Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A 6lowpan network intrusion detection method based on improved knn

A technology of network intrusion detection and intrusion detection, applied in network topology, electrical components, security devices, etc., can solve the problems of online detection difficulties, resource consumption, Smurf attacks, etc., and achieve the effect of reducing computational complexity and simplifying calculations

Active Publication Date: 2021-07-13
CHONGQING UNIV OF POSTS & TELECOMM
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At the same time, the security risks of 6LoWPAN itself have not been properly resolved
[0004] The security protection mechanism provided by 6LoWPAN is not enough to protect ICMP abuse and Smurf attacks caused by multicasting in large-scale networks caused by heterogeneity and distribution during neighbor discovery, path MTU discovery, address configuration, etc.
However, it is difficult for KNN to be directly used in 6LoWPAN wireless sensor network
The nature of lazy learning makes it difficult for KNN-based anomaly detection schemes to be applied in an online detection manner, especially when the communication cost is constrained
Lazy learning is driven by test data. Each upcoming test data needs to learn the normal contour independently online, which will generate a large computational complexity (reflected in the distance calculation), because the test samples and training samples need to be calculated one by one. The similarity between them consumes a lot of resources; at the same time, there is an imbalance problem in the samples (that is, the number of samples in some categories is large, while the number of other samples is small); so parameter selection and data preprocessing are required, otherwise the nearest neighbor The classifier may make wrong predictions
[0008] To sum up: 1.6LoWPAN network is different from traditional IPv6 network because of its characteristics, intrusion detection is difficult; 2.6LoWPAN network node behavior and data flow in the network change frequently and randomly, it is difficult to define normal data profile, making online detection difficult

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A 6lowpan network intrusion detection method based on improved knn
  • A 6lowpan network intrusion detection method based on improved knn
  • A 6lowpan network intrusion detection method based on improved knn

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0306] Attack result: Assume that the attack achieves that node 10 is captured. That is, node 10 is a puppet network element.

[0307] Intrusion Detection Implementation:

[0308] 1) constructing a network element state data table;

[0309] There are a total of 12 network elements in the network. Among them is a 6R network element.

[0310] Therefore, the amount of network element status data is taken as 20.

[0311] The network starts from running T 0 →T 1 , T 1 →T 2 Each network element captures data and forms a network element status data table on the console for the first time.

[0312] The algorithm for forming the network element status data table for the first time is as follows:

[0313]

[0314]

[0315] 2) Detection process: construct feature space and establish normal contour.

[0316]

[0317] Intrusion detection results:

[0318] It is easy to see that the parameter k=1 / 12*20≈2

[0319] The intrusion detection process calculates that the data ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an improved KNN-based 6LoWPAN network intrusion detection method, which belongs to the technical field of wireless communication. The present invention selects quantifiable security features (that is, network element features) that can reflect the security state of the 6LoWPAN network element itself for training, and establishes a 6LoWPAN network feature space. The present invention provides the acquisition method and processing method of network element characteristic data, performs weight distribution and transfer zero point processing on characteristics, so as to alleviate the bias caused by large and small influence factors (referring to the numerical value after characteristic quantization) and realize simplified calculation; The construction and update of the network element state data table is realized by extracting the network element characteristic data in real time, and then the clustering effect based on the KNN algorithm forms a normal profile updated according to the real-time network state in the 6LoWPAN network feature space; the present invention improves the KNN algorithm, And redefine the basis for judging intrusion to meet the requirements of 6LoWPAN network intrusion detection.

Description

technical field [0001] The invention belongs to the technical field of wireless communication, and relates to an improved KNN-based 6LoWPAN network intrusion detection method. Background technique [0002] IP is an important trend in the development of wireless sensor network technology, and adopting IPv6 technology is an inevitable choice for wireless sensor network IP. The existing wireless sensor network private protocol communication is often related to specific applications, with poor scalability and portability, and it is difficult for external network users to directly access the nodes in the wireless sensor network. Through IPv6 technology, the wireless sensor network can be seamlessly connected with the Internet, so as to realize the free communication based on IP protocol between people and people, people and things, things and things. The Internet Engineering Task Force (IETF) actively promotes IPv6-based wireless sensor network technology, and core standards suc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1433H04L63/1441H04L63/1458H04L63/1466H04W12/122H04W84/18H04L61/5092H04L2101/681H04L2101/659H04W4/80H04W12/69H04L63/1425H04W24/08
Inventor 魏旻庄园杨涛王平
Owner CHONGQING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com