无线传感网入侵检测关键技术研究

发布时间：2018-12-27 19:11

【摘要】：随着传感技术、无线网络技术和其他新兴技术的快速发展,无线传感器网络(Wireless Sensor Network,WSN)已被广泛应用。在军事、医疗等应用中,对系统的安全性要求很高,需要非常完备的安全系统才能保证其安然运行。然而由于WSN本身传感器节点资源有限、开放媒介等特性,使其容易遭受攻击。而目前已有的传统入侵检测系统,如基于规则的异常检测、基于误用的入侵检测等都不能直接应用于WSN的入侵检测中去。所以,研究WSN中的入侵检测有重大的现实意义。因为WSN系统检测框架和异常检测算法是WSN入侵检测的两个关键技术,因此,首先基于众多的WSN入侵检测框架提出我们自己的入侵检测框架,模仿多代理的方法,仅在簇头节点上部署采集模块,因此将很大程度上节省节点能耗。对于检测算法,我们采用基于蚁群的分类算法:Ant-Miner,该算法是最早的基于蚁群算法的分类模型。由于Ant-Miner算法具有很好的健壮性、鲁棒性等特点,在解决大规模的数据分类问题上表现出了很大的潜力。本文在研究分析了原Ant-Miner算法的基础上进行了以下两个方面的改进,并用MATLAB对其分类性能进行了分析:针对信息素的挥发,为了使其更接近真实情况,我们增添信息素挥发系数。而对于规则质量的反馈,在构建三条规则后对规则质量进行比较,选取规则质量较高的进行反馈,提高了检测的准确性。针对死锁问题,采用依次删除导致死锁的关联极大但不能达到规则最小覆盖样本数(Min_Class_Per_Rule)的属性节点,使规则的构建跳过此属性节点转而去选择其他属性节点。采用仿真工具NS2,在WSN的经典路由协议中实现了在黑洞攻击下检测框架及检测算法的仿真,验证了本文提出的检测框架和算法的有效性。最后,本文总结了论文的主要工作,并对未来的工作进行了展望。
[Abstract]:With the rapid development of sensor technology, wireless network technology and other emerging technologies, wireless sensor network (Wireless Sensor Network,WSN) has been widely used. In military, medical and other applications, the security requirements of the system are very high, it needs a very complete security system to ensure its safe operation. However, WSN is vulnerable to attack due to its limited sensor node resources and open media. However, the existing traditional intrusion detection systems, such as rule-based anomaly detection and misuse based intrusion detection, can not be directly applied to WSN intrusion detection. Therefore, it is of great practical significance to study intrusion detection in WSN. Because WSN system detection framework and anomaly detection algorithm are two key technologies of WSN intrusion detection, firstly, based on many WSN intrusion detection frameworks, we propose our own intrusion detection framework, imitating multi-agent approach. Only the collection module is deployed on the cluster head node, so the energy consumption of the node will be greatly saved. For the detection algorithm, we adopt ant colony based classification algorithm: Ant-Miner, algorithm is the earliest classification model based on ant colony algorithm. Due to the good robustness and robustness of the Ant-Miner algorithm, it has great potential to solve the large-scale data classification problem. In this paper, based on the research and analysis of the original Ant-Miner algorithm, two improvements are made, and its classification performance is analyzed by MATLAB: aiming at the volatilization of pheromone, in order to make it closer to the real situation, We add a pheromone volatilization coefficient. For the feedback of rule quality, the quality of rules is compared after the construction of three rules, and the higher quality of rules is selected for feedback, which improves the accuracy of detection. In order to solve the deadlock problem, we remove the attribute node which has a great association but can not reach the minimum coverage sample number (Min_Class_Per_Rule) of the rule, so that the rule construction skips the attribute node and selects the other attribute node. The simulation tool NS2, is used to simulate the detection framework and detection algorithm under black hole attack in the classical routing protocol of WSN. The effectiveness of the proposed detection framework and algorithm is verified. Finally, this paper summarizes the main work of the paper, and prospects for future work.
【学位授予单位】：华北电力大学
【学位级别】：硕士
【学位授予年份】：2015
【分类号】：TP212.9;TN915.08

【相似文献】