Research On Key Technology For Trust Management In Wireless Sensor Networks

As one of the most important network technologies for Internet of Things(IoT), the research on Wireless Sensor Networks(WSNs) has been further developed in recent years. However, the security requirements of WSNs also become more and more urgent with the expansion of application fields. WSNs have a number of unique characteristics, such as open channel, constrained resources, distributed processing, etc. Owing to these characteristics, WSNs are susceptible to various attacks and difficult to protect the security and reliability of systems. Conventional security mechanisms mainly rely on cryptography and authentication technologies, but sophisticated cryptographic algorithms and extra computational overhead are not applicable for a resource-constrained WSN. Furthermore, cryptographic mechanisms can resist some types of attacks from external nodes, but they may fail to prevent compro-mised or selfish nodes from launching attacks from inside. Due to the computational process of low complexity and high resistance to internal attacks, trust management is an effective solution to the above issues.The dissertation studies the key technology for trust management in WSNs and designs a specific architecture with high scalability and flexibility by considering the characteristics of WSNs. Based on this, it focus on several challenging issues in previous trust management systems. More specifically, the main contributions of this dissertation can be summarized as follows:(1) Intrusion detection technology is the foundation of trust management architectures, which provides trust evaluation with the direct evidence to calculate the trust of nodes. Traditional intrusion detection systems do not consider the characteristics of WSNs, such as constrained resources, lack of center infrastructure, complex deployment en-vironments, etc. In order to solve the above problems, this dissertation first proposes a detection mechanism based on slot allocation and scheduling, which can reduce the network overhead by managing the nodes'local monitoring slots. Furthermore, the proposed intrusion detection system establishes the feature model of the node's be-havior to enhance the ability to detect a variety of attacks. It can also improve the accuracy of detection system by utilizing the combination of statistical theory and matching rules. Finally, this dissertation adopts a learning algorithm based on Q-Learning to enhance the adaptability to complex environments.(2) Trust evaluation is the core of the trust management system, which normally includes trust computation and trust derivation. Most traditional trust computation methods do not consider the basic nature and design principles of trust metric. To deal with it, this dissertation designs a trust computation architecture with high flexibility and scalabil-ity. By analyzing the trust computation architecture and considering the characteristics of WSNs, this dissertation proposes a trust computation method with low complexity, high reliability, and high security. Finally, the existing trust derivation schemes pro-duce excessive overhead and do not consider the nodes' selfish behavior. To address this issue, the dissertation presents a novel trust derivation scheme by setting hop limit to trust request packets and introducing a recommendation trust dilemma game, which can reduce the communication overhead and improve the network security.(3) Access control system is an important component of security defense mechanisms in WSNs. Complex encryption algorithms and central certificate authority on which traditional access control models are based are common approaches for achieving the authorization process. This dissertation proposes a distributed and fine-grained access control model based on trust and risk metric, which aims to address the challenges mentioned above. The main idea of the scheme is that introducing a trust evaluation mechanism into the previous access model. According to the trust value and role assignment of the new arrival node, it can accomplish the access authorization and management. Furthermore, to deal with the high risk in a distributed environment, the dissertation designs a risk function based on the centrality degree to evaluate the risk factor of the node's access. The local authorization decisions must meet the needs of trust and risk assessment. Finally, this dissertation takes multi-domain access control into account and solves this problem by utilizing a mapping mechanism and group access policies.(4) As another important part of security defense mechanisms in WSNs, trust-based rout-ing protocols have attracted more and more attention. In order to resist against various attacks on the network and satisfy the security requirements of routing protocols, this dissertation first analyzes the attacks on routing protocols especially the common ones to trust models. According to the analysis results, it proposes an improved trust com-putation method. Furthermore, most previous trust-aware routing protocols do not consider the difference between the trust metric and the QoS metric. Consequently, this dissertation designs an optimized routing algorithm based on the mathematical theory of Semirings, which not only considers the features of trust metric, but also other QoS requirements. Finally, the conventional trust-based routing protocols are normally confined to specific platforms and will produce excessive communication overhead. To deal with the problem, this dissertation proposes a novel trust-aware routing protocol with low overhead and high scalability.