A Novel Privacy-Preserving Mobile-Coverage Scheme Based on Trustworthiness in HWSNs

To solve the problem of security deployment in a hybrid wireless sensor network, a novel privacy-preserving mobile coverage scheme based on trustworthiness is proposed. The novel scheme can efficiently mitigate some malicious attacks such as eavesdropping and pollution and optimize the coverage of hybrid wireless sensor networks (HWSNs) at the same time. Compared with the traditional mobile coverage scheme, the security of data transmission and mobility are considered in the deployment of HWSNs. Firstly, our scheme can mitigate the eavesdropping attacks efficiently utilizing privacy-preserving signature. Then, the trust mobile protocol based on the trustworthiness is used to defend the pollution attacks and improve the security of mobility. In privacy-preserving signature, the hardness of discrete logarithm determines the degree of security of the privacy-preserving signature. The correctness and effectiveness of signature algorithm are proven by the probabilities of the native messages which can be recovered and forged which is negligible. Furthermore, a mobile scheme based on the trustworthiness (MSTW) is proposed to optimize the network coverage and improve the security of mobility. Finally, the simulation compared with a previous algorithm is carried out, in which the communication overhead, computational complexity, and the coverage are given. The result of the simulation shows that our scheme has roughly the same network coverage as the previous schemes on the basis of ensuring the security of the data transmission and mobility.


Introduction
As wireless sensor networks (WSNs) have been rapidly developing and growing popularity, the mobile deployment in an interested area with maximum coverage has become an important challenge in the field of research. However, the security of the data transmission and the mobility are generally not considered in the mobile deployment. Hybrid wireless sensor networks (HWSNs) usually include two types of nodes, such as mobile nodes and static nodes, where the mobile nodes have the ability of movement to increase the coverage in the monitored area. If there are eavesdropping and pollution attacks in the network, the innocent nodes can be eavesdropped and quickly polluted during the adjustment. For the mobile deployment in HWSNs, the previous researchers had done tremendous researches.
A large number of network coverage optimization schemes for HWSNs had been proposed in [1][2][3][4][5][6]. Unlike the previously proposed mobile coverage schemes, our mobile coverage scheme based on privacy-preserving signature and trustworthiness can mitigate the eavesdropping and pollution attacks effectively and ensures that the network coverage will not be significantly reduced at the same time.
Due to the limited resources of HWSNs, traditional symmetric or asymmetric cryptographic algorithms are not available. The trustworthiness is an emerging security technology based on network dynamic parameters, which can estimate the level of network security in HWSNs. The problems of node integrity and authentication are addressed utilizing the trustworthiness in [7][8][9][10]. The investigations and studies have shown that the recommended trust and the dynamic network information of the current node can effectively evaluate the node security level. Moreover, another solution [11] to achieve evaluation is that the sensor nodes will be equipped with additional computing units to evaluate trust. For more related work in detail, please refer to Section 2.

Motivation and Contribution.
In the past decade, the previous researchers had conducted tremendous studies for mobile coverage. However, many issues are not addressed. A genetic scheme utilized virtual force and a particle swarm to optimize network coverage for HWSNs were proposed in [12]. However, the security issues in mobile deployment also need to be considered. If there are eavesdropping and pollution attacks in the HWSNs, the eavesdropping attack can result in the disclosure of location information of a mobile node, thereby attackers launched a premeditated attack. Relatively, the pollution attack will quickly infect malicious information to its neighbor nodes in a communication phase. Figure 1 shows the probability that nodes are vulnerable to infection when there is an attack in the network. If a node is malicious, the area within the communication radius is marked as polluted region. While the Euclidean distance between the sensor nodes and the malicious node is less than 2r, the sensor nodes will be marked as high-risk nodes. If the Euclidean distance is equal to 2r, the sensor nodes are labeled secondary risk nodes. All other sensor nodes are low risk. During the deployment process, it is an arduous task against pollution attack by protecting the sensor nodes integrity and realizing sensor nodes authentication. Bao and Chen [13] proposed a scalable trust management protocol, in which the multidimensional trust attributes extracted from communication and social networks are considered. However, many subjective factors were added in the process of selecting trust attributes.
Considering that and the target of mobile coverage in HWSNs, the main contributions of this paper are summarized as follows: (1) We proposed a novel trust evaluation and update scheme including information entropy theory to resist the pollution attacks, in which the probability of trust can be objectively evaluated and updated (2) At the same time, a privacy-preserving signature scheme which can sign the data transmission during the lifetime of HWSNs is proposed to defend against eavesdropping attacks (3) Moreover, a mobile scheme based on the trustworthiness (MSTW) including an optimized virtual force algorithm is proposed to reduce the probability of being polluted. Meanwhile, the maximum network coverage is obtained under the overall network trust 1.2. Organization. The other chapters of this paper are introduced as follows. Related researches regarding mobile coverage based on the trust and privacy-preserving signature technologies are introduced in Section 2. The network and attack model are demonstrated in Section 3, where the mobile framework is also given. In Section 4, a mobile scheme based on the trustworthiness (MSTW) is proposed to improve the network coverage and reduce the probability of the sensor nodes being polluted. In Section 5, a suitable privacy-preserving signature scheme is introduced to ensure the security of data transmission. In Section 6, the full construction of the privacy-preserving mobile coverage scheme based on the trustworthiness (PP-MSTW) and the virtual force are presented, and the results of performance analysis are also given. Finally, the conclusion is presented in Section 7.

Related Works
Mobile coverage in the deployment of HWSNs has always been a research hotspot, in which tremendous researches had been proposed. However, the security of HWSNs during the deployment is always not considered. The trust evaluation scheme can replace the traditional encryption mechanism with minimal resource. Some works in the field of mitigating eavesdropping attacks, trustworthiness for pollution attacks, and network coverage are discussed below.
2.1. Privacy-Preserving Signature. In HWSNs, attackers often obtain the dynamic information of the entire network by monitoring certain sensor nodes in the network. Yang et al. [14] studied several typical network structures and proved that as long as the eavesdropper monitors the data of one sensor node in each cycle, the entire network system can be completely observed. There are two ways to defend against eavesdropping attacks including information theoretic and computational approaches. In information theoretic schemes, Zhang et al. [15] proposed a novel type of network P-coding scheme,  Wireless Communications and Mobile Computing which prevented the network from being eavesdropped globally by performing lightweight sorting encryption on each native message and its encoding vector. Furthermore, Chen and Wang [16] applied the fake signature to network coding in the environment of IOT devices, which can resist both external and internal attacks at the same time and can also achieve the highest security level. In computational approaches, Nikravan et al. [17] proposed a lightweight computing scheme based on identity online and offline information to resist eavesdropping attacks with high computing power. Huang and Zhu [18] used the method of strategic equilibrium game to capture deception or eavesdropping, which can achieve Bayesian Nash equilibrium under an iterative algorithm.

Trust Evaluation and Update.
Currently, most traditional trust evaluation models focus on sensor radio and the number of successful data transmission. Sensor nodes build a trust model through the measurable parameters such as remaining energy and the recommendation from the neighboring nodes. Ganeriwal et al. [19] proposed a framework for evaluating the communication trust of neighbor nodes to ensure the security of sensor network. Though the framework had good robustness, the recommendations of other neighboring nodes were not considered. With the continuous development of trust evaluation framework, the trust model was trained by the neural network fuzzy inference [20], in which the parameter accuracy was optimized by the sorting genetic theory. Finally, they proposed a trust management framework with the higher security. However, the scheme neglected the recommendations from the neighboring nodes, which resulted in the trust values being not soundest. For this problem, an effective clustered trust model was proposed [21] to consider more external and human intervention factors, in which the trust weight between the subtrust sets is adaptive. However, the calculation cost will increase continuously due to weight updating, in which the method needs to learn repeatedly interaction information between sensor nodes.

Maximum Mobile-Coverage in HWSNs.
For sensor network coverage issues, researchers had done a lot of research in the previous decades. A novel distributed and centralized aggregation method is proposed in [22] to reduce the sensor density in a limited area, which can also prolong the sensor network life to the greatest extent. Chen et al. [23] proposed a supplementary solution for network coverage to dynamically maintain the coverage during the network life. When the nodes in the network are depleted or damaged due to the reasons such as energy exhaustion or damage, the sensor nodes with redundant coverage are dynamically adjusted to supplement the missing coverage. Naveen and Kumar [24] studied the problem of minimizing the cost of network deployment under the constraint of average vacancy, which calculated the density function of the relay nodes to preset the initial position of the nodes and verified the effectiveness of the scheme. In dynamic HWSNs, Cao et al. [25] proposed an improved social spider optimization strategy to reduce the network coverage blind spots and redundancy, which simulated the movement law of spiders and cooperation mechanism to achieve the optimal solution of network coverage.

Problem Statement
3.1. Hybrid Network Model. Suppose that hybrid sensor nodes with two groups of different attributes are randomly deployed in a two-dimensional space, and each node is assigned a unique identifier. The different two groups of nodes include static and mobile sensor nodes. The network topology of this HWSNs is L − G = ðL, V, E, r s Þ, in which L expresses the side length of the rectangular deployment region, V denotes the combination of two types of nodes, E means the topological connection combination between sensor nodes, and r s shows the sensing radius.
Generally, the communication radius r c of the sensor nodes is r c = 2r s in the HWSNs. The characteristics of nodes and conversion rules are given as follows: (1) Static sensor nodes: such nodes do not have the ability to move. After the deployment is completed, the position of the nodes is not allowed to be changed. At the same time, the energy consumption of nodes is mainly caused by data communication.
(2) Mobile sensor nodes: if there are no restrictions, mobile nodes can move freely within the deployment range. Such nodes usually have higher energy and computing resources than static nodes. Here, we specify the energy of mobile nodes as E m = 5 * E s .
(3) Node conversion rules: the mobile sensor nodes need to consume a lot of energy in the process of moving. When the current remaining energy of the mobile nodes drops below 50% of the average energy of the entire network, the mobility of nodes will be removed. At this time, the mobile node will participate in information perception as a static node.
Each WSN has its cluster selection scheme to gather information from sensors. Figure 2 shows the deployment structure in our hybrid WSNs. The hybrid network model including static nodes and mobile nodes will execute cluster formation (CF) and optimal cluster head (CH) selection algorithm after deployment. In a window period, each cluster only has one CH. The nodes within a cluster usually communicate with the cluster head. The cluster head nodes are generally mobile nodes or the higher energy static nodes in the cluster. In addition, when the nodes in the network can directly communicate with the BS, such nodes can directly send data to the BS.

Attack Model. The inherent characteristics of HWSNs
including open deployment environment and limited resources make it vulnerable to various types of unknown attacks. Previous researches about the mobile coverage usually do not consider the network security during the movement. We assume that before the sensor nodes start to implement the mobile coverage scheme, there are already attacked nodes in the network. These malicious nodes launch 3 Wireless Communications and Mobile Computing attacks on the network by injecting fake data packets or tampering with the content of the transmitted data. The type of attack is usually named a pollution attack. The attack model is proposed as follows: (1) Suppose there are N M malicious nodes in our HWSNs. The types of attack occur before the mobile deployment. The malicious nodes usually inject false information or tamper with the contents of data packets (2) Malicious nodes in the network can randomly select neighbor nodes within their communication range as the next hop pollution nodes (3) As shown in Figure 3, there are two types of nodes including mobile and static in our HWSNs. Generally, mobile nodes have higher energy and computing resources, so they have higher defense performance than static nodes. Therefore, we think that the static nodes are easier to be attacked. The red area in the figure is the communication range r s of a certain malicious node. When an innocent mobile node moves into the range of 2r s , the mobile sensor node will establish direct communication with the malicious node. At this time, the mobile node will be in a high-probability pollution area. In order to avoid the mobile node from moving into this area, the impressionable angle area is given to reduce the probability of the mobile node being polluted

A Multicluster Trust Scheme
According to the given network and attack model, a malicious defense model based on trust evaluation needs to be proposed. In this section, we construct a multicluster trust computing scheme to assess the trustworthiness of each node. The trust degree of the HWSNs is represented by ðT, The multicluster trust scheme is defined as follows: (b) Energy ðd i,j , ε amp , f amp , E elec Þ ↦ ðT 2 ði, jÞÞ: d i,j is the transmission distance, ε amp is in free space, f amp is the unit energy consumption coefficient in multipath attenuation model, E elec represents the energy consumption when receiving data, and T 2 ði, jÞ is the energy trust.
(c) Probabilistic trust against attacks ðV M , r s , LÞ ↦ ðT 3 ði, jÞÞ: the set V M is the malicious nodes, r s is the sensing radius, L represents the side length of rectangular detection area, and T 3 ði, jÞ is the attacked trust.
(d) Aggregation ðT n ði, jÞ, w n Þ ↦ ðTði, jÞÞ: T n ði, jÞ is the multitype trust values containing all the above types of trust variables. w n symbols the weight set of each trust variable. Then, the aggregation Tði, jÞ will be output.    Wireless Communications and Mobile Computing specific trust evaluation method is given. We separately calculated communication trust, energy trust, and attacked trust. Finally, a weight distribution scheme combined with information entropy is proposed to aggregate the mentioned multitype trust. The multitype trust aggregation model is expressed as where 0 ≤ w n ≤ 1, w 1 + w 2 + ⋯w n = 1; w n is the weight factor of the multitype trust; and T n ði, jÞ is the multitype trust.  [26], which is expressed as where the successful interactions is α and the unsuccessful number is β, 1 − β/W is the penalty function, and 1 − 1/ ðα + δÞ is the adjustment function.
Suppose that the number of successful direct interaction is O i,j ; otherwise, it is R i,j . Therefore, the trust expression for direct communication between nodes i and j is The mathematical trust expectation probability from i to j is expressed as the communication trust value in a round. So, the directly connected node communication trust is Here, n represents the amount of time windows within the effective operation time of the HWSNs.
In the case of the relay communication, node i needs to use k relay nodes to communicate with node j. The relay node z recommends an indirect trust value of node j to node i in the trust calculation model of node i for node j. The indirect trust calculation model in communication trust is shown as follows: When node i and node j are neighbor nodes, the communication trust model will be calculated by Equation (4). Otherwise, Equation (5) will give the indirect communication trust value.

Energy Trust.
In hybrid sensor networks, energy consumption is divided into two types, namely, communication and mobile consumption. Static nodes only include communication loss, while mobile nodes include both communication and mobile loss. In communication energy loss, when node i sends n bits information to node j successfully, the communication energy consumption model can be given as follows: where d ij is the realistic transmission distance, d 0 represents the threshold of distance, E elec represents the consumption of energy by the circuit for transmitting or receiving data per bit, and ε amp and f amp denote the energy loss in the free space and the multipath attenuation. So d 0 can be expressed Additionally, the energy consumption during the movement should also be considered. The energy consumption can be expressed as follows: where d represents the side length of a square grid in the network and F x i and F y i are the virtual force received by node i. In a mobile period, the remaining energy of the node is where E N symbols the remaining energy of the current node and E t represents the initial energy. Usually, mobile nodes have a higher initialization energy level than static nodes.

Probabilistic Trust against Attacks.
When there are malicious nodes in the HWSNs, the innocent nodes communicating with the malicious nodes have the probability of being polluted. In this subsection, the Euclidean distance relationship analysis between nodes is utilized to assess the probability of defense against attacks between innocent sensor nodes. The ability of an innocent node defending against attacks indicates the trust degree of the sink node to those nodes. The higher the probability of an innocent node being attacked, the lower the trust degree, and vice versa.
According to the Euclidean distance between innocent nodes and a malicious node. E 1 and E 2 are defined as two different events. E 1 denotes the Euclidean distance between innocent nodes, and a malicious node j is less than the r c of malicious nodes, and it can be expressed as V n ∩ N − ðjÞ ≠ ∅. E 2 denotes the Euclidean distance is longer than the 5 Wireless Communications and Mobile Computing communication radius, and it can be showed as V n ∩ N − ðjÞ = ∅, where j ∈ V M and N − ðjÞ is the neighbor of malicious node j.

Lemma 2.
Nodes i and j are randomly deployed in the L × L rectangular monitoring region, in which the communication radius r ∈ ð0, W/2Þ. The distribution of nodes i and j is given as According to Lemma 2, if two nodes in the monitoring area can communicate with each other, the probability is Dðd i,j ≤ rÞ. For node a, i.e., ∀a ∈ V n , the probabilty of the node a that can communicate with malicious node j is Therefore, the probability of E 1 and E 2 can be given as follows: Finally, the probability trust against attacks can be expressed as follows:

Trust Aggregation.
The weight relationships between the trust measures are more objectively determined. Information entropy can express the probability of a certain specific information, so it can be used to calculate the weights of uncorrelated subtrust distributions. The probability formula of information entropy is as follows: where μ is the information variable and QðμÞ is the probability distribution function. Supposing that R is the recommended trust from three types of subtrust evaluation parameters, 1 − R is the degree to which these trust levels are suspected. With the above assumptions, the recommendation function of trust degree is When there are multiple types of recommended trust values, not all trust values have the same recommendation weight. The weight of each trust value is independent, and it occupies a different degree of importance in the overall recommendation. Therefore, the weight entropy of R k ij can be given as follows: In practical applications, malicious nodes in the HWSNs usually disguise or slander the recommended trust value to deviate from the correct estimated value. Moreover, the previous trust weight distribution schemes often adopt artificial weight preset methods, which further leads to the deviation of trust weight distribution from objectivity. The information entropy weight distribution scheme can effectively reduce the degree of defamation of malicious nodes. According to Equation (15), the trust weight distribution can be given as follows: Therefore, the final trust can be expressed as follows:

The Privacy-Preserving Signature Scheme
In the HWSNs, the trust evaluation of each nodes can drive the mobile nodes to a safer location. However, the data transmission security should also be considered to prevent pollution attacks. To solve the above problem, a novel privacypreserving signature scheme is proposed.

Related Knowledge.
In this subsection, some mathematical knowledge is related to the hardness and bilinear cyclic map is provided to support our scheme. Suppose there are two bilinear cyclic groups H and H T with the same prime number. They both have nondegeneracy and bilinearity and are computable. Generally, the security strength of privacy-preserving signature scheme depends on the hardness of the bilinear cyclic. For F = ðh, h x Þ, where x ∈ ℤ * p , no polynomial algorithm can be calculated to obtain x.

Privacy-Preserving
Signature Scheme. According to the above assumption of the cyclic group of the bilinear mapping, we give a complete privacy-preserving signature scheme including six probabilistic subalgorithms. The detailed scheme construction is given as follows: The resource data transmitted in the network is divided into n data blocks w ∈ Q i . f : f0, 1g * × f0, 1g * × κ ↦ F p is a random function; the encryption matrix is The coding vector is c = ðw 1 ,⋯,w m Þ, and the payload of w is w p = ðw m+1 ,⋯,w m+n Þ. Then, Encryptðk, (c) According to the above parameters sk and w, the signature of the data block σ can be given as follows: Then, the combined signature of the encoded data block is ðw r , σ r Þ, w r , and σ r are computed as follows: The combined signature is ξ r = ðId i , w r , σ r Þ (d) According to the given public key, the signature is verified as follows: When υ 1 = υ 2 , the verification is successful The coding data is decrypted as c D = c E ⋅ G D . Then, the original block is calculated as follows:

Defense against Eavesdropping Attacks
Definition 3. When the i-th data block fw i g q i=1 is maliciously eavesdropped, the probability function of the native data recovery is negligible. Theorem 4. The privacy-preserving signature scheme can resist the eavesdropping attacks.
Proof. When the eavesdroppers collect the i-th linear combination of data blocks fw i g q i=1 , the data block can be analyzed as another expression as follows: where eb i,j = ðc i,j , x i,j Þ ∈ F m+n p and x i,j is the native message. Then, the encryption matrix of the encoding vector w i can be expressed as follows: If the attackers want to successfully native message, α i,j ð1 ≤ i ≤ q, 1 ≤ j ≤ mÞ must be randomly selected from F p , and the randomly selected matrix is denoted as C D . According to [27], the probability that the native message is recovered can be expressed as where PðC D Þ is the probability of decryption matrix is computed and P½rank ðC D Þ = m is the probability of matrix with same rank, which can be expressed as Meanwhile, PðC D Þ = 1/p m , then, the recover probability can be rewritten as P = P½rank ðC D Þ = m/p m .
Finally, the probability that the native message is recovered can be expressed as This completes the proof.

The Privacy-Preserving Mobile-Coverage Scheme Based on Trustworthiness
In Section 5, we proposed a privacy-preserving signature scheme and proved its effectiveness against eavesdropping attacks, after ensuring the security of data transmission 7 Wireless Communications and Mobile Computing during the movement. Then, how to select the safest mobile nodes to move in an iteration should be considered.
The privacy-preserving mobile coverage scheme based on trustworthiness (PP-MSTW) we proposed is shown in Figure 4. The mobile coverage scheme contains four phases, namely, destinations, mobility control, mobile coverage, and trust computation. Meanwhile, the privacy-preserving scheme will run during the network life when nodes exchange data. The data transmission format between nodes is shown in Figure 5. The data packet type, trust mark, neighbor node information, and the trust generation are defined in the transmitted data. (d) Trust update (T i ↦ T i+1 ): after the sink node obtains the trust T i of the previous generation, the highest trusted mobile node will perform the movement operation in a round G. When the movement is completed, the next-generation trust T i+1 will be calculated according to the new topology in the HWSNs.
(e) Maximum coverage: as the nodes of each generation move, the network coverage will gradually increase. When the network coverage reaches the highest value and does not change, the network deployment is completed.
As shown in Figure 4, the execution flowchart of PP-MSTW is as follows: (1) Hybrid wireless sensor network initialization and two types of nodes are randomly deployed in the L × L rectangular region (2) The trust of all nodes in the network will be calculated. The static node with the lowest degree of trust is confirmed as the next-generation pollution node (3) The sink node selects the highest trusted mobile node to move within a generation G. The virtual force algorithm and the Voronoi diagram strategy determine the moving direction and distance of the node (4) After performing the above operations, the trust of each node will be updated according to the location of the next-generation pollution node and the updated network topology (5) As long as there is traffic between nodes in the network, the privacy-preserving scheme will be implemented The MSTW algorithm shows the specific execution process of trust mobile, which will give updated trust U m and network coverage p.

Simulation Result Analysis.
The PP-MSTW is composed of two parts including privacy-preserving signature scheme and mobile coverage based on trustworthiness (MSTW) algorithm. In Subsection 5.3, the theoretical correctness of the signature scheme is proven. In this subsection, the communication and computation overhead of the MSTW are analyzed in detail. Simulation experiment is constructed in the softwares OMNET++ and MATLAB.
where s is the number of successful data exchanges between nodes in each generation and f represents the failures. Meanwhile, the sink node will calculate the position of the next generation of nodes according to the virtual force algorithm, and the mobile signal l will be sent to the mobile node that needs to move. Generally, mobile nodes have the highest trust. The growth rate of communication overhead about the MSTW is shown in Figure 6. As the sink node sends more and more mobile signal, the growth rate of communication overhead in the HWSNs is the lowest compared to previous studies. In HWSNs, the number of successful communications between nodes is much higher than the number of failures.

Computation Overhead.
Network computation overhead is mainly divided into four parts including communication trust, energy trust, probabilistic trust against attacks, and virtual force. All calculations are performed on F q , where the number of multiplications implies the computation overhead.
In communication trust, Equation (5) shows that communication trust needs to be calculated n 2 − n + 1 times on a finite filed F q , and so the computation overhead is O c = n 2 − n + 1.
In energy trust, the computation overhead in energy trust can be easily derived as O e = n 4 .
Our scheme is compared with other trust computing schemes; ours mainly includes probabilistic trust against attacks. According to the above formula for resisting attacks probability, the computation overhead can be expressed as follows: In addition to the computation overhead in the trust evaluation process, the computation overhead of the trust mobile algorithm should also be considered. The computation overhead in trust mobile mainly includes virtual force algorithm. Research [28] shows that the computation overhead of the virtual force algorithm is O v = nðn − 1Þ.
Finally, the overall computation overhead of the MSTW within a generation G is expressed as follows: According to the virtual force and voronoi theory, the combined force F s = fF s 1 , F s 2 , ⋯, F s m gof mobile nodes in a rectangular region L × L is calculated.

5:
Select Max ðU s Þ; Where there are first generation pollution nodes in the network. 6:   Table 1 demonstrates the comparison of computation overhead, in which our MSTW has almost the same computation overhead as several other previous schemes, and both are approximately equal to O computation ≈ Oðn 4 Þ. Figure 6 shows our scheme has the lowest communication overhead in each generation of data communication. In Figure 7, the maximum coverage that all nodes in HWSNs can reach is given during the network life. Compared with the previous schemes, the network coverage of our scheme is 1.3% lower than the maximum coverage achieved by the previous schemes. In summary, our MSTW can guarantee a high coverage under the condition of deployment security and does not increase the computation and communication overhead at the same time.

Conclusion
For security HWSN deployment, a novel privacy-preserving mobile coverage scheme based on the trustworthiness is proposed. The scheme can ensure the communication data integrity and confidentiality in the network coding communication. Firstly, a comprehensive trust evaluation method based on historical communication data, energy, and the probability of nodes being attacked is constructed. Then, a privacy-preserving signature scheme is applied to the network for resisting pollution and eavesdropping attacks. Finally, the PP-MSTW is constructed to maximize network coverage under the premise of ensuring the security of node communication.
From analyzing the mathematical theory and result of simulation, the PP-MSTW we proposed can guarantee the security in data communication under the theoretical analysis. The communication and computation overhead of the scheme are lower than those of the previous algorithms. Moreover, the scheme we proposed can obtain the optimal solution for coverage under the premise of security in the network deployment.
In the future research, we will use artificial intelligence methods to analyze network trust and then study game theory methods to adjust network defense strategies and ultimately further improve network robustness.

Data Availability
No data were used to support this study.

Conflicts of Interest
The authors declare that they have no conflicts of interest. Communication overhead The scheme in [30] The scheme in [31] The scheme in [29] MSTW Figure 6: The communication overhead of different schemes.