Research On Key Technologies Of Ad Hoc Network Security

Wireless Ad Hoc Network (Ad Hoc Network) is a multi-hop temporary autonomous system consisting of a wireless transceiver with mobile terminal devices. The mobile devices have routing capability and can form arbitrary wireless network topology. Ad Hoc networks can work independently or work with the other cellular wireless networks. Compare to traditional mobile and fixed networks, wireless Ad Hoc networks have features of self-organization, multihop routing and dynamic topology, which make the wireless Ad Hoc network have a significant difference from cellular and fixed telecommunications networks on network architecture, network architecture and protocol design. The opening and instability of wireless channel makes the wireless Ad Hoc networks face big security risks. Many existing security solutions and technologies of fixed networks cannot be directly applied to wireless Ad Hoc networks due to the huge differences in nature. The complexity and instability of the wireless network environment also make security goals difficult to meet.This dissertation proposes a wide range of in-depth research on the relevant theories and key technologies of Ad Hoc network security issues. This dissertation gives an analysis on vulnerable attacks to wireless Ad Hoc networks, a discussion on key management of wireless Ad Hoc network and matching algorithms of intrusion detection. The main tasks of this dissertation includes the following:1) This dissertation proposes a cluster-based secure multicast key agreement for the disadvantages of CBGKA protocol for Ad Hoc Networks. Specifically, the key agreement uses the identity-based public key cryptography, timestamp mechanism and the linear pairing theory of cryptography. The key agreement also uses a specific model mutual authentication signature based on the Weil pairing, before consultation with the members of each cluster, to ensure key authenticity and confidentiality of the generated cluster. This key agreement has high efficiencies of the CBGKA key negotiate, and is resistant to active attacks.2) The original AC algorithm of network intrusion detection system uses one-way match, and thus takes more time due to the increase of sample size. This dissertation proposes an efficient multi-pattern matching algorithms-two-way fast string matching algorithm, which uses finite automata, two-way matching of positive and negative ways. Thus this algorithm can fast check out the intrusion by decreasing matching number. Simulation results show that the proposed Re--AC algorithm is more efficient than other algorithms,and can improve the efficiency of intrusion detection for Ad hoc networks.3) The string matching algorithm has been proven to be very important played on the performance of network intrusion detection system. Therefore, this dissertation design es and implements an efficient string matching algorithm based on the real scaling. The algorithm gives the index tree construction methods of the real scale, and further achieves the full scale of the string matching algorithm, so that the algorithm can find all the possible scaling in the text, and find all occurrences of the string under the scaling. To further verify the efficiency of the algorithm, we use the Lincoln Laboratory evaluation data set, and the experimental results show that the algorithm can effectively improve the matching efficiency and improve Ad Hoc network security.4) This dissertation uses statistical methods to establish a keystroke biometrics model to authenticate a user’s identity by predicting the user’s keystroke behavior characteristics. The proposed methods can still achieve accurate predictive results in spite of the changes of users’ behaviors. This dissertation uses HMM for keystroke sequence analysis and time series to compute the state output probability of HMM used in keystroke biometrics model. At the authentication phase, This dissertation uses modified forward algorithm to compute the users’ typing behavior state. This dissertation also collects the users’ keystroke data to establish the authentication model. Then using fixed text analysis and digraph’s keystroke duration time, this dissertation implements the authentication mechanism. Extensive experiments have verified the effectiveness of the proposed solutions.This dissertation does many simulations on securities and proposed algorithm, and compared with existing solutions. The simulation and analysis results show that the proposed algorithms are feasible and easy to implement, and have a unique advantage on the scalability and security.