Research On Preventing Pollution Attacks And Strategy Optimization In Network Coded Wireless Ad Hoc Networks

Unlike the traditional store-and-forward mechanism,network coding allows intermediate nodes to combine the received packets before forwarding them,and hence can improve the bandwidth efficiency,throughput,energy efficiency,load balance,as well as the robustness of the network.Wireless ad hoc networks have the properties of distributiveness,dynamic topology,and limited node resources.Hence,implementing the network coding technique in wireless ad hoc networks can significantly enhance the energy efficiency,network throughput,robustness,and etc,and thus is of significant importance both academically and practically.However,at the same time of bring all the advantages mentioned above,the packetmixing nature of network coding also renders it more vulnerable to pollution attacks.In network coding based communication systems,once an intermediate node participating in data transmission receives polluted packets,it will combine them with those legal packets and then forwards them to their downstream neighbors.This will further pollute the downstream nodes and cause an epidemic propagation of pollution.Existing techniques to combat pollution attacks in network coding can be divided into three categories in general,namely,information-theoretic schemes,cryptographic schemes,and attacker locating schemes.Information-theoretic schemes can only provided limited security against pollution attacks via error correcting at destinations,and will bring significant communication overhead at the same time,therefore is not suitable to be applied in wireless ad hoc networks where node resources are limited.On the other hand,cryptographic schemes can enable intermediate nodes to detect and discard polluted packets on-the-fly.However,normally speaking,they are relatively computation-intensive,and will bring extra energy consumption,CPU delay,and etc.Moreover,most of the existing attackerlocating schemes have various drawbacks,which make them not applicable in wireless ad hoc networks.Considering the limited node resources in wireless ad hoc networks,it is necessary to investigate the optimal defense strategy from the defender's point of view,i.e.,based on the feasible defense mechanism against pollution attacks,to further study the best manner to implement the defense mechanism,so as to achieve the optimal trade-off between the defense effectiveness and resource consumption.Therefore,we conducted the research on preventing pollution attacks and strategy optimization in network coded wireless ad hoc networks.In specific,the research details and main contributions can be listed as follows.(1)Firstly,aiming at the property of multi-generation transmission of practical network coding,we proposed a feasible pollution detecting scheme,which is resistant to inter-generation pollution attacks and based on the assumption of the hardness of the discrete logarithm over a cyclic group.The proposed scheme is resistant to both intrageneration and inter-generation pollution attacks,through authenticating both packet content and generation identifier simultaneously,without the need of key update.As a result,the communication overhead can be significantly reduced.Meanwhile,through encrypting the encoding vector of the packets,the proposed scheme is also resistant to eavesdropping attacks,at a cost of negligible computation overhead.(2)Secondly,aiming at the limited resources in wireless ad hoc networks,and the problem of extra consumption caused by the pollution attack defense mechanism,we proposed a universal defense resources allocation framework based on game theory.In practical wireless ad hoc networks,it is not necessary that every intermediate node should be deployed as a defensive node.For instance,in a 50-node network where only one is compromised,it is possible that a small number of defensive nodes,say 10,is sufficient.Deploying extra defensive nodes is not helpful to further improve the defense performance,but will bring unnecessary consumption and overhead.Therefore,it is necessary to investigate that how to figure out the optimal defense resource allocation strategy,i.e.,the number of defensive nodes,under different network scales and attack intensities.Based on game theory,we built a two-player strategic game model between the attacker and the defender,and then formulated the reasonable utility functions to represent the interests of the respective players.The formulation of the defender's utility function comprehensively considers the defense performance and resource consumption.Therefore,via maximizing the utility function,the defender is able to figure out the optimal defense resource allocation strategy,and thus maximize its own interest.(3)Thirdly,based on the defense resource allocation framework mentioned above,we further proposed a defense strategy optimization method.In specific,after figuring out the optimal defense resource allocation strategy,the next step is to investigate how to optimally use those resources,i.e.,in which positions should we deploy those defense nodes,so as to maximize the defender's utility.Aiming at that,we conducted the research of defense strategy optimization problem based on game theory.Through constructing the game model between the attacker and the defender,and then figuring out optimization problem of the defender's utility.Unfortunately,the optimization problem is non-convex,and with the increase of the network scale,the searching space increases significantly.Therefore,based on the simulated annealing algorithm,aiming at the problem of low convergence speed,we proposed a novel solution iterating method,and as a result the convergence speed is well enhanced.Experimental results suggests that,compared to the existing schemes,our scheme can achieve a better utility for the defender,and is of less running time at the same time.Meanwhile,experimental results also show that the our scheme can converge to a sub-optimal solution which is sufficiently close to the globally optimal solution,which implies that our scheme can be implemented in the short-session transmission scenario.(4)Finally,we proposed a feasible pollution attacker identification scheme,and them further proposed a identification strategy optimization method based on game theory.the works mentioned above can only passive combat pollution attacks,a more effective way should be to identify the malicious nodes and then isolate them from the network,so the source of pollution can be totally cut down.Therefore,based on the proposed pollution detection mechanism mention above,and combining the node reputation mechanism,we proposed a semi-distributed malicious node identification scheme.The scheme can achieve an excellent identification accuracy,even under the situation where the defense resources are limited and the malicious nodes are able to imitate normal ones.The proposed scheme can be divided into two phases,namely,the pollution detection phase and the malicious node identification phase.In the pollution detection phase,all the defensive nodes carry out the pollution detection mechanism in a distributed manner,and calculate the reputation scores of their respective up-stream neighbors.After that,they upload the reputation scores to the central controller,so the latter can identify the malicious nodes from the normal ones according to the reputation scores in the node identification phase.Experimental results reveals that compared to existing scheme,our scheme have superiority in both identification accuracy and valid throughput.Based on that,we further combined the proposed identification scheme and game theory,and proposed an identification strategy optimization method.