Ad Hoc Networks Threshold Authentication Scheme And Intrusion Detection Model Study

Mobile Ad Hoc Networks are known as Multihop Networks, which are multihop temporary autonomous-domain networks that are composed of mobile nodes whom have some wireless network interfaces. Compared to the traditional mobile communication network, the mobile Ad Hoc networks is a distributed network without control center. It is independent of any fixed infrastructures and administrative centers and holds network connection and data transfer through interoperate and self-organization between the nodes. Every node can enter and exit at any time and move at will, and then constitutes a communication network that the network topology is in dynamic variation through wireless connection.The uniqueness of Ad Hoc network makes us have to face many challenges in designing security policy and realizing security goals. For technical features and possible application environment of the Ad Hoc network, the paper makes a deep study on the problem of threshold authentication existed at present on the one hand, and on this basis, the paper also makes a further study on the problem of intrusion detection modeling on the other hand. Specifically, the main jobs of the paper are as the following:1. The paper makes an overview to the key issue of Ad Hoc network security, and summarizes the architecture of the Ad Hoc network security. On the basis of analyzing security threats of the mobile Ad Hoc network likely suffered and summarizing the typical security demands of the network in detailed, the paper draws on the experience of security architecture in the traditional network environment to examine the security architecture of such the network from the aspects of network security demand, network protocol and network basic entities respectively.2. The paper proposes an authentication mode used for the Ad Hoc network threshold identity based on Hash function table with local reliability. Typically, this traditional security scheme cannot be directly used for such the network because the mobile Ad Hoc network is short of online central service entities. At the early days of researching on the mobile Ad Hoc network key management, one intuitional means is to build public key infrastructure under meeting the constraint conditions of the mobile Ad Hoc. The distributed CA based key management scheme and the complete ad hoc key management scheme are the typical representatives of such thoughts. The core of these key management schemes is to use the public key certificate to certify the authenticity of the public key of the node. This scheme needs low computational complexity in generating and synthesizing child certificate, and the security and integrity of the algorithm itself assure the reliability of the certificate. By using the Hash algorithm as the basic algorithm, the node can generally meet the resource demands of such algorithm and can be in conformity with the feature of limited node resources in the mobile Ad Hoc network.3. On the basis of researching on the pre-existing intrusion detection system in the Ad Hoc network, the paper provides an Agent-based intrusion detection model which takes cluster head as detecting unit. In other words, divide the network by appropriate clustering algorithm, and activate the Agent system on the cluster-head node at the same time. When the cluster-head node makes the feature comparison based on local data collection, and can confirm the intrusion behavior that has been occurred, the cluster-head node will conduct mask processing to the malicious nodes that have occurred corresponding intrusion behavior. While the cluster-head node cannot confirm whether some nodes occur the intrusion behavior, it will trigger the joint detection among the cluster heads. This detection adopts a way of local vote to confirm the malicious node(s) and then notes the other nodes in the network. This method changed the original mode that needs the whole nodes in the network to votes to make sure the intrusion behavior. Under ensuring the detection rate unchanged, this method can effectively reduce the energy consumption of the nodes, save the network resource and prolong the service life of the entire network.4. The paper introduces the Game Theory to the intrusion detection system of the mobile Ad Hoc network, and then builds a non-cooperative game-theory intrusion detection model against many attacked nodes and the attack sources with different strength. With introducing the Game Theory model and building an attack-defense two-party game-theory model, we argue that this game theory exists a Nash Equilibrium, which can realize quantitative analysis of the overall network security. The simulation experiment shows that this model can get safe operation of the overall network with low cost, and proves that the model has excellent performance index, as well as its accuracy and feasibility.The paper is divided into six chapters, which are arranged as following: Chapter 1 is the instruction part. This chapter makes an overview to the Ad Hoc networks, emphatically introduces the characteristics of the Ad Hoc networks, analyses the paper's research background and the research status at home and abroad, and summarizes several key research content and important research goals of the Ad Hoc networks. In addition, this chapter also introduces the main contents and chapters arrangement.Chapter 2 summarizes the basic concept of the cryptography, and then respectively introduces the public key cryptography, hash function, threshold cryptography and elliptic curve cryptography, as well as mathematical theory model certified between the nodes in the network, which provide the foundation for the theoretical study for subsequent chapters.Chapter 3 is the basic knowledge of the Ad Hoc networks, introduces the basic concepts and features of the Ad Hoc networks, analyzes and summarizes the security issues existed in the network and the security requirements, indicates that the Ad Hoc network has wide application perspectives and also has some special safety problems at the same time.Chapter 4 provides an authentication model that can be used for the Ad Hoc networks threshold identity, based on local reliable Hash function table. Based on the threshold authentication with local Hash table and without trustable center, the scheme can effectively resist internal nodes'attack and passive attack and improve the efficiency of the node certificate query and update. Compared to existing authentication schemes, it has lower calculated amount and calculation complexity and faster certificate generation rate. The computational complexity of the scheme needed in process of generating and synthesized the child certificate is low; and the security and integrity of the algorithm itself also ensure the reliability of the certificate. Using the Hash algorithm as the basic algorithm, the node can generally meet the resource demands of such algorithm and can be in conformity with the feature of limited node resources in the mobile Ad Hoc network. Finally, the theoretical arguments prove that this scheme has high operated efficiency and low requirements in the storage capacity and can get effective application in practical Ad Hoc networks.Chapter 5 puts forward two kinds of intrusion detection and responds models against the characteristics of the Ad Hoc networks. One is an Agent-based intrusion detection model which takes cluster head as detecting unit. In other words, divide the network by appropriate clustering algorithm, and activate the Agent system on the cluster-head node at the same time. When the cluster-head node makes the feature comparison based on local data collection, and then confirms whether the intrusion behavior has been occurred. Another kind of model is to introduce the Game Theory to the intrusion detection system of the mobile Ad Hoc networks, and then builds a non-cooperative game-theory intrusion detection model against many attacked nodes and the attack sources with different strength. With introducing the Game Theory model, an attack-defense two-party game-theory model is built. Finally, from the performance index such as detection rate, false detection rate, route packets overhead and delay, the simulation experiment shows that this model can effectively improve the detection rate, reduce false detection rate, spend less network cost, and proves that the model has excellent performance index, as well as its accuracy and feasibility. Chapter 6 summarizes the whole paper, and indicates the problems that need to be made further study and to be solved in the Ad Hoc networks.