无线传感器网络中基于路径序列检测的安全机制

针对无线传感器网络(WSN)中容易受到的攻击的问题,提出一种新的基于路径序列检测的安全机制。该机制通过构建合理的路径序列并进行安全验证来实现数据包的路由规则检测及上一跳节点的身份认证,保证路由规则的正确性和数据的真实性。经过性能分析和仿真实验表明该机制在网络规模增加的情况下攻击检测失效的概率不会降低,所提策略能有效地检测出恶意篡改数据传输路径的路由攻击,提升无线传感器网络的安全性。     

一种改进的GPSR算法

由于自然环境和传感器节点自身的原因,在无线传感器网络中很难避免出现洞.GPSR路由算法中数据包沿洞边界传送,它容易导致洞边界节点能量过度消耗和数据碰撞,没有很好地解决局部最优现象问题.本文提出的改进算法给出了源节点和目的节点出现在网络中任何位置的洞路由方案,优化了洞路由路径,合理解决了无线传感器网络中的洞路由问题.     

无线传感器网络中组播路由协议分析

无线传感器网络由小型无线通信传感设备密集部署形成。组播是一种将数据包从源节点有效传递到一组目的节点的基本路由服务技术。组播协议中,源节点到目的节点的一些路径可由多个目的节点共享,所共享的路径越大,总带宽消耗越低。在分析无线传感器网络基本特征的基础上,对无线传感器网络中现有的组播路由协议进行了分类分析和比较,最后对无线传感器网络组播路由协议的未来发展趋势提出展望。     

无线多媒体传感器网络能量敏感多路径路由

针对节点能量分布不均匀的无线多媒体传感器网络中大数据量传输问题,提出一种无线多媒体传感器网络能量敏感多路径路由算法EACM。该算法通过平衡路由节点间剩余能量差异,调节多路径聚集程度来均衡网络能耗减少数据包在路径上的延迟。仿真结果表明EACM算法能有效地延长网络生存期,减少数据包在路径上的时延。     

面向环境感知的无线传感网络路由方法综述

路由传输与数据聚合是无线传感器网络中 的两个重要方面,有着广泛的应用。网络的多样性 导致没有普适的路由算法与数据聚合方案,因此对二者进行总结很有必要。对无线传感器网络中的路由方法与数据聚合进行了总结。首先,介绍了典型的无线传感器网络路由方法;其次,面向多类传感器描述了不同的数据聚合与路由方法;然后,阐述了一维传感器网络中的数据收集与路由方法;最后,总结了相关的研究方向和发展趋势。     

无线传感器网络中一种基于行进启发的地理位置路由

为了节省传感器节点有限的能量,针对无线传感器网络"多对一"通信的特点,提出了一种新的、基于地理位置信息的路由协议--基于行进启发的地理位置路由,该协议不需要等到数据包遇到"空洞"时才采取措施,而是在数据包离空洞还有一定距离时就提前绕开它,从而少走了弯路,减少了能量消耗.模拟研究表明,采用该协议建立路由的过程快速、开销小,数据传送的路径长度短,可适用于大规模的无线传感器网络,     

无线传感网中一种低成本的信息质量感知路由协议

当无线传感器网络出现感兴趣的事件时,可能导致多个传感器被激活,出现数据爆炸和冗余。数据融合技术利用传感器数据间的时空相关性,降低了流量负载和数据拥塞,然而这会降低融合中心收集数据的信息质量(IQ)。鉴于此,对给定信息质量(IQ)约束条件下,如何寻找成本最低的路由树问题展开研究。该问题属于NP难解的Steiner树问题,提出一种IQ感知路由协议。该协议构建一个可以跨越无线传感器网络所有传感器的基于距离的初始融合树,当数据包到达融合中心时,它将利用贪婪近似算法修剪原先的融合树,进而保证:(1)生成的融合树的累积IQ满足给定的IQ约束;(2)修剪过后融合树上被激活节点收集数据的成本最低。仿真实验结果表明,该方案在提高数据融合质量和降低通信成本方面的性能都要优于已有的方案。     

WSN中基于等高度路由的源位置隐私保护

在无线传感器网络中,网络中的攻击者可以通过逆向、逐跳追踪数据包的方式追踪到源节点的位置,进而危害目标对象,所以对源位置的隐私保护很重要,但已有保护源位置隐私的幻影路由协议可能产生失效路径,从而缩短安全时间。为此,提出一种有向等高度路由与幻影路由相结合的源位置隐私保护协议。数据包在进行幻影路由之前先进行h+r跳的有向等高度路由,之后再发起幻影路由过程,以避免失效路径的产生,并增加有效路径的数量。实验结果表明,当源节点位置不变时,增加少量的数据包转发开销,源节点的安全时间可以增加50%,当源节点位置变换频繁时,通信开销也明显低于PUSBRF等协议。     

基于模糊综合评判的多sink最优路由算法

基于模糊综合评判,提出一种针对无线传感器网络的多sink最优路由算法。考虑路径最小剩余能量、路径最小平均链路质量和节点到sink的跳数等因素,通过路由发现、数据传输和路由更新3个过程,得到节点到多个sink的分布式路由。OMNeT++仿真结果表明,该算法能延长网络生存期,提高数据包交付率,并将路由建立时发送的数据包数量控制在尽量少的范围内。     

无线传感器网络源节点隐私位置信息保护研究

为了确保无线传感器网络中的源节点位置不被恶意泄露,保障其安全性能与网络能耗均衡,提出一种无线传感器网络源节点隐私位置信息保护方法.以熊猫-猎人位置隐私保护模型为基础,构建一个六元组系统防御攻击模型;利用该模型通过随机数机制得到幻影节点的随机有向漫步跳数,使用概率转发路由把数据包从幻影节点转发到集合节点,减少重叠路径发生的概率,提升源节点隐私位置信息的安全系数.实验结果表明,无线传感器网络源节点隐私位置信息保护方法可以有效降低路径重复概率和数据包传输时延,最大程度保证源节点的隐私安全,且网络能耗较小,具备极高的实用性.     

无线Ad Hoc网络中增强安全性的多路径路由算法

针对无线ad hoc网络的数据安全性问题,提出了一种增强安全性的多路径路由算法．该算法通过目标节点发送检测数据包的机制,动态维护多路径路由信息的有效性．源节点则根据收到检测包的信息自适应地更新当前的最优传输路径,充分利用路由寻找及维护过程中的信息建立多条可用路径,提供最优的路由方案,并增强了无线ad hoc网络数据传输的安全性．仿真结果表明此算法的数据传输安全性达到了合理的水平．     

Route manipulation aware Software-Defined Networks for effective routing in SDN controlled MANET by Disney Routing Protocol

In MANET network management, the Software-Defined Networking (SDN) plays a vital role in terms of controller plane and data plane. It is always easy to manage the data communication over the MANET because of logically centralized control on the SDN. Since the dynamic route on MANET, are controls the packets and changes the route between the source to destination alternatively. Hence the maintenance of real-time SDN analysis-based application planes is a crucial process. To maintain the effective MANET communication over the Software-Defined Network, it essential to improve the control and data plane process on the SDN controlled MANET based OpenFlow switching procedure. Nevertheless, SDN allows for route interaction against security threads. In this research article, the four stages were suggested to preserve the security measures in packet-based data transmission that are conceived in MANET. In this article, an SDN controlled MANET based OpenFlow switching scenario for effective security threading is proposed. The major part played by an SDN controlled MANET in bringing about a result of being effective without wasting time and energy on routing. The proposed Distinct Network Yarning (DISNEY) routing protocol for SDN controlled MANET overcomes the congestion communication on MANET routing. To decrease performance degradation, efficient routing is maintained by the route matrix manipulation table. This routing scheme helps to find the optimal routing with a secure and intelligent manner. The proposed result was compared to existing approaches. As a result, the proposed illustration to be improved by routing and data transmission. In comparison to the proposed method achieves a better ratio for packet transmission delay, throughput, and data transmission rate.     

Prevention of Black Hole Attack in Multicast Routing Protocols for Mobile Ad-Hoc Networks Using a Self-Organized Public Key Infrastructure

ABSTRACT

A mobile ad-hoc network (MANET) is an autonomous system of mobile nodes connected by wireless links in which nodes cooperate by forwarding packets for each other thereby enabling communication beyond direct wireless transmission range. Example applications include battlefield communication, disaster recovery operations, and mobile conferencing. The dynamic nature of ad-hoc networks makes them more vulnerable to security attacks compared with fixed networks. Providing security in mobile ad-hoc networks has been a major issue in recent years. Most of the secure routing protocols proposed by researchers need a centralized authority or a trusted third party to provide authentication. This destroys the self-organizing nature of ad-hoc networks. Black Hole attack is one of the routing attacks that occur in MANETs. In this attack, a malicious node uses the routing protocol to advertise itself as having the shortest path to the node whose packets it wants to intercept. In this article, we propose an enhanced certificate based authentication mechanism, where nodes authenticate each other by issuing certificates to neighboring nodes and generating public key without the need of any online centralized authority. The proposed scheme uses Multicast Ad-hoc On Demand Distance Vector Routing (MAODV) protocol as a support for certification. The effectiveness of our mechanism is illustrated by simulations conducted using network simulator ns-2.     

A novel forwarding and routing mechanism design in SDN-based NDN architecture

Combining named data networking (NDN) and software-defined networking (SDN) has been considered as an important trend and attracted a lot of attention in recent years. Although much work has been carried out on the integration of NDN and SDN, the forwarding mechanism to solve the inherent problems caused by the flooding scheme and discard of interest packets in traditional NDN is not well considered. To fill this gap, by taking advantage of SDN, we design a novel forwarding mechanism in NDN architecture with distributed controllers, where routing decisions are made globally. Then we show how the forwarding mechanism is operated for interest and data packets. In addition, we propose a novel routing algorithm considering quality of service (QoS) applied in the proposed forwarding mechanism and carried out in controllers. We take both resource consumption and network load balancing into consideration and introduce a genetic algorithm (GA) to solve the QoS constrained routing problem using global network information. Simulation results are presented to demonstrate the performance of the proposed routing scheme.     

卫星网络基于信任的认证路由协议

安全路由协议是保障卫星网络安全运行的一个重要因素。针对现有卫星网络路由大多缺少安全机制的问题,运用基于椭圆曲线的签名方案保证路由报文的合法性,通过改进的信任评估机制排除内部恶意节点参加选路,设计了适用于高空通信平台(HAP)/低轨道(LEO)结构的层次式安全路由协议。分析表明该协议能够抵御多种常见的路由攻击。     

基于Linux和IPSec的VPN安全网关设计与实现

IPSec协议通过对IP数据包的加密和认证能够提供网络层的安全服务，可以保证数据在传输过程中的安全；Linux是一个开放的操作系统，在开放的操作系统平台上开发的安全系统具有更高的可靠性和安全性。在此基础上设计了一种基于Linux和IPSec协议的VPN安全网关，并详细阐述设计原则、功能、安全机制以及VPN安全网关实现过程，同时对这种安全网关性能进行了分析。     

基于Linux和IPSec的VPN安全网关设计与实现*

IPSec协议通过对IP数据包的加密和认证能够提供网络层的安全服务,可以保证数据在传输过程中的安全;Linux是一个开放的操作系统,在开放的操作系统平台上开发的安全系统具有更高的可靠性和安全性。在此基础上设计了一种基于Linux和IPSec协议的VPN安全网关,并详细阐述设计原则、功能、安全机制以及VPN安全网关实现过程,同时对这种安全网关性能进行了分析。     

无线 Ad hoc 网络和传感网络中基于位置的、可靠的无信标传输路由方法

Existing position-based routing algorithms, where packets are forwarded in the geographic direction of the destination, normally require that the forwarding node should know the positions of all neighbors in its transmission range. This information on direct neighbors is gained by observing beacon messages that each node sends out periodically. Several beaconless greedy routing schemes have been proposed recently. However, none of the existing beaconless schemes guarantee the delivery of packets. Moreover, they incur communication overhead by sending excessive control messages or by broadcasting data packets. In this paper, we describe how existing localized position based routing schemes that guarantee delivery can be made beaconless, while preserving the same routes. In our guaranteed delivery beaconless routing scheme, the next hop is selected through the use of control RTS/CTS messages and biased timeouts. In greedy mode, the neighbor closest to destination responds first. In recovery mode, nodes closer to the source will select shorter timeouts, so that other neighbors, overhearing CTS packets, can eliminate their own CTS packets if they realize that their link to the source is not part of Gabriel graph. Nodes also cancel their packets after receiving data message sent by source to the selected neighbor. We analyze the behavior of our scheme on our simulation environment assuming ideal MAC, following GOAFR+ and GFG routing schemes. Our results demonstrate low communication overhead in addition to guaranteed delivery.     

一种基于跨层功率控制的Ad hoc网络路由算法*

在无线Ad Hoc网络路由协议中引入功率控制不但可以降低网络能量消耗,同时还能改善网络的吞吐量、投递率等性能,已成为当前Ad Hoc网络的一个研究热点.本文提出了一种基于跨层功率控制的按需路由算法CPC-AODV(Cross-layer Power Control Ad hoc On-demand Distance Vector).算法按需建立多个不同功率级的路由,节点选择到目的节点最小功率级的路由来传递分组,并对网络层的数据分组、路由分组和MAC层控制帧的传输采用不同功率控制策略来降低能量消耗.仿真结果表明:算法有利于降低通信能量开销,延长网络寿命,提高网络投递率及改善网络时延.