In the embodiment of the present invention, the node identifier is composed of multiple digits, the preset function is a hash function, and may be a function related to the node identifier, specifically, a sum of numerical values of each digit of the node identifier, and the cluster head node calculates a function value of each member node. The communication time slots of the member nodes are distributed and transmitted to the corresponding member nodes by the cluster head node, and each member node can comprise a plurality of communication time slots.

The method for identifying nodes in a masquerading cluster according to the present invention is described in detail below with reference to fig. 1 and 2. As shown in fig. 2, the method comprises the following steps:

step 201, receiving a data packet sent by a member node.

Specifically, after the intra-cluster communication is started, the cluster head node receives a data packet sent by the member nodes in the cluster.

The existing data packet includes: the structure of fields such as the sending node identification, the receiving node identification, the data content and the like is as follows:

transmitting node Identification (ID)

Receiving node Identification (ID)

Data content

The data packet in the invention comprises: the structure of fields such as the function value of the sending node, the function value of the receiving node, the data content and the like is as follows:

the sending node is a member node for sending the data packet, and the receiving node is a cluster head node. Because the cluster head node sends the preset function to each member node, each member node can respectively calculate the function value of the receiving node and the function value of the sending node according to the identification of the cluster head node and the self identification, and carries the function values in the packet head of the data packet to send to the cluster head node so as to identify the disguised node by the cluster head node.

Step 202, determining a function value according to the communication time slot for receiving the data packet and the corresponding relation.

Specifically, when a cluster head node receives a data packet sent by a member node, a communication time slot for receiving the data packet is determined, a corresponding relationship (namely table 1) between the node identifier, a function value of a preset function and the communication time slot is inquired according to the communication time slot, and a corresponding function value is determined, wherein the function value is the function value of the member node sending the data packet.

Step 203, parsing the data packet to obtain a function value carried in the packet header.

Specifically, the cluster head node parses the data packet to obtain a function value carried in the packet header, where the function value may include a function value of the sending node and a function value of the receiving node, and both the function value of the sending node and the function value of the receiving node are calculated by the member node that sends the data packet.

And 204, judging whether the member nodes are disguised cluster nodes or not according to the function values acquired from the data packet and the determined function values.

Specifically, the cluster head node compares the function value obtained from the data packet with the function value found in table 1, and determines whether the member node that sent the data packet is a masquerading node.

The specific implementation of step 204 is described in detail later in conjunction with fig. 3.

The execution sequence of step 202 and step 203 is not limited, and may be executed synchronously.

It can be seen from the above step 201 and 204 that, in the present invention, the cluster head node allocates a communication time slot for each member node in the cluster and sends a preset function to each cluster head node, so that each member node communicates with the cluster head node according to its own communication time slot, and calculates a function value and carries it in a data packet header, the cluster head node records the node identifier of each node, the function value of the preset function and the corresponding relationship of the communication time slot, when the member node communicates with the cluster head node, the cluster head node judges whether the member node is a disguised cluster internal node by comparing the locally stored function value with the function value obtained from the data packet sent by the member node; in the scheme of the invention, the sending node identification in the data packet header sent by the member nodes in the cluster is changed into the function value, the cluster head nodes send the unified function taking the node identification as the key word to the member nodes, and the function value is associated with the communication time slot of each member node. Even if the malicious disguised node knows the member node identification, the malicious disguised node does not know the preset function, and even if the malicious disguised node sends a data packet, the malicious disguised node can be identified by the cluster head node. Even if a malicious masquerading node acquires a correct data packet, a function value is extracted from the data packet, and the communication time slot allocated to the member node is unknown, so that even if the masquerading node transmits the correct data packet, the cluster head node can identify the member node as the masquerading node through the communication time slot. The scheme for identifying the nodes in the disguised cluster is simple to implement, and can effectively identify the malicious disguised nodes, so that the safety and the reliability of communication in the cluster are improved.

Further, after determining whether the member node is a disguised intra-cluster node according to the function value obtained from the data packet and the determined function value (i.e., step 204), the method may further include the following steps:

and step 205, if the member node is judged to be the disguised intra-cluster node, discarding the data packet.

And after the cluster head node judges that the node sending the data packet is the disguised intra-cluster node, discarding the data packet so as to ensure the safety and reliability of intra-cluster communication.

It should be noted that, in order to further improve the security and prevent the preset function and/or the communication time slot from being illegally acquired, the cluster head node may further periodically update the preset function and/or periodically reallocate the communication time slot to each member node. The update period of the preset function and the allocation period of the communication time slot are greater than the communication period, and may be multiple communication periods, for example, the update period of the preset function and the allocation period of the communication time slot may be the same or different.

The following describes in detail the process of identifying the disguised intra-cluster node by the cluster head node with reference to fig. 3. As shown in fig. 3, the process includes the following steps:

step 301, determining whether the function value of the sending node obtained from the data packet is the same as the function value of the determined member node, and whether the function value of the receiving node obtained from the data packet is the same as the function value of the cluster head node determined according to the corresponding relationship, if at least one of the function values is different, executing step 302; otherwise, step 303 is performed.

Specifically, the cluster head node compares the locally stored function value of the member node and the function value of the cluster head node with the function value of the member node carried in the data packet (i.e., the function value of the sending node) and the function value of the cluster head node (i.e., the function value of the receiving node), and if at least one of the locally stored function value of the member node and the function value of the member node carried in the data packet and the locally stored function value of the cluster head node and the function value of the cluster head node carried in the data packet is different, the member node is determined to be a member node in the disguised cluster (i.e., step 302); if the locally stored function value of the member node and the locally stored function value of the cluster head node are respectively the same as the function value of the member node and the function value of the cluster head node carried in the data packet, it is determined that the member node is a normal member node (i.e., step 303).

Usually, the cluster head node compares the function value of the member node in table 1 with the function value of the sending node obtained from the data packet, and if the two are different, the member node sending the data packet can be directly determined to be the disguised intra-cluster node; if the two are the same, further comparing the function value of the cluster head node in the table 1 with the function value of the receiving node obtained from the data packet; if the two are the same, the member node sending the data packet can be determined to be a normal member node, otherwise, the member node is a disguised intra-cluster node.

Step 302, determining that the member node sending the data packet is a disguised intra-cluster node.

Step 303, determining that the member node sending the data packet is a normal member node.

Generally, the data packets sent by the nodes in the disguised cluster have the following formats:

the first format is as follows:

the header of the data packet only carries the node identifier and does not carry the function value, and the cluster head node can identify the node as a disguised intra-cluster node through step 301. The data packet of the first format is the existing data packet, and the structure is as follows:

transmitting node Identification (ID)

Receiving node Identification (ID)

Data content

And a second format:

the packet header of the data packet only carries the function value of the sending node (i.e. the function value of the member node), but does not carry the function value of the cluster head node, and the cluster head node can also identify that the node is the disguised intra-cluster node through step 301. The data packet structure of format two is as follows:

in order to clearly illustrate the technical solution of the present invention, the solution of the present invention is described in detail with a specific example in conjunction with the schematic diagram of the cluster topology of fig. 1.

As shown in fig. 1, the cluster head node is labeled 1253, and the labels of the 4 member nodes are: 1567, 1678, 1247, 1647. The cluster head node issues a hash function to each member node, wherein the hash function is the sum of values of each bit of the node identifier, that is, y is x1+ x2+ x3+ x4, and x1, x2, x3 and x4 are values of 1 st, 2 nd, 3 th and 4 th bits of the node identifier, respectively. Thus, the function value hash (1567) of the member node 1 becomes 19, the function value hash (1678) of the member node 2 becomes 22, the function value hash (1247) of the member node 3 becomes 14, and the function value hash (1647) of the member node 4 becomes 18.

The cluster head node allocates communication time slots for the 4 member nodes, specifically, allocates communication time slots of 1, 5, 9, and 13 for the member node identified as 1567, allocates communication time slots of 2, 6, 10, and 14 for the member node identified as 1678, allocates communication time slots of 3, 7, 11, and 15 for the member node identified as 1247, and allocates communication time slots of 4, 8, 12, and 16 for the member node identified as 1647. The cluster head node generates a corresponding relationship among the node identifier, the function value of the preset function and the communication time slot, and the corresponding relationship is stored in the cluster head node in a table 2 manner.

TABLE 2

After the cluster communication starts, the cluster head node receives a data packet sent by the member nodes in the cluster, determines a communication time slot for receiving the data packet, and determines a function value of the member nodes and a function value of the cluster head node according to the communication time slot lookup table 2. And the cluster head node analyzes the data packet to obtain the function value of the member node and the function value of the cluster head node carried in the packet header. And comparing the function value of the member node obtained by the lookup table 2 with the function value of the member node obtained from the data packet, comparing the function value of the cluster head node obtained by the lookup table 2 with the function value of the cluster head node obtained from the data packet, if at least one of the function values is different from the function value of the cluster head node, determining that the member node sending the data packet is a disguised intra-cluster node, and discarding the data packet.

Based on the same technical concept, an embodiment of the present invention further provides a cluster head node, as shown in fig. 4, where the cluster head node may include: anallocation module 40, a sendingmodule 41, acalculation module 42, astorage module 43, a receiving module 44, asearch module 45, ananalysis module 46 and a judgment module 47.

The allocatingmodule 40 is configured to allocate a communication timeslot for each member node.

The sendingmodule 41 is configured to send the communication timeslot allocated by the allocatingmodule 40 to the corresponding member node.

Thecalculation module 42 is configured to calculate a function value of a preset function, where the preset function is a function related to the node identifier.

Thestorage module 43 is configured to store a correspondence between the node identifier, the function value of the preset function, and the communication time slot.

The receiving module 44 is configured to receive a data packet sent by a member node.

The searchingmodule 45 is configured to determine a function value according to the communication time slot of the data packet received by the receiving module 44 and the corresponding relationship.

The analyzingmodule 46 is configured to analyze the data packet to obtain a function value carried in the packet header, where the function value is calculated by a member node that sends the data packet.

The judging module 47 is configured to judge whether the member node is a disguised intra-cluster node according to the function value obtained from the data packet and the determined function value.

Preferably, the node identifier includes a cluster head node identifier and a member node identifier; the packet header of the data packet carries a function value of a sending node and a function value of a receiving node, the sending node is a member node sending the data packet, and the receiving node is a cluster head node receiving the data packet.

The determining module 47 is specifically configured to determine whether the function value of the sending node obtained from the data packet is the same as the function value of the determined member node, and whether the function value of the receiving node obtained from the data packet is the same as the function value of the cluster head node determined according to the corresponding relationship, and if at least one of the function values is different, the member node sending the data packet is a disguised intra-cluster node.

Further, the cluster head node further includes aprocessing module 48, and theprocessing module 48 is further configured to discard the data packet when the determining module 47 determines that the member node is a disguised intra-cluster node.

Further, the cluster head node further includes an updatingmodule 49, and the updatingmodule 49 is configured to update the preset function according to a preset updating period. And/or the presence of a gas in the gas,

the allocatingmodule 40 is further configured to allocate a communication timeslot to each member node according to a preset allocation period.

It will be understood that the above embodiments are merely exemplary embodiments taken to illustrate the principles of the present invention, which is not limited thereto. It will be apparent to those skilled in the art that various modifications and improvements can be made without departing from the spirit and substance of the invention, and these modifications and improvements are also considered to be within the scope of the invention.