增强Ad-hoc网络可生存性的健壮多维信任模型

针对目前攻击者可以结合多种攻击手段对ad hoc网络进行复合攻击的现状,提出了一种健壮的多维信任模型(RMTM)以增强ad hoc网络的可生存性.RMTM基于D-S证据理论,将节点的攻击证据分成多个维度,每个维度的信任根据基本信度分配函数计算,并通过多维信任融合实现对节点的综合评价.同时,为了应对攻击者对信任模型本身进行攻击,设计了相应容忍算法以提高RMTM的健壮性.仿真实验验证了RMTM可在较低系统开销内有效防御ad hoc网络复合攻击和信任模型攻击,进而大幅度地增强了ad hoc网络可生存性.     

蜂窝ad hoc网络概述

一、ad hoc网络与蜂窝网络的结合 在移动无线通信网络原有的网络构架技术中通常包括蜂窝移动通信网络和无线局域网,蜂窝移动通信网络移动终端接入固定网络是基于基站的中心接人方式,而无线局域网则要通过接入点（AP）完成终端接入固定网络,这两种网络都是单跳网络。ad hoc技术所标称的是一种有别于中心接人和单跳的特征,强调多跳和无中心接入,移动终端不仅具有主机的功能,还具有路由器的功能,使得无线移动ad hoc网络被认为是下一代移动通信系统解决方案中最有希望被采用的末端网络。     

无线ad hoc网络多性能指标基本性能边界

在无线ad hoc网络中,基本性能边界对路由算法和资源分配协议的分析和评价具有重要的意义。对无线ad hoc网络多性能指标基本性能边界进行了研究,包括理论上最优的性能边界和实际可以得到的性能边界。提出了一种稳定状态(steady state)下的网络基本性能指标分析模型。该模型考虑了无线网络广播特性和无线信道干扰,可同时分析多个性能指标,包括：吞吐量、端到端延迟和能量消耗。基于该模型,针对ad hoc网络中最常见的多流—单/双中继拓扑分析基本性能指标,求解多目标优化问题得到基本性能边界。仿真结果验证了模型的准确性,均方根误差小于10-3量级。     

一种集成ad hoc与蜂窝的4G新型网格（IACG）

在第四代移动通信系统( 4G)中,采用ad hoc网络为核心技术,以满足2 0 1 0年后市场对大容量、高带宽、无缝漫游的需求,是近一两年来全球业界提出的一种崭新的技术思路和发展方向。本文根据4G工程原则和ad hoc网络框架,构建了一种新型的集成ad hoc与蜂窝网格( Integrated Cellular and Ad hoc Grid,IACG)。在此基础上,研究提出了其容量提高方案、移动预测模型、网络动态变化中的容错设计、基于代理的可靠路由协议以及低功耗无线多层优化协议,解决了当前ad hoc网络如何在移动通信领域走向实用化的关键技术     

无线ad hoc网络中多路径负载平衡性能分析

提出了一种新颖的分析模型来计算无线ad hoc网络中多路径情况下的负载。该模型考虑到多路径的数目、路由的选取方法以及网络中节点的密度等条件，能够对不同网络条件下的负载进行较好的分析与理论计算。仿真结果与理论计算有良好的一致性，结果表明在无线ad hoc网络中简单地使用多路径路由并不能有效地平衡网络负载。这一结论与目前普遍认定的结论（在无线ad hoc网络中使用多路径路由和在有线网络中使用多路径路由一样，可以很好地平衡网络负载、增加网络的吞吐量）是不一致的。     

基于朋友机制的移动ad hoc网络路由入侵检测模型研究

从如何有效检测移动ad hoc网络路由入侵行为、如何准确地响应并将恶意路由节点移除网络,提供可信路由环境的角度进行分析,提出了一种基于朋友机制的轻量级移动ad hoc网络入侵检测模型,并以典型的黑洞攻击为例,通过OPNET网络建模仿真及实验分析,验证了该模型的可行性和有效性。     

ad hoc网络中跨层设计方法的研究

ad hoc网络与传统有线和无线蜂窝网络有着显著的区别,基于传统的分层协议栈的设计方法不再适合ad hoc网络,而应采用一种新型的跨层协议栈和跨层设计方法.本文首先阐述了ad hoc网络的特点和传统的分层协议栈的弊端,介绍了跨层设计的概念.然后,详细分析了ad hoc网络中跨层设计的方法,包括策略、体系结构和信令交互方式,探讨了跨层设计的相关技术和面临的挑战.最后,总结了全文并指出了今后的工作方向.     

MANET路由选择协议性能分析

Ad hoc网是由一组无线移动节点在没有任何现存网络基础设施或集中管理的情况下建立的暂时的无线移动网络。由于网络节点的自组织性、多跳性和高速移动使得网络拓扑经常变化,导致路由开销增大。首先讨论了Ah hoc网络中路由选择协议的分类策略。介绍了几种典型的Ad hoc路由选择协议。通过ns2仿真工具,分析比较了DSDV、AODV和TORA等3种典型的ad hoc路由选择协议在不同环境下的性能,并给出了结论。     

无线Ad hoc网络的安全体系

在敌对环境下,Ad hoc网络易受攻击,尤其来自网络内部的攻击更具威胁性。针对这种情况,本文介绍了一种无线Ad hoc网络安全体系模型,并着重介绍了利用不完全信任管理机制来防止网络内部的攻击。     

面向无线ad hoc网络的一种平面t-支撑图

拓扑控制算法的目标是为无线ad hoc网络确定合适的底层拓扑。在无线ad hoc网络中，几何路由协议是一类重要的路由协议，为了保证消息转发的可达性和限制路由长度，它要求底层拓扑满足连通性、平面性和稀疏性，并且是原拓扑的t-支撑图。本文提出了一种新的几何结构AUDel图，并提出了两种低通信开销的构造AUDel图的局部拓扑控制算法。理论分析表明，AUDel图满足上述要求，我们提出的拓扑控制算法的通信歼销小于其它构造平面t-支撑图的拓扑控制算法。模拟实验验证了以上结论。     

Impact of Denial of Service Attacks on Ad Hoc Networks

Significant progress has been made towards making ad hoc networks secure and DoS resilient. However, little attention has been focused on quantifying DoS resilience: Do ad hoc networks have sufficiently redundant paths and counter-DoS mechanisms to make DoS attacks largely ineffective? Or are there attack and system factors that can lead to devastating effects? In this paper, we design and study DoS attacks in order to assess the damage that difficult-to-detect attackers can cause. The first attack we study, called the JellyFish attack, is targeted against closed-loop flows such as TCP; although protocol compliant, it has devastating effects. The second is the Black Hole attack, which has effects similar to the JellyFish, but on open-loop flows. We quantify via simulations and analytical modeling the scalability of DoS attacks as a function of key performance parameters such as mobility, system size, node density, and counter-DoS strategy. One perhaps surprising result is that such DoS attacks can increase the capacity of ad hoc networks, as they starve multi-hop flows and only allow one-hop communication, a capacity-maximizing, yet clearly undesirable situation.      

On-Demand Multicast Routing Protocol in Multihop Wireless Mobile Networks

An ad hoc network is a dynamically reconfigurable wireless network with no fixed infrastructure or central administration. Each host is mobile and must act as a router. Routing and multicasting protocols in ad hoc networks are faced with the challenge of delivering data to destinations through multihop routes in the presence of node movements and topology changes. This paper presents the On-Demand Multicast Routing Protocol (ODMRP) for wireless mobile ad hoc networks. ODMRP is a mesh-based, rather than a conventional tree-based, multicast scheme and uses a forwarding group concept; only a subset of nodes forwards the multicast packets via scoped flooding. It applies on-demand procedures to dynamically build routes and maintain multicast group membership. ODMRP is well suited for ad hoc wireless networks with mobile hosts where bandwidth is limited, topology changes frequently, and power is constrained. We evaluate ODMRP performance with other multicast protocols proposed for ad hoc networks via extensive and detailed simulation.     

HEAP: A packet authentication scheme for mobile ad hoc networks

In mobile ad hoc networks (MANETs) and wireless sensor networks (WSNs), it is easy to launch various sophisticated attacks such as wormhole, man-in-the-middle and denial of service (DoS), or to impersonate another node. To combat such attacks from outsider nodes, we study packet authentication in wireless networks and propose a hop-by-hop, efficient authentication protocol, called HEAP. HEAP authenticates packets at every hop by using a modified HMAC-based algorithm along with two keys and drops any packets that originate from outsiders. HEAP can be used with multicast, unicast or broadcast applications. We ran several simulations to compare HEAP with existing authentication schemes, such as TESLA, LHAP and Lu and Pooch’s algorithm. We measured metrics such as latency, throughput, packet delivery ratio, CPU and memory utilization and show that HEAP performs very well compared to other schemes while guarding against outsider attacks.     

Multicasting with Localized Control in Wireless Ad Hoc Networks

This paper investigates how to support multicasting in wireless ad hoc networks without throttling the dominant unicast flows. Unicast flows are usually congestion-controlled with protocols like TCP. However, there are no such protocols for multicast flows in wireless ad hoc networks and multicast flows can therefore cause severe congestion and throttle TCP-like flows in these environments. Based on a cross-layer approach, this paper proposes a completely-localized scheme to prevent multicast flows from causing severe congestion and the associated deleterious effects on other flows in wireless ad hoc networks. The proposed scheme combines the layered multicast concept with the routing-based congestion avoidance idea to reduce the aggregated rate of multicast flows when they use excessive bandwidth on a wireless link. Our analysis and extensive simulations show that the fully-localized scheme proposed in this paper is effective in ensuring the fairness of bandwidth sharing between multicast and unicast flows in wireless ad hoc networks.     

Analysis of area-congestion-based DDoS attacks in ad hoc networks

Increased instances of distributed denial of service (DDoS) attacks on the Internet have raised questions on whether and how ad hoc networks are vulnerable to such attacks. This paper studies the special properties of such attacks in ad hoc networks. We examine two types of area-congestion-based DDoS attacks – remote and local attacks – and present in-depth analysis on various factors and attack constraints that an attacker may use and face. We find that (1) there are two types of congestion – self congestion and cross congestion – that need to be carefully monitored; (2) the normal traffic itself causes significant packet loss in addition to the attack impacts in both remote and local attacks; (3) the number of flooding nodes has major impacts on remote attacks while, the load of normal traffic and the position of flooding nodes are critical to local attacks; and (4) given the same number of flooding nodes and attack loads, a remote DDoS attack can cause more damage to the network than a local DDoS attack.     

The design, implementation, and performance evaluation of theon-demand multicast routing protocol in multihop wireless networks

Multicasting has emerged as one of the most focused areas in the field of networking. As the technology and popularity of the Internet grow, applications such as video conferencing that require the multicast feature are becoming more widespread. Another interesting development has been the emergence of dynamically reconfigurable wireless ad hoc networks to interconnect mobile users for applications ranging from disaster recovery to distributed collaborative computing. In this article we describe the on-demand multicast routing protocol for mobile ad hoc networks. ODMRP is a mesh-based, rather than conventional tree-based, multicast scheme and uses a forwarding group concept (only a subset of nodes forwards the multicast packets packets via scoped flooding). It applies on-demand procedures to dynamically build routes and maintain multicast group membership. We also describe our implementation of the protocol in a real laptop testbed     

Flooding for Reliable Multicast in Multi-Hop Ad Hoc Networks

Ad hoc networks are gaining popularity as a result of advances in smaller, more versatile and powerful mobile computing devices. The distinguishing feature of these networks is the universal mobility of all hosts. This requires re-engineering of basic network services including reliable multicast communication. This paper considers the special case of highly mobile fast-moving ad hoc networks and argues that, for such networks, traditional multicast approaches are not appropriate. Flooding is suggested as a possible alternative for reliable multicast and simulation results are used to illustrate its effects. The experimental results also demonstrate a rather interesting outcome that even flooding is insufficient for reliable multicast in ad hoc networks when mobility is very high. Some alternative, more persistent variations of flooding are sketched out.     

Intelligent Internal Stealthy Attack and its Countermeasure for Multicast Routing Protocol in MANET

Multicast communication of mobile ad hoc networks is vulnerable to internal attacks due to its routing structure and high scalability of its participants. Though existing intrusion detection systems (IDSs) act smartly to defend against attack strategies, adversaries also accordingly update their attacking plans intelligently so as to intervene in successful defending schemes. In our work, we present a novel indirect internal stealthy attack on a tree‐based multicast routing protocol. Such an indirect stealthy attack intelligently makes neighbor nodes drop their routing‐layer unicast control packets instead of processing or forwarding them. The adversary targets the collision avoidance mechanism of the Medium Access Control (MAC) protocol to indirectly affect the routing layer process. Simulation results show the success of this attacking strategy over the existing “stealthy attack in wireless ad hoc networks: detection and countermeasure (SADEC)” detection system. We design a cross‐layer automata‐based stealthy attack on multicast routing protocols (SAMRP) attacker detection system to identify and isolate the proposed attacker. NS‐2 simulation and analytical results show the efficient performance, against an indirect internal stealthy attack, of SAMRP over the existing SADEC and BLM attacker detection systems.     

A study of different types of attacks on multicast in mobile ad hoc networks

We present a simulation-based study of the impacts of different types of attacks on mesh-based multicast in mobile ad hoc networks (MANETs). We consider the most common types of attacks, namely rushing attack, blackhole attack, neighbor attack and jellyfish attack. Specifically, we study how the number of attackers and their positions affect the performance metrics of a multicast session such as packet delivery ratio, throughput, end-to-end delay, and delay jitter. We also examine rushing attackers’ success rates of invading into the routing mesh when the number of attackers and their positions vary. The results enable us to suggest measures to minimize the impacts of the above types of attacks on multicast in MANETs.     

Maximizing multicast lifetime in unreliable wireless ad hoc network

Multicast is an efficient method for transmitting the same packets to a group of destinations. In energy-constrained wireless ad hoc networks where nodes are powered by batteries, one of the challenging issues is how to prolong the multicast lifetime. Most of existing work mainly focuses on multicast lifetime maximization problem in wireless packet loss-free networks. However, this may not be the case in reality. In this paper, we are concerned with the multicast lifetime maximization problem in unreliable wireless ad hoc networks. To solve this problem, we first define the multicast lifetime as the number of packets transmitted along the multicast tree successfully. Then we develop a novel lifetime maximization genetic algorithm to construct the multicast tree consisting of high reliability links subject to the source and destination nodes. Simulation results demonstrate the efficiency and effectiveness of the proposed algorithm.