可信链在Ad Hoc网络的传递

为了进一步提高Ad Hoc网络的安全性,提出一种利用可信平台模块传递信任链的方案。该方案以将信任关系从Ad Hoc网络节点扩展至Ad Hoc网络为设计目标,利用信任模型评估每个节点的信任度,在ARAN安全路由协议的基础上,结合信任度对ARAN安全路由协议进行了改进,选出一条可信度最高的路由,对可信链传递方案进行性能分析。     

Ad Hoc网络中基于信任机制的安全ZRP协议分析

移动Ad Hoc网络是一种无中心、自组织的多跳网络.由于其移动性、不可靠的传递介质、缺少基础设施以及生存环境的恶劣,使得安全性问题成为Ad Hoc网络展开应用的巨大障碍.文中基于ZRP协议提出一种使用信任机制的安全路由协议.该协议在每个节点上加入信任模块,以供选择信任度高的安全路由.通过NS仿真软件对该安全路由协议进行分析,给出了仿真结果.     

一种安全的Ad Hoc网络路由协议SGSR

Ad Hoc网络作为一种无线移动网络,其安全问题,特别是路由协议的安全备受关注。针对现有适合移动Ad Hoc网络的链路状态路由协议GSR无法防范恶意节点伪造、篡改、DoS攻击的现状,本文提出了一种在移动Ad Hoc网络中抵抗单个节点恶意攻击的安全路由协议SGSR,给出了认证协议的形式化证明,并对路由协议进行仿真和性能分析。     

AODV路由协议的安全性改进

针对Ad Hoc网络易遭受黑洞攻击而造成大量丢包现象的安全问题,提出了一种基于非合作博弈理论的安全路由方法。以Ad Hoc网络节点和恶意节点为对象建立双人博弈模型,理论分析证明该模型存在纳什均衡点,即对博弈的双方均存在优势策略。Ad Hoc网络根据自己的优势策略选择路由进行防御和网络传输,恶意节点根据自己的优势策略采取网络攻击行为。分析和仿真结果表明,新方法能有效地选择比较安全的路由,从而减少了恶意节点对Ad Hoc网络进行黑洞攻击造成的影响,降低了路由开销和网络丢包率。     

基于信任保留的移动Ad Hoc网络安全路由协议TPSRP

Ad Hoc网络的移动特性是安全路由中不能忽略的一个重要因素.在一个频繁变化甚至高速移动的网络中,目前大部分安全路由协议难以完成可信通信方的认证,从而无法建立起安全的路由通道.这是由于认证过程是一个连续的消息交互过程,移动特性使得这个连续交互无法保证.文中在链路状态路由协议OLSR的基础上提出了基于信任保留的安全路由协议TPSRP,该协议采用信任保留的方式对节点进行认证,解决高速移动网络中节点认证问题.TPSRP还针对目前信任评估方法缺少有效的自适应性提出了一种新的信任评估手段,使得节点可以通过综合的信任信息,自我辨别并限制内部背叛节点的恶意行为,同时有效地检测与抵抗Ad Hoc网络中的协作攻击,如虫洞攻击等.最后的仿真显示,在网络移动特性增强的情况下,TPSRP的认证性能要优于传统认证协议,并能够有效孤立攻击节点.     

基于信任评估的Ad hoc网络安全路由协议

针对Ad hoc网络的路由安全问题,提出一种基于信任评估的Ad hoc网络安全路由协议,采用改进的信任评估模型,每个节点维护一张信任表,在路由过程中结合信任表并通过路由请求和路由回复,双向判断上一跳和下一跳节点的可信性,并且在路径选择时综合路径信任值和跳数值2个因素,使得信任评估和路由协议紧密地结合.通过NS2仿真实验进行验证,结果表明,该协议可以较好地避开自私节点,保证路由安全,提高路由性能.     

Ad Hoc网络多径节能路由协议的研究与设计

Ad Hoc网络是一种由移动节点组成、拓扑结构动态变化的自组网络。网络是不依赖于建设好的基础组织。在Ad Hoc网络的研究中,一个非常重要的领域是路由问题,因为每个节点间具有主机和路由器的功能,需要适合Ad Hoc在特殊环境下路由协议和路由算法。在拓扑结构变化不大的情况下采取一种将路由能量消耗最小,同时又避免路由频繁经过剩余能量小的节点的多径路由方法,即对现有距离路由协议的改进算法——协同多径节能路由算法。实际证明了协同多径节能路由算法在发包的成功率、网络延时、发送成功的数据包、能量不为零的节点数目等方面都明显优于标准的距离路由协议。因此协同多径节能路由算法对Ad Hoc网络中路由问题的改进是行之有效的。     

移动Ad Hoc网络改进的Aran安全路由协议研究

移动Ad Hoc是没有网络基础设施的网络,具有无线传输、网络动态拓扑和终端自由移动的特点.现有的无线路由协议不能直接运用到Ad Hoc网络中,其中Aran（Authenticated Routing for Ad Hoc Networks）是比较成熟的Ad Hoc 网络安全路由协议,但不能抵抗合谋和重放等攻击.本文对移动Ad Hoc网络各种路由协议进行比较分析,提出改进的Aran安全路由协议,通过OPNET仿真平台进行试验与分析,具备更好的性能和安全性.     

基于QualNet仿真器的Ad Hoc路由协议比较研究

移动自组织网络(Mobile Ad Hoc Networks, MANET)是由一组自治通信节点组成的集合,当前对其路由协议的研究最为集中.用户所关心的是哪一种路由协议才能使Ad Hoc网络应用性能最好.本文基于QualNet这种功能强大的动态网络仿真器比较了AODV、DSR、FSR这3种Ad Hoc网络路由协议的性能,包括不同网络负载情况下的路由协议收敛速度、分组发送成功率、网络吞吐量、端对端延时和抖动等参数指标,为构建运行多媒体通信业务的Ad Hoc网络提供了指导和借鉴.     

基于模糊逻辑的Ad Hoc网络信任模型研究

为了研究Ad Hoc网络中节点间的信任关系，借助于模糊逻辑的知识，提出了一种基于模糊逻辑的Ad Hoc网络信任模型。该信任模型考虑了影响Ad Hoc网络信任的几个因素，并用模糊逻辑的方法来处理它们以得到节点的信任值。由仿真示例可以看出，该模型符合现实中的信任行为。     

移动自组网中基于多约束和协同过滤动态信任机制*

由于具有分布式特性,导致移动自组网容易遭受攻击。为了增强移动自组网的安全性,建立一套适合自组织、无认证中心的节点信任评估模型是非常必要的。因此,提出了一种移动自组网中基于多约束和协同过滤的动态信任机制。其主要思想是在根据节点自身的经历的基础上,采用一个带多约束的信任更新算法来评估直接信任。其中：时间衰减因子保证了信任度随时间进行衰减;奖励因子保证了良好的节点应受到奖励;惩罚因子保证了恶意节点应受到惩罚。另外,采用协同过滤技术来评估推荐信任,以此来阻止不诚实的推荐。通过定量评估分析和模拟仿真,结果表明所提出的方法比Bayesian模型能更精确地计算节点之间的信任度和提高移动自组网的安全性。     

Bayesian cognitive trust model based self-clustering algorithm for MANETs

With the introduction of mobile Ad hoc networks (MANETs), nodes are able to participate in a dynamic network which lacks an underlying infrastructure. Before two nodes agree to interact, they must trust that each will satisfy the security and privacy requirements of the other. In this paper, using the cognition inspired method from the brain informatics (BI), we present a novel approach to improving the search efficiency and scalability of MANETs by clustering nodes based on cognitive trust mechanism. The t...     

Improved encryption protocol for secure communication in trusted MANETs against denial of service attacks

MANET(Mobile Adhoc Networks) possess the open system condition, absence of central server, mobile nodes that make helpless to security assault while conventional security components couldn’t meet MANET security prerequisites in view of restricted correspondence data transfer capacity, calculation power, memory and battery limit in addition to the vitality enabled environment. The trusted MANETs provide a reliable path and efficient communication but the secrecy of the trust values sometimes may be overheard by the masqueraders. Due to the need of the clustered MANETs the exchange of mathematical values remains to be a necessary part. In the proposed security of the trusted MANETs is focused so as to provide rigid and robust networks when additional resources are added. For clustering of the nodes LEACH protocol is suggested in which the CHs and CMs are fixed for the data transfer in the network. The energy is disseminated in the LEACH as to avoid the battery drain and network fatal. Hence to add resistance and to make an authentic network, the encryption and decoding is incorporated as a further supplementary to avoid the denial of service attacks, we have utilized DoS Pliancy Algorithm in which the acknowledgment based flooding attacks is focused. Likewise the encoded messages from the source node in one cluster can be recoded in the transmission stage itself to reproduce the messages. Contrasted with the past works, QoS of our proposed work has been made strides when tested with black hole and sink hole attacks. Simulation results shows that the DoS pliancy scheme works better and efficient when compared to the existing trust based systems.

     

Cryptographic Versus Trust-based Methods for MANET Routing Security

Mobile Ad-hoc Networks (MANETs) allow wireless nodes to form a network without requiring a fixed infrastructure. Early routing protocols for MANETs failed to take security issues into account. Subsequent proposals used strong cryptographic methods to secure the routing information. In the process, however, these protocols created new avenues for denial of service (DoS). Consequently, the trade-off between security strength and DoS vulnerability has emerged as an area requiring further investigation. It is believed that different trust methods can be used to develop protocols at various levels in this trade-off. To gain a handle on this exchange, real world testing that evaluates the cost of existing proposals is necessary. Without this, future protocol design is mere speculation. In this paper, we give the first comparison of SAODV and TAODV, two MANET routing protocols, which address routing security through cryptographic and trust-based means respectively. We provide performance comparisons on actual resource-limited hardware. Finally, we discuss design decisions for future routing protocols.     

Reliable and fully distributed trust model for mobile ad hoc networks

A mobile ad hoc network (MANET) is a wireless communication network which does not rely on a pre-existing infrastructure or any centralized management. Securing the exchanges in MANETs is compulsory to guarantee a widespread development of services for this kind of networks. The deployment of any security policy requires the definition of a trust model that defines who trusts who and how. Our work aims to provide a fully distributed trust model for mobile ad hoc networks. In this paper, we propose a fully distributed public key certificate management system based on trust graphs and threshold cryptography. It permits users to issue public key certificates, and to perform authentication via certificates' chains without any centralized management or trusted authorities. Moreover, thanks to the use of threshold cryptography; our system resists against false public keys certification. We perform an overall evaluation of our proposed approach through simulations. The results indicate out performance of our approach while providing effective security.     

基于时空动态性的MANETs入侵防御模型

移动自组网(Mobile Ad Hoc Networks,MANETs)的固有特性(如有限资源、动态拓扑等)使其比有线网络更易遭受各种安全威胁。现有的MANETs安全技术不能有效适应这些特性,尤其是不能在网络性能和网络安全之间保持平衡。在MANETs时空动态性及其识别的基础上,构建了安全威胁和入侵防御收益与代价的量化评估指标体系,提出了一种系统化的MANETs入侵防御系统模型(IDMSLP),并实现基于网络安全和性能平衡的防御策略生成与防御性能优化方法。通过比较分析,IDMSLP可有效地克服已有MANETs安全技术存在的缺陷,可适于MANETs应用。     

Towards reliable self-clustering Mobile Ad Hoc Networks

With the introduction of Mobile Ad Hoc Networks (MANETs), nodes are able to participate in a dynamic network which lacks an underlying infrastructure. In this paper, we present a novel approach to improve the search efficiency and scalability of MANETs by clustering nodes based on trust mechanism. In our method, the trust relationship is formed by evaluating the level of trust using Bayesian statistic analysis, and clusters can be formed and maintained autonomously by nodes with only partial knowledge. Simulation results show that each node can form and join proper clusters based on their trust degree, and the cluster-based search algorithm with trust mechanism outperforms over those in current popular clustering models.     

一种新型MANET自组织密钥管理方案

基于信任网模型设计的密钥管理方案不需要任何特殊的控制机构或可信机构,较适应MANET的需求。已有成果中,节点需要维护证书库,通过在合并的证书库中搜索证书链完成认证。这种方法在较大规模的网络中效率较低,并有严重的安全问题。本文提出了一种新的自组织公钥管理方案HPWKM,它使用全新的设计思想:对大规模MANET划分安全域,设计域内证书预签发机制和确定性证书链路径算法,提高方案扩展能力和认证成功率。HPWKM继承信任网模型的自组织特点,不需要节点维护证书库,相比其它同类方案,具有更低的运行开销和更高的安全性。     

A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks

Mobile ad-hoc networks (MANETs) and wireless sensor networks (WSNs) have gained remarkable appreciation and technological development over the last few years. Despite ease of deployment, tremendous applications and significant advantages, security has always been a challenging issue due to the nature of environments in which nodes operate. Nodes’ physical capture, malicious or selfish behavior cannot be detected by traditional security schemes. Trust and reputation based approaches have gained global recognition in providing additional means of security for decision making in sensor and ad-hoc networks. This paper provides an extensive literature review of trust and reputation based models both in sensor and ad-hoc networks. Based on the mechanism of trust establishment, we categorize the stateof-the-art into two groups namely node-centric trust models and system-centric trust models. Based on trust evidence, initialization, computation, propagation and weight assignments, we evaluate the efficacy of the existing schemes. Finally, we conclude our discussion with identification of some unresolved issues in pursuit of trust and reputation management.