Mobile sensor network intrusion detection and self-adaptive response method

A technology of network intrusion detection and mobile sensors, which is applied in transmission systems, wireless communications, electrical components, etc., can solve problems such as network intrusion attacks that cannot be solved, and achieve the effect of effective intrusion response

Inactive Publication Date: 2019-03-29
HEILONGJIANG UNIV
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The purpose of the present invention is to solve the problem that the existing intrusion attacks on mobile sensor networks often focus on the targeted detection of a certain attack, and the defense method also has clear directionality, which cannot solve the problem of network uncertainty intrusion attacks. A mobile sensor network intrusion detection and adaptive response method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Mobile sensor network intrusion detection and self-adaptive response method
  • Mobile sensor network intrusion detection and self-adaptive response method
  • Mobile sensor network intrusion detection and self-adaptive response method

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment approach 1

[0030] Specific implementation mode 1: The specific process of a mobile sensor network intrusion detection and adaptive response method in this implementation mode is as follows:

[0031] Step 1. Monitor the network and collect data;

[0032] Step 2, processing the collected data, and storing the processed data in the initial configuration file (ITP);

[0033] Step 3. Based on Step 2, the management node uses the parameters in the network characteristic matrix to identify intrusions in the network by using an abnormality-based intrusion detection method;

[0034] Step 4. Calculate the attack trust value (ACV) and network performance degradation value (NP) based on step 3; establish an adaptive intrusion response behavior list based on the attack trust value (ACV) and network performance degradation value (NP); Establish a decision table based on the severity level, network performance degradation level, and adaptive intrusion response behavior list, and select an intrusion re...

specific Embodiment approach 2

[0041] Embodiment 2: The difference between this embodiment and Embodiment 1 is that in the first step, the network is monitored and data is collected; the specific process is:

[0042] figure 1 For the architecture of IDARM, the first step is to carry out network monitoring and data collection. In order to realize intrusion detection and provide prevention and protection during the life cycle of the entire network, IDARM will periodically collect data in the network to monitor the entire network.

[0043] Collecting data means that after each interval, cluster heads collect data from cluster nodes in their virtual clusters; these data will be stored in the form of a matrix in the network feature matrix and performance matrix;

[0044] The cluster head reports the network feature matrix and performance matrix to the management node;

[0045]Wherein the network characteristic matrix is ​​made up of 7 parameters of routing reply, routing request, routing error, time-to-live v...

specific Embodiment approach 3

[0056] Specific embodiment three: the difference between this embodiment and specific embodiment one or two is that the collected data is processed in the step two, and the processed data is stored in the initial configuration file (ITP); the specific process is :

[0057] Cluster heads continuously collect data from cluster nodes in their virtual clusters; these data will be stored in the network feature matrix and performance matrix in the form of a matrix; the cluster head will update the network feature matrix and performance The matrix reports to the management node;

[0058] The expected value of the network feature matrix is ​​given by express, is a set of random variables representing the network feature matrix;

[0059] Where a represents the ath time interval, b represents the bth parameter of the network feature matrix, c represents the number of random variables in the bth parameter of the network feature matrix, 1≤c≤M, M is the network in the ath time interva...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a mobile sensor network intrusion detection and self-adaptive response method, and aims to solve the problem that existing intrusion attack detection on mobile sensor networkstends to focus on targeted detection of certain single attacks, defense methods also have clear directivity, and network uncertainty intrusion attacks cannot be dealt with. The method includes the processes of: 1, monitoring a network, and collecting data; 2, processing the collected data, and storing the processed data in an initial configuration file; 3, using parameters in a network feature matrix and an anomaly-based intrusion detection methods to identify intrusions in the network by a management node; and 4, establishing a decision table on the basis of attack trust degree levels, network performance degradation levels and a self-adaptive intrusion response behavior list, and selecting intrusion response according to the established decision table. The method is used in the field ofsecurity protection of the mobile sensor networks.

Description

technical field [0001] The invention relates to the security protection field of a mobile sensor network, in particular to a mobile sensor network intrusion detection and adaptive response method. Background technique [0002] The mobile sensor network is a network form with a dynamic topology composed of mobile terminals, and is widely used in various fields of military or civilian use. Whether it is the transmission of sensitive information in the military field or the processing of private information in the civilian field, the lack of centralized control, dynamic topology, and energy constraints in mobile sensor networks make the network layer vulnerable to various attacks, such as black hole attacks, gray holes, etc. attack, flood attack and haste attack, etc. Bring great security risks to users. Therefore, threats to the security of mobile sensor networks must be addressed. If in the process of communication, it is difficult to achieve the purpose of completely prot...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04W12/12H04W12/122
CPCH04L63/1416H04W12/12H04L63/1458
Inventor 秦丹阳赵敏徐广超马宏斌王英丽
Owner HEILONGJIANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products