共查询到20条相似文献,搜索用时 405 毫秒
1.
基于信誉度的移动自组网入侵检测分簇算法 总被引:1,自引:0,他引:1
针对已有基于路由的分簇算法,不适用于移动自组网入侵检测的特性要求,文中提出了一种基于信誉度的入侵检测分簇算法(CIDS).该算法从簇结构安全、稳定的角度出发,采用信誉度的概念对网络节点属性进行数学抽象,定义了节点信誉度的数学表达式,选择综合信誉度高的节点收集网络教据、检测网络行为.为移动自组网入侵检测系统提供了稳定、安全的支持. 相似文献
2.
3.
MANET入侵检测技术的研究 总被引:1,自引:1,他引:0
程铃 《微电子学与计算机》2010,27(6)
移动自组网(MANET)是由移动节点自组织形成的无线网络,由于其动态拓扑的特点,容易遭受各种安全威胁,而入侵检测技术能有效地保障移动自组网的安全.对已有的分级入侵检测技术进行分析,提出一种基于区域分级的入侵检测系统(IDS),避免了对节点的重复监控及尺寸小的簇的形成,减少了节点的运算负荷与通信负荷,提高了簇头的稳定性,避免簇头频繁选举带来更多的资源消耗. 相似文献
4.
5.
6.
无线局域网中的入侵检测 总被引:2,自引:0,他引:2
首先简单描述了无线局域网(WLAN)技术IEEE802.11的最新发展现状及其安全漏洞隐患,然后介绍了入侵检测技术,并分析了WLAN内入侵检测技术的现状及实施要点,最后详细描述了应用于两种不同类型(其中包括基础结构模式和移动自组网模式)WLAN的入侵检测模型架构。这些模型架构充分考虑了WLAN的布局特点,其中基础结构模式采用可应用于大规模网络的、分布式的、基于网络的入侵检测系统,系统由中心控制台和监测代理组成;移动自组网模式内的入侵检测则采用基于主机的入侵检测系统,并在路由协议中加以实现,具有实用价值。 相似文献
7.
8.
针对移动自组网(MANET,mobile ad hoc networks)入侵检测过程中的攻击类型多样性和监测数据海量性问题,提出了一种基于改进k-means算法的MANET异常检测方法。通过引入划分贡献度的概念,可合理地计算各维特征在检测中占有的权重,并将遗传算法与快速聚类检测算法k-means相结合,解决了聚类检测结果容易陷入局部最优的问题,进而,提出了以上检测算法在MapReduce框架下的设计方案,利用种群迁移策略在分布式处理器上实现了并行聚类检测。实验结果证明了该方法的检测准确率和运行效率均优于传统聚类检测方法。 相似文献
9.
多路径为移动自组网络提供的容错、负载均衡与QoS支持较单路径更有效可行,所以在战术无线自组网等类似系统中采用多径路由策略更能满足系统的实际需求.另外,这类系统对安全性的要求除了基本的通信内容机密、完整与可用等特性外,还要求通信者的身份与位置对敌人保密,为通信者及其使命提供保护.鉴于现有的移动自组网络的匿名路由协议都不是实用的多径路由协议,且未能有效防御被动攻击、拜占庭行为以及匿名的不充分性,本文设计了一种新型安全匿名的多径路由协议,其特点是:在移动自组网络中采用单私钥多公钥密码体制、Bloom Filter与轻型洋葱盲化算法,来实现通信者身份匿名、位置隐藏与路由不可追踪;为源节点提供充分的路由信息,基于充分的信息使用强化学习算法来提高系统抵御被动攻击与拜占庭攻击等路由安全攻击的能力,并增强数据传输的可靠性.通过仿真与分析,显示了算法有较好的性能并达到了所定义的匿名安全要求. 相似文献
10.
1 移动自组网的特点移动自组网( MANET )是新型的无线移动网络,它不依赖固定网络设施,是能快速展开、自治、多跳的网络结构。它由一组带有无线收发装置的节点组成,整个网络通过移动节点间的相互协作保持网络互联。网络中的每个节点都能快速移动,同时具备主机和路由器功能。移动自组网的前身是分组无线网(packet radio),美国国防部远景规划局( DARPR )于20 世纪70 年代启动该研究项目,最初的研究是为了满足军事需要。1996 年,因特网任务工程组(IEFT )成立了专门的移动自组网小组。与其他网络相比,移动自组网具有以下特点: (… 相似文献
11.
Security is the major issue in wireless sensor networks and many defence mechanisms have been developed to secure the network from these alarming attacks by detecting the malicious nodes which hinder the performance of the network. Sybil attack can make the network vulnerable. Sybil attack means a node which illegitimately claims multiple identities. This attack threatens wireless sensor network in routing, voting system, fair resource allocation, data aggregation and misbehaviour detection. Hence, the research is carried out to prevent the Sybil attack and improve the network performance. The node ID-based scheme is proposed, where the detection is based on node registration, consisting of two phases and the assignment of ID to the node is done dynamically. The ID's corresponding to the nodes registered is at the base station and the node active time is monitored, any abnormalities in the above phases confirm the presence of Sybil nodes in the network. The scheme is simulated using NS2. The energy consumed for this algorithm is 2.3?J. The proposed detection scheme is analysed based on the network's PDR and found that the throughput has improved, which prove that this scheme may be used in the environment where security is needed. 相似文献
12.
13.
A mobile ad hoc network (MANET) does not have traffic concentration points such as gateway or access points which perform behaviour monitoring of individual nodes. Therefore, maintaining the network function for the normal nodes when other nodes do not forward and route properly is a big challenge. One of the significant attacks in ad hoc network is wormhole attack. In this wormhole attack, the adversary disrupts ad hoc routing protocols using higher bandwidth and lower-latency links. Wormhole attack is more hidden in character and tougher to detect. So, it is necessary to use mechanisms to avoid attacking nodes which can disclose communication among unauthorized nodes in ad hoc networks. Mechanisms to detect and punish such attacking nodes are the only solution to solve this problem. Those mechanisms are known as intrusion detection systems (IDS). In this paper, the suggested biological based artificial intrusion detection system (BAIDS) include hybrid negative selection algorithm (HNSA) detectors in the local and broad detection subsection to detect anomalies in ad hoc network. In addition to that, response will be issued to take action over the misbehaving nodes. These detectors employed in BAIDS are capable of discriminating well behaving nodes from attacking nodes with a good level of accuracy in a MANET environment. The performance of BAIDS in detecting wormhole attacks in the background of DSR, AODV and DSDV routing protocols is also evaluated using Qualnet v 5.2 network simulator. Detection rate, false alarm rate, packet delivery ratio, routing overhead are used as metrics to compare the performance of HNSA and the BAIDS technique. 相似文献
14.
Jun-Won HoAuthor Vitae Matthew WrightAuthor VitaeSajal K. DasAuthor Vitae 《Ad hoc Networks》2012,10(3):512-523
In wireless sensor networks, sensor nodes are usually fixed to their locations after deployment. However, an attacker who compromises a subset of the nodes does not need to abide by the same limitation. If the attacker moves his compromised nodes to multiple locations in the network, such as by employing simple robotic platforms or moving the nodes by hand, he can evade schemes that attempt to use location to find the source of attacks. In performing DDoS and false data injection attacks, he takes advantage of diversifying the attack paths with mobile malicious nodes to prevent network-level defenses. For attacks that disrupt or undermine network protocols like routing and clustering, moving the misbehaving nodes prevents them from being easily identified and blocked. Thus, mobile malicious node attacks are very dangerous and need to be detected as soon as possible to minimize the damage they can cause. In this paper, we are the first to identify the problem of mobile malicious node attacks, and we describe the limitations of various naive measures that might be used to stop them. To overcome these limitations, we propose a scheme for distributed detection of mobile malicious node attacks in static sensor networks. The key idea of this scheme is to apply sequential hypothesis testing to discover nodes that are silent for unusually many time periods—such nodes are likely to be moving—and block them from communicating. By performing all detection and blocking locally, we keep energy consumption overhead to a minimum and keep the cost of false positives low. Through analysis and simulation, we show that our proposed scheme achieves fast, effective, and robust mobile malicious node detection capability with reasonable overhead. 相似文献
15.
Vishvas Haridas Kshirsagar Ashok M. Kanthe Dina Simunic 《Wireless Personal Communications》2018,100(2):311-320
The mobile ad hoc network (MANET) is communication network of a mobile node without any prior infrastructure of communication. The network does not have any static support; it dynamically creates the network as per requirement by using available mobile nodes. This network has a challenging security problem. The security issue mainly contains a denial of service attacks like packet drop attack, black-hole attack, gray-hole attack, etc. The mobile ad-hoc network is an open environment so the working is based on mutual trust between mobile nodes. The MANETs are vulnerable to packet drop attack in which packets travel through the different node. The network while communicating, the node drops the packet, but it is not attracting the neighboring nodes to drop the packets. This proposed algorithm works with existing routing protocol. The concept of trusted list is used for secure communication path. The trusted list along with trust values show how many times node was participated in the communication. It differentiates between altruism and selfishness in MANET with the help of energy level of mobile components. The trust and energy models are used for security and for the differentiation between altruism and selfishness respectively. 相似文献
16.
Mobile ad hoc network is open medium and infrastructure-less network. Mobile ad hoc network is susceptible to various security attacks such as, black hole attack, gray hole attack, bad mouthing attack, sybil attack and worm hole attack due to open medium, infrastructure-less features and lack of in-built security. In black hole attack and gray hole attack, attacker falsely sends route reply and dropped data packets received from source node. Due to these attacks, performance of mobile ad hoc network decreases. This paper proposes a time stamp-based algorithm which is an enhanced version of existing IDSNAODV algorithm. Proposed algorithm modifies existing palling process to validate identity of observer nodes using a time stamp-based approach. Based on defined set of rules and recorded activities report, source node decides the nature of target node. The performance of proposed algorithm is evaluated using the network simulator. The proposed algorithm shows improved performance for packet delivery ratio, throughput and routing overhead as compared to existing algorithm.
相似文献17.
Bounpadith Kannhavong Hidehisa Nakayama Nei Kato Abbas Jamalipour Yoshiaki Nemoto 《International Journal of Communication Systems》2007,20(11):1245-1261
A mobile ad hoc network (MANET) is a collection of mobile nodes which are able to communicate with each other without relying on predefined infrastructures or central administration. Due to their flexibilities and easy deployment, MANET can be applied in situation where network infrastructures are not available. However, due to their unique characteristics such as open medium and the lack of central administration, they are much more vulnerable to malicious attacks than a conventional infrastructured wireless network. MANET employs routing to provide connectivity for mobile nodes that are not within direct wireless transmission range. Existing routing protocols in MANET assume a trusted and cooperative environment. However, in hostile environment, mobile nodes are susceptible to various kinds of routing attacks. In this paper, we show that an OLSR MANET node is prone to be isolated by malicious attack called Node Isolation attack. After analysing the attack in detail, we present a technique to mitigate the impact of the attack and improve the performance of the network when the attack is launched. The results of our implementations illustrate that the proposed solution can mitigate the attack efficiently. Copyright © 2007 John Wiley & Sons, Ltd. 相似文献
18.
Many errors in data communication cause security attacks in Internet of Things (IoT). Routing errors at network layer are prominent errors in IoT which degrade the quality of data communication. Many attacks like sinkhole attack, blackhole attack, selective forwarding attack and wormhole attack enter the network through the network layer of the IoT. This paper has an emphasis on the detection of a wormhole attack because it is one of the most uncompromising attacks at the network layer of IoT protocol stack. The wormhole attack is the most disruptive attack out of all the other attacks mentioned above. The wormhole attack inserts information on incorrect routes in the network; it also alters the network information by causing a failure of location-dependent protocols thus defeating the purpose of routing algorithms. This paper covers the design and implementation of an innovative intrusion detection system for the IoT that detects a wormhole attack and the attacker nodes. The presence of a wormhole attack is identified using location information of any node and its neighbor with the help of Received Signal Strength Indicator (RSSI) values and the hop-count. The proposed system is energy efficient hence it is beneficial for a resource-constrained environment of IoT. It also provides precise true-positive (TPR) and false-positive detection rate (FPR).
相似文献19.
Wireless Mesh Networks is vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, lack of centralized monitoring and management point. The raditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective for those features. In this paper, we propose a distributed intrusion detection approach based on timed automata. A cluster-based detection scheme is presented, where periodically a node is elected as the monitor node for a cluster. These monitor nodes can not only make local intrusion detection decisions, but also cooperatively take part in global intrusion detection. And then we construct the Finite State Machine (FSM) by the way of manually abstracting the correct behaviors of the node according to the routing protocol of Dynamic Source Routing (DSR). The monitor nodes can verify every node's behavior by the Finite State Machine (FSM), and validly detect real-time attacks without signatures of intrusion or trained data. Compared with the architecture where each node is its own IDS agent, our approach is much more efficient while maintaining the same level of effectiveness. Finally, we evaluate the intrusion detection method through simulation experiments. 相似文献
20.
针对聚类无线传感器网络安全的问题,将移动代理技术与分布式入侵检测技术相结合,提出了一种基于移动代理的无线传感器网络分布式入侵检测方案,采用了多个代理模块进行分布式协作,运用一种基于聚类的分布式入侵检测算法,从节点上收集和处理数据,减少网络负载、促进效率平衡,能够满足WSNs的要求和限制。从而达到提高无线传感器网络的安全性、可靠性,降低入侵检测能量消耗的目的。 相似文献