摘要
无线介质的开放性使得信息安全成为其应用中的挑战性问题之一。时分多址(TDMA)协议是面向工业等时延敏感应用的主要协议。针对TDMA无线传感器网络的时隙调度特征,提出空闲时隙攻击模型、重传时隙攻击模型这2种伪装攻击模型,并针对这2种攻击模型,从TDMA无线传感器网络自身的传输特点出发,考虑网络传输的周期性及传输基本单元为一个时隙的特点,提出一种基于细粒度时间特征提取的高精度入侵检测方法。首先,利用数据包接收时间、超帧开始时间等信息进行时间维度上的细粒度特征提取,计算传输时隙的位置信息;然后,将位置信息输入无监督模型IF(Isolation Forest)进行训练和学习;最后,对在一个超帧周期内收到的同一个节点的序列号相同的2个数据包进行合法性判断。实验结果表明,所提2种伪装攻击能够逃避现有的入侵检测方法,而所提入侵检测方法可以有效检测出这2种伪装攻击,相较于传统方法,该方法在丢包率为30%时检测成功率提升14.5%。
The open nature of wireless media poses a challenge for information security.The Time Division Multiple Access(TDMA)protocol is a predominant protocol tailored for time-sensitive industrial applications.Considering the time-slot scheduling characteristics of TDMA-based wireless sensor networks,this study proposes two types of masquerade attack models:an idle time-slot attack model and a retransmission time-slot attack model.In response to these two attack models and starting from the inherent transmission features of TDMA wireless sensor networks while considering their periodic transmission pattern and the fundamental transmission unit being a single time slot,a high-precision intrusion detection method based on fine-grained temporal feature extraction is proposed.First,fine-grained temporal features are extracted in the time dimension by leveraging information such as packet reception time and superframe start time to calculate the positional information of the transmission time slot.Subsequently,the positional information is fed into the Isolation Forest(IF)-an unsupervised learning model-for training and learning.Finally,a legitimacy assessment is conducted on two data packets received from the same node within one superframe cycle that have identical sequence numbers.The experimental results demonstrate that the two proposed masquerade attacks can evade existing intrusion detection methods and the proposed intrusion detection approach can effectively detect these two masquerade attacks.Compared to traditional methods,this approach achieves a 14.5%increase in the detection success rate when the packet loss rate is 30%.
作者
温敏初
梁炜
张嘉麟
WEN Minchu;LIANG Wei;ZHANG Jialin(State Key Laboratory of Robotics,Shenyang Institute of Automation,Chinese Academy of Sciences,Shenyang 110016,Liaoning,China;Key Laboratory of Networked Control Systems,Chinese Academy of Sciences,Shenyang 110016,Liaoning,China;Institutes for Robotics and Intelligent Manufacturing,Chinese Academy of Sciences,Shenyang 110169,Liaoning,China;University of Chinese Academy of Sciences,Beijing 100049,China)
出处
《计算机工程》
北大核心
2025年第8期203-214,共12页
Computer Engineering
基金
国家重点研发计划(2021YFB3301000)
辽宁省自然科学基金(2020JH2/10500002)。
关键词
无线传感器网络
时分多址协议
伪装攻击
入侵检测
细粒度时间特征提取
wireless sensor networks
Time Division Multiple Access(TDMA)protocol
masquerade attack
intrusion detection
fine-grained time feature extraction
