An Ad hoc network invasion detecting method and system based on trust model

Abstract

The invention provides a detection method for the Ad hoc network intrusion based on a trust model and comprises the following steps that the first step is that a local node detects network behaviors of a detected node, gets and records a trust value of the detected node in a trust table by comparing the network behaviors with typical malicious behaviors; the second step is that the local node gets the trust value of the detected node recommended by a neighboring node; the third step is to obtain the ultimate trust value of the node by integrating the locally calculated trust value and the recommended trust value returned by all the trust neighboring nodes and to judge whether the nodes are malicious nodes by inquiring the trust value ranges of the trust nodes. The invention has the advantages that the invention is simple in model and can detect malicious nodes early without great effect on the system performance; with the consideration of the effect of the surrounding nodes on the ultimate trust values of the nodes, the invention is smaller in false alarm ration and plays a good protection role on the stability and safety of the networks and has good expandability.

Description

technical field [0001] The invention belongs to the field of communication security and relates to a method for detecting malicious nodes in an Ad hoc network, in particular to a trust model-based Ad hoc network intrusion detection method and system. Background technique [0002] The wireless Ad hoc network is a multi-hop temporary autonomous system composed of a group of mobile terminals with wireless transceiver devices. The deployment or deployment of the network does not need to rely on any preset network infrastructure and centralized organization and management. An independent network can be formed quickly and automatically. Since the wireless signal transmission range of each node is limited, two nodes that are not within each other's signal coverage need to forward messages through multiple intermediate nodes to achieve communication, so each node in the Ad hoc network is both a terminal and a routing and forwarding function. However, the characteristics of the mobi...

AI Technical Summary

Problems solved by technology

Ad hoc networks use multi-hop wireless channels. Attackers can easily eavesdrop, counterfeit, tamper and replay information transmitted on the network through wireless links, and implement denial of service attacks at the link layer. These attacks are difficult to detect and track

[0004] 2. Network nodes lack physical protection and routing infrastructure

[0012] (2) The trust relationship between nodes changes frequently, so it is required that the security measures of the Ad hoc network should also be dynamic, and the static configuration scheme adopted by the traditional network is no longer applicable to the Ad hoc network;

[0013] (3) Difficulty in intrusion detection

Wrong routing information may be caused by topology changes or intruders. In addition, it is very difficult to track a specific node in a large-scale mobile Ad hoc network.

[0014] 4. Limited resources

In the existing Ad hoc network intrusion detection systems, there is still a problem that often only a single piece of evidence is considered to prove whether a node is a malicious node, for example, whether the data transmission between nodes is successful, if it is not successful, it means The node is malicious, which will cause one-sided evaluation of the node and cause false alarms

[0021] In general, the current intrusion detection technology is not a very mature technology, and there are still the following problems: 1) the contradiction between false positives and false negatives; 2) the contradiction between privacy and security; 3) passive analysis and active discovery 4) The contradiction between massive information and analysis cost; 5) The contradiction between functionality and manageability; 6) The contradiction between a single product and complex network applications

Images