30 results about "Packet drop attack" patented technology

In an IP network during a DDoS attack on a website or other internet entity having an IP address, selective black-holing of attack traffic is performed such that some of the traffic destined for the IP address under attack continues to go to the IP address under attack while other traffic, destined for the same IP address is, rerouted via BGP sessions to a black-hole router. Such a selective black-holing scheme can be used to allow some traffic to continue in route to the IP address under attack, while other traffic is diverted.

The invention relates to an Ad Hoc network security trust method based on a reference node strategy and belongs to the field of network security. The method specifically comprises the following stepsof computing a trust value of each node through a trust model, sending the trust value to a trust value statistical node, making the trust value statistical node count a weighted trust value of each node, updating a reference node and the trust value statistical node, and lastly, initiating the reference node strategy through the reference node. The method has the advantages that a black hole attack node in the Ad Hoc network can be quickly discovered, and meanwhile, the method has a good defense effect on a way of hybrid of a data message attack and the black hole attack; and the method has strong expandability and adaptability.

The invention relates to a data forwarding method with a black hole attack detection function and belongs to the technical field of opportunistic network trust management. In order to solve the problems that existing black hole attack detection methods in an opportunistic network only detect attack behaviors of black hole nodes in a certain aspect and lack relatively comprehensive evaluation on the black hole nodes and detection results are affected by certain changes of the network easily, during black hole attack detection, trust conditions of the nodes in all aspects are required to be considered comprehensively, comprehensive judgments are made, and an opportunistic network trust management method for comprehensively judging node credibility according to node experience in the aspects of the accuracy degree of routing information provided by to-be-detected nodes, the reliability of historic behaviors of the nodes, the forwarding capacity of the nodes for messages and the like is further designed. With the adoption of the method, the reliability of the nodes is accurately judged, and detection results cannot be affected by other factors in the network easily, so that the delivery rate of the messages in the network is increased, and the performance of the network is enhanced.

The invention discloses a black hole attack defense method applied to route discovery. The objective of the invention is to solve the problem of incapability of detecting inner attacks and defending against black hole attacks in route discovery in the prior art. According to the method provided by the technical schemes of the invention, each node establishes a receiving route request table and a receiving route response table and compares the content of the receiving route request table and the receiving route response table; whether a suspicious node exists is judged; if a suspicious node exists, a determined threshold value in a training set is compared with the destination sequence number of a received route response packet; if the sequence number is larger than the threshold value, it is determined that a node which sends the route response packet is a black hole node, otherwise, the node which sends the route response packet is determined as a normal node; and in subsequent route discovery, only the data packet of the normal node is forwarded or received, and the data packet of the black hole node is not forwarded or received. According to the black hole attack defense method applied to route discovery of the invention, a third party is not introduced, all procedures are completely completed by nodes in a wireless ad hoc network, and therefore, the security requirements of the routing of the wireless ad hoc network can be satisfied. The method can be applied to defending against black hole attacks in the route discovery of the wireless ad hoc network.

The invention discloses a method for defending a black hole attack based on active detection in a wireless sensor network. A plurality of detection routes are established in a region in which network energy is abundant and the wireless sensor network is far away from a base station, and an attacker being unaware that the established routes are the detection routes also launches an attack to the detection routes, so that the attacker is exposed, and behavior and position information of the attacker and credibility information of a node can be obtained. After the information is obtained, the region which is under the black hole attack can be avoided when real data routing is performed, so that information of a black hole can be obtained under the condition that sensitive data of a system are unavailable or few data are lost, and data routing security of the wireless sensor network is ensured. Residual energy of a network is fully utilized, and the network service life is not shortened under the condition of enhancing the network security.

The invention relates to a method for detecting black hole attacks in clustering self-organized networks. The method includes that step one, a monitoring device is arranged at a base station; step two, cluster head areas in self-organized networks in an area covered by the base station are monitored in real time; step three, whether abnormal cluster head areas exist in the monitored area is judged, if the abnormal cluster head areas exist, step four is performed, and if not, the step two is repeated; step four, credit rates of terminal nodes in the abnormal cluster head areas are detected, and suspicious nodes are found to form a suspicious node set S1; step five, flow differences of nodes in the S1 are detected, and black hole attack nodes are found to form a black hole attack node set S2; and step six, the monitoring device sends early warning prompts. According to the method, not only a single malicious node attack is solved, the problem that a plurality of single malicious nodes are cooperated to attack can be effectively solved, alarms can be sent, and timely defense and treatment to the black hole attacks are facilitated.

The invention discloses an OLSR (Optimized Link State Routing) protocol black hole attack method for an unmanned aerial vehicle ad hoc network. The problem that an existing black hole attack method cannot be applied to a high-mobility drone ad hoc network is solved, the formation and the motion trail of the drone are changed, and finally the purpose of obtaining the network control right is achieved. The method comprises the following implementation steps that: an execution node calculates a node in a network center in an area through a routing table; the execution node reaches the transmission range of the central node through the time delay information transmitted by the data packet; the execution node sends a large number of Hello message packets of which the IP addresses are randomly modified to the central node to occupy the position of the central node; and node tampering is executed or the data packet in the network is discarded, and black hole attack is performed on the network. According to the method, the motion trail of the unmanned aerial vehicle ad hoc network can be drastically changed, the attack effect is good, the network is greatly damaged, and the method has obvious advantages in the aspects of changing the formation and the motion trail of the unmanned aerial vehicle, obtaining the control right of the network and the like.

Due to the characteristics of resource limitation and dynamic change of sensor nodes, a wireless sensor network (WSN) faces the problems of safety and energy consumption. The invention provides a wireless sensor network security routing protocol based on a self-adaptive trust mechanism, the protocol only needs to calculate a direct trust value, and an indirect trust value is completed by a base station, so that the energy consumption of the node is reduced. A punishment mechanism is adopted when the nodes calculate the trust values so as to ensure that the trust values of malicious nodes are quickly reduced. Therefore, black hole attacks, selective forwarding attacks, slot attacks and flooding attacks are resisted. A monitoring node is established, and an active security route is selected by a base station and is responsible for resisting wormhole attacks. Therefore, malicious nodes can be quickly identified and isolated.

The invention provides a detection method for a malicious packet dropping attack of the Internet of things. The detection method comprises the following steps of: calculating a natural packet receiving interval variance and calculating an actual packet receiving interval variance; and judging whether the actual packet receiving interval variance is larger than a first threshold obtained according to the natural packet receiving interval variance, if the actual packet receiving interval variance is larger than the first threshold, determining that an Internet of things tree system falls into the malicious packet dropping attack. In a conclusion, according to the Internet of things tree system, the natural packet receiving interval variance obtained when the Internet of things tree system does not fall into the attack and the actual packet receiving interval variance obtained when an information packet is actually received are respectively calculated; and when the actual packet receiving interval variance is larger than the first threshold obtained according to the natural packet receiving interval variance, the Internet of things tree system falls into the malicious packet dropping attack. Therefore, according to the technical scheme of the invention, a routing node and a terminal node do not need to return acknowledgement information, so that communication expense in the Internet of things tree system cannot be extra affected. The invention also provides the Internet of things tree system.

The invention discloses a satellite ad hoc network security framework system based on a block chain technology. The system comprises a data layer, a network layer, a consensus layer, a function implementation layer and an application layer, the data layer stipulates the structure and the content of each block; the satellite nodes of the network layer jointly form a decentralized system structure, and each satellite node is added into the alliance chain system as the identity of an alliance chain member; the consensus layer completes accounting through a right-based consensus mechanism; all satellite nodes in the function implementation layer jointly maintain a block chain account book, routing actions of the satellite nodes in a data plane, announcement of malicious behaviors of the nodes and credible records of current reputation values of all the satellite nodes are achieved according to regulations in an intelligent contract, and the records are stored among all the nodes in a distributed mode; the top layer is an application layer, and the application layer provides network state sensing, black hole attack recognition and reputation reference for satellite nodes of a data plane based on credible records of a bottom layer network, so that network security is guaranteed.

The invention discloses an electric power RPL protocol black hole attack defense method based on a cuckoo filter, and belongs to the field of intelligent power grid safety. The method comprises the following steps: firstly, creating a credible node hash table based on a cuckoo filter, wherein the credible node hash table comprises all legal members of an AMI network; and when the DODAG is constructed for the first time, transmitting the trusted device list to each trusted device. When RPL is used for dynamic DODAG construction, by modifying selectable fields of DIO control information and DAOcontrol information in an RPL control message, when equipment network topology changes, equipment identity authentication is carried out, and therefore possible RPL black hole attacks are detected; bypreventing DIO messages sent by malicious nodes, the AMI network can be protected against black hole attacks. Compared with an existing attack detection method, the method is wider in defense range and more effective.