| Wireless Sensor Networks(WSN) come into being along with embedded computing system, sensor technology and wireless networks. WSN are widely used in military tasks, environmental monitoring, medical care, construction engineering, industry, agriculture, smart home system, warehouse management etc. And now, WSN technology is one of the three most promising high-tech industries. To be different from traditional networks, in WSN a large number of cheap and small sensors are randomly deployed in the monitoring area, and then the wireless network is setup in the ad-hoc way. The wireless sensors cooperate with each other in order to observe and monitor objects in the range of the area. The data packets are transmitted to the sink node and users within a number of hops. Besides obtaining and processing data, each sensor nodes also works like a router which has more features such as dynamic searching, locating and linking.Sensor nodes are often deployed under field conditions or in hostile area. In general, sensor nodes are simple and their anti-acquisition capability is weak. Therefore, adversaries could capture sensor nodes and obtain their sensitive information, even to the extent that make them as malicious nodes. Secure authentication system based on cryptography mechanism cannot recognize these malicious nodes, because these nodes hold secret information like secret keys just as normal nodes. Attackers can use these malicious nodes to launch a variety of types of attacks. These attacks could exhaust limited network resources which will lead to network paralysis. Meanwhile, they could also trigger the false alarm and lead users to make wrong judgement.In this thesis, the author conducts pointed research on en-route filter, guarding against selective dropping and traceing back to malicious nodes. Main works and novelties are as follows.1) En-route filtering for false data. An en-route filering method based on neighbour monitoring is propsed to solve the problem that a large number of malicious launch attacks cooperatively. In this method, each node stores neighbor information within two hops. The node receiving a packet confirms the upstream node is whether the source node or a forwarding node by monitoring its ACK packet. In this way, we can make sure that malicious cannot forge events in other zones by compromised nodes. In most cases, forged packets are filtered in one hop. The method improves the efficiency of en-route filtering, mitigate the impact of malicious nodes and extend the life of the network.2) En-route filtering against selective dropping. In traditional en-route filtering mechanism, forwarding nodes are supposed to be normal. However, if forwarding nodes are captured and selectively drop normal packets, they cannot make a distinction between false packets and normal packets. To address this problem, we propose an en-route filtering method against selective dropping. In this method, packets are forwarded and authenticated step by step. Besides of filtering false packets, we could also find the behavior of selective dropping. In addition, any normal packet will not be filtered by sink or forwarding nodes if malicious nodes add false MACs intentionally because T new one-way hash chain keys are added in this method.3) Traceback to malicious nodes. Although en-route filtering mechanisms can filter false packets effecively, they cannot eradicate the impact of malicious nodes. To address this situation, two methods locating malicious nodes are proposed. In network swith dense sensor nodes, we propose a traceback method based on neighbour information. The sink node can trace back to attacking nodes step by step using packets’featuring information stored by two communicating nodes and their neighbours. In this method, the sink will locate attacking nodes by collecting a small number of packets and it is still valid even if the routing information is changed. In networks with sparse sensor nodes, we propose an edge marking method based on neighbor information within two hops. Sensor nodes are divided into two types—marking nodes and non-marking nodes in this method, and only marking nodes need to mark packets with certain probability. In this way, the length of attacking route is reduced to one half of traditional methods, and the number of packets needed is greatly reduced too. |
PDF Full Text Request