一种新颖的移动自组网灰洞攻击检测方案

移动自组网(mobile ad hoc networks,MANETs)是典型的分布式网络,没有集中式的管理节点,网络拓扑动态变化,而且网络带宽有限.移动自组网无网络基础设施的特点,使其易于受到各种拒绝服务攻击(denial of service,DoS).灰洞攻击是一种类型的拒绝服务攻击,攻击者在网络状态良好的情况下,首先以诚实的方式参与路由发现过程,然后以不被察觉的方式丢弃部分或全部转发数据包.首先介绍了相关工作、DSR算法、聚合签名算法和网络模型.然后基于聚合签名算法,给出了用于检测丢包节点的3个相关算法:证据产生算法、审查算法和诊断算法.证据产生算法用于节点产生转发证据;审查算法用于审查源路由节点;诊断算法用于确定丢包节点.最后分析了算法的效率.ns-2仿真结果表明,在移动速度中等的网络中,提出的算法可以检测出多数丢包节点,且路由包开销较低.舍弃含丢包节点的路由后,数据发送率有相应的改善.

A Novel Gray Hole Attack Detection Scheme for Mobile Ad-Hoc Networks

Mobile ad hoc networks(MANETs) are typical distribution networks,which have unique characteristics and constraints such as none centralized control,dynamically changed network topology,and limited bandwidth.For the absence of fixed network infrastructure,MANETs are vulnerable to various types of denial of service(DoS) attacks.The gray hole attack is a kind of DoS attacks.In this attack,an adversary silently drops some or all of the data packets sent to it for further forwarding even when no congestion occurs.Firstly,related works,DSR protocol,aggregate signature algorithm and network model are introduced.Secondly,a scheme based on aggregate signature is proposed to trace packet dropping nodes.The proposal consists of three related algorithms:the creating proof algorithm,the checkup algorithm and the diagnosis algorithm.The first is for creating proof,the second is for checking up source route nodes,and the last is for locating the malicious nodes.Finally,the efficiency of the proposal is analyzed.The simulation results using ns-2 show that in a moderately changing network,most of the malicious nodes could be detected,the routing packet overhead is low,and the packet delivery rate is improved after abandoning routes containing bad nodes.