An Adaptive and Predictive Security Model for Mobile Ad hoc Networks

Mobile ad hoc networks are infrastructure-free, pervasive and ubiquitous in nature, without any centralized authority. These unique characteristics coupled with the growing concerns for security attacks demand an immediate solution for securing the ad hoc network, prior to its full-fledged deployment in commercial and military applications. So far, most of the research in mobile ad hoc networks has been primarily focused on routing and mobility aspects rather than securing the ad hoc networks themselves. Due to ever increasing security threats, there is a need to develop schemes, algorithms, and protocols for a secured ad hoc network infrastructure. To realize this objective, we have proposed a practical and effective security model for mobile ad hoc networks. The proposed predictive security model is designed using a fuzzy feedback control approach. The model is based on identifying critical network parameters that are affected by various types of attacks and it continuously monitors those parameters. Once we measure the relative change in these parameter values, we could detect the type of attack accurately and protect the system, without compromising its effectiveness. Experimental results of the model simulated for selected packet mistreatment attacks and routing attacks are very promising.     

移动自组网中基于声誉机制的安全路由协议设计与分析

移动自组网是一种有特殊用途的对等式网络,具有无中心、自组织、可快速展开、可移动等特点,这些特点使得它在战场、救灾等特殊场合的应用日渐受到人们的重视.由于在移动自组网络中每节点既是主机又是路由器,所以容易遭受基于路由信息的攻击,而现今的路由协议基本没有考虑到该问题.本文在分析移动自组网络安全特性的基础上,综述了该方面的研究工作,建立了基于声誉机制评价体系,并给出了具体的评价方法和计算模型.在此基础上,提出了基于声誉机制的安全路由协议S-DSR.仿真结果表明在存在攻击节点的情况下S-DSR协议比DSR协议具有更好的包传输率、包丢失率等属性.     

Detecting forged routing messages in ad hoc networks

The effective tremendous deployment of ad hoc networks is incontestably braked by their unreliability in terms of security and quality of services. In this paper, we focus on security problems and show that despite of efforts made in the ad hoc security field, many security issues still jeopardize correct MANETs routing operation. For such threats, we propose an IDS (Intrusion Detection System) solution for which cryptographic-based solutions are ineffective. Actually, authenticated nodes legitimately present in the network are able to send faked routing messages to compromise the routing and then communication between nodes. To cope with such security attacks, we propose an IDS dedicated to the OLSR protocol and well fitted to its characteristics and operation. In addition, our IDS is implemented on all network’s nodes which act cooperatively by continually analyzing routing messages semantics. When an intrusion is detected, alerts are flooded and intruders are banished from the network. We have finally implemented this IDS and performances evaluation shows the intrusion detection effectiveness.     

Securing ad hoc networks

Ad hoc networks are a new wireless networking paradigm for mobile hosts. Unlike traditional mobile wireless networks, ad hoc networks do not rely on any fixed infrastructure. Instead, hosts rely on each other to keep the network connected. Military tactical and other security-sensitive operations are still the main applications of ad hoc networks, although there is a trend to adopt ad hoc networks for commercial uses due to their unique properties. One main challenge in the design of these networks is their vulnerability to security attacks. In this article, we study the threats on ad hoc network faces and the security goals to be achieved. We identify the new challenges and opportunities posed by this new networking environment and explore new approaches to secure its communication. In particular, we take advantage of the inherent redundancy in ad hoc networks-multiple routes between nodes-to defend routing against denial-of-service attacks. We also use replication and new cryptographic schemes, such as threshold cryptography, to build a highly secure and highly available key management service, which terms the core of our security framework     

An Identity-Free and On-Demand Routing Scheme against Anonymity Threats in Mobile Ad Hoc Networks

Introducing node mobility into the network also introduces new anonymity threats. This important change of the concept of anonymity has recently attracted attentions in mobile wireless security research. This paper presents identity-free routing and on- demand routing as two design principles of anonymous routing in mobile ad hoc networks. We devise ANODR (ANonymous On-Demand Routing) as the needed anonymous routing scheme that is compliant with the design principles. Our security analysis and simulation study verify the effectiveness and efficiency of ANODR.     

Authenticated routing for ad hoc networks

Initial work in ad hoc routing has considered only the problem of providing efficient mechanisms for finding paths in very dynamic networks, without considering security. Because of this, there are a number of attacks that can be used to manipulate the routing in an ad hoc network. In this paper, we describe these threats, specifically showing their effects on ad hoc on-demand distance vector and dynamic source routing. Our protocol, named authenticated routing for ad hoc networks (ARAN), uses public-key cryptographic mechanisms to defeat all identified attacks. We detail how ARAN can secure routing in environments where nodes are authorized to participate but untrusted to cooperate, as well as environments where participants do not need to be authorized to participate. Through both simulation and experimentation with our publicly available implementation, we characterize and evaluate ARAN and show that it is able to effectively and efficiently discover secure routes within an ad hoc network.     

Integrating Heterogeneous Wireless Technologies: A Cellular Aided Mobile Ad Hoc Network (CAMA)

A mobile ad hoc network is a collection of wireless terminals that can be deployed rapidly. Its deficiencies include limited wireless bandwidth efficiency, low throughput, large delays, and weak security. Integrating it with a well-established cellular network can improve communication and security in ad hoc networks, as well as enrich the cellular services. This research proposes a cellular-aided mobile ad hoc network (CAMA) architecture, in which a CAMA agent in the cellular network manages the control information, while the data is delivered through the mobile terminals (MTs). The routing and security information is exchanged between MTs and the agent through cellular radio channels. A position-based routing protocol, the multi-selection greedy positioning routing (MSGPR) protocol, is proposed. At times due to the complicated radio environment, the position information is not precise. Even in these cases, the MT can still find its reachable neighbors (the association) by exchanging hello messages. This association is used in complement with the position information to make more accurate routing decisions. Simulation results show that the delivery ratio in the ad hoc network is greatly improved with very low cellular overhead. The security issues in the proposed architecture and the corresponding solutions are addressed. The experimental study shows that CAMA is much less vulnerable than a pure ad hoc network.     

无人机自组网技术研究

在无人机系统中,编组和协同作战能力对提高无人机作站效能和生存能力具有重要意义。无线自组网是一种特殊结构的无线通信网络,其通信依靠节点之间的相互协作,以无线多跳方式完成,因此网络不依赖于任何固定设施,具有自组织和自管理的特性,这种特殊的组网方式使得无线自组网非常适用于无人机系统。介绍了无线自组网的原理,分析了无线自组网应用于无人机系统主要面临的关键技术:路由技术和安全问题。介绍了无线自组网的发展情况和在无人机领域的研究情况。     

移动ad hoc网络安全综述

移动ad hoc网络是由移动节点自组织形成的网络,由于其动态拓扑、无线通信的特点,容易遭受各种安全威胁.该文介绍了移动ad hoc网络安全研究的最新研究进展.首先从传输信道、移动节点、动态拓扑、安全机制、路由协议几方面,分析了移动ad hoc网络的安全弱点,然后将移动ad hoc网络安全方面的研究分为三个方向:密钥分配与管理、入侵检测、增强合作.对每个方向内一些典型安全方案也进行了分类论述,同时分析了各种方案的优点和缺点,并进行了综合比较.文中阐明了目前协议存在的一些问题并提出了相应的改进方法,最后指出了下一步研究方向.     

Diffusing-CRN k-means: an improved k-means clustering algorithm applied in cognitive radio ad hoc networks

With increasing demand of new wireless applications and increasing number of wireless user’s, problem of spectrum scarcity arises. In this context, cognitive radio supports dynamic spectrum access to address spectrum scarcity problem. Cognitive radio defined the cognitive radio nodes by their ability to intelligently adapt the environment to achieve specific objectives through advanced techniques. The variance of channel availability for cognitive radio nodes degrades connectivity and robustness of this type of network; in this case the use of clustering is an effective approach to meet this challenge. Indeed, the geographical areas are homogeneous in terms of type of radio spectrum, radio resources are better allocated by grouping cognitive radio nodes per cluster. Clustering is interesting to effectively manage the spectrum or routing in cognitive radio ad hoc networks. In this paper, we aim to improve connectivity and cooperativeness of cognitive radio nodes based on the improvement of the k-means algorithm. Our proposed algorithm is applied in cognitive radio ad hoc networks. The obtained results in terms of exchange messages and execution time show the feasibility of our algorithm to form clusters in order to improve connectivity and cooperativeness of cognitive radio nodes in the context of cognitive radio ad hoc networks.     

A shared secret-based algorithm for securing the OLSR routing protocol

The strongest feature of ad hoc networks is its capability to be rapidly deployed anywhere and anytime without relying on a pre-existing infrastructure. From there, ad hoc networks offer the advantages to be auto-organized, ubiquitous, dynamic and completely autonomous. As a counter part, securing them becomes a more difficult task, especially because of the absence of centralized entities in the network. Inevitably, the security problem presents currently a hot topic raising more and more challenges within industrials and researchers, and many interesting securing solutions were meanwhile proposed, omitting however to suit to ad hoc networks characteristics and therefore disadvantaging them. In this paper, we propose a securing scheme for the OLSR routing protocol based on the secret sharing idea. We initially expose the general characteristics and the security problems related to ad hoc routing protocols. We then address the security requirements of ad hoc routing protocols and the security requirements we focus on. Finally, we define our completely and distributed securing algorithm based on threshold cryptography. A primary main conception objective being to suit as much as possible to ad hoc networks characteristics by avoiding as much as possible assumptions contradictory with the auto-organized and dynamic nature of ad hoc networks. Simulation results depict the additional delay due to security enhancements. Results show that this delay stills suitable to OLSR routing specifications.     

Noncooperative Differential Game Based Efficiency-aware Traffic Assignment for Multipath Routing in CRAHN

Comparing to the traditional multihop ad hoc networks, dynamic spectrum environment is the special characteristic of CRAHN (cognitive radio ad hoc networks). Therefore, the cognitive users will show their selfishness on spectrum bandwidth cost in multihop communication. In CRAHN, multipath routing is a reasonable choice when considering efficiency and stability. In order to take further advantage of efficiency of multipath routing, this paper study the efficiency-awareness traffic assignment problem of multipath routing in CRAHN. There are several existing game based traffic assignment schemes for selfish wireless network, however, all of them can not be directly applicable to CRAHN. In addition, none of the existing works studied whether the scheme is efficient. In this paper, a noncooperative differential game is proposed, and the equilibrium of the game is computed and proved to be an efficient traffic assignment for multipath routing in CRAHN. Besides this, we also optimize the total cost of game from the game designer’s point of view, and give a simple example to illustrate the optimization procedure.     

感知无线电ad hoc网络基于干扰的路由

感知无线电技术作为一种新兴技术,通过时间和空间维度上的频谱空洞的利用能很好地提高频谱利用率。感知无线电的路由不同于传统的路由度量,因为次用户从时间和空间上都不能对主用户造成干扰。在感知无线电ad hoc网络环境下,选取了干扰作为路由的度量,并将干扰分为系统内干扰(次用户自身之间的干扰)和系统间干扰(次用户对主用户的干扰)。在已有的ad hoc网络干扰路由协议的基础上对干扰权重做出改进,并提出新的基于系统间路由干扰(对主用户干扰最小化)和基于联合系统内和系统间干扰的路由协议。仿真结果表明,该干扰模型符合感知无线电移动ad hoc网络的特性。     

Refined trust energy-ad hoc on demand distance vector (ReTE-AODV) routing algorithm for secured routing in MANET

The characteristics of MANET such as decentralization, dynamic topology and openness are susceptible for security threats. To overcome the security threats and to provide a reliable network to transmit packets, a need for trust based routing arises. Moreover, the trust along with energy requirement on ad hoc on demand distance vector have paved way for the development of the newly proposed algorithm named as refined trust and energy based ad hoc on demand distance vector algorithm which is the refined form of the existing trust and energy based ad hoc on demand distance vector algorithms and the classical AODV. In this paper, the refinement parameter is the trust. Moreover, Bayesian probability is introduced in this paper for trust management due to its ability to handle uncertainty for obtaining the refined form of Trust calculation. The proposed algorithm routes the packets from the source to destination not through the shortest route but by selecting a reliable route which consumes low energy and trustful for sending the packets. The simulation results obtained from this work show that the proposed algorithm performs better than the existing algorithms in terms of Trust based routing and energy efficiency.     

Providing Fault-Tolerant Ad hoc Routing Service in Adversarial Environments

Most existing designs of ad hoc networks are based on the assumption of non-adversarial environments, where each node in the network is cooperative and well-behaved. When misbehaving nodes exist in the network, the performance of current routing protocols degrades significantly. Since ad hoc networks, consisting of autonomous nodes, are open and distributed in nature, maintaining a fault-free network environment is extremely difficult and expensive. In this paper, we propose a new routing service named best-effort fault-tolerant routing (BFTR). The design goal of BFTR is to provide packet routing service with high delivery ratio and low overhead in presence of misbehaving nodes. Instead of judging whether a path is good or bad, i.e., whether it contains any misbehaving node, BFTR evaluates the routing feasibility of a path by its end-to-end performance (e.g. packet delivery ratio and delay). By continuously observing the routing performance, BFTR dynamically routes packets via the most feasible path. BFTR provides an efficient and uniform solution for a broad range of node misbehaviors with very few security assumptions. The BFTR algorithm is evaluated through both analysis and extensive simulations. The results show that BFTR greatly improves the ad hoc routing performance in the presence of misbehaving nodes.     

Power-aware routing protocols in ad hoc wireless networks

An ad hoc wireless network has no fixed networking infrastructure. It consists of multiple, possibly mobile, nodes that maintain network connectivity through wireless communications. Such a network has practical applications in areas where it may not be economically practical or physically possible to provide a conventional networking infrastructure. The nodes in an ad hoc wireless network are typically powered by batteries with a limited energy supply. One of the most important and challenging issues in ad hoc wireless networks is how to conserve energy, maximizing the lifetime of its nodes and thus of the network itself. Since routing is an essential function in these networks, developing power-aware routing protocols for ad hoc wireless networks has been an intensive research area in recent years. As a result, many power-aware routing protocols have been proposed from a variety of perspectives. This article surveys the current state of power-aware routing protocols in ad hoc wireless networks.     

Ad Hoc网络的安全问题和安全策略

AdHoc网络作为一种无线移动网络正成为网络研究,特别是军事研究的一个热点。由于AdHoc网络的特点,其安全问题和安全策略正受到越来越广播的重视。文中介绍了AdHoc网络的特点,论述了AdHoc网络和路由协议的安全问题,最后讨论并提出了AdHoc网络的一些安全策略。     

移动Ad Hoc网络安全按需路由协议

Ad Hoc网络的安全性问题越来越引起人们的关注,如何确保Ad Hoc网络路由协议的安全成为Ad Hoc研究的一项关键技术。提出一种适用于移动Ad Hoc网络的安全按需源路由协议,利用移动节点之间的会话密钥和基于散列函数的消息鉴别码HMAC一起来验证路由发现和路由应答的有效性。提出的邻居节点维护机制通过把MAC地址和每个节点的ID绑定来防御各种复杂的攻击如虫洞攻击。NS-2仿真表明该协议能有效地探测和阻止针对Ad Hoc网络的大部分攻击。     

移动Ad hoc网络安全路由协议综述

Ad hoc网络的安全性问题越来越引起人们的关注,如何确保Ad hoc网络路由协议的安全成为Ad hoc研究的一项关键技术。本文介绍了安全协议的目标以及针对Ad hoc网络路由协议的恶意攻击,接着详细分析了目前比较典型的几种Ad hoc网络安全路由的研究现状,在对他们进行综合比较的基础上指出了存在的问题。     

Ad hoc网络安全性分析

Ad hoc网络是一种特殊的多跳移动无线网络，具有广泛的应用场合。介绍了Ad hoc网络的脆弱性和安全威胁，然后在探讨Ad hoc网络安全目标的基础上。集中讨论了移动Ad hoc网络的路由安全、密钥管理等关键问题。