计算机应用 ›› 2016, Vol. 36 ›› Issue (9): 2432-2437.DOI: 10.11772/j.issn.1001-9081.2016.09.2432

• 网络空间安全 • 上一篇    下一篇

可及时确定受攻击节点的无线传感器网络数据聚合方案

王洁, 卢建朱, 曾小飞   

  1. 暨南大学 信息科学技术学院, 广州 510632
  • 收稿日期:2016-02-17 修回日期:2016-04-21 出版日期:2016-09-10 发布日期:2016-09-08
  • 通讯作者: 王洁
  • 作者简介:王洁(1993-),女,河北邯郸人,硕士研究生,主要研究方向:信息安全、网络通信;卢建朱(1965-),男,湖南桂阳人,副教授,博士,主要研究方向:信息安全、网络通信;曾小飞(1990-),女,江西赣州人,硕士研究生,主要研究方向:信息安全、网络通信。
  • 基金资助:
    国家自然科学基金资助项目(61373125,61272415,61070164);广东省自然科学基金资助项目(S2011010002708,2010B090400164);暨南大学科技创新基金资助项目(11611510)。

Data aggregation scheme for wireless sensor network to timely determine compromised nodes

WANG Jie, LU Jianzhu, ZENG Xiaofei   

  1. College of Information Science and Technology, Jinan University, Guangzhou Guangdong 510632, China
  • Received:2016-02-17 Revised:2016-04-21 Online:2016-09-10 Published:2016-09-08
  • Supported by:
    This work is partially supported by National Natural Science Foundation of China(61373125, 61272415, 61070164); the Natural Science Foundation of Guangdong Province (S2011010002708, 2010B090400164); the Science and Technology Innovation Foundation of Jinan University (11611510).

摘要: 无线传感器网络(WSN)中,当传感器节点受到攻击导致网络数据和传输受到干扰,及时确定受攻击的传感器节点并采取相应措施以保障整个网络的安全性尤为重要。因此,提出一种可及时确定受攻击节点的无线传感器网络数据聚合方案。首先使用状态公钥加密和对称公钥加密结合伪随机函数和消息认证码对数据进行两次加密;其次,在簇头节点进行认证,将假数据过滤后,解密,并将假数据节点编号发送给基站;最后在基站进行解密认证,恢复明文数据。该方案的提出解决了由于受攻击节点导致的错误聚合值问题,而且还实现了及时过滤假数据并确认受攻击的传感器节点。理论分析表明,提出的基于安全的单向函数、消息认证码和椭圆曲线上的离散对数难问题的方案是安全的,并大大降低了网络的通信成本和计算成本。仿真实验表明,该方案的计算成本、通信成本和确认受攻击节点时间比使用状态公钥加密的无线传感器网络安全聚合方案分别降低了至少19.96% 、36.81%和28.10%。

关键词: 无线传感器网络, 数据聚合, 消息认证码, 伪随机函数, 同态加密

Abstract: In Wireless Sensor Network (WSN), when the compromised sensor nodes disturb network data and transmission, it is particularly important to determine the compromised sensor nodes in time and take appropriate measures to ensure the security of the entire network. Therefore, a data aggregation scheme for wireless sensor network was proposed to timely determine the compromised sensor nodes. First, the state public key encryption, the symmetric public key encryption, the pseudo random function and the message authentication code were used to encrypt the plaintext twice. Secondly, the cluster head node authenticated the ciphertext and filtered false data. Then, the cluster head node decrypted the ciphertext, and the numbers of the compromised nodes were sent to the base station. At last, the base station decrypted the ciphertext to recover the plaintext and authenticated the data. The proposed scheme solves the problem of the error aggregation value problem caused by the compromised nodes, filters the false data in time and determines the compromised sensor nodes. The analysis shows that the proposed scheme is secure under the secure one-way hash function, the message authentication code and the assumption of the Discrete Logarithm Problem (DLP), and also greatly reduces the communication cost and computational cost. Simulation result shows that, compared with the secure aggregation scheme for WSN using stateful public key cryptography, the computational cost, the communication cost and the time consumption of determining the compromised sensor nodes of the proposed scheme is decreased by at least 19.96%, 36.81% and 28.10%, respectively.

Key words: Wireless Sensor Network (WSN), data aggregation, message authentication code, pseudo-random function, homomorphic encryption

中图分类号: