Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

6LoWPAN network intrusion detection method based on improved KNN

A technology of network intrusion detection and intrusion detection, applied in network topology, short-distance communication services, security devices, etc., can solve problems such as wrong prediction, resource consumption, ICMP abuse, etc.

Active Publication Date: 2019-01-01
CHONGQING UNIV OF POSTS & TELECOMM
View PDF4 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At the same time, the security risks of 6LoWPAN itself have not been properly resolved
[0004] The security protection mechanism provided by 6LoWPAN is not enough to protect ICMP abuse and Smurf attacks caused by multicasting in large-scale networks caused by heterogeneity and distribution during neighbor discovery, path MTU discovery, address configuration, etc.
However, it is difficult for KNN to be directly used in 6LoWPAN wireless sensor network
The nature of lazy learning makes it difficult for KNN-based anomaly detection schemes to be applied in an online detection manner, especially when the communication cost is constrained
Lazy learning is driven by test data. Each upcoming test data needs to learn the normal contour independently online, which will generate a large computational complexity (reflected in the distance calculation), because the test samples and training samples need to be calculated one by one. The similarity between them consumes a lot of resources; at the same time, there is an imbalance problem in the samples (that is, the number of samples in some categories is large, while the number of other samples is small); so parameter selection and data preprocessing are required, otherwise the nearest neighbor The classifier may make wrong predictions
[0008] To sum up: 1.6LoWPAN network is different from traditional IPv6 network because of its characteristics, intrusion detection is difficult; 2.6LoWPAN network node behavior and data flow in the network change frequently and randomly, it is difficult to define normal data profile, making online detection difficult

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • 6LoWPAN network intrusion detection method based on improved KNN
  • 6LoWPAN network intrusion detection method based on improved KNN
  • 6LoWPAN network intrusion detection method based on improved KNN

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0308] Attack result: Assume that the attack achieves that node 10 is captured. That is, node 10 is a puppet network element.

[0309] Intrusion Detection Implementation:

[0310] 1) constructing a network element state data table;

[0311] There are a total of 12 network elements in the network. Among them is a 6R network element.

[0312] Therefore, the amount of network element status data is taken as 20.

[0313] The network starts from running T 0 →T 1 , T 1 →T 2 Each network element captures data and forms a network element status data table on the console for the first time.

[0314] The algorithm for forming the network element status data table for the first time is as follows:

[0315]

[0316]

[0317] 2) Detection process: construct feature space and establish normal contour.

[0318]

[0319] Intrusion detection results:

[0320] It is easy to see that the parameter k=1 / 12*20≈2

[0321] The intrusion detection process calculates that the data ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention relates to a 6LoWPAN network intrusion detection method based on an improved KNN, belonging to the technical field of wireless communication. The quantization safety features (namely network element features) capable of reflecting the safety state of a 6LoWPAN network element itself are selected for training so that a 6LoWPAN network feature space is established. The presentinvention provides an obtaining mode and a processing mode of the network element feature data for weight distribution for the features and zero point transfer processing so as to relieve the bias caused by large and smaller influence factors (namely values after feature quantization) and achieve simplification calculation; the network element feature data is extracted in real time to achieve construction and update of a network element state data table so as to form a normal outline updated according to the network real-time state in the 6LoWPAN network feature space based on the clustering effect of the KNN algorithm; and moreover, the KNN algorithm is improved and the basis for determining the intrusion is redefined to adapt the requirements of the 6LoWPAN network intrusion detection.

Description

technical field [0001] The invention belongs to the technical field of wireless communication, and relates to an improved KNN-based 6LoWPAN network intrusion detection method. Background technique [0002] IP is an important trend in the development of wireless sensor network technology, and adopting IPv6 technology is an inevitable choice for wireless sensor network IP. The existing wireless sensor network private protocol communication is often related to specific applications, with poor scalability and portability, and it is difficult for external network users to directly access the nodes in the wireless sensor network. Through IPv6 technology, the wireless sensor network can be seamlessly connected with the Internet, so as to realize the free communication based on IP protocol between people and people, people and things, things and things. The Internet Engineering Task Force (IETF) actively promotes IPv6-based wireless sensor network technology, and core standards suc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1433H04L63/1441H04L63/1458H04L63/1466H04W12/122H04W84/18H04L61/5092H04L2101/681H04L2101/659H04W4/80H04W12/69H04L63/1425H04W24/08
Inventor 魏旻庄园杨涛王平
Owner CHONGQING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com