Unmanned aerial vehicle oriented zero trust security handover and dynamic trust evaluation method

By constructing an environment correction model, dynamic trust assessment, anti-whitewashing switching protocol, and event-driven blockchain mechanism, the problems of high false alarm rate and easy attack in UAV vehicle networking are solved, realizing a UAV vehicle networking system with high security and low latency.

CN122160772APending Publication Date: 2026-06-05JIANGSU OCEAN UNIV +1

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
JIANGSU OCEAN UNIV
Filing Date
2026-03-11
Publication Date
2026-06-05

AI Technical Summary

Technical Problem

Existing drone-vehicle-to-everything (V2X) security solutions suffer from high false alarm rates in complex environments, difficulty in defending against dynamic attacks, and vulnerability to whitewashing attacks during the switching process, resulting in insufficient security and reliability.

Method used

A physical layer-aware environment correction model is constructed, employing a context-aware dynamic trust assessment and asymmetric adaptive trust update mechanism. This is combined with an anti-laundering switching protocol based on the X2 interface and an event-driven lightweight blockchain mechanism to achieve accuracy and security in trust assessment.

Benefits of technology

It significantly reduces false alarm rate, enhances security, improves system scalability and reduces latency, and is suitable for large-scale UAV vehicle-to-everything (V2X) scenarios.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122160772A_ABST
    Figure CN122160772A_ABST
Patent Text Reader

Abstract

The application discloses a zero-trust security switching and dynamic trust evaluation method for unmanned aerial vehicle (UAV) Internet of Vehicles, and the method comprises the following steps: (1) constructing an environment correction model of physical layer perception; (2) performing dynamic trust evaluation based on context perception; (3) performing an asymmetric adaptive trust updating mechanism; (4) performing an anti-whitewashing switching protocol based on an X2 interface; and (5) performing a lightweight blockchain mechanism based on event driving.The application provides a zero-trust security switching and dynamic trust evaluation method for UAV Internet of Vehicles, and aims to reduce the false alarm rate, effectively defend various attacks, and improve the security and reliability of UAV Internet of Vehicles.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the fields of wireless communication and network security, and in particular to a zero-trust security handover and dynamic trust assessment method for unmanned vehicle-to-everything (UAV) networks. Background Technology

[0002] With the widespread application of drones in the Internet of Vehicles (IoV), security has become a key issue restricting its further development. However, existing IoV security solutions have many shortcomings in dealing with complex environments and diverse attacks: 1. High false alarm rate due to physical environment: Existing solutions typically assess vehicle trust based solely on application layer packet loss rate (PDR). However, in special environments such as urban canyons, vehicles are susceptible to occlusion by buildings, resulting in shadow fading, which in turn leads to a decrease in signal-to-noise ratio (SNR) and non-malicious packet loss. Since existing technologies cannot effectively distinguish between environmentally caused packet loss and malicious packet loss, normal vehicles are often misclassified as malicious vehicles in such scenarios, resulting in a high false alarm rate. 2. Difficult to defend against dynamic attacks (On-Off attacks): Most existing trust mechanisms use a symmetric forgetting factor, which allows attackers to quickly gain trust through intermittent normal behavior, thereby evading detection; 3. The switching process is susceptible to whitewashing attacks: When a vehicle crosses a drone base station, the existing technology lacks a mandatory historical trust synchronization mechanism. Attackers can exploit this vulnerability to reset identity information and clear their own bad records during the handover process. Summary of the Invention

[0003] The technical problem to be solved by the present invention is to address the shortcomings of the prior art by providing a zero-trust security handover and dynamic trust assessment method for UAV vehicle-to-everything (UAV) networks, which aims to reduce false alarm rates, effectively defend against various attacks, and improve the security and reliability of UAV vehicle-to-everything (V2X) networks.

[0004] The technical problem to be solved by this invention is achieved through the following technical solution. This invention is a zero-trust secure handover and dynamic trust assessment method for unmanned aerial vehicle (UAV) vehicle-to-everything (V2X) networks. The steps of this method are as follows: (1) Construct an environment correction model for physical layer perception; (2) Context-aware dynamic trust assessment; (3) Asymmetric adaptive trust update mechanism; (4) Anti-laundering switching protocol based on X2 interface; (5) Lightweight blockchain mechanism based on event-driven approach.

[0005] The technical problem to be solved by the present invention can also be further achieved through the following technical solution. For the above-described zero-trust security handover and dynamic trust assessment method for UAV vehicle networking, the specific operation of step (1) is as follows: At the drone end, a log-normal shadowing fading model is established to detect the signal-to-noise ratio (SNR) of the vehicle communication link in real time, and an environmental correction factor is defined. Environmental correction factor Built upon the Sigmoid function, it serves as a dynamic switch to distinguish between good and bad environments. Its calculation formula is as follows:

[0006] in For real-time signal-to-noise ratio, The communication threshold is set to 12dB. For sensitivity coefficient, when When below the threshold, Approaching 0 indicates a harsh environment. When it is above the threshold, A value close to 1 indicates a favorable environment.

[0007] The technical problem to be solved by the present invention can also be further achieved through the following technical solutions. For the zero-trust security handover and dynamic trust assessment method for UAV vehicle networking described above, the specific operation of step (2) is as follows: Utilizing environmental correction factors Trust in direct vehicle observation and historical trust The weighted fusion formula is as follows:

[0008] Based on packet loss rate and latency calculations, when the environment is relatively harsh, i.e. When the value approaches 0, the system automatically reduces the penalty weight for the current packet loss and forces the use of historical trust to avoid false alarms.

[0009] The technical problem to be solved by the present invention can also be further achieved through the following technical solutions. For the zero-trust security handover and dynamic trust assessment method for UAV vehicle networking described above, the specific operation of step (3) is as follows: Introducing the Confidence-Forgetting Factor This enables asymmetric updates of trust values, where trust values ​​decrease rapidly and increase slowly.

[0010] Its discrimination logic is as follows:

[0011] Trust update formula:

[0012] When trust value decreases As trust decreases, the weight of new behaviors increases, leading to a sharp drop in trust value; when trust value recovers... As the size increases, historical weight increases, and the trust value slowly climbs.

[0013] The technical problem to be solved by the present invention can also be further achieved through the following technical solutions. For the zero-trust security handover and dynamic trust assessment method for UAV vehicle networking described above, the specific operation of step (4) is as follows: (4.1) When a vehicle switches between unmanned aerial vehicle base stations, the mandatory inheritance protocol shall be executed; (4.2) The source drone will use the vehicle's historical trust value Timestamp and digital signature packaged certificate ; (4.3) The credential is encrypted and transmitted to the target UAV via the X2 interface between the UAVs using a symmetric encryption key; (4.4) The target is to forcibly send the received data after the drone has been decrypted. Assign the value to the local initial trust value. The default initial value is not allowed.

[0014] The technical problem to be solved by the present invention can also be further achieved through the following technical solutions. For the zero-trust security handover and dynamic trust assessment method for UAV vehicle networking described above, the specific operation of step (5) is as follows: Design trigger function The blockchain PBFT consensus is only triggered on-chain when the following three events occur; otherwise, it is processed only at the local edge layer: (5.1) The vehicle's trust value suddenly exceeds the threshold; (5.2) A handover occurs between base stations; (5.3) Achieve periodic synchronization time.

[0015] Compared with the prior art, the beneficial effects of the present invention are as follows: 1. Significantly reduces false alarm rate: By introducing an environmental correction factor that is aware of the physical layer signal-to-noise ratio, this invention can effectively distinguish between non-malicious packet loss caused by physical occlusion and malicious packet loss caused by malicious attacks. Simulation results show that in urban canyon scenarios where the signal-to-noise ratio is severely reduced, this invention can control the false alarm rate to a low level and greatly improve the accuracy of trust assessment. 2. Enhanced security: The asymmetric update mechanism implemented by the adaptive forgetting factor of this invention increases the trust recovery cost for switch attackers, effectively defends against dynamic attacks, and at the same time, the forced history inheritance mechanism eliminates the whitewashing vulnerability during cross-base station handover, further improving the overall security of the Internet of Vehicles. 3. High scalability and low latency: This invention is based on an event-driven asynchronous consensus mechanism, which avoids the on-chain operation for every high-frequency data, reducing unnecessary computation and communication overhead. When the number of vehicles reaches 1,000, the communication latency of this solution increases linearly and slowly, which is better than the exponential growth of traditional whole-network consensus solutions. It is more suitable for large-scale vehicle network scenarios and has good scalability. Attached Figure Description

[0016] Figure 1 This is a system architecture diagram of the present invention; Figure 2 This is a flowchart of an overall method of the present invention; Figure 3 This is a schematic diagram of the environmental correction factor of the present invention as a function of signal-to-noise ratio; Figure 4 This is a timing diagram of the anti-whitewashing protocol during cross-drone handover according to the present invention. Detailed Implementation

[0017] To make the objectives, technical solutions, and advantages of the embodiments of the present invention clearer, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.

[0018] Reference Figure 1-4 This paper presents a zero-trust secure handover and dynamic trust assessment method for UAV-vehicle networking. Addressing the security issues of UAV-vehicle networking, it constructs a physical layer-aware environment correction model, utilizes environment correction factors to conduct context-aware dynamic trust assessment, employs an asymmetric adaptive trust update mechanism to defend against dynamic attacks, ensures handover security through an anti-whitewashing handover protocol based on the X2 interface, and utilizes an event-driven lightweight blockchain to process data, thereby reducing false alarm rates, enhancing security, and achieving high scalability and low latency.

[0019] The steps of this method are as follows: (1) Construct an environment correction model for physical layer perception; The UAV-vehicle-to-everything (V2X) environment is complex and ever-changing, and communication quality is affected by various factors such as obstacles and interference. To accurately assess the quality of the communication environment, it is necessary to construct a model that can reflect the environmental conditions in real time, providing a foundation for dynamic trust assessment. Specifically: At the UAV end, a log-normal shadowing fading model is established to describe the fading characteristics of signals during propagation. The signal-to-noise ratio (SNR) of the vehicle communication link is detected in real time as a key indicator for evaluating communication quality, and an environmental correction factor is defined. Environmental correction factor Built upon the Sigmoid function, it serves as a dynamic switch to distinguish between good and bad environments. Its calculation formula is as follows:

[0020] in For real-time signal-to-noise ratio, The communication threshold is set to 12dB. For sensitivity coefficient, when When below the threshold, Approaching 0 indicates a harsh environment. When it is above the threshold, A value close to 1 indicates a favorable environment.

[0021] Environmental Correction Factors It is used as a dynamic switch to distinguish between good and bad environments, and is used in subsequent dynamic trust assessments to adjust the level of trust in the current communication environment.

[0022] (2) Context-aware dynamic trust assessment; In unmanned vehicle-to-everything (UAV) communication, vehicle trust needs to be dynamically assessed to reflect its current behavior and communication environment. Traditional trust assessment methods often ignore the influence of environmental factors, leading to inaccurate assessment results. Context-aware dynamic trust assessment can more accurately reflect the vehicle's trust level in the current environment, improving the accuracy and reliability of the assessment. Specifically: Utilizing environmental correction factors Trust in direct vehicle observation and historical trust Weighted fusion is performed. Direct observation trust is calculated based on current communication behavior (such as packet loss rate and latency), while historical trust reflects the vehicle's past trust performance. The formula is as follows:

[0023] Based on packet loss rate and latency calculations, when the environment is relatively harsh, i.e. When the value approaches 0, the system automatically reduces the penalty weight for the current packet loss and forces the use of historical trust to avoid false alarms. This is because in harsh environments, packet loss may be more caused by environmental factors than by malicious behavior of vehicles.

[0024] (3) Asymmetric adaptive trust update mechanism; Traditional trust update mechanisms often employ a symmetrical update approach, where trust values ​​increase and decrease at the same rate. However, in practical applications, the rapid propagation of malicious behavior and the slow process of trust recovery necessitate different update strategies. An asymmetric adaptive trust update mechanism can respond to malicious behavior more quickly while providing more time and opportunities for trust recovery, thereby improving system security and stability. Specifically: Introducing the Confidence-Forgetting Factor This enables asymmetric updates of trust values, where trust values ​​decrease rapidly and increase slowly. The forgetting factor is used to adjust the weights of old and new behaviors in the trust update process.

[0025] The logic behind this judgment is as follows: When the trust value decreases, the forgetting factor decreases, and the weight of new behaviors increases, leading to a sharp drop in the trust value; when the trust value recovers, the forgetting factor increases, the weight of historical data increases, and the trust value slowly recovers. The formula is as follows: Trust update formula:

[0026] When trust value decreases As the value decreases, the weight of new behaviors increases, leading to a sharp drop in trust value. The minimum value can be 0.3; when the trust value recovers. As the size increases, historical weight increases, and the trust value slowly climbs. The maximum value is 0.7.

[0027] (4) Anti-laundering switching protocol based on X2 interface; In unmanned vehicle-to-everything (UAV) communication, vehicles may need to switch between different UAV base stations. To ensure the security of the handover process, it is necessary to prevent malicious vehicles from evading penalties by performing "trust value resetting" (i.e., resetting trust values). An anti-trust value resetting handover protocol based on the X2 interface can ensure the continuity and consistency of the vehicle's trust value during the handover process, preventing malicious vehicles from evading penalties and improving system security. Specifically: (4.1) When a vehicle switches between drone base stations, a mandatory inheritance protocol is executed, meaning that the target drone must inherit the vehicle's historical trust value provided by the source drone. (4.2) The source drone will use the vehicle's historical trust value Timestamp and digital signature packaged certificate ; (4.3) The credential is encrypted and transmitted to the target UAV via the X2 interface between the UAVs using a symmetric encryption key; (4.4) The target is to forcibly send the received data after the drone has been decrypted. Assign the value to the local initial trust value. The default initial value is not allowed.

[0028] (5) A lightweight blockchain mechanism based on event-driven mechanisms; In unmanned vehicle-to-everything (UAV) networks, a large amount of data needs to be processed and stored. To reduce false alarm rates, enhance security, and achieve high scalability and low latency, an efficient data processing mechanism is required. An event-driven, lightweight blockchain mechanism can significantly reduce false alarm rates, enhance data security, and achieve high scalability and low latency. Furthermore, because blockchain activity is triggered only when specific events occur, unnecessary computation and storage overhead is reduced. Specifically: Design trigger function The PBFT consensus mechanism is triggered only when the following three events occur to ensure the immutability and traceability of data. Otherwise, it is processed only at the local edge layer. That is, for non-triggered events, processing is only carried out at the local edge layer to reduce the load and latency of the blockchain: (5.1) The vehicle's trust value suddenly exceeds the threshold; (5.2) A handover occurs between base stations; (5.3) Achieve periodic synchronization time.

[0029] Simulation experiments have been conducted on this application, and the details are as follows: Experimental environment: Physical layer model: Log-distance path loss model, path loss exponent γ=2.8, shadow fading standard deviation σ=2.0dB; Trust model parameters: SNR threshold 12dB, Sigmoid sensitivity coefficient κ=0.5, historical trust fusion factor μ=0.7; Comparison of solutions: Baseline (traditional solution), Proposed (this solution); Experiment 1: Environmental Robustness Verification Objective: To verify the effect of the environmental correction factor η on suppressing the false alarm rate.

[0030] Method: Simulate the distance between the vehicle and the drone increasing from 0m to 300m, and the SNR decreasing from 20dB to 5dB, recording the changes in trust value.

[0031] result: Baseline: At 150m, the trust value drops below the threshold due to low SNR, resulting in a false alarm rate of 25%.

[0032] This solution dynamically adjusts the weights using η, ensuring the trust value remains above the safety threshold, resulting in a false alarm rate of <5%.

[0033] Conclusion: The environmental perception model significantly improves robustness.

[0034] Experiment 2: Verification of resistance to whitewashing attacks Objective: To verify the trust inheritance mechanism during cross-base station handover.

[0035] Method: Simulate a malicious vehicle accumulating a low trust value (0.2) at UAV_A and then switching to UAV_B.

[0036] result: Baseline: UAV_B resets the trust value to the default value of 0.5, and the attacker successfully whitewashes the trust.

[0037] This solution: UAV_B forcibly inherits the historical trust value of 0.2, making it impossible for attackers to evade monitoring.

[0038] Conclusion: The anti-whitewashing protocol enables full lifecycle trust monitoring.

[0039] Experiment 3: Network Scalability and Latency Analysis Objective: To evaluate certification latency under different vehicle densities.

[0040] Method: Compare the average latency of the baseline and this solution when the number of vehicles N increases from 10 to 1000.

[0041] result: Baseline: Latency increases exponentially with N (e.g., 6000ms when N=1000).

[0042] This solution has a latency that grows approximately linearly (e.g., 2500ms when N=1000), which is only 41.67% of BAZAM's latency.

[0043] Conclusion: The event-driven mechanism significantly reduces computational overhead and is suitable for large-scale scenarios.

[0044] Security Verification: ProVerif Formal Analysis Verification target: Confidentiality: Attackers cannot steal encrypted trust credentials.

[0045] Strong authentication: The sending and receiving of trust credentials satisfy an injective correspondence.

[0046] Verification results: Confidentiality: RESULT not attacker(trust_value) is true, proving that the attacker cannot deduce the sensitive data.

[0047] Strong authentication: RESULT inj-event(...) ==> inj-event(...) is true, proving that the event triggering logic cannot be forged.

[0048] in conclusion: This solution meets the core security requirements of a zero-trust architecture and can effectively defend against replay attacks, whitewashing attacks, and on-off attacks.

[0049] Summarize Through application examples and simulation experiments in urban canyon scenarios, it is demonstrated that the zero-trust secure handover and dynamic trust assessment method proposed in this invention can: Significantly reduces false alarm rate: The environmental perception model keeps the false alarm rate below 5%.

[0050] Enhanced security: Anti-whitewashing protocols and dynamic trust update mechanisms effectively defend against diverse attacks.

[0051] Achieving high scalability: The event-driven mechanism enables authentication latency to grow linearly in large-scale networks.

[0052] Both experimental results and formal verification show that this solution is suitable for complex and dynamic unmanned vehicle-to-everything (UAV) environments, providing reliable security for intelligent transportation systems.

[0053] In summary, this invention proposes a zero-trust secure handover and dynamic trust assessment method for unmanned aerial vehicle (UAV) vehicle-to-everything (V2V) networks. This method is achieved through the construction of a physical layer-aware environment correction model, context-aware dynamic trust assessment, an asymmetric adaptive trust update mechanism, and an anti-whitewashing handover mechanism based on the X2 interface. The proposed protocol, along with an event-driven lightweight blockchain mechanism, effectively reduces the false alarm rate, enhances security, and achieves high scalability and low latency. Simulation results demonstrate that this method exhibits significant advantages in complex channel environments and is suitable for large-scale UAV-vehicle networking scenarios.

Claims

1. A zero-trust secure handover and dynamic trust assessment method for unmanned aerial vehicle (UAV) vehicle-to-everything (V2X) networks, characterized in that: The steps of this method are as follows: (1) Construct an environment correction model for physical layer perception; (2) Context-aware dynamic trust assessment; (3) Asymmetric adaptive trust update mechanism; (4) Anti-laundering switching protocol based on X2 interface; (5) Lightweight blockchain mechanism based on event-driven approach.

2. The zero-trust secure handover and dynamic trust assessment method for unmanned vehicle-to-everything (UAV) networks according to claim 1, characterized in that: The specific operation of step (1) is as follows: At the drone end, a log-normal shadowing fading model is established to detect the signal-to-noise ratio (SNR) of the vehicle communication link in real time, and an environmental correction factor is defined. Environmental correction factor Built upon the Sigmoid function, it serves as a dynamic switch to distinguish between good and bad environments. Its calculation formula is as follows: ; in For real-time signal-to-noise ratio, The communication threshold is set to 12dB. For sensitivity coefficient, when When below the threshold, Approaching 0 indicates a harsh environment. When it is above the threshold, A value close to 1 indicates a favorable environment.

3. The zero-trust secure handover and dynamic trust assessment method for unmanned vehicle-to-everything (UAV) networks according to claim 1 or 2, characterized in that: The specific operation of step (2) is as follows: Utilizing environmental correction factors Trust in direct vehicle observation and historical trust The weighted fusion formula is as follows: ; Based on packet loss rate and latency calculations, when the environment is relatively harsh, i.e. When the value approaches 0, the system automatically reduces the penalty weight for the current packet loss and forces the use of historical trust to avoid false alarms.

4. The zero-trust secure handover and dynamic trust assessment method for unmanned vehicle-to-everything (UAV) networks according to claim 1, characterized in that: The specific operation of step (3) is as follows: Introducing the Confidence-Forgetting Factor This enables asymmetric updates of trust values, where trust values ​​decrease rapidly and increase slowly. Its discrimination logic is as follows: ; Trust update formula: ; When trust value decreases As trust decreases, the weight of new behaviors increases, leading to a sharp drop in trust value; when trust value recovers... As the size increases, historical weight increases, and the trust value slowly climbs.

5. The zero-trust secure handover and dynamic trust assessment method for unmanned vehicle-to-everything (UAV) networks according to claim 1, characterized in that: The specific operation of step (4) is as follows: (4.1) When a vehicle switches between unmanned aerial vehicle base stations, the mandatory inheritance protocol shall be executed; (4.2) The source drone will use the vehicle's historical trust value Timestamp and digital signature packaged certificate ; (4.3) The credential is encrypted and transmitted to the target UAV via the X2 interface between the UAVs using a symmetric encryption key; (4.4) The target is to forcibly send the received data after the drone has been decrypted. Assign the value to the local initial trust value. The default initial value is not allowed.

6. The zero-trust secure handover and dynamic trust assessment method for unmanned vehicle-to-everything (UAV) networks according to claim 1, characterized in that: The specific operation of step (5) is as follows: Design trigger function The blockchain PBFT consensus is only triggered on-chain when the following three events occur; otherwise, it is processed only at the local edge layer: (5.1) The vehicle's trust value suddenly exceeds the threshold; (5.2) A handover occurs between base stations; (5.3) Achieve periodic synchronization time.