Subgrouping has an effective performance in compartmentalizing node compromise in large-scale networks. Clustering method has also been known useful for providing scalable data aggregation and security in Distributed Sensor Networks (DNSs). Taking the probability of node compromise in different deployment regions in consideration,the apriori knowledge is used to design a variant of ran-dom key pre-distribution scheme that can improve the whole network resilience and hence the fraction of compromised communications in contrast with the previous works. Also the size of key ring stored in subgroup node and the probability of node compromise is consid-erd,and a more effective scalable security mechanism is designed that increases the resilience to the attack in the sensor subgroups. Simu-lation shows that the performance of the scheme proposed can be substantially improved in the sensor network,including both the resili-ence and the fraction of compromised communications by only sacrificing a small extent in the probability of a shared key exists between two nodes compared with those previous methods.%群集(也称子群)方法在应对大范围网络的节点攻击中表现出色,同时在具有可扩展、数据聚合和安全性的大规模分布式传感器网络中,聚类的方法也拥有较好的可用性。在不同部署区域内节点的被攻击概率已知的情况下,利用先验概率能够设计有更好应变能力和保证通信安全的随机密钥预分发算法。同时,在节点被攻击概率上考虑了子群节点的密钥链长度,设计了一种能够有效抵御传感器网络中子群被攻击的高效安全机制。仿真结果表明,与其他方案相比,该方案通过适度牺牲网络中两节点间共享密钥的存在概率,能够达到显著改善网络性能的目的。
展开▼
