Node Authentication And Security Detection Of Wireless Sensor Network

Wireless sensor network is composed by a large number of sensor nodes of a multi-hop mobile ad hoc networks. they are generally deployed in harsh environments, no regional staff is not easy to reach the region, has the advantages of low cost, fast deployment, fault tolerance, can be widely applications in the field of national defense, environmental monitoring, field investigations, counter-terrorism and disaster relief. Wireless sensor nodes are the basic elements of the wireless sensor network, with the wide applications of wireless sensor networks, computing node speed, power energy, communications and storage space is very limited circumstances, through the design of specific security mechanisms, prevent all forms of malicious attacks, and to create a safe working environment for wireless sensor networks, is becoming the key issues of wireless sensor network applications.Ways of working with wireless communications raised a challenge to the security of wireless sensor networks. Because of the openness of wireless communications, an attacker easy access to the communication data of wireless sensor networks, and storage computing power wireless of sensor nodes have very limited and therefore can not adopt a highly complex encryption and authentication methods to ensure the security of network data; the application of wireless sensor network characteristics also make it constantly exposed to the environment vulnerable to attack. Attacker through the analysis of intercepted radio communications data that the characteristics of wireless sensor nodes in the network information and network communication protocol stack, such as an ID key certificates, communications,frame structure, and then using the copy, interference, eavesdropping, forgery of false data implementation of network attacks. Therefore, security mechanisms for wireless sensor networks should focus on the protection of a single node at the same time, ensure that the entire network can still operate normally in a few nodes were attacked, and attacks limit the control range.Currently, researchers have had many progress for the nodes in the wireless sensor network security and network protection, but these programs are analyzed for a single attack or attacks against a certain stage, and did not form a complete network protection mechanisms. Therefore, this article against the node intrusion detection, the node key management and trusted authentication of the node three aspects of the security issues of wireless sensor networks, and has made the following findings:wireless sensor network has a large number of nodes, the distribution area, etc., so the copy attack is a common form of attack for the wireless sensor networks. As a proactive protection technology, replication attack detection can detect network nodes running status, and other operational characteristics to identify the node capture and replication, thereby effectively preventing replication attack for the wireless sensor networks. The existing copy attack detection protocol generally requires accurate information about node location or synchronization time information as a comparison basis, so as to detect replication node. Take into account these detection methods require the precise location of the node information, or detection protocol requires the system for accurate global clock synchronization, The node request is very high of the localization performance and time synchronization system performance. In this paper, we propose a range-based detection method (RBDM) to detect replication attacks, using multi nodes mutual distance measurement method for the detection of network pseudo node, Can be adapted to a variety of ranging accuracy under the conditions of the wireless sensor network nodes are copied intrusion detection, and through the adjustment of parameter, optimization protocol for the detection of success rate, in order to achieve a variety of wireless sensor network application system for intrusion detection requirements, and flexible and reliable protocol implementation.Existing work in wireless sensor networks key management distribution has made more progress, but in public management autonomy, usability, management efficiency and safety aspects remain to be improved. They either need to rely on online trusted third party (such as distributed CA or head node CH), suited to the autonomy characteristic of wireless sensor network node, the availability of public key management needs to be improved; or key management operations cost highly and inefficient; lack of valid certificate revocation mechanism, the certificate of security control to be improved, unable to resist a variety of common attacks. In this paper, against the wireless sensor network key management distribution, autonomy, openness of temporary characteristic, proposed one kind based on the authentication core on-demand autonomous public key management mechanism. Issued by the the Offline trusted certification entity TAP authentication core AC generated a public key and private key, certificate-related parameters, in order to generate independent node’s public key certificate Cert. According to the actual needs of the node, select the initialization of the certificate at the right time. Node without any support of online trusted third party by authentication core guarantees, the demand of autonomy to manage their own public key certificate, the same time, one-way hash chain to achieve the control of the validity of the certificate,ensure that a fully distributed environment certificate effective validation, refresh and revoke. The analysis shows that the key management mechanism with distributed autonomy, efficient, flexible and high-availability features, not only for authentication in wireless sensor networks, digital signatures, key distribution, public key infrastructure to provide efficient and safe, but also to many other distributed open systems, public key management to provide a reference or direct reference to the experience.DTN (Delay/Disrupted Tolerant Networks) is a new type of storage, carrying and forwarding network architecture used to implement wireless data transmission in under serious or the interference environment. DTN node can not communicate with the network infrastructure to create real-time connection, or simply do not exist can be connected to the network infrastructure, so can not use PKI (Public Key Infrastructure) based authentication method. Lack of effective licensing mechanism, non-authorized users can create a lot of junk data, is difficult to estimate the impact of this will give the DTN network. Junk data storage will run out of network nodes with limited storage space, processing or transmitting the data will run out of nodes with limited energy. In view of this situation, the DTN network group (DTNRG)proposed a bundle security protocol specification draft (the bundle security protocol specification). The draft in-depth analysis and a fragment of node authentication scheme based on the basic principle. The program uses a dynamic programming algorithm to construct optimal binary search tree, in accordance with the optimal binary search tree constructed trusted Merkle hash tree (MHT), and according the value of the root node in the Merkle hash tree and the message sequence number be signed, fragment will be distributed to the next node, and provide authentication of the fragmentation chain, the message sequence number of the fragment authentication. The program can effectively reduce the time of the message in the transmission of the number of signatures and public key certificate signature verification. The simulation results show that the program more reliable security, improve the efficiency of the node and resist invalid signatures on the transfer cost in the process of message transmission and node authentication process in the computational overhead is smaller.