Ad Hoc网络中路由协议的安全问题及认证式路由协议

对Ad Hoc网络中两个典型的按需路由协议AODV和DSR可能受到的各种攻击进行分析，然后介绍一种认证式路出协议（ARAN），该协议在路由发现、路由建立和路由维护过程中使用数字证书和数字签名的方式进行路由信息的认证，有效防止可能受到的攻击。最后通过计算机仿真验证认证式路由协议预防攻击的性能。     

DSR路由协议的改进

DSR路由协议是移动Ad Hoc网络常用的按需路由协议之一。由于采用洪泛机制寻找和维护路由表,DSR路由协议能量开销高、分组交付率低。针对此问题,提出局部化路由查询方法,限制路由请求跳数,改进DSR路由协议的路由发现过程,有效地平衡了路由信息存储量、网络拥塞和能量消耗。分析表明,改进的DSR路由协议将路由请求分组控制在一定的网络范围内,减少数据传输时延、降低网络能量开销。仿真结果显示,在选择适当的最大跳数时,改进的DSR路由协议在分组交付率、路由载荷方面均优于传统的DSR路由协议。     

AODV路由协议安全性改进与GloMoSim仿真

AODV(Ad hoc on-demand distance vector)路由协议效率高，控制开销小，操作简单，但本身没有任何安全机制，对安全性攻击尤其是黑洞攻击表现脆弱。针对该问题，文中在详细分析了AODV路由协议的运行原理和数据黑洞攻击问题实质的基础上对AODV协议进行了改进。利用GbMoSim仿真工具对改进的AODV路由协议进行了仿真实验，结果表明，该方案可以有效的解决数据黑洞攻击问题，同时不会过多地增加时延和协议开销。     

GDSR：一种基于车载自组网的分组路由协议

针对DSR路由协议因节点频繁移动,路由发现和路由维护过程频繁发生,导致数据传输的时延增加和丢包率增加的问题.在DSR路由协议基础上,提出一种带有分组的DSR路由协议（GDSR）.该协议通过K-medoids聚类算法合理地选择组头,使得分组路由协议更加适合车载自组网的多变的拓扑结构.仿真结果表明,带有分组的GDSR路由协议能够降低数据传输的端到端的时延和丢包率.     

一种改进无线Mesh网络孤岛效应的路由算法研究

针对无线Mesh网络路由协议自身的缺陷而导致的孤岛效应,分析了其形成原因以及对网络的危害,通过对AODV、DSDV、DSR和TORA等典型路由协议的具体分析,提出动态传输距离算法,整理形成了改进的AODV路由协议,仿真结果表明,改进后的协议能够很好地解决Mesh孤岛效应。     

Ad Hoc网络路由协议比较与性能评价

无线AdHOC网络的应用越来越广泛。由于在移动环境中节点韵频繁移动．使得现有网络的路由协议不能满足用户的需求，为此．有许多的研究机构开始关注无线路由协议及算法，提出了多个无线AdHOC路由解决方案。本文介绍和分析了当前AdHOC网络中的主要路由协议算法，使用网络仿真软件NS2评价AdHoc路由协议中的DSR．AODV，DSDV协议．编写了用于仿真实现的脚本程序，并对仿真结果进行比较和性能评价。本文的仿真是在5个和30个无线节点的网络拓扑结构中进行．对整个传输过程产生的仿真Trace文档处理、分析．得到DSR．AODV，DSDV路由协议的性能比较．由此得出不同协议的适用范围和协议特性。     

恶意路由攻击环境下ARIADNE协议的性能分析

描述了由Hu Y C,Perrig A和Johnson D B等人提出的一种用于移动自组网的安全按需路由协议（ARIADNE）的安全机制与工作原理,简要介绍了ARIADNE在实际环境中所受到的常见的路由攻击类型。利用OPNET软件建立带有不同类型恶意路由攻击的场景,通过仿真实验与DSR进行比较,分析了ARIADNE在各种类型路由攻击下的安全性。结果表明,ARIADNE在应对报文丢弃攻击以及路由篡改攻击时表现出了良好的性能,但是在路由伪造攻击环境下的性能不是很理想。     

一种面向移动Ad Hoc网络DSR协议的改进泛洪算法

在移动自组织网络中,基于移动节点地理位置辅助信息,提出了一种新的泛洪算法——位置辅助泛洪改进算法（ILFA）,ILFA通过节点位置信息重传广播分组并有效控制网络流量。此外,将ILFA应用于经典MANET源路由（dynamic source routing,DSR）协议中,通过限定请求区域和期望区域等限制路由发现的有效范围,进而通过设置提名广播重传邻居列表限定路由请求分组重传范围,有效减小DSR路由寻路分组的传播次数。仿真结果证明,和传统泛洪方案相比,ILFA能够有效减小DSR路由协议的路由开销并提升MANET吞吐量。     

路由认证方案中一次性签名算法的应用

介绍了在链路状态路由协议中的一次性签名算法的应用,然后以距离向量路由协议中的B．R．Smith等的路由认证方案为研究对象,提出了一次性认证算法在距离向量路由协议中的应用方法,分析了其产生的作用。     

AODV路由协议性能的改进研究

路由问题一直是移动Ad Hoc网络（MANET）研究中的难点和重要问题。按需路由协议是当前移动Ad Hoc网络的主流路由协议。丈中通过对AODV和DSR两种典型的按需路由协议的分析与比较，提出了一种利用DSR的路径收集机制来改进和提高AODV路由协议性能的方法。通过NS2仿真实验表明，该方法能有效减少路由请求的数量，从而降低路由的开销，提高分组发送的成功率，减少端对端的延时。     

A time stamp-based algorithm to improve security and performance of mobile ad hoc network

Mobile ad hoc network is open medium and infrastructure-less network. Mobile ad hoc network is susceptible to various security attacks such as, black hole attack, gray hole attack, bad mouthing attack, sybil attack and worm hole attack due to open medium, infrastructure-less features and lack of in-built security. In black hole attack and gray hole attack, attacker falsely sends route reply and dropped data packets received from source node. Due to these attacks, performance of mobile ad hoc network decreases. This paper proposes a time stamp-based algorithm which is an enhanced version of existing IDSNAODV algorithm. Proposed algorithm modifies existing palling process to validate identity of observer nodes using a time stamp-based approach. Based on defined set of rules and recorded activities report, source node decides the nature of target node. The performance of proposed algorithm is evaluated using the network simulator. The proposed algorithm shows improved performance for packet delivery ratio, throughput and routing overhead as compared to existing algorithm.

     

A Performance Evaluation of a Dynamic Source Routing Discovery Optimization Protocol Using GPS System

Ad hoc networks are useful for providing communication support where no fixed infrastructure exists or the deployment of a fixed infrastructure is not economically profitable, and movement of communicating parties is allowed. Therefore, such networks are designed to operate in widely varying environments, from military networks to low-power sensor networks and other embedded systems. Frequent topology changes caused by node mobility make routing in ad hoc wireless networks a challenging problem. In this paper, we propose an optimization technique, which we refer to as GDSR, a reactive protocol that makes use of DSR scheme and the Global Positioning System (GPS). As opposed to the DSR protocol our GDSR scheme consists of propagating the route request messages only to the nodes that are further away from the query source. We discuss the algorithm, its implementation and present an extensive simulation and experimental results to study its performance. We also present a comparative study of GDSR protocol with the existing DSR protocol. Our results clearly indicate that the GDSR protocol outperforms the DSR protocol by significantly decreasing the number of route query packets thereby increasing the efficiency of the network load. Furthermore, we show that a careful GPS screening angle is an important factor in the success of GDSR ad hoc routing protocol.     

认知无线Mesh网络中满足QoS的高吞吐量安全路由协议

提出了一种综合考虑链路安全、链路冲突、链路可靠度与链路可用带宽的路由判据SIEB。SIEB包括链路安全和链路性能2个方面,在SIEB的链路安全权值计算中,为了抵御各种洞攻击,提出了基于两跳邻居反馈的链路信任值计算方法。在此基础上,提出了链路安全权值计算算法LSWC和链路性能权值计算算法LSPC,提出了分布式满足QoS约束的路由协议SIEBP,SIEBP的目标是：构造安全的路由路径,并且最大化网络吞吐量。仿真结果表明,SIEBP能达到预定目标,构造的路径能抵御黑洞、灰洞、虫洞等攻击,并且获得了较高的网络吞吐量。     

Application of ID-based aggregate signature in manets

Aggregate signatures are a useful primitive which allows aggregating many signatures on different messages computed by different users into a single and constant-length signature and adapts to Mobile Ad hoc NETwork (MANETs) very much. Jumin Song, et al. presented an ID-based aggregate signature, applied it to MANETs and proposed a secure routing scheme. In this work, we analyze Jumin Song, et al.’s aggregate signature scheme and find some limitations on its batch verification. In addition, in this work, we apply Craig Gentry, et al.’s ID-based aggregate signature to on-demand routing protocol to present a secure routing scheme. Our scheme not only provides sound authentication and a secure routing protocol in ad hoc networks, but also meets the nature of MANETs.     

A modified algorithm to improve security and performance of AODV protocol against black hole attack

Ad Hoc network is a temporal network which is managed by autonomous nodes which have the ability to communicate with each other without having fixed network infrastructure or any central base station. Due to some reasons such as dynamic changes of the network topology, trusting the nodes to each other, lack of fixed substructure for the analysis of nodes’ behaviours and loss of specific offensive lines, this type of networks is not supportive against malicious nodes’ attacks. One of these attacks is black hole attack. In this attack, the malicious nodes absorb data packets and destroy them. Thus, it is essential to present an algorithm against the black hole attacks. This article suggests a new algorithm which enhances the security of AODV routing protocol to encounter the black hole attacks. This algorithm tries to identify malicious nodes according to nodes’ behaviours in an Ad Hoc network and delete them from routing. The suggested algorithm is simulated by NS2. The simulation results show some improvements in end-to-end delay and packet delivery rate in the suggested algorithm.     

基于ECC和ID签名的WSN广播快速认证方案

广播认证是无线传感器网络(WSN)的一种基本安全服务,针对现有认证方案的计算量大、认证速度慢等问题,提出一种基于椭圆曲线加密(ECC)和身份(ID)签名的WSN广播快速认证方案.对现有EIBAS签名认证方案进行改进,通过节点间的合作,共享中间计算结果来减少邻居节点的计算量,以此提高认证速度,减少能量消耗.同时,提出一种安全机制,通过对多个邻居共享数据的对比来抵御恶意节点的攻击.实验结果表明,该方案相对于传统的椭圆曲线加密算法能够提高约42％的签名认证速度,降低约36％的能耗,大大延长网络生命周期.     

SRDP: Secure route discovery for dynamic source routing in MANETs

Routing is a critical function in multi-hop mobile ad hoc networks (MANETs). A number of MANET-oriented routing protocols have been proposed, of which DSR is widely considered both the simplest and the most effective. At the same time, security in MANETs – especially, routing security – presents a number of new and interesting challenges. Many security techniques geared for MANETs have been developed, among which Ariadne is the flagship protocol for securing DSR.The focus of this work is on securing the route discovery process in DSR. Our goal is to explore a range of suitable cryptographic techniques with varying flavors of security, efficiency and robustness. The Ariadne approach (with TESLA), while very efficient, assumes loose time synchronization among MANET nodes and does not offer non-repudiation. If the former is not possible or the latter is desired, an alternative approach is necessary. To this end, we construct a secure route discovery protocol (SRDP) which allows the source to securely discover an authenticated route to the destination using either aggregated message authentication codes (MACs) or multi-signatures. Several concrete techniques are presented and their efficiency and security are compared and evaluated.     

OANTALG: An Orientation Based Ant Colony Algorithm for Mobile Ad Hoc Networks

Mobile ad hoc (MANET) network is collection of nodes, which establish communication among moving nodes in a decentralized way without the use of any fixed infrastructure. Due to unpredictable network topological changes, routing in MANET is a challenging task as it requires a specialized approach to handle these changes due to the random movement of nodes. The routing protocol designed for MANETs should be able to detect and maintain route(s) between the source and the destination nodes in an efficient manner to handle the above defined issues. In this direction, ant colony algorithm is an important category of meta-heuristics techniques, which can provide an efficient solution to many engineering problems. But most of the existing ant colony algorithms explore the search space without initial directions, which lead to the risk of having local optima. To address this issue, in the present paper, we have been motivated and inspired by our previous work (Kumar et al. in Simul Model Pract Theory 19(9):1933–1945, 2011) in which the orientation factor was not considered, and the ant algorithm was applied for service selection in wireless mesh networks (WMNs). But in the current proposal, we have considered the orientation factor and applied the same in MANETs. Hence keeping this point in view, we propose an orientation based ant algorithm (OANTALG) for Routing in MANETs in which the selection of destination nodes and the exchange of ants (agents) between the source and the destination is based upon the orientation factor. During the movement of ants, the pheromone tables and the data structures are created that record the ants trip time between the nodes through which ants make a move. An efficient algorithm for orientation based routing has also been designed in the proposed scheme. The results obtained show that the proposed algorithm performs better than the other state of art algorithms, which are traditional and other ant based algorithms such as AODV, DSR, and HOPNET with respect to various performance metrics such as number of data packets send, throughput, jitter and path length. Simulation results show that OANTALG can send 1.02, 1.44, 1.61 times more number of data packets than AODV, DSR, and HOPNET, respectively. The throughput in OANTALG is 1.79, 30.69, and 48 % more than AODV, DSR and HOPNET, respectively. Packet drop ratio has also been reduced in the proposed OANTALG algorithm as compared to AODV and DSR. Average Jitter is also reduced by 42, 256 and 26.3 % from AODV, DSR and HOPNET, respectively. Average path length of OANTALG is 1.021 and 1.62 times less than AODV and DSR, respectively.     

Distributed cache updating for the dynamic source routing protocol

On-demand routing protocols use route caches to make routing decisions. Due to mobility, cached routes easily become stale. To address the cache staleness issue, prior work in DSR used heuristics with ad hoc parameters to predict the lifetime of a link or a route. However, heuristics cannot accurately estimate timeouts because topology changes are unpredictable. In this paper, we propose proactively disseminating the broken link information to the nodes that have that link in their caches. We define a new cache structure called a cache table and present a distributed cache update algorithm. Each node maintains in its cache table the information necessary for cache updates. When a link failure is detected, the algorithm notifies all reachable nodes that have cached the link in a distributed manner. The algorithm does not use any ad hoc parameters, thus making route caches fully adaptive to topology changes. We show that the algorithm outperforms DSR with path caches and with Link-MaxLife, an adaptive timeout mechanism for link caches. We conclude that proactive cache updating is key to the adaptation of on-demand routing protocols to mobility.