基于RTI的统计分析方法检测与防御虫洞攻击

移动Ad hoc网是一种新型的无线移动网络,具有无中心、自组织、拓扑结构动态变化以及开放式通信等特性,使得Ad hoc网络易遭受攻击.虫洞攻击是针对Ad hoc路由协议的攻击,对Ad hoc网络造成的威胁最大.提出一种基于RTT(往返时间)的统计分析检测方法,在路由发现过程中,目的节点在返回路由应答(RREP)之前统计...     

移动自组网中一种优化的局部声誉系统

移动自组网节点间的通信由多个节点相互协作来共同完成,节点合作与否是实现通信的关键。在缺少预先约定的信任关系时,合作性的安全机制是解决网络内部恶意节点和自私性节点不合作行为的有效方法。提出了一种优化的局部声誉值合作性方案,该方案只在k跳邻居内交换声誉值,系统开销小,并能充分学习邻居的经验。采用二进制指数后退算法对不合作节点进行处置,能有效激励节点的合作性,提高网络的性能。     

Robustness Analysis and Enhancement of MANETs Using Human Mobility Traces

Understanding network behavior that undergoes challenges is essential to constructing a resilient and survivable network. Due to the mobility and wireless channel properties, it is more difficult to model and analyze mobile ad hoc networks under various challenges. In this paper, we provide a model to assess the vulnerability of mobile ad hoc networks in face of malicious attacks. We analyze comprehensive graph-theoretical properties and network performance of the dynamic networks under attacks against the critical nodes using real-world mobility traces. Motivated by minimum spanning tree and small-world networks, we propose a network enhancement strategy by adding long-range links. We compare the performance of different enhancement strategies by evaluating a list of robustness measures. Our study provides insights into the design and construction of resilient and survivable mobile ad hoc networks.     

Modelling and performance analysis of multi-hop ad hoc networks

Mobile ad hoc networks are becoming very attractive and useful in many kinds of communication and networking applications. Due to the advantage of numerical analysis, analytical modelling formalisms, such as stochastic Petri nets, queuing networks and stochastic process algebra have been widely used for performance analysis of communication systems. To the best of our knowledge, there is no previous analytical study that analyses the performance of multi-hop ad hoc networks, where mobile nodes move according to a random mobility model in terms of the end-to-end delay and throughput. This work presents a novel analytical framework developed using stochastic reward nets for modelling and analysis of multi-hop ad hoc networks, based on the IEEE 802.11 DCF MAC protocol, where mobile nodes move according to the random waypoint mobility model. The proposed framework is used to analyse the performance of multi-hop ad hoc networks as a function of network parameters such as the transmission range, carrier sensing range, interference range, number of nodes, network area size, packet size, and packet generation rate. The proposed framework is organized into several models to break up the complexity of modelling the complete network, and make it easier to analyse each model as required. The framework is based on the idea of decomposition and fixed point iteration of stochastic reward nets. The proposed models are validated using extensive simulations.     

无线有组织网络

无线有组织网络是网络节点间有内在关系的无基础设施的无线网络,其除具有无基础设施无线网络的特征外,网络有中心节点,且节点位置关系相对固定。这种特殊的网络应用于野外救援、军事活动等临时性通信。首先回顾了对讲机系统、无线分组网络和无线自组织网络等无基础设施无线网络的结构和特点,它们都不能包涵无线有组织网络特征。详细定义了无线有组织网的相关模型,分析了无线有组织网络的特点和研究重点。     

基于模糊控制的Ad Hoc网络QoS优先调度算法

无线移动Ad Hoc网络(MANET)作为可移动分布式多跳无线网络,没有预先确定的网络拓扑或网络基础设施以及集中控制.由于移动Ad Hoc网络的动态性和资源的限制,在如此的网络中提供QoS保障是一个挑战性任务.Ad Hoc网络的分组优先级凋度算法将增进网络的性能.提出了一个基于模糊控制的Ad Hoc网络QoS优先调度算法,用于决定Ad Hoc网络中分组的优先级.利用NS2仿真软件对分组的传输率、平均端对端的延迟等做了性能分析,仿真结果表明,该方法高效、可行,可应用于Ad Hoc网络.     

移动自组网的安全路由协议

移动自组网（MANET）是自治的无基础设施的网络,它通过IP路由支持多跳无线通信,它被用于没有基础设施存在的动态变化的场景。多数自组网路由协议利用节点之间固有特性即相邻节点的信赖关系进行协作转发数据包。这种信赖模型使得恶意节点利用插入错误的路由更新、重放过时的路由信息、改变路由更新、或广播不正确的路由信息来瘫痪自组网。针对自组网的缺陷提出了一种认证路由策略来解决这些问题,同时也列举了仿真实验结果。     

无线传感器网络在协同攻击环境中的安全定位研究

在恶意危险的环境中,一些锚节点可能会被攻击者所俘获,然后向网络中发送错误的信息,目的在于阻碍其他节点的准确定位。介绍了无线传感器网络中存在的攻击类型,建立了协同攻击的数学模型,并提出一种能够抵御协同攻击的安全定位算法。仿真结果表明：在受到30%恶意锚节点协同攻击时,即使在攻击强度较大的情况下,该算法依然能对节点进行准确的定位,且平均定位误差不超过2m。     

Safeguarding ad hoc networks with a self-organized membership control system

One of the key challenges for ad hoc networks is providing distributed membership control. This paper introduces a self-organized mechanism to control user access to ad hoc networks without requiring any infrastructure or a central administration entity. Our mechanism authenticates and monitors nodes with a structure that we call controller set, which is robust to the dynamic network membership. We develop analytical models for evaluating the proposal and validate them through simulations. The analysis shows that the proposed scheme is robust even to collusion attacks and provides availability up to 90% better than proposals based on threshold cryptography. The performance improvement arises mostly from the controller sets capability to recover after network partitions and from the identification and exclusion of malicious nodes.     

Network trust management in emergency situations

We study the unique trust management, and more precisely reputation management and revocation of malicious nodes in the context of ad hoc networks used for emergency communications.Unlike in centralized systems, reputation management and revocation in ad hoc networks is non-trivial. This difficulty is due to the fact that the nodes have to collaboratively calculate the reputation value of a particular node and then revoke the node if the reputation value goes below a threshold. A major challenge in this scheme is to prevent a malicious node from discrediting other genuine nodes. The decision to revoke a node has to be communicated to all the nodes of the network. In traditional ad hoc networks the overhead of broadcasting the message throughout the network may be very high. We solve the problem of reputation management and node revocation in ad hoc networks of cell phones by using a threshold cryptography based scheme. Each node of the network would have a set of anonymous referees, which would store the reputation information of the node and issue reputation certificates to the node with timestamps. The misbehavior of a particular cell phone is reported to its anonymous referees, who issue certificates which reflect the positive and negative recommendations.     

一种安全的Ad Hoc网络路由协议SGSR

Ad Hoc网络作为一种无线移动网络,其安全问题,特别是路由协议的安全备受关注。针对现有适合移动Ad Hoc网络的链路状态路由协议GSR无法防范恶意节点伪造、篡改、DoS攻击的现状,本文提出了一种在移动Ad Hoc网络中抵抗单个节点恶意攻击的安全路由协议SGSR,给出了认证协议的形式化证明,并对路由协议进行仿真和性能分析。     

RETENTION: A reactive trust-based mechanism to detect and punish malicious nodes in ad hoc grid environments

In ad hoc grid environments, resources are not always available since nodes can spontaneously connect and disconnect at any time. Thus, these environments demand the correct execution of tasks to guarantee good performance. However, there are malicious users that affect the normal operation of these grids. These users modify tasks results and even cheat security mechanisms. Therefore, to assure high performance in these grid computing scenarios, it is essential to use punishment procedures based on trust models. These solutions have been used in wireless ad hoc networks, but not in the context of ad hoc grid computing. Thus, in this paper, we first present an analysis of mathematical trust models in ad hoc grid scenarios, using different ways to treat detection information passed on by other nodes. Then, we provide a comparison and a performance evaluation of these models using a grid simulator platform. Besides that, we choose the most accurate trust model among the evaluated ones to propose RETENTION: a reactive trust-based mechanism to detect and punish malicious nodes in ad hoc grid environments. Simulation results demonstrate the effectiveness of the proposed approach in detecting and punishing up to 100% of malicious nodes without generating false-positives. The results can be a valuable tool for network designers in planning trust models in ad hoc grid network deployments.     

A collaborative routing protocol against routing disruptions in MANETs

Mobile ad hoc networks (MANETs) are vulnerable to active attacks, such as dropping attacks, replay attacks, collusion attacks, and tampering attacks. Many researches have been proposed to provide security transmission. However, they cannot effectively and efficiently resist colluding attacks. Therefore, we propose a collaborative routing protocol (CRP) to detect and isolate colluding attackers via monitor mechanism. Monitor nodes observe and record the behavior of intermediate nodes. Based on the records of intermediate nodes, source node can distinguish malicious nodes and isolate them. Finally, security analyses and simulation verify that CRP can effectively and efficiently resist black hole attacks, gray hole attacks, modify and fake packet attacks, rushing attacks, and collusion attacks.     

REFRAHN: A Resilience Evaluation Framework for Ad Hoc Routing Protocols

Routing protocols are key elements for ad hoc networks. They are in charge of establishing routes between network nodes efficiently. Despite the interest shown by the scientific community and industry in converting the first specifications of ad hoc routing protocols in functional prototypes, aspects such as the resilience of these protocols remain generally unaddressed in practice. Tackling this issue becomes critical given the increasingly variety of accidental and malicious faults (attacks) that may impact the behaviour exhibited by ad hoc routing protocols. The main objective of this paper is to deepen in the methodological aspects concerning fault injection in routing protocols. As a result, we will design and implement a framework based on the injection of accidental and malicious faults to quantitatively evaluate their impact on routing protocols. This framework, called REFRAHN (Resilience Evaluation FRamework for Ad Hoc routiNg protocols), can be used to (i) reduce the uncertainty about the sources of perturbations in the deployment of ad hoc routing protocols, (ii) design fault-tolerant mechanisms that address and minimise such problems, and (iii) compare and select which is the routing protocol that optimises the performance and robustness of the network.     

移动自组织网络中内部丢包的检测模型

无线移动自组织网络中数据的传输是基于中间节点的合作转发的,但由于内部自私节点为了节省带宽和电量或者网络受到恶意节点的攻击,导致丢包行为发生,网络性能严重降低。基于无线自组织网络常用的路由协议AODV,提出了一种新的针对内部丢包攻击的检测模型。该检测模型引入旁信道概念,旁信道节点和看门狗共同检测并记录节点转发报文行为,采用邻居信息表存放检测结果,当相应节点的记录值达到一定下限时就被隔离出网络。由于旁信道可以发送警报报文,该模型能够同时检测到自私节点或合作攻击节点引起的内部丢包攻击。     

Scalability of routing methods in ad hoc networks

In an ad hoc network each host (node) participates in routing packets. Ad hoc networks based on 802.11 WLAN technology have been the focus of several prior studies. These investigations were mainly based on simulations of scenarios involving up to 100 nodes (usually 50 nodes) and relaxed (too unrealistic) data traffic conditions. Many routing protocols in such setting offer the same performance, and many potential problems stay undetected. At the same time, an ad hoc network may not want (or be able) to limit the number of hosts involved in the network. As more nodes join an ad hoc network or the data traffic grows, the potential for collisions and contention increases, and protocols face the challenging task to route data packets without creating high administrative load. The investigation of protocol behavior in large scenarios exposes many hidden problems. The understanding of these problems helps not only in improving protocol scalability to large scenarios but also in increasing the throughput and other QoS metrics in small ones. This paper studies on the example of AODV and DSR protocols the influence of the network size (up to 550 nodes), nodes mobility, nodes density, suggested data traffic on protocols performance. In this paper we identify and analyze the reasons for poor absolute performance that both protocols demonstrate in the majority of studied scenarios. We also propose and evaluate restructured protocol stack that helps to improve the performance and scalability of any routing protocol in wireless ad hoc networks.     

Risk-based attack strategies for mobile ad hoc networks under probabilistic attack modeling framework

In this paper, we introduce and design a modeling framework that allows for the study and analysis of attack propagation in mobile ad hoc networks. The choice of a statistical approach for the problem is motivated by the dynamic characteristics of the ad hoc topology and the stochastic nature of threat propagation. Based on this probabilistic modeling framework, we study the impact of topology and mobility in the propagation of software threats over ad hoc networks. We design topology control algorithms that indicate how to properly adjust an attacker’s transmission radius, according to the measured topological characteristics and availability of its resources, in the process of infecting a network more effectively. Then based on these topology control algorithms we develop different attack strategies that may range from independent attacks to cooperative scenarios in order to increase the negative impact of an attack on the network. Our performance evaluation results demonstrate that the proposed topology control algorithms and respective attack strategies effectively balance the tradeoffs between the potential network damage and the attackers’ lifetime, and as a result significantly outperform any other flat and threshold-based approaches.     

基于贝叶斯决策的自组网推荐信任度修正模型

在分析了信任评估过程中攻击手段及其相互间关系的基础上,提出了基于贝叶斯决策理论的根据推荐偏差度修正对推荐的信任度方法.使用贝塔分布描述推荐偏差度,依据最小损失原则修正对推荐的信任度,并将具备推荐信任修正机制的信任模型运用在自组网的路由协议中,以便优化路由选择.MATLAB下的仿真结果表明,该方法能够有效抵御一些针对信任管理的威胁并提升信任管理的正确率,进而提高自组网环境下检测恶意节点的效率.     

一种适用于无线自组织网络的安全路由优化算法

大规模无线自组织网络存在的自私节点或者恶意节点引起网络性能的降低,甚至导致网络不能正常工作,在网络层数据包路由过程中避免这些节点,对自私节点或者恶意节点进行隔离能够有效提高网络的安全性。本文提出一种安全感知的无线自组织网络路由优化算法SARO,SARO算法是一种改进的蚁群算法,该算法基于节点信任度统计参数建立安全感知的启发因子方程以及信息素更新方程,使数据包在路由过程中选择安全性较高的路径进行数据的路由转发,可对自私节点和恶意节点进行隔离,从而增强网络安全性,提高网络服务质量。仿真实验结果表明,SARO算法能够明显提高网络吞吐量,降低传输延迟,降低不良侦听率,具有较高的实用价值。     

Impact of queuing discipline on packet delivery latency in ad hoc networks

Delivering live multimedia streaming over ad hoc networks can improve coordination in battlefields, assist in disaster recovery operations, and help prevent vehicular traffic accidents. However, ad hoc networks often experience congestion faster than wired networks, leading to high end-to-end delays and jitter even for moderate traffic. This paper describes a partial remedy that applies to delay sensitive but loss tolerant applications such as live streaming. We find that under relatively high UDP traffic load, the Last-In–First-Out (LIFO) with Frontdrop queuing discipline achieves less than half the delay of the commonly used First-In–First-Out (FIFO) with Taildrop, while maintaining similar jitter. In low traffic situations, FIFO and LIFO have similar delays, but FIFO with Frontdrop has the lowest jitter. The results can be applied to an adaptive queuing mechanism that changes the queuing discipline at nodes function of the locally observed traffic load. The advantage of such an approach is that it does not require new protocols and does not incur any network overhead.