ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2018, Vol. 55 ›› Issue (7): 1488-1497.doi: 10.7544/issn1000-1239.2018.20180123

所属专题: 2018物联网安全专题

• 信息安全 • 上一篇    下一篇

高效物联网虚假数据融合结果检测机制

许志伟,张玉军   

  1. (中国科学院计算技术研究所 北京 100190) (中国科学院大学 北京 100049) (xuzhiwei2001@ict.ac.cn)
  • 出版日期: 2018-07-01
  • 基金资助: 
    国家自然科学基金项目(61402446,61572474,61672500);国家重点研发计划项目(2016YFE0121500);内蒙古自治区自然科学基金项目(2017MS(LH)0601)

Efficient Detection of False Data Fusion in IoT

Xu Zhiwei, Zhang Yujun   

  1. (Institute of Computing Technology, Chinese Academy of Sciences, Beijing 100190) (University of Chinese Academy of Sciences, Beijing 100049)
  • Online: 2018-07-01

摘要: 数据融合(data fusion)是物联网数据传输和处理的关键步骤之一,在传输过程中提前汇总和处理中间数据,仅将逐层融合的结果发送到应用层,有效降低了中间节点的功耗和负载.然而,在这一过程中,各节点没有保存被融合数据,因此,无法发现和定位针对数据融合结果的数据伪造或篡改攻击.为了杜绝这一安全隐患,提出一种高效的物联网数据融合安全检验机制,通过对数据融合过程建模,发现并刻画被输入数据和融合结果之间的联系,并利用这一模型发现异常的数据融合结果,杜绝恶意数据融合,优化物联网传输安全.首先,在节点/网络的输入端和输出端分别进行数据收集,构建了基于被融合数据的特征压缩摘要机制,提升了数据收集效率并优化了节点资源消耗;其次,提出了基于概率图概率模型的数据融合模型,描述被融合数据和融合结果的时空域关系,并基于这一模型高效检测异常数据融合结果.实验结果表明:所提出的方法能够高效、准确地发现恶意数据融合操作,优化物联网传输安全.

关键词: 物联网, 网内数据融合, 数据融合模型, 轻量级, 高效, 数据篡改攻击检测

Abstract: Data fusion is the critical process for data transmission in the Internet of things (IoT). In data fusion process, the original sensing data is processed and aggregated in the network, and only the aggregated results of data fusion are sent to the application layer, which effectively reduces the resource consumption and alleviates the workload on the sink node. Since no network node caches the aggregated data in the data fusion process, it is impossible to detect and locate the false data injection attack against data fusion results. In order to mitigate this significant vulnerability, an efficient detection scheme of false data fusion is proposed in this paper. By modeling the data fusion process, we discover and model the relationship between the input data and the fusion results, and apply the obtained model to detect abnormal data fusion results. In this way, we can mitigate malicious data fusion and optimize the IoT transmission security. In detail, we first collect input data and the relevant data fusion results for each node, and a compressed feature representation mechanism is designed to improve the data collection efficiency and reduce the resource consumption. In addition, a data fusion model based on probabilistic graph model is proposed to depict the spatial and temporal relationship between the input data and the data fusion results. Ultimately, we take the model to detect the abnormal data fusion results in an efficient way. The experimental results demonstrate that the proposed detection scheme can detect malicious data fusion operations efficiently and accurately and thus guarantee IoT transmission security.

Key words: Internet of things (IoT), in-network data fusion, data fusion model, lightweight, efficiency, detection of false data injection

中图分类号: