适应多类型Insider Attack的入侵检测与精确定位方法的研究

项目名称： 适应多类型Insider Attack的入侵检测与精确定位方法的研究

项目编号： No.60803161

项目类型： 青年科学基金项目

立项/批准年度： 2009

项目学科： 轻工业、手工业

项目作者： 魏贵义

作者单位： 浙江工商大学

项目金额： 20万元

中文摘要： 在无线传感网络（WSN）中，少量Compromised Node发起的各种类型的内部攻击将严重影响着网络可用性，甚至能够导致整个网络瘫痪。对于部属在边界和敌对环境下的WSN，还可能面临一定区域范围内Compromised Node占多数的情况，甚至网络被分割的问题，如何测量和定位WSN中的不可信区域（Compromised Area）成为一个新的安全问题。本项目针对WSN中节点资源受限的环境，研究一种适应多种内部攻击类型的恶意节点侦测技术和精确定位方法。该方法基于局部节点行为的相似性，采用属性侦测、相关性分析和协作表决的方法对Compromised Node进行探测和定位，通过局部消息交换模式降低节点的计算复杂度和通信负荷。并在此基础上，进一步研究WSN中不可信区域的探测和界定方法，为大规模WSN的部署和应用提供基础安全保护策略，为部属在边界和敌对环境下的WSN的安全评估提供理论基础。

中文关键词： 无线传感网络；内部攻击；Compromised Node；入侵检测与定位；不可信区域

英文摘要： In wireless sensor networks (WSNs), insider attacks issued by a small number of compromised nodes do harm to WSN networks and may destroy whole networks sometimes. To WSN networks that deployed in border or adversary areas, they should face some more complicated problems that compromised nodes are more than normal ones in some local areas or the whole network into are intersected by compromised nodes. How to detect and locate the Compromised Area in WSNs becomes to be a new security issue. To solve those problems, we design a new method to detect effectively and locate precisely insider attackers. The proposed method bases on the comparability of the behaviors of sensor nodes in a local section. It exploits nodes' attributes detecting, relativity analyzing and collaborative voting. It harnesses local information interchanging policy to reduce communication traffics among concerned nodes and decrease the complexity of related computation. Additionally, after accomplish above research, we will discuss and design a novel method to detect and mark Compromised Areas. Our research results in this project are helpful in the security evaluation of massive wireless sensor networks.

英文关键词： Wireless sensor networks；In-network attack；Compromised node；Detection and location；Compromised area