| Wireless sensor network combines the objective physical world and the transmission network,formed a new type of next-generation network, the way people access information and processinformation model also changed accordingly. Because it takes advantage of lower cost individualnode and can be large-scale deployment, WSN is used for some specific work environments, suchas military reconnaissance, medical care, space exploration and so on. But at the same time thereare some defects, such as low storage capacity, part of the limited resources, etc, there defects makeWSN vulnerable to DoS attack.Broadcast is seen as the primary way to data distribution and collection in WSN, broadcastauthentication as a security mechanism, there are two main solutions: μTESLA scheme based onsymmetric key mechanism and digital signature scheme based on public key mechanism. μTESLAscheme based on symmetric key mechanism due to delayed leak symmetric key, greatly increase theend-to-end delay, while the energy consumption of digital signature scheme based on public keymechanism is higher compared to the former because of a lot of public key operation. However,both scheme based on symmetric key mechanism and scheme based on public key mechanism arevulnerable to DoS attacks, this paper proposes a new solution with defending against DoS attacksfor broadcast authentication in WSN.The research motivation is defending DoS attacks against broadcast authentication, andanalyzed the broadcast authentication based on Nyberg’s fasting one-way accumulator. The schemeuses Nyberg’s fasting one-way accumulator for signature verification, it has lower computationaloverhead and communication overhead than signature verification based on public key mechanism,but this scheme can not resist DoS attacks, and the end-to-end delay is large. Based on the schemethis paper proposes a new broadcast authentication scheme with defending against DoS attacksNBRS, that add the reputation mechanism to the broadcast authentication based on Nyberg’s fastingone-way accumulator, and introduce two parameters, neighbors reputation values and the globalreputation values, to conduct a comprehensive assessment of the nodes. By judging the globalreputation value is to determine first forward-first or certification-first, that effectively reduceend-to-end delay, reduce the computing and storage energy, while increasing the ability of DoSattack against. Simulation and theoretical analysis prove NBRS can filter false data packeteffectively, reduce the end-to-end delay and energy consumption significantly compared with otherschemes. |