Research On Key Technologies For Secure Networking In Hierarchical Ad Hoc Networks

An ad hoc network is provided with many merits, such as flexible networking, rapid expandability and distribution control. It is a new centerless, self-constructing, self-organizing and self-managing network, and is applied in military, individual communications, emergencies and other circumstances where networks can not be easily established but require rapid networking. With the growth of number of nodes, the hierarchical structure has received much attention in networking due to its scalability in large-scale networks. Routing security is a serious problem in hierarchical ad hoc networks, as the nodes keep moving and network topology is dynamic. Moreover, cooperation among nodes in clustering and routing needs to be considered insightfully because of the complicated configuration in hierarchical ad hoc networks. Therefore, clustering and routing are both important issues in secure networking and they also become very challenging research topics for hierarchical ad hoc networks.This thesis studies the works of the security issue in the areas of not only mobile ad hoc networks but also hierarchical ad hoc networks. Moreover, this thesis presents a mechanism which dynamically safeguards the networking in three aspects including information protecting, monitoring and resuming. This thesis mainly makes the following specific contributions:(1) This thesis proposes a secure clustering algorithm based on reputation. In this algorithm, a reputation evaluation mechanism based on the behaviors of nodes is built to achieve accurate definition and precise quantization of reputation for nodes in the network. To improve the reliability of a cluster structure, this algorithm considers the reputation, correlation and mobility of nodes in the process of electing cluster heads and gateways. By building an intrusion detection mechanism based on an extended finite state machine, this algorithm ensures the defense to both specification and statistical violation and provides more valid information to reputation evaluation. Moreover, the rebuilding and recovering mechanism in the algorithm is able to resist attacks on the cluster structure. Simulation results show that the proposed algorithm can improve the security of clustering, make the network immune to special attacks, and obtain good performance through rapid detecting, diagnosing and reacting to various invasions. The rebuilding and recovering mechanism can dispose the cluster structure and resume the performance of network when the cluster is assaulted.(2) This thesis proposes an intrusion detection mechanism based on the behaviors of nodes. In this mechanism, the cluster head agent is used for collecting, storing and classifying the behavior information of the cluster members to ensure efficient data collection and low power consumption. A standard behavior model of nodes is established under the analysis of nodes' ability of dealing with messages in the routing. This model can provide the powerful proof for behavior evaluation. Moreover, the abnormal node can be decided through comparing the collected messages with the reference information provided by the behavior model. In addition, the attacking node is located by the fuzzy method. Simulation results show that the mechanism proposed in this thesis can detect the abnormal situation and reduce the false alarms and missing reports timely and accurately. This mechanism is feasible in hierarchical ad hoc networks.(3) This thesis proposes an intrusion response decision-making mechanism based on risk evaluation. On the basis of the objective impacts caused by an attack, the threat level of the attack is analyzed from the aspects of attack power, the characteristics of the malicious node and environment parameters. Through extracting the performance information of the attacked nodes, this mechanism can forecast the latent menace of the attack, quantize its risk degree in realtime, and then make the corresponding decision to the attacking node. Simulation results show that the mechanism proposed in this thesis can timely and accurately evaluate the risk degree of the malicious nodes, choose the relative decision-making and thus alleviate or even contain the network harm caused by the routing attacks.(4) This thesis proposes a feasible secure routing scheme based on reputation evaluation in hierarchical ad hoc networks. This scheme considers that the relationships of nodes in a hierarchical structure are not equal, and thus the behaviors in the network have the higher requirement of cooperation between the nodes. In this scheme, the reputation relationship is defined in consideration of the related node character and functions, while the reputation evaluation mechanism is built based on the correlation among nodes that need to be evaluated. The dynamic reputation threshold is used to improve routing security with the precondition of usability. The reputation information of nodes is updated with different character. This scheme can reconstruct the route to solve attack problems in transmitting packets. Simulation results show that the proposed scheme in this thesis can timely and accurately reflect security status and execute the improved routing when there are malicious nodes in hierarchical ad hoc networks. This scheme improves the security of routing protocol.Above all, the proposals help realize secure networking in hierarchical ad hoc networks and are meaningful to ensure network security, dependability, and robust.