一种高效的随机混淆匿名算法*

现有的混淆算法都无法适应高速网络的匿名需求,为此提出了一种随机数混淆(RM)算法。RM算法在网络低流量下采用时延转发方式,在高流量时采用随机数转发方式。这样既保证了匿名系统的匿名性,同时又解决了SGM算法中的溢出问题。对RM算法的安全性和效率进行了分析,仿真结果与理论分析相一致,表明RM算法在开放式高速网络下有较好的自适应性和实用价值。     

基于移动代理的分布式Ad Hoc网络管理

Ad Hoc网络作为一种利动态的无线移动网络,相对常规网络而言,其网络管理有它自身的特点和要求。该文介绍了Ad Hoc网络和移动代理的基本概念,在对Ad Hoc网络管理的特点和衙求分析基础上,提出了一种基于移动代理的分布式Ad Hoc网络管理体系结构,并提出了一种簇算法。     

对无线Mesh网络区域路由算法实现探讨

当今关于Ad Hoc网络中的路由协议在无线Mesh网络中受到了广泛的使用,将其应用与无线Mesh网络环境中,由于Ad Hoc与无线Mesh的区别,这种直接的应用不可避免的会出现许多的问题,该文深入分析了将常规路由协议用于无线MESH网络时出现的诸多问题,从而对无线Mesh网络区域路由算法实现提出了相应的解决方法。     

一种基于蚂蚁算法的Ad Hoc路由算法

Ad Hoc网络已成为当前网络发展的热点,本文提出了一种基于蚂蚁算法的Ad Hoc网络路由算法.本算法保持了蚂蚁算法的本身所具有的优点,并在反馈和启发信息中都考虑到Ad Hoc网络的带宽受限和电源剩余量不足的特点:基于带宽的考虑和跳数限制的设置提供了较好的QoS保证.     

无线Ad Hoc网络技术在高校教学的应用

现代高等学校利用计算机网络进行辅助教学活动中,主要是以有线网络和固定基础设施支持的无线网络为主的组网方式,其大大限制了节点的数量和节点自由移动性。根据无线Ad Hoc网络特点,尝试将无线Ad Hoc网络技术运用在高校教学活动中,不仅可以解决上述制约性问题,而且仿真实验证明Ad Hoc网络具有较好的通信性能。     

Ad Hoc网络带宽分配机制研究

介绍Ad Hoc网络带宽分配机制。根据Ad Hoc网络的特性及其带宽资源分配目标,对带宽分配机制的定义和约束限制进行描述和分析,从公平、效率和兼顾公平和效率3个方面对现有的Ad Hoc网络带宽分配机制进行分类和对比分析,指出各自存在的优缺点,提出解决主要问题的思路。     

分级的Ad Hoc网络入侵检测系统改进

随着无线网络的快速发展和移动计算应用的快速增加,移动无线网络安全问题愈加突出.入侵检测作为保证网络安全的一种有效手段已经从保护固定有线网络扩展到移动无线网络.作为无线移动网络众多实现方式之一的移动Ad Hoc网络分为平面和分级两种结构.由于其与有线网络存在很大差别,现有针对有线网络开发的入侵检测系统很难适用于移动Ad Hoc网络.本文在描述入侵检测相关技术的基础上改进了分级的AdHoc网络入侵检测系统体系结构,并给出了该系统的分簇算法,使之更好地应用于分级的Ad Hoc网络.     

无线Ad Hoc网络的安全性研究

AdHoc网络是一种多跳移动无线网络。分析了Ad Hoc网络安全性问题,探讨了Ad Hoc网络安全策略,提出了一种自组织网络层安全方案。提出了按无线Ad Hoc网络的安全需求进行分级,然后分别实现的解决策略。     

基于FCCN层次结构的Ad H0c网络

Ad Hoc网络是一种新型的自组织网络,它不需要预设网络设施而是通过网络节点自身的路由转发功能就能快速、自动地建立.论文提出了基于FCCN虚拟拓扑结构的层次Ad Hoc网络,结合现有的分层式结构分析了其特点并与之做了比较,最后通过仿真分析了其性能.     

Ad Hoc网络认证模型研究

Ad Hoc网络是由一组无线,移动的节点组成的一个临时性网络,不依赖于现有的基础设施或集中式管理.在军事及其它领域都有广泛的应用前景.认证作为Ad Hoc网络安全机制的一部分,扮演着极为重要的角色.研究了Ad Hoc网络的特点及面临的安全问题,根据采用的密码体制,对Ad Hoc网络中的认证模型进行了分类,详细介绍了Ad Hoc网络中具有代表性的一些认证模型思想,并分析比较了它们的优缺点及适用性.最后对Ad Hoc网络认证模型的难点及发展趋势进行了总结.     

FBSS:一种基于公平盲签名和秘密共享的车载网隐私保护方案*

车载自组织网络是移动自组网络及无线传感器网络在交通领域的一种应用,由车辆节点,路侧单元,服务提供商等构成的一种新型移动自组织网络。车载自组网络利用无线信道进行数据传输,由于车载自组织网络本身的开放性和传输信息的敏感性,不可避免的面临信息的泄漏和攻击。如何保证车载自组织网络中的身份隐私和可信通信是亟待解决的关键问题。现有的工作通常采用认证机制,但在车辆认证的过程中不可避免地泄漏了用户的隐私,随后提出的匿名认证方案解决了隐私保护问题却忽略了匿名滥用的情况。针对上述问题,本文提出一种基于公平盲签名和秘密共享的匿名认证方案-FBSS。通过安全性分析和实验,该方案具有较高的匿名性和较高的效率。     

M2ASR——新型多径匿名源路由协议*

针对无线Ad hoc网络通信的安全与效率问题,提出一个高效并有较好匿名能力的多径匿名源路由协议M2ASR。在DSR协议的基础上,使用标签机制,对源路由的工作过程进行了修改,实现了能够应用于大规模无线网络的多径匿名路由;并在协议中首次使用IDA算法,利用Ad hoc网络的节点转发和协议本身提供的多径性质,提高了无线Ad hoc的通信效率;从理论和仿真角度对M2ASR协议的匿名性和使用IDA算法之后所带来的效率进行了分析和总结。     

An anonymous distributed routing protocol in mobile ad-hoc networks

This paper proposes an efficient anonymous routing protocol for mobile ad hoc networks (MANETs). This protocol considers symmetric and asymmetric links during the wireless communication of MANETs. A MANET is one type of self-organized wireless network that can be formed by several wireless devices such as laptops, tablet PCs, and smartphones. Different wireless transmission ranges of different mobile devices lead to a special communication condition called an asymmetric link. Most research on this topic focuses on providing security and anonymity for the symmetric link without considering the asymmetric link. This paper proposes a novel distributed routing protocol beyond the symmetric and asymmetric links. This protocol guarantees the security, anonymity, and high reliability of an established route by avoiding unreliable intermediate nodes. The routes generated by the proposed protocol are shorter than previous research. The proposed protocol enhances MANET performance in assuring security and anonymity.     

A lightweight anonymous routing protocol without public key en/decryptions for wireless ad hoc networks

More attention should be paid to anonymous routing protocols in secure wireless ad hoc networks. However, as far as we know, only a few papers on secure routing protocols have addressed both issues of anonymity and efficiency. Most recent protocols adopted public key Infrastructure (PKI) solutions to ensure the anonymity and security of route constructing mechanisms. Since PKI solution requires huge and expensive infrastructure with complex computations and the resource constraints of small ad hoc devices; a two-layer authentication protocol with anonymous routing (TAPAR) is proposed in this paper. TAPAR does not adopt public key computations to provide secure and anonymous communications between source and destination nodes over wireless ad hoc networks. Moreover, TAPAR accomplishes mutual authentication, session key agreement, and forward secrecy among communicating nodes; along with integration of non-PKI techniques into the routing protocol allowing the source node to anonymously interact with the destination node through a number of intermediate nodes. Without adopting PKI en/decryptions, our proposed TAPAR can be efficiently implemented on small ad hoc devices while at least reducing the computational overhead of participating nodes in TAPAR by 21.75%. Our protocol is certainly favorable when compared with other related protocols.     

Mutual Anonymity for Mobile P2P Systems

Mobile peer-to-peer networks (MOPNETs) have become popular applications due to their ease of communication and resource sharing patterns in unfixed network infrastructures. As privacy and security are coming under increasing attention, many mobile and ad hoc network protocols attempt to provide mutual anonymity for users. Most existing anonymous designs, however, are path based, where the anonymous communications are achieved via a predetermined path. Such a design suffers from unreliable delivery and high processing overheads and is not practical. We propose a scalable secret-sharing-based mutual anonymity protocol, termed PUZZLE, which enables anonymous query issuance and file delivery for MOPNETs in ad hoc environments by employing Shamir's secret sharing scheme. We present the design of PUZZLE, analyze its degree of security and anonymity, and evaluate its performance by comprehensive trace-driven simulations. Experimental results show that compared with previous designs, PUZZLE achieves mutual anonymous communications with a lower cryptography processing overhead and higher degree of anonymity.     

A collaborative protocol for anonymous reporting in vehicular ad hoc networks

Vehicular ad hoc networks (VANETs) have emerged to leverage the power of modern communication technologies, applied to both vehicles and infrastructure. Allowing drivers to report traffic accidents and violations through the VANET may lead to substantial improvements in road safety. However, being able to do so anonymously in order to avoid personal and professional repercussions will undoubtedly translate into user acceptance. The main goal of this work is to propose a new collaborative protocol for enforcing anonymity in multi-hop VANETs, closely inspired by the well-known Crowds protocol. In a nutshell, our anonymous-reporting protocol depends on a forwarding probability that determines whether the next forwarding step in message routing is random, for better anonymity, or in accordance with the routing protocol on which our approach builds, for better quality of service (QoS). Different from Crowds, our protocol is specifically conceived for multi-hop lossy wireless networks. Simulations for residential and downtown areas support and quantify the usefulness of our collaborative strategy for better anonymity, when users are willing to pay an eminently reasonable price in QoS.     

一种基于IPSec的宽带无线IP网络匿名方案与实现

宽带无线IP(BroadbandWirelessIP,BWIP)是结合无线通信和Internet的新技术,其安全性研究已成为全球关注的焦点,目前提出的许多安全解决方案对用户匿名性考虑较少。文中结合IPSec的ESP和AH协议,利用MobileIP中FA与HA的代理功能,提出一种基于IPSec的BWIP网络匿名方案,该方案可以提供双向、实时的宽带无线Internet匿名通信,可以有效地阻止宽带无线Internet中流量分析攻击。文中先给出匿名方案的实现原理和匿名通道建立协议,然后给出实现本匿名方案的数据封装格式。分析表明,该匿名方案在支持IPSec的IP路由器和IP网关上容易实现,可以作为BWIP网络匿名基础设施。     

安全高效的异构无线网络可控匿名漫游认证协议

分析传统的匿名漫游认证协议,指出其匿名不可控和通信时延较大的不足.针对上述不足,提出异构无线网络可控匿名漫游认证协议,远程网络认证服务器通过1轮消息交互即可完成对移动终端的身份合法性验证,当移动终端发生恶意操作时,家乡网络认证服务器可协助远程网络认证服务器撤销移动终端的身份匿名性.该协议在实现匿名认证的同时,还具有恶意匿名的可控性,有效防止了恶意行为的发生,且其通信时延较小.安全性证明表明,该协议在CK安全模型中是可证安全的.相对于传统漫游机制而言,该协议更适合于异构无线网络.     

车载自组网中基于无证书的密钥隔离批量消息认证方案

针对车载自组网(VANET)中匿名认证存在的安全性问题,提出了一种高效的车载自组网的匿名认证方案。该方案将无证书密码体制和密钥隔离技术结合应用在车载自组网的环境中,通过更新协助器RSU与车辆用户OBUi的密钥,使得某时间段的临时私钥的泄漏不会影响到前向和后向的安全性,并在随机预言模型下证明了该方案的安全性。最后,性能分析结果表明,该方案不仅提高了消息签名匿名认证的效率,而且降低了整个系统运算的开销,具有较好的理论意义与实用价值。