Ad Hoc网络中一种基于救赎机制的信任模型

在Ad Hoc网络中,节点由于自私等恶意原因以及链路错误导致拒绝转发数据,需要采用适当的机制来提高网络的转发性能。提出一种Ad Hoc网络中的信任模型来激励节点间的协作,在此信任模型中,每个节点通过直接监控和其它节点的推荐监控信息共同完成对邻居节点的信任评价,并维护所有邻居节点的信任值,同时在信任值更新和重建中引入信任值衰退和信任救赎机制来体现模型的健壮性。实验表明该信任模型中的信任救赎机制能提高网络可用性,且该模型有效抑制了恶意节点的行为。     

一种解决ad hoc网络中自私节点安全问题的方法

移动ad hoc网络（MANET）路由和分组转发功能需要节点间的相互合作，自私节点为节约能量而不参与合作，将会影响网络的正常工作．因此本文将针对自私节点危害和解决方法展开分析，并提出一种改进解决方法——基于可信任中心服务器和邻居监测的合作增强机制，该方法不但能够激励节点间的相互合作，而且有效地解决了自私节点改变用户身份的欺骗攻击．最后，仿真结果表明这种合作增强机制对自私节点安全问题是有效的，并且易于实用化．     

基于信誉的延迟容忍网络激励方案

由于长延迟、频繁中断等特性,延迟容忍网络采用“存储-携带-转发”的路由方式实现报文的传递.这种传输方式建立在网络节点互相信任,诚实合作的假设之上.然而,由于受到自身资源的限制,网络中存在自私节点拒绝参与网络合作的行为,导致网络传输性能下降,甚至无法正常运行.针对此类问题,本文提出一种基于信誉的延迟容忍网络激励方案,鼓励节点共享资源,并约束自私行为.设计了一种观测协议,以解决延迟容忍网络环境下对网络节点行为的观测问题;提出了一种信誉模型,通过信任值评价节点的可信程度,从而优化路由决策,惩罚自私节点.仿真结果表明了本文提出的激励方案的有效性和可行性.     

无线Mesh网络中激励机制研究

为了激励无线Mesh网络中自私节点转发数据,通过分析节点自私行为激励的原因和目标,将适用于无线Mesh网络中对节点自私行为的四类激励机制进行比较.讨论了无线Mesh网络博弈模型,并对无线Mesh网络中重复博弈模型进行理论分析.针对节点的自私行为提出了基于博弈论与信誉相结合的激励方案.仿真实验表明,该方案不仅降低了基于信誉的复杂度又能有效激励更多自私节点转发数据,从而提高了网络的整体性能.     

无线Mesh网络可信路由协议THWMP研究

为了使节点在网络中存在恶意节点和自私节点时能够选择安全可靠的路由,降低恶意节点和自私节点对无线Mesh网络带来的影响,文中通过对无线Mesh网络混合路由协议HWMP(Hybrid Wireless Mesh Protocol)和信任模型的研究,提出了基于主观逻辑信任模型的无线Mesh网络可信路由协议THWMP(Trusted HWMP),大大降低了因为信任的传递带来的网络开销,同时保证了路由的可信度。与HWMP路由协议相比较,在网络中存在恶意节点时,THWMP路由协议能够在增加有限的额外开销的情况下保证全网有较高的数据传递成功率和吞吐量。     

基于信誉值维护的机会网络自私节点检测机制

机会网络中自私节点的存在严重影响路由转发的性能。为在路由时避开此类节点、消除其对网络性能的影响,提出了一种基于信誉值维护的自私节点检测机制,通过两跳ACK消息来监测节点行为,利用监测信息计算节点的信誉值,并将其作为判断节点是否自私的依据。在多种路由算法上加载该检测机制进行仿真实验,结果表明该检测机制可准确识别机会网络中的自私节点,提高消息投递的成功率,并能有效控制消息副本数和网络开销。     

P2P网络中一种新的多层多维信誉模型

现有的信任模型大多通过单一信任值来判定节点的好坏,这种方法无法抵抗网络中的某些恶意行为,特别是对于P2P网络中独有的搭便车行为、＂公共物品的悲哀＂等问题,缺乏有效的抑制。针对这些问题,文中针对P2P网络提出了一种新的多层多维信誉模型,通过节点的信任值、贡献值、资源值等不同维度综合评价节点的信誉,并且按照信誉将节点划分为不同层次。分析可知该模型可以有效抵御多种恶意行为及多种自私行为,并能解决传统信任模型产生的一些性能问题。     

一种分布式网络环境下基于挑战-响应模型的可信评估方法

运用信任模型进行可信评估是解决分布式网络安全问题的重要手段。然而,目前大部分研究工作把研究重点放在如何收集更完整的信任证据,以及如何利用一些新手段如机器学习、区块链等评估节点信任值,很少对如何获取节点可靠的初始信任值进行研究。实际上,针对分布式网络提出的很多信任模型都依赖于历史信任证据,而初次对网络进行可信评估时并不具备相关历史信息。基于此,该文面向分布式网络环境的安全问题,提出了基于挑战-响应模型的可信评估方法。首先利用挑战-响应模型获取节点可靠的初始信任值,并利用此初始信任值对网络中的节点进行分簇,在簇内进行信任值计算和信任值更新,完成分布式网络环境下完整的可信评估流程。仿真结果表明,相较于统一设置初始信任值的方式,该文所提方法能对恶意节点、自私节点的信任值有较准确的预测,同时对恶意节点的检测率也更高。     

机会网络中自私行为影响的分析与调节

以往针对机会网络中节点自私性影响评估的研究,建立了多种分析模型,然而并未考虑如何应用这些理论模型.本文分别在网络无TTL限制和有TTL限制两种情况下,利用评估模型对自私节点的影响进行分析,并提出一种基于消息分类的自私模型,评估了自私节点对延迟和消息投递率的影响.分析表明,机会网络受自私节点的影响不仅与自私节点的数目有关,而且与节点的移动速度,消息传输范围有关.因此,可以通过调节这些参数提高网络的性能,减少自私节点的影响.首先,通过理论推导分别得出了2-hop路由和传染病路由在延迟保证下的合作节点数目和消息传输范围以及传染病路由在消息投递率保证下消息的TTL.随后,通过ONE仿真平台对自私节点影响的评估,证明自私行为影响下网络性能的理论值与实验值近似,并且证明了通过理论分析获得的参数值也与实验值近似.     

无线传感器网络中的虫洞攻击和防御

无线传感器网络被誉为21世纪三大技术之一,其安全问题受到了越来越多的关注.文章首先介绍了无线传感器网络的特征,分析了安全问题的根源,然后详细介绍了无线传感器网络中虫洞攻击的原理和破坏性,提出引入简化的marsh信任模型,将邻居节点以往表现作为信任评估的经验来源,通过具体分析确定节点的位置关系,从而避免传感器网络中的虫洞攻击,最后指出了下一步研究的方向.     

链路守卫节点合作监测检测恶意合谋攻击

针对移动Ad Hoc网络环境中合谋节点的恶意丢包行为,将源节点及其传输链路上各守卫节点所检测的结果结合起来,设计一种通过守卫节点合作监测来检测发现恶意合谋攻击的方法.NS2上仿真实验结果表明,该方法能够有效应对合谋节点的恶意丢包行为,降低恶意路由出现的概率,提高网络的分组投递率.     

Trust Based Intrusion Detection Technique to Detect Selfish Nodes in Mobile Ad Hoc Networks

The applications and protocols conceived for mobile ad hoc networks rely on the assumption of cooperation amongst the mobile nodes because of lacking infrastructure. All nodes have to spend their precious resources (e.g. battery power, memory, computational power, and network bandwidth) for routing and packet forwarding operations for other nodes, in a cooperative way in the network. However, there are some nodes that may intentionally turn themselves to behave selfishly in order to conserve their valuable resources. The selfish behaviour of such nodes drastically reduces the desired degree of cooperation amongst the mobile nodes. Over the course of time, the non-cooperative activities of, such selfish nodes would paralyze the normal functioning of the whole network. Therefore, these types of nodes should be detected and isolated from the network, as soon as they begin to exhibit their selfish behaviour. In this paper, a dynamic trust based intrusion detection technique is presented to detect and isolate the selfish nodes from the network, where the direct trust degree based on direct communication interactions and indirect (recommended) trust degree based on the neighbours’ recommendations are taking into account to accurately judge the selfishness nature of the nodes. The results obtained throughout the simulation experiments clearly show the feasibility and effectiveness of the proposed intrusion detection technique.     

Byzantine robust trust establishment for mobile ad hoc networks

In a mobile ad hoc network (MANET), the nodes act both as traffic sources and as relays that forward packets from other nodes along multi-hop routes to the destination. Such networks are suited to situations in which a wireless infrastructure is unavailable, infeasible, or prohibitively expensive. However, the lack of a secure, trusted infrastructure in such networks make secure and reliable packet delivery very challenging. A given node acting as a relay may exhibit Byzantine behavior with respect to packet forwarding, i.e., arbitrary, deviant behavior, which disrupts packet transmission in the network. For example, a Byzantine node may arbitrarily choose to drop or misroute a certain percentage of the packets that are passed to it for forwarding to the next hop. In earlier work, we proposed a trust establishment framework, called Hermes, which enables a given node to determine the “trustworthiness” of other nodes with respect to reliable packet delivery by combining first-hand trust information obtained independently of other nodes and second-hand trust information obtained via recommendations from other nodes. A deficiency of the Hermes scheme is that a node can fail to detect certain types of Byzantine behavior, such as packet misforwarding directed at a particular source node. In this paper, we propose new mechanisms to make Hermes robust to Byzantine behavior and introduce a punishment policy that discourages selfish node behavior. We present simulation results that demonstrate the effectiveness of the proposed scheme in a variety of scenarios involving Byzantine nodes that are malicious both with respect to packet forwarding and trust propagation.     

MANET 中基于信任的安全位置辅助路由模型

In view of the security weakness in resisting the active attacks by malicious nodes in mobile ad hoc networks, the trust metric is introduced to defend those attacks by loading a trust model on the previously proposed Distance Based LAR. The improved Secure Trust based Location Aided Routing algorithm utilizes direct trust and recommendation trust to prevent malicious nodes with low trust values from joining the forwarding. Simulation results reveal that ST LAR can resist attacks by malicious nodes effectively; furthermore, it also achieves better performance than DBLAR in terms of average end to end delay, packet delivery success ratio and throughput.     

DECADE: Distributed Emergent Cooperation through ADaptive Evolution in mobile ad hoc networks

The scarce resources of a mobile ad hoc network (MANET) should not be wasted attending selfish nodes (those nodes that use resources from other nodes to send their own packets, without offering their own resources to forward other nodes’ packets). Thus, rational nodes (those nodes willing to cooperate if deemed worthy) must detect and isolate selfish nodes in order to cooperate only among themselves. To achieve this purpose, in this paper we present a new game theoretic trust model called DECADE (Distributed Emergent Cooperation through ADaptive Evolution). The design of DECADE is shown by first, analyzing a simple case of packet forwarding between two nodes, and then the results are extended to bigger networks. In DECADE, each node seeks individually to maximize its chance to deliver successfully their own packets, so that the cooperation among rational nodes and the isolation of selfish nodes appear as an emergent collective behavior. This behavior emerges as long as there is a highly dynamic interaction among nodes. So, for those cases where the mobility alone does not suffice to provide this interaction, DECADE includes a sociability parameter that encourages nodes to interact among them for faster learning and adaptability. Additionally, DECADE introduces very low overhead on computational and communication resources, achieving close to optimal cooperation levels among rational nodes and almost complete isolation of selfish nodes.     

SOS: Socially omitting selfishness in IoT for smart and connected communities

Smart and connected communities (SCC) is an emerging field of internet of things (IoT), and it has potential applications to improve human life. The improvement may be in terms of preservation, revitalization, livability, and sustainability of a community. The resources of the nodes and devices in the SCC have certain constraints that may not allow the devices and nodes to cooperate to save their resources such as memory, energy, and buffer, or simply maximize their performance. Thus, to stimulate the nodes to avoid selfish behavior, SSC needs a novel and well-organized solution to motivate nodes for cooperation. This article aims to resolve the issue of selfish behaviors in SCC and to encourage the nodes for cooperation. A novel mechanism, socially omitting selfishness (SOS), has been proposed to manage/eradicate selfishness using a socially oriented election process. The election process elects different heads based on weight and cooperation (using Vickrey, Clarke, and Groves model). The election of heads and incentive mechanism encourages the nodes to show participation and behave as highly cooperative members of the community. Furthermore, an extended version of the Dempster Shafer model has been used to discourage the selfish behavior of the participating nodes in the SOS scheme. It uses different monitoring and gateway nodes to efficiently employ the proposed scheme. A mathematical model has been developed for the aforementioned aspects and simulated through NS2 simulation environment to analyze the performance of SOS. The results of the proposed scheme outperform the contemporary schemes in terms of average delivery delay, packet delivery ratio, throughput, and average energy.     

基于博弈理论的移动自组网激励机制研究

摘 要：针对移动自组网中节点在报文转发过程中的表现出的自私行为,利用博弈理论,从静态和动态2个方面对其进行了完整的建模与分析。首先,提出了一种严厉针锋相对策略,并建立了一个无限重复报文转发博弈模型,求得了激励一致性条件。然后,利用演化博弈理论对节点由自私向协作转变的动态过程进行了分析,并证明了严厉针锋相对策略的演化稳定性。仿真结果表明,即使在自私节点比率为1的条件下,只要合理选择惩罚参数,均可有效激励自私节点的协作转发行为,整体网络性能最多可提升80%。     

Reputation based selfishness prevention techniques for mobile ad-hoc networks

Mobile ad-hoc networks require nodes to cooperate in the relaying of data from source to destination. However, due to their limited resources, selfish nodes may be unwilling to forward packets, which can deteriorate the multi-hop connectivity. Different reputation-based protocols have been proposed to cope with selfishness in mobile ad-hoc networks. These protocols utilize the watchdog detection mechanism to observe the correct relaying of packets, and to compile information about potential selfish nodes. This information is used to prevent the participation of selfish nodes in the establishment of multi-hop routes. Despite its wide use, watchdog tends to overestimate the selfish behavior of nodes due to the effects of radio transmission errors or packet collisions that can be mistaken for intentional packet drops. As a result, the availability of valid multi-hop routes is reduced, and the overall performance deteriorates. This paper proposes and evaluates three detection techniques that improve the ability of selfishness prevention protocols to detect selfish nodes and to increase the number of valid routes.