| Wireless Sensor Network has been widely used in various fields, such as military, commercial and so on. Different from the traditional network, it is a large-scale, dynamic and integrated network. It is responsible for the sensor nodes in WSN to collect or monitor the surrounding information and convert it into forms of bytes so as to send to the user. WSN is usually deployed in adverse circumstances to monitor the temperature, air pressure, air humidity and other information. Therefore, the safety and stability of the network is very easily influenced by the surrounding environment. Due to the limitation of energy and the ability of data storage and data processing, when sensor nodes interact with each other, they are in a multi-hop fashion. Therefore, it is vulnerable to kinds of malicious attacks which can reduce network performance and even cause network crash. In this paper, a solution is proposed for the detection of two kinds of malicious attacks.(1) Sybil attack is a malicious attack against network protocol layer. In such an attack, a malicious node has multiple identifications which are forged or impersonated according to the normal nodes. While normal nodes in the network can't distinguish the false nodes, therefore the normal nodes will be misled to communicate with malicious nodes directly. In this way, the attacker will destroy the storage mechanism, data fusion mechanism, routing mechanism and fair resource allocation mechanism in WSN. According to the characteristics of Sybil attack, based on the low energy adaptive clustering protocol, a improved clustering method is proposed which considering the relationship between the residual energy of the nodes and the average residual energy of the network, and the relative density of the nodes. Then based on the characteristics of RSSI,LRD(LEACH-RSSI-ID)detection mechanism is proposed. Different from the previous detection methods, even though Sybil attack occurs in the initialization phase, the malicious nodes can be detected by sink node. What's more, when each malicious node frequently changes identification, it will be detected in a short time. Through the simulations, it is revealed that the LRD mechanism can detect the Sybil attack with high detection rate and accuracy. What's more, the energy consumption of LRD detection mechanism is much less than that of pure RSSI detection algorithm. Therefore, the network lifetime is prolonged.(2) The replication attack is that one or more normal sensor nodes are captured by the attacker in the network. Then the related network key and other information will be obtained. Based on this, multiple malicious nodes are forged and randomly placed in the network. The replication nodes are similar to normal nodes in many aspects such as the legitimate key identity information. So they can communicate with other noramal nodes in the network. According to the characteristics of replication attacks, the LTSP detection mechanism is proposed while considering the mathematical model of travelling salesman problem. What's more, in order to deal with the security problem of large-scale networks, we propose LLTSP detection mechanism. That is, Once number of cluster head nodes is over the threshold after clustering in large-scale networks, We take cluster head nodes as common nodes to cluster again in the network until number of CHs is within the threshold range. And the witness node selected by LTSP detection mechanism is not fixed, which can avoid the attack directly from the attacker. The simulation results show that the LTSP mechanism has a high detection rate, and can deal with large-scale network. Moreover, compared to the linear selection multicast(LSM) algorithm and random walk(RAWL) algorithm, the detection mechanism proposed in this paper consumes less energy, so the network lifetime is prolonged. |
PDF Full Text Request