensor network. And endowing the nodes with a certain trust level, and reflecting the reliability degree of the nodes through the trust level. However, the open communication environment of the wireless sensor network is unstable, and cheap nodes are easy to generate misoperation or generate faults, so that behavior data of the nodes obtained by monitoring has certain ambiguity, and it is uncertain whether the nodes have maliciousness or not according to the trust value of the single node. How to perform trust evaluation on the monitored behavior data with fuzzy uncertainty so as to judge the malicious node is an urgent problem to be solved in the field of wireless sensor network security.
Disclosure of Invention
In order to solve the problems in the prior art, the invention provides a method for judging malicious nodes of a sensor network based on a two-type fuzzy system, which comprises the following steps:
s1: acquiring node behavior data in a sensor network, and performing trust evaluation based on a two-type fuzzy theory on the behavior data of each node to obtain a direct trust value of each node;
s2: comprehensively evaluating node trust by adopting multi-source trust data; fusing the multi-source trust values to obtain a node comprehensive trust value; the multi-source trust data comprises recommended trust, historical trust and a direct trust value;
s3: performing feature extraction on the historical comprehensive trust value of the node to obtain trust data features; the trust data characteristics comprise variable characteristics and centralized trend characteristics;
s4: carrying out trust grade division on the trust data characteristics by adopting a Mean-Shift clustering algorithm (Mean-Shift);
s5: judging the malicious level of the node according to the trust level;
s6: and selectively adopting a novel WIBE data encryption algorithm to encrypt the data transmitted by each node according to the malicious level of the node, so that the node realizes the balance of energy and safety.
Preferably, the specific process of evaluating the direct trust value of the node includes:
s11: acquiring transmission behavior data of adjacent nodes by adopting a behavior dynamic monitoring system; the transmission behavior data comprises a data forwarding rate and a delay rate;
s12: mapping the transmission behavior data of the nodes into corresponding two-type fuzzy sets by adopting fuzzy sets in a knowledge base;
s13: mapping the two-type fuzzy set to a fuzzy set containing a trust value according to a fuzzy rule base to obtain a two-type trust fuzzy set;
s14: converting the type-II trust fuzzy set into a type-I trust fuzzy set;
s15: and performing defuzzification processing on the type I trust fuzzy set to obtain a direct trust value.
Preferably, the specific process of evaluating the node comprehensive trust value includes:
s21: each node periodically performs data interaction with other nodes, so that direct trust is evaluated, and a trust value is broadcasted and recommended in a neighborhood to obtain a recommended trust value;
s22: obtaining multi-source trust data according to the direct trust value, the recommended trust value and the historical comprehensive trust value;
s23: and performing fusion processing on the multi-source trust data by adopting a two-stage trust fusion method to obtain a node comprehensive trust value.
Further, the process of performing fusion processing on the multi-source trust data by adopting a two-stage trust fusion method comprises the following steps:
s231: in the first-stage trust fusion processing, member nodes in each cluster adopt a weighted fusion method to synthesize multi-source trust data into a single trust value; sending the single trust value to the corresponding cluster head node;
s232: in the second-level trust fusion processing, the cluster head node receives trust data sent by all the member nodes, and fuses all the trust data to obtain a node comprehensive trust value.
Preferably, the process of feature extraction on the historical integrated trust value of the node includes:
s31: calculating KL divergence of the historical comprehensive trust value, and determining distribution types of the KL divergence by adopting energy loss when probability distribution q is fitted to real distribution p;
s32: extracting variable characteristics of the historical comprehensive trust value according to the distribution type of the KL divergence;
s33: and distributing the comprehensive trust value on a one-dimensional straight line, solving trust value data of the historical comprehensive trust value by adopting a clustering method DBSCAn based on density, and aggregating the trust value data to obtain the centralized trend characteristic.
Further, the calculation formula of the energy loss when the probability distribution q fits the real distribution p is as follows:
Figure BDA0002848351910000031
preferably, the specific process of performing trust level classification includes:
s41: representing the trust data characteristics by using two-dimensional characteristic data points, wherein the abscissa represents the variable quantity of the trust of the node, and the ordinate represents the centralized trend of the trust of the node; setting a distance judgment threshold;
s42: randomly selecting a point from the two-dimensional characteristic data points as a center point;
s43: finding out all points within the bandwidth from the central point, and taking all the points within the range as data in a cluster c and recording the data as a set M;
s44: calculating a vector from the center point to each element in the set M by taking the center point as an origin, and superposing all distance vectors to obtain a vector shift;
s45: moving the center point by a distance of | shift | along the direction of the vector shift;
s46: when the magnitude of the vector shift does not converge, return to step S44; when the size of the vector shift is converged, classifying all central points in the iterative process into a cluster c; calculating the distance between the central point of the current cluster c and the central points of other existing clusters c 2; if the distance is smaller than the set distance judgment threshold, merging the current cluster c with the existing cluster c2, otherwise, taking the cluster c as a new cluster, and adding 1 to the total number of the clusters;
s47: repeating steps S42-S46 until all points are marked;
s48: acquiring the access frequency of a user to the marked nodes in each class, and taking the class with the maximum access frequency as the class of the current point set;
s49: and calculating the average trust value of the class of the current point set, arranging the average trust values from large to small, and dividing the average trust value into different trust labels according to the arrangement result.
Preferably, when encrypting data transmitted by a node, if the trust level of the node is low, the data transmitted to the node needs to be encrypted, and if the trust level of the node is high, the data is directly transmitted when the node performs data communication.
Preferably, the process of encrypting the data transmitted by each node by using the novel WIBE data encryption algorithm includes:
s61: initializing a server, and generating a random number S by the server;
s62: selecting an elliptic curve limited group FP and a primitive element P on a prime field, and generating a system public parameter SP according to the primitive element P and a random number S;
s63: all nodes broadcast network access requests to a server;
s64: after receiving the request, the server verifies and compares the IEEE address and the white list of the node; after the verification is passed, a public parameter SP is sent to each node;
s65: the node receives the public parameter SP, then randomly generates a parameter k, calculates L according to the public parameter SP and the parameter k, and sends the L to the server;
s66: the server generates d for each node after receiving the L, calculates the private key of each node according to the generated d, and sends the private key of each node to the corresponding node respectively;
s67: and each node decrypts the encrypted data by adopting a corresponding private key.
Aiming at the influence of open communication environment instability and malicious node attack capability heterogeneity on a trust evaluation system, the invention constructs a two-type fuzzy system and performs fusion, trust value feature extraction and outlier analysis on multi-source trust of the nodes, thereby improving the node trust value evaluation precision and the security performance of the wireless sensor network.
Drawings
Fig. 1 is a flowchart of a method for determining malicious nodes in a sensor network according to the present invention;
FIG. 2 is a block diagram of a two-type fuzzy inference system of the present invention;
FIG. 3 is a forwarding fuzzy set of the present invention;
FIG. 4 is a set of delay ambiguities of the present invention;
FIG. 5 is a trust fuzzy set of the present invention;
fig. 6 is an encryption flow diagram of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
A method for judging malicious nodes in a sensor network based on a two-type fuzzy system is disclosed, as shown in FIG. 1, and the method comprises the following steps:
s1: acquiring node behavior data in a sensor network, and performing trust evaluation based on a two-type fuzzy theory on the behavior data of each node to obtain a direct trust value of each node;
s2: comprehensively evaluating node trust by adopting multi-source trust data; fusing the multi-source trust values to obtain a node comprehensive trust value; the multi-source trust data comprises recommended trust, historical trust and a direct trust value;
s3: performing feature extraction on the historical comprehensive trust value of the node to obtain trust data features; the trust data characteristics comprise variable characteristics and centralized trend characteristics;
s4: carrying out trust grade division on the trust data characteristics by adopting a mean shift clustering algorithm;
s5: judging the malicious level of the node according to the trust level;
s6: and selectively adopting a novel WIBE data encryption algorithm to encrypt the data transmitted by each node according to the malicious level of the node, so that the node realizes the balance of energy and safety.
The specific process of evaluating the direct trust value of the node comprises the following steps:
s11: acquiring transmission behavior data of adjacent nodes by adopting a behavior dynamic monitoring system; the transmission behavior data comprises a data forwarding rate and a delay rate;
s12: mapping the transmission behavior data of the nodes into corresponding two-type fuzzy sets by adopting fuzzy sets in a knowledge base;
s13: mapping the two-type fuzzy set to a fuzzy set containing a trust value according to a fuzzy rule base to obtain a two-type trust fuzzy set;
s14: converting the type-II trust fuzzy set into a type-I trust fuzzy set;
s15: and performing defuzzification processing on the type I trust fuzzy set to obtain a direct trust value.
The specific process is as follows: in the process of carrying out trust data analysis of the two-type fuzzy theory on the nodes, after the deployment of the sensor network is completed, in order to reduce the influence of the trust data fuzziness caused by an open channel on the trust evaluation precision, the nodes obtain transmission behavior data of neighbor nodes, namely data Forwarding Rate (FR) and Delay Rate (DR) through a behavior dynamic monitoring system. And then the trust value of the node is obtained through the processing of the two-type fuzzy inference system. As shown in FIG. 2, the two-type fuzzy system comprises four modules, namely a fuzzifier, a fuzzy inference engine, a degrader and a defuzzifier, wherein the functions of the modules are as follows:
the fuzzifier module maps the input trust foundation FR and DR into a corresponding two-type fuzzy set according to the fuzzy set in the knowledge base.
As shown in fig. 3The graph is a fuzzy set membership function of node transmission behavior data, and membership functions in two fuzzy sets are determined by weights of different transmission behaviors. The membership function curve of the fuzzy set 'middle' of the forwarding rate is a triangle, the membership function curve of the fuzzy set 'middle' of the delay rate is an irregular trapezoid, and the membership function curves of the fuzzy set 'low' and 'high' are triangles. The specific values of the parameters a, b, c, d, etc. are determined according to the application under different circumstances. Inputting 1 group of transmission behavior data into a fuzzifier, and outputting membership (DLL) of 6 groups of two-type fuzzy sets FR ,DLH FR ),(DML FR ,DMH FR ),(DHL FR ,DHH FR ),(DLL DR , DLH DR ),(DML DR ,DMH DR ),(DHL DR ,DLH DR )。
The fuzzy inference engine maps the two-type fuzzy set of trust data to the fuzzy set of trust values according to the fuzzy rule base.
The inference engine module consists of a fuzzy rule base and an inference engine, wherein the fuzzy rule base consists of a group of IF-THEN rules, the specific definition is shown in table 1, and fuzzy set membership selection rules corresponding to different behavior data are different.
TABLE 1 rule base
Figure BDA0002848351910000061
Figure BDA0002848351910000071
Selecting 3 fuzzy rules (such as rules 2,3 and 6) from the table 1 to respectively correspond to 3 groups of fuzzy sets, fusing the obtained 6 groups of membership degrees into 3 groups of fuzzy rules respectively corresponding to 3 groups of fuzzy rules by using an interval minimum value method: (DHL) FR , DMH DR ),(DHL FR ,DHH DR ),(DML DR ,DMH FR )。
As shown in FIG. 4, the downgrader reduces the type two Trust fuzzy sets to type one Trust fuzzy sets; lowering the center of gravity of the model-lowering device, i.e. finding out the modelAnd (5) outputting the union barycenter of all the regular output type fuzzy sets. Firstly, calculating the output membership of each rule, discretizing the output space into N points, discretizing the domain output by each rule into a proper number of points, and then calculating to obtain all embedded one-type fuzzy sets to obtain a value domain (y) 1 ,y 2 )。
As shown in FIG. 5, defuzzification is the refinement of a type one ambiguity set to a specific confidence value. The value range (y) to be obtained 1 ,y 2 ) And calculating a centroid, wherein the centroid is the trust data of the node. The centroid calculation formula is:
Figure BDA0002848351910000072
the specific process of obtaining the node comprehensive trust value comprises the following steps:
s21: each node periodically performs data interaction with other nodes, so that direct trust is evaluated, and a trust value is broadcasted and recommended in a neighborhood to obtain a recommended trust value;
s22: obtaining multi-source trust data according to the direct trust value, the recommended trust value and the historical comprehensive trust value;
s23: and performing fusion processing on the multi-source trust data by adopting a two-stage trust fusion method to obtain a node comprehensive trust value.
S231: in the first-stage trust fusion processing, member nodes in each cluster adopt a weighted fusion method to synthesize multi-source trust data into a single trust value; sending the single trust value to the corresponding cluster head node; the specific process comprises the following steps:
in the first-level trust fusion processing, the nodes adopt a weighted fusion method to synthesize multi-source trust data into a single trust value, and then the result is sent to the corresponding cluster head nodes; the nodes firstly monitor the trust value T of the nodes z Trust value T of common neighbor node g Monitoring node trust value T recommended by common neighbor node s And monitoring the historical trust value T of the node h (T h Can be regarded as T z Authority value of, T g Can be regarded as T s Authority value) to be fused into a single trust value by weighting. The calculation process is as follows:
Figure BDA0002848351910000081
wherein T' represents a node trust value, and N represents the number of recommended nodes.
After all the nodes calculate the trust values of the neighbor nodes, the trust value data of the neighbor nodes are sent to the sink node of the cluster.
S232: in the second-level trust fusion processing, the cluster head node receives trust data sent by all the member nodes, and fuses all the trust data to obtain a node comprehensive trust value. The specific process is as follows:
in the second-level trust fusion processing, the cluster head node performs fusion processing on the trust data sent by all the member nodes, so that more accurate trust data is obtained by performing trust analysis on the cluster level, and the cluster head node obtains the historical trust value T of the node h ', Trust value T of the recommendation node g ' and recommendation node recommended trust value T s ' calculating the trust value of each node in the sensor network and broadcasting the trust value to each node. The calculation process is as follows:
Figure BDA0002848351910000082
at the beginning of network deployment, because the cluster head node does not store enough trust data of other nodes, the node trust data obtained through each round of direct interaction and evaluation is fused with the recommended trust data to obtain the latest trust value and store the latest trust value in the memory of the cluster head node. After a certain number of data transmission and trust evaluation, the node stores a certain amount of historical trust data, so that the historical trust condition can be comprehensively considered when the latest trust value of the node is evaluated. And after re-clustering, the nodes are added into a new cluster, each node sends the trust value of the neighbor node in the previous round to a new cluster head node, and the cluster head node broadcasts the integrated trust data in the cluster.
The specific process of extracting the characteristics of the node trust data comprises the following steps:
s31: calculating KL divergence of the historical comprehensive trust value, and determining distribution types of the KL divergence by adopting energy loss when probability distribution q is fitted to real distribution p; the calculation formula of the energy loss when the probability distribution q fits the real distribution p is:
Figure BDA0002848351910000091
wherein, p (x) i ) Probability distribution representing a real event, q (x) i ) Representing a probability distribution of the event that is theoretically fitted,
Figure BDA0002848351910000092
representing the coding length of each character, p representing a real event, q representing a theoretical fitting event, and N representing a discrete event p; d kL The smaller (p | | q), the closer the true distribution is to the target distribution.
S32: extracting variable characteristics of the historical comprehensive trust value according to the distribution type of the KL divergence; if the KL divergence follows the average distribution, converting the variation into the average variation, wherein the conversion process is to obtain the average variation by quotient of the sum of the single variation and the number of times of the previous round; if the KL divergence obeys normal distribution, calculating the difference value between the trust value of the last round of the node and the maximum value of the historical trust value, calculating the average variable quantity of the variable, and summing the difference value and the average variable quantity to obtain the variable quantity of one round.
S33: distributing the historical comprehensive trust values on a one-dimensional straight line, solving 80% trust value data by adopting a density-based clustering method DBSCAn, and aggregating the trust value data to obtain a centralized trend characteristic. The specific implementation mode is as follows:
first, an arbitrary point is selected, and then all points which are less than or equal to the threshold value eps from this point are found. If the number of data points within eps from the starting point is less than min _ samples (the threshold number of samples of e-neighborhood needed for a sample point to be a core object), then this point is marked as noise. If the number of data points within eps is greater than min samples, this point is marked as the core sample and assigned a new cluster label.
All neighbors of this point (within the distance threshold eps) are then visited. If these points have not been assigned to a cluster, then the new cluster labels just created are assigned to them. If these points are core samples, then their neighbors are visited in turn, and so on. The cluster grows until there are no core sample points within the eps distance of the cluster.
Finally, another point which has not been visited is selected and the same process is repeated. And finally, extracting the cluster with the largest scale to obtain the selected concentration trend.
The specific process of carrying out trust grade division on the trust data characteristics by adopting the Mean Shift clustering algorithm Mean-Shift comprises the following steps: after the cluster head nodes extract the characteristics of the trust data of all the nodes, the trust condition of each node can be represented by two-dimensional characteristic data points on a coordinate system, the abscissa represents the variable quantity of the trust of the node, and the ordinate represents the centralized trend of the trust of the node. And clustering the trust feature data by using a mean shift algorithm, and marking the corresponding nodes with different trust levels according to different features after clustering is finished. The cluster head node broadcasts all trust levels within the cluster. And after receiving the message broadcast by the cluster head node, the node performs trust update on the neighbor node. The specific process for performing trust level classification comprises the following steps:
s41: representing the trust data characteristics by using two-dimensional characteristic data points, wherein the abscissa represents the variable quantity of the trust of the node, and the ordinate represents the centralized trend of the trust of the node; setting a distance judgment threshold;
s42: randomly selecting a point from the two-dimensional characteristic data points as a center point;
s43: finding out all points within the bandwidth from the central point, and taking all the points as data in the cluster c and recording the data as a set M;
s44: calculating a vector from the center point to each element in the set M by taking the center point as a center, and superposing all distance vectors to obtain a vector shift;
s45: moving the center point by a distance of | shift | along the direction of the vector shift;
s46: when the magnitude of the vector shift does not converge, return to step S44; when the size of the vector shift is converged, classifying all central points in the iterative process into a cluster c; calculating the distance between the central point of the current cluster c and the central points of other existing clusters c 2; if the distance is smaller than the set distance judgment threshold, merging the current cluster c with the existing cluster c2, otherwise, taking the cluster c as a new cluster, and adding 1 to the total number of the clusters;
s47: repeating steps S42-S46 until all points are marked;
s48: acquiring the access frequency of a user to the marked nodes in each class, and taking the class with the maximum access frequency as the class of the current point set;
s49: and calculating the average trust value of the class of the current point set, arranging the average trust values from large to small, and dividing the average trust value into different trust labels according to the arrangement result.
And a novel WIBE data encryption algorithm is used as a safety supplement mechanism to realize the balance of energy and safety. Trust and encryption mechanisms are complementary, if a node has low trust level, the encryption mechanism is more complex if the node is selected as a communication object; on the contrary, if one node is completely trusted, encryption is not needed during communication, and therefore balance between safety and energy conservation is achieved.
After updating the trust value and the identification of the neighbor node, a single node firstly judges whether the neighbor node has an untrustworthy node or not when sending data, encrypts the data if the untrustworthy node exists, and encrypts the data to different degrees according to the suspicious degree of the neighbor node. From high to low trust level, encryption is performed according to WIBE or other similar encryption algorithms from no encryption to the increase of encryption rounds. If the neighbor nodes are reliable when the initial node sends data, encryption is not needed; if the node monitors that the neighbor node is unreliable, data encryption is carried out in the data transmission process, and a parameter R is written in during encryption to indicate which node is used for encryption. The encryption algorithm is characterized in that a specific function structure is constructed by a public key Q and a public parameter SP of a node and a secret parameter k randomly generated by the node: public key + public parameter + random number > specific encryption structure > ciphertext.
As shown in fig. 6, the specific process of performing encryption includes:
s61: initializing a server, and generating a random number S by the server;
s62: selecting an elliptic curve limited group FP and a primitive element P on a prime field, and generating a system public parameter SP according to the primitive element P and a random number S; namely SP ═ S × P.
S63: all nodes broadcast network access requests to a server;
s64: after receiving the request, the server verifies and compares the IEEE address and the white list of the node; after the verification is passed, a public parameter SP is sent to each node;
s65: the node receives the public parameter SP, randomly generates a parameter k, calculates a node privacy parameter L according to the public parameter SP and the parameter k, and sends the node privacy parameter to the server; wherein L ═ SP × k.
S66: after receiving the node privacy parameters, the server generates an encryption parameter d for each node, calculates the private key of each node according to the generated d, and respectively sends the private key of each node to the corresponding node; the calculation process of the private key comprises the following steps:
Q=Hash 1 (Qbob)
e1=L(S*Q*d)
e2=P*d
wherein, Hash 1 Denotes a point at which a character string is hashed into a finite field, Q denotes a public key generated from public information Qbob, S denotes a random number generated by a server, d denotes an encryption parameter for each node, P denotes a public parameter, e1 denotes an authentication key, and e2 denotes an encryption key.
S67: and each node encrypts the data by adopting a corresponding private key.
When data is sent, the node calculates a 128-bit key of the encrypted AES, the corresponding sink node decrypts the data by using the corresponding key, and the key is as follows:
key=Hash 3 (SP*(k*Q)+e2)
wherein, Hash 3 Denotes hashing a certain point of a finite field into 128-bit AES key space, SP denotes a common parameter, and k denotes a random parameter.
The above-mentioned embodiments, which further illustrate the objects, technical solutions and advantages of the present invention, should be understood that the above-mentioned embodiments are only preferred embodiments of the present invention, and should not be construed as limiting the present invention, and any modifications, equivalents, improvements, etc. made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (7)

1. A method for judging malicious nodes of a sensor network based on a two-type fuzzy system is characterized by comprising the following steps:
s1: acquiring node behavior data in a sensor network, and performing trust evaluation based on a two-type fuzzy theory on the behavior data of each node to obtain a direct trust value of each node;
s2: comprehensively evaluating node trust by adopting multi-source trust data; fusing the multi-source trust values to obtain a node comprehensive trust value; the multi-source trust data comprises recommended trust, historical trust and a direct trust value;
s3: performing feature extraction on the historical comprehensive trust value of the node to obtain trust data features; the trust data characteristics comprise variable characteristics and centralized trend characteristics;
s4: carrying out trust grade division on the trust data characteristics by adopting a mean shift clustering algorithm; the step of performing trust rating comprises:
s41: representing the trust data characteristics by using two-dimensional characteristic data points, wherein the abscissa represents the variable quantity of the trust of the node, and the ordinate represents the centralized trend of the trust of the node; setting a distance judgment threshold;
s42: randomly selecting a point from the two-dimensional characteristic data points as a center point;
s43: finding out all points within the bandwidth from the central point, marking all points within the range as data in a cluster c, and recording the data as a set M;
s44: calculating the distance vector from the center point to each element in the set M by taking the center point as an origin, and superposing all the distance vectors to obtain a vector shift;
s45: moving the center point by a distance of | shift | along the direction of the vector shift;
s46: when the magnitude of the vector shift does not converge, return to step S44; when the size of the vector shift is converged, classifying all central points in the iterative process into a cluster c; calculating the distance between the central point of the current cluster c and the central points of other existing clusters c 2; if the distance is smaller than the set distance judgment threshold, merging the current cluster c with the existing cluster c2, otherwise, taking the cluster c as a new cluster, and adding 1 to the total number of the clusters;
s47: repeating steps S42-S46 until all points are marked;
s48: acquiring the access frequency of a user to the marked nodes in each class, and taking the class with the maximum access frequency as the class of the current point set;
s49: calculating the average trust value of the class of the current point set, arranging the average trust values from large to small, and dividing the average trust value into different trust labels according to the arrangement result;
s5: judging the malicious level of the node according to the trust level;
s6: selectively adopting a novel WIBE data encryption algorithm to encrypt data transmitted by each node according to the malicious level of the node, so that the node realizes the balance of energy and safety;
s61: initializing a server, and generating a random number S by the server;
s62: selecting an elliptic curve limited group FP and a primitive element P on a prime field, and generating a system public parameter SP according to the primitive element P and a random number S;
s63: all nodes broadcast network access requests to a server;
s64: after receiving the request, the server verifies and compares the IEEE address and the white list of the node; after the verification is passed, a public parameter SP is sent to each node;
s65: the node receives the public parameter SP, randomly generates a parameter k, calculates a node privacy parameter L according to the public parameter SP and the parameter k, and sends the node privacy parameter to the server;
s66: after receiving the node private parameters, the server generates an encryption parameter d for each node, calculates the private key of each node according to the generated d, and respectively sends the private key of each node to the corresponding node;
s67: and each node encrypts the data by adopting a corresponding private key.
2. The method for determining the malicious node in the sensor network based on the type-two fuzzy system as claimed in claim 1, wherein the specific process of evaluating the direct trust value of the node comprises:
s11: acquiring transmission behavior data of adjacent nodes by adopting a behavior dynamic monitoring system; the transmission behavior data comprises a data forwarding rate and a delay rate;
s12: mapping the transmission behavior data of the nodes into corresponding two-type fuzzy sets by adopting fuzzy sets in a knowledge base;
s13: mapping the two-type fuzzy set to a fuzzy set containing a trust value according to a fuzzy rule base to obtain a two-type trust fuzzy set;
s14: converting the type-II trust fuzzy set into a type-I trust fuzzy set;
s15: and performing defuzzification processing on the type I trust fuzzy set to obtain a direct trust value.
3. The method for judging the malicious node of the sensor network based on the type-two fuzzy system as claimed in claim 1, wherein the specific process of evaluating the comprehensive trust value of the node comprises:
s21: each node periodically performs data interaction with other nodes, so that direct trust is evaluated, and a trust value is broadcasted and recommended in a neighborhood to obtain a recommended trust value;
s22: obtaining multi-source trust data according to the direct trust value, the recommended trust value and the historical comprehensive trust value;
s23: and performing fusion processing on the multi-source trust data by adopting a two-stage trust fusion method to obtain a node comprehensive trust value.
4. The method for judging the malicious node of the sensor network based on the two-type fuzzy system as claimed in claim 3, wherein the process of performing fusion processing on the multi-source trust data by adopting a two-stage trust fusion method comprises the following steps:
s231: in the first-stage trust fusion processing, member nodes in each cluster adopt a weighted fusion method to synthesize multi-source trust data into a single trust value; sending the single trust value to the corresponding cluster head node;
s232: in the second-level trust fusion processing, the cluster head node receives trust data sent by all the member nodes, and fuses all the trust data to obtain a node comprehensive trust value.
5. The method for judging the malicious node of the sensor network based on the type-two fuzzy system as claimed in claim 1, wherein the process of extracting the characteristics of the historical comprehensive trust value of the node comprises:
s31: calculating KL divergence of the historical comprehensive trust value, and determining the distribution type of the KL divergence by adopting probability distribution q to fit the energy loss of the real distribution p;
s32: extracting variable characteristics of the historical comprehensive trust value according to the distribution type of the KL divergence;
s33: distributing the historical comprehensive trust value on a one-dimensional straight line, solving trust value data of the historical comprehensive trust value by adopting a density-based clustering method DBScan, and aggregating the trust value data to obtain the centralized trend characteristic.
6. The method for judging malicious nodes in a sensor network based on the two-type fuzzy system as claimed in claim 5, wherein the calculation formula of the energy loss when the probability distribution q is fitted to the true distribution p is as follows:
Figure FDA0003709163390000031
wherein, p (x) i ) Representing the probability distribution of real events, q (x) i ) Representing a probability distribution of the event that is theoretically fitted,
Figure FDA0003709163390000041
representing the code length of each character, p representing a real event, q representing a theoretical fitting event, and N representing a discrete event p.
7. The method as claimed in claim 1, wherein when encrypting data transmitted by a node, if the trust level of the node is low, the data transmitted to the node needs to be encrypted, and if the trust level of the node is high, the node directly transmits data during data communication.
CN202011518969.XA 2020-12-21 2020-12-21 Sensor network malicious node judgment method based on two-type fuzzy system Active CN112689281B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011518969.XA CN112689281B (en) 2020-12-21 2020-12-21 Sensor network malicious node judgment method based on two-type fuzzy system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011518969.XA CN112689281B (en) 2020-12-21 2020-12-21 Sensor network malicious node judgment method based on two-type fuzzy system

Publications (2)

Publication Number Publication Date
CN112689281A CN112689281A (en) 2021-04-20
CN112689281B true CN112689281B (en) 2022-08-05

Family

ID=75449934

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011518969.XA Active CN112689281B (en) 2020-12-21 2020-12-21 Sensor network malicious node judgment method based on two-type fuzzy system

Country Status (1)

Country Link
CN (1) CN112689281B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113709726A (en) * 2021-07-23 2021-11-26 国网河北省电力有限公司信息通信分公司 Power Internet of things trust management method based on edge calculation
CN114245384B (en) * 2021-11-12 2024-02-02 黑龙江两极科技有限公司 Sensor network malicious node detection method based on generation countermeasure network
CN114374520B (en) * 2022-01-06 2023-11-03 上海交通大学宁波人工智能研究院 Trusted and safe lightweight block chain implementation system and method

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102333307A (en) * 2011-09-28 2012-01-25 北京航空航天大学 Wireless sensor network (WSN) trust evaluation method based on subjective belief
CN102802158A (en) * 2012-08-07 2012-11-28 湖南大学 Method for detecting network anomaly of wireless sensor based on trust evaluation
CN105848242A (en) * 2016-03-25 2016-08-10 黑龙江大学 Safety route optimization method based on trust perception in wireless sensor network
CN106888430A (en) * 2017-04-17 2017-06-23 华侨大学 A kind of believable sensing cloud Data Collection appraisal procedure
CN107241358A (en) * 2017-08-02 2017-10-10 重庆邮电大学 A kind of smart home intrusion detection method based on deep learning
CN109548029A (en) * 2019-01-09 2019-03-29 重庆邮电大学 A kind of two-stage method for trust evaluation of nodes of Wireless Sensor Networks
CN110197282A (en) * 2019-06-10 2019-09-03 电子科技大学 A kind of threat estimating and method for situation assessment based on Genetic-fuzzy logic tree
CN110536258A (en) * 2019-08-09 2019-12-03 大连理工大学 Trust model based on isolated forest in a kind of UASNs

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101835158B (en) * 2010-04-12 2013-10-23 北京航空航天大学 Sensor network trust evaluation method based on node behaviors and D-S evidence theory
US10097529B2 (en) * 2015-05-01 2018-10-09 Samsung Electronics Co., Ltd. Semiconductor device for controlling access right to server of internet of things device and method of operating the same
CN109246155A (en) * 2018-12-07 2019-01-18 重庆邮电大学 A method of attack is trusted in the wireless sensor network defence based on trust management
CN112019373B (en) * 2020-07-10 2024-04-19 浙江工业大学 Intelligent home security data acquisition method based on dynamic trust evaluation model

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102333307A (en) * 2011-09-28 2012-01-25 北京航空航天大学 Wireless sensor network (WSN) trust evaluation method based on subjective belief
CN102802158A (en) * 2012-08-07 2012-11-28 湖南大学 Method for detecting network anomaly of wireless sensor based on trust evaluation
CN105848242A (en) * 2016-03-25 2016-08-10 黑龙江大学 Safety route optimization method based on trust perception in wireless sensor network
CN106888430A (en) * 2017-04-17 2017-06-23 华侨大学 A kind of believable sensing cloud Data Collection appraisal procedure
CN107241358A (en) * 2017-08-02 2017-10-10 重庆邮电大学 A kind of smart home intrusion detection method based on deep learning
CN109548029A (en) * 2019-01-09 2019-03-29 重庆邮电大学 A kind of two-stage method for trust evaluation of nodes of Wireless Sensor Networks
CN110197282A (en) * 2019-06-10 2019-09-03 电子科技大学 A kind of threat estimating and method for situation assessment based on Genetic-fuzzy logic tree
CN110536258A (en) * 2019-08-09 2019-12-03 大连理工大学 Trust model based on isolated forest in a kind of UASNs

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
De-centralized Reputation-based Trust Model to Discriminate Between Cloud Providers Capable of Processing Big Data;Hadeel T. El Kassabi ect.;《2017 IEEE 6th International Congress on Big Data》;20170911;全文 *
基于模糊信任的无线传感器网络可信路由;廖红梅,纪承,高璟;《传感器与微***》;20140616;全文 *
结合模糊集合与D-S证据理论的WSN信任评估模型;周治平等;《***仿真学报》;20180408(第04期);全文 *
防御信任攻击的无线传感器网络安全信任评估模型;陶洋,潘蕾娜,王进,杨柳;《传感技术学报》;20181215;全文 *

Also Published As

Publication number Publication date
CN112689281A (en) 2021-04-20

Similar Documents

Publication Publication Date Title
CN112689281B (en) Sensor network malicious node judgment method based on two-type fuzzy system
Kalidoss et al. QoS aware trust based routing algorithm for wireless sensor networks
Elhoseny et al. Reliable data transmission model for mobile ad hoc network using signcryption technique
Singh et al. A deep learning-based blockchain mechanism for secure internet of drones environment
Babaeer et al. Efficient and secure data transmission and sinkhole detection in a multi-clustering wireless sensor network based on homomorphic encryption and watermarking
Farahani Black hole attack detection using K‐nearest neighbor algorithm and reputation calculation in mobile ad hoc networks
Malik et al. Vehicular networks with security and trust management solutions: proposed secured message exchange via blockchain technology
Ghribi et al. A secure blockchain-based communication approach for UAV networks
Ibrahem et al. Privacy preserving and efficient data collection scheme for AMI networks using deep learning
CN116405187B (en) Distributed node intrusion situation sensing method based on block chain
Gomathi et al. Malicious node detection in wireless sensor networks using an efficient secure data aggregation protocol
Luo et al. A dynamic trust management system for wireless sensor networks
CN115037556B (en) Authorized sharing method for encrypted data in smart city system
CN115065458A (en) Electronic commerce transaction system with data encryption transmission
Sasirekha et al. Secure and attack aware routing in mobile ad hoc networks against wormhole and sinkhole attacks
Gu et al. Cluster-based malicious node detection for false downstream data in fog computing-based VANETs
CN116703304A (en) Goods asset supervision method and system based on Internet of things
Sedar et al. Reinforcement learning based misbehavior detection in vehicular networks
Yu et al. pSafety: Privacy-preserving safety monitoring in online ride hailing services
Sedar et al. Multi-domain denial-of-service attacks in internet-of-vehicles: Vulnerability insights and detection performance
Lyu et al. CLIP: Continuous location integrity and provenance for mobile phones
Thanuja et al. Unethical network attack detection and prevention using fuzzy based decision system in mobile ad-hoc networks
Delgosha et al. A multivariate key-establishment scheme for wireless sensor networks
Yang et al. DS evidence theory based trust detection scheme in wireless sensor networks
Safavat et al. Asynchronous federated learning for intrusion detection in vehicular cyber-physical systems

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant