| The history of ad hoc networks can be traced back to 1972 and the DARPA-sponsored Packet Radio Network (PRNET) which goal was to provide packet switched networking to mobile battlefield elements in an infrastructureless, hostile environment. The ad hoc networks have been developping dramatically driven by the wireless technology. Recently, ad hoc networks is regarded as the most likely adopted networks which can meet the need for the rapid deployment of independent mobile users. Ad hoc networks are a new paradigm of wireless communication for mobile nodes.In an ad hoc network, there is no fixed infrastructure such as base stations or mobile switching centers. Mobile nodes that are within each other's radio range communicate directly via wireless links, while those that are far apart rely on other nodes to relay messages as routers. Because of self-organization, dynamic topology and openness of wireless links, ad hoc networks suffer more attacks than conventional networks. Especially, as one of the core functions, the routing protocols' security takes very important part. Based on realistic requirements and foundations, this thesis engaged in extensive research on some relevant theories, protocols and key technologies. The main contributions are as follows:At first, this thesis classifies two kinds of attacks from the situation of the attacker: single attacks and cooperative attacks. From analyzing the attacks formation and comparing the correspond solutions, we can found that the solutions for single attacks are effective, but the solutions for cooperative attacks are not so good. Among these attacks, selfish behavior (which also called as less of cooperation) and wormhole are two hard attacks to handle. The reasons are that the present solutions are all hard security policies, such as encryption,digital signature,identity authentication etc.,which have no measures to dectect the node's acutual behavior, secondly node's cooperation in manet rely heavily on the absolute trust on all participate nodes, apparently this relationship is so weak in fact. Based on these points, the soft security policy– trust evaluation mechanism should be introduced into the routing.For handling the selfish behavior and wormhole attack, we proposed a rouing model based on trust evaluation (RBTE). Benifiting from the distributed trust model and taking the MANET's characteristics into accounts, RBTE gives the definition of trust and the methods how to establish the trust relationship and compute the trust value. In computing trust value, we use Bayes' Theorem to compute the direct trust and weighting maximization to compute the recommendation trust. RBTE is simple to use and requires less resources, so that can satify the MANET's needs, and the most important is that it can give the correct direction to the node's routing behavior.Wormhole attack is one of the deadly attacks to the MANET, which is executed by two or more attackers by constructing a tunnel to replay the routing protocol. Under this attack, the routing protocol will not work, especially which rely heavily on the reception of broadcast packets as a means for neighbor detection. In this paper we give a new definition of neighbor which stresses the neighbor's function as "the first relayer". Then we introduce Marsh model. By gathering data from the neighbor's events the node can evaluate the trustiness of its neighbor. From building the neighbor's trustiness, the false neighbor formed by wormhole attack will be scored lower value because of transmission failures events in MAC layer. When finding the route, the node will choose the higher trust value neighbor to relay the packet. We apply the model in the OLSR protocol and simulate it in NS2.OLSR (Optimal Link State Routing) is one of the four base routing protocols being considered for use with MANETs (mobile ad hoc networks) by the IETF's MANET working group. OLSR belongs to the proactive class of routing protocols in which the connection setup delay is minimized at the expense of the heavier control traffic load on the wireless channel. Existing IETF draft proposals on OLSR does not yet address security issues. OLSR assumes that all nodes in the networks are all friendly, and if there exist some security problems, IPSec can solve it. But OLSR's packets are often broadcasted and IPsec provides end-to-end security, so relying on IPSec isn't enough. Due to some existing defects, OLSR may not work if malicious nodes attack against routing. In this paper, we first analyze the OLSR's security, then propose a solution to secure OLSR- SOLSR, which strengthen the neighbor relationship establishment, apply the worm-detective mechanism and authentication, and protect routing information. The simulation results prove it.
|
PDF Full Text Request