Research On Intrustion Tolerant Technologies For Wireless Sensor Networks

Wireless sensor network is a multi-hop self-organizing network which constituted by a set of self-organizing sensor nodes that limited in energy, connected by wireless way. It can be applied to the poor or special environments where people can not close, such as military reconnaissance, resource exploration, production monitoring and counter-terrorism and other security. With the development of the network industry, wireless sensor network, as a key technology, has a more broad application prospects. But in the scenes such as harsh environment, whether many related applications can normal operation are closely related to network security, once the network is attacked, it may result in the application cannot continue. Under very limited node resource, how to design intrusion tolerance security topology, provid intrusion tolerance security routing, detect intrusion and make a variety of defense, are key problems which related to the sensor network really to practical.Topology is the basic for network link connectivity. Attacks aimed at topology will cause some nodes do not work and split the network topology connected before. It will waste a lot of energy to regenerate a new topology. What’s worse, if the nodes distribution is uneven, it would not be able to form a new connected network. Routing is the key issue for network link connectivity. Attacks aimed at network layer routing can cause interruption, tampering, partly isolation or the entire network death.. Intrusion detection and tolerance are important measures that can ensure network link connectiong and critical services running. Through the detection and tolerance of intrusions, it provides a reliable basis to transmit packets. Therefore, the secure and energy-saving topology and routing, effective and energy-saving intrusion detection and tolerance methods for wireless sensor networks become issues which need to be pay great attention to.This paper based on analyzing and summing up the sensor network topology, routing and intrusion detection, focusing on intrusion-tolerance and energy-saving topology, security energy-saving routing and methods and mechanisms to tolerate attacks and invasion, to get a depth and meticulous research. The main research contents include the following aspects:1) In view of the problem of that network topology can not completely prevent malicious nodes into the network and new nodes’safely adding into network can not be ensured, an energy-efficient secure topology (HIT:Hexagonal Intrusion Topology) constructing method is presented. In the method, topology made of hexagonal cells is formed according to node locations. According to the structured topology, transmission distance between neighbour nodes are caculated. And transmit power is ajusted based on the distance. The lifetime of network is extended by exploiting sleep of redundant nodes to conserve energy. In the method, security for updating sensor network topology is provided by controlling new node securely adding to network with the help of one way hash chain and symmetric cryptographic key, and network energy consumption is reduced by the way that new nodes form temporal clusters. And a detailed analysis of its performance and experimental validation are given.2) In view of the problems of limited energy of the nodes and threat to routing security in wireless sensor networks, Energy-efficient Secure Routing Protocol (ESRP), an energy-efficient secure routing protocol for wireless sensor networks, is proposed. According to the structured topology of hexagonal mesh, hops at different directions are calculated on the optimal route for transmitting data packets in ESRP. With the help of characters of hops, one can rapidly find a route from source to destination among multiple optimal routes by the policy of the twice probability routing choosing. Data breach is prevented by data encryption and data security is realized by one-way hash key chain and symmetric key authentication. While offering preventions against usual attacks, ESRP also takes into account traffic load balance. And a detailed analysis of its performance and experimental validation are given.3) In view of the problems that energy consumption is more and defense is weak in present methods of defending selected forwarding attacks. We present a lightweight tolerant intrusion method against selective forwarding attacks. By neighbour nodes’ co_defensing based on HIT, the method is effective in detecting selective forwarding attacks under less energy consumption and space using. With the help of ESRP, it chooses no atttakers path to send the event packets, and ensures the event packets reliablely delivery to the destination node under tolerrent exist of attckers. A detailed analysis of its performance and experimental validation are given.4) To protect critical services of wireless sensor networks of data fusion and packet forward, a tolerant intrusion mechanism based on trust evaluation is presented. In the mechanism, the value of confidence was used to describe the impreciseness of the value of the trust and discarding routing packets or data packets attacks are effencively defected. By restricting scope of data changing based on the fuzzy trust model, intrusion tolerance of data changing attacks which are difficult to find is realized. Then the simulation and the example are given to show the performances of using the mechamism to detect or tolerate the insidious attacks. And effction of the mechamism to netwok performance is analysed.