摘要
针对无线传感器网络的自身特殊性和所面临的路由安全威胁,提出了一种基于核聚类的异常检测方案——KCAD,以检测路由攻击所导致的流量异常。该方案通过利用Mercer核,将输入空间的流量特征样本隐式地映射到高维特征空间,突出了不同样本间的特征差异,从而更好地完成聚类,提高了检测准确率,同时还针对流量特征样本做了时间维扩展,使之更能反映近期网络流量状况,减少了由于历史数据集影响所带来的误报。仿真实验结果表明,KCAD方案能够在较少的资源开销条件下,迅速、有效地检测出传感器网络中的攻击异常。
To the specific features of wireless sensor network and attack models met with routing protocols, a lightweight security scheme, KCAD (Kernel Clustering based Anomaly attack Detection), is proposed for detecting routing attacks. By using Mercer kernel function, the scheme can map the traffic feature sampies from their original space to a high dimensional feature space where the traffic feature samples are expected to be more separable, and then perform clustering in the high dimensional space. Meanwhile, in order to reduce the influence of historical data, we add time dimension to the traffic feature samples which can represent current network situation nicely. Simulation results show that KCAD has good veracity with less resource overhead.
出处
《传感技术学报》
CAS
CSCD
北大核心
2008年第8期1442-1447,共6页
Chinese Journal of Sensors and Actuators
基金
国防基础科研项目资助(2720061361)
关键词
无线传感器网络
入侵检测
核聚类
路由攻击
wireless sensor network
intrusion detection
kernel clustering
routing attack