| Space, together with land, ocean and air, is another field for human's activities and development. Space is of great social, economic and military value in global remote sensing, observation, information transmission and power application. With the dependence on space resources increases, countries all over the world take active part in expanding their spaceflight force in order to gain the upper hand in space. The space information networks is a vital nexus between the integrated information systems of land, ocean, air and sky; it is a strategic infrastructure. The foundation and establishment of the space information networks must profoundly impact the comprehensive national strength of our country.In order to adapt the development of our country's spaceflight cause to space, the technology of safely organizing network in the space information networks was focused on. The research, based on the demand of building the space information networks with high credibility and security, considering its characteristics of autonomous management and rapid reaction, has acquired the following innovative results.(1) Construction of a model for safely organizing network in space information networks. The model, combining key techniques in MAC and routing layers, assesses nodes' reputation through attack detection and monitoring of communication in MAC layer, and the assessed reputation is a basis for multi-token management so that secure and fair media accessing control can be achieved. And then an efficient distributed routing protocol was designed to accommodate the characteristics of space information networks. This proposed routing protocol is self-adapted, self-configured, self-managed and is able to balance load. And also a security mechanism based on reputation combining active and passive method was designed for the routing protocol. Further more after fully taping the network layer and MAC layer's correlation, a joint cross-layer optimization was done to realize cooperated network organization in space and near space so that the space information system can interconnect efficiently and safely.(2) Design of a dynamic routing protocol for space information networks. By make full use of feature that in space information networks the operations of satellites, space stations and other spacecraft are regular and predictable, a reasonable division of cycle time separated dynamic topology into a series of consecutive relatively static topology by the time in order to simplify the process of routing control. A policy that combines static configuration and dynamic adjustment was proposed to achieve the efficient distributed routing protocol with the abilities of self-adapting, self-configuring, self-managing and load balancing. The routing protocol can be implemented with comparably low cost and is suitable for space information networks features that topology is highly dynamically changed and resource is constrained.The software NS2 for network simulation built on SUN workstation was used as space information networks simulation platform to simulate the proposed routing protocol. The results show that the dynamic routing protocol can well balance load and effectively improve network performance under heavy traffic, at the same time, it is also scalable and robust because when the size of the network is enlarged or topology is changed, the routing protocol can rapid convergence while neither increase cost nor decrease throughput. The routing performance is outstanding, which enhance resistance and robustness of the network.(3) Design of a secure mechanism based on reputation combining active and passive method. Based on the analysis of security threats faced by routing protocol and research on security configuration with deep protection, the mechanism dynamically safeguards the security of routing protocol in each of the four aspects including information protecting, monitoring, reacting and resuming. Afterwards against the vulnerability of the network, a scheme for quantifying, computing, evaluating and exchanging reputation between spatial nodes was proposed to achieve accurate definition and precise quantization of reputation for nodes in network; A distributed intrusion detection system was constructed, in which mobile agents were used to increase the correct rate and prevent malicious acts of nodes through combined detection; A reconstruction and self-healing mechanism was proposed, which reacted to the invasion and eliminate the invasion root in the way of isolating and insulating the malicious nodes and reconstructing routing path; A security mechanism grading operation mode was established, which chose different levels of security strategy according to network security state and safety requirements so that the network could save its computation and communication resources.The simulation results of the proposed security mechanism for routing protocol show that it can enhance security of routing protocol of space information networks and make network immune to special attacks and enable network good safety performance with rapid detecting, diagnosing and reacting to various invasions. The experimental results also indicate that the reconstruction and self-healing mechanism can rapid restore the network performance and enhance resistance of network simultaneously. (4) Design of MAC protocol with protection of security. The assessing of nodes' reputation is accomplished through attack detection and monitoring of communication in MAC layer, and the assessed reputation is used as a basis for multi-token management. A node possessed with several tokens can share the channel in the way as IEEE802.11 DCF, so that secure and fair media accessing control can be achieved.The simulation results show that the MAC protocol with protection of security can detect malicious behaviors in MAC layer and take effective counter accordingly. The proposed MAC protocol makes nodes comply with the rule so that it can improve the security in MAC layer and enhance the ability of network protection along with routing security mechanism.(5) Design and development of a prototype of safely organized space information networks system with independent intellectual property rights. The prototype experimental system is built on LAN, composed with a central controller and terminal nodes. Every node configured a net filter using topology information from central controller receives and relays data packets selectively. Two nodes which are able to directly connect can be forced to communicate through another node. In the simulation of mobility of nodes, the single-hop sharing network was treated as a highly dynamic spatial multi-hop network. A topology of space information networks was constructed and security networking key technologies were verified.Accordingly, it has a very important meaning of ensuring the security, dependability, destruction-resistance, and robust of the space information networks.
|
PDF Full Text Request