Industrial wireless sensor networks (IWSNs) promote innovations in the industry such as structural status mapping, instrument fault diagnosing, and oriented automation system associating. However, due to the shared nature of the wireless propagation environment, the emerging sensor nodes (SNs) with wireless properties are vulnerable to external malicious attacks. The security threats, especially Sybil attacks, impose great difficulties in fulfilling quality requirements of industrial applications. What is more complicated is that the harsh industrial environment brings about new challenges which can degrade the accuracy of detecting Sybil threats. In this paper, we focus on how to detect the malicious packets transmitted from Sybil attackers without adding extra authentication overhead into the transmission frame. We develop a multi-Kernel-based expectation maximization (MKEM) scheme to detect Sybil attacks in IWSNs. Instead of directly investigating the radio resource of SNs, we produce channel-vectors which are extracted from the power gain and delay spread of the channel impulse response obtained from the received packets to represent each SN. Specifically, a kernel-oriented method is designed to discriminate the malicious packets from benign ones without establishing a pre-defined database of channel features of all SNs. Meanwhile, we allocate different kernel weights to the proposed kernels and combine them to improve the discrimination ability of the scheme. Moreover, a kernel parameter optimization method is developed to regulate each kernel weight and parameter to reduce the effects of transmission impairments in IWSNs. To avoid poor detection accuracy when the number of Sybil attackers increases, we use the gap statistical analysis method to verify and EM method to summarize the detection results. The simulation results show that the proposed MKEM scheme can achieve high accuracy on detecting malicious packets transmitted from Sybil attackers from benign ones, and tolerate the effects of transmission impairments in the industrial environment. Moreover, the MKEM scheme can guarantee the detection accuracy even if the number of Sybil attackers increases.
Read full abstract