The DoS Defense Strategy Research Of Wireless Mesh Network

Wireless Mesh Network is a new kind of multi-hop wireless network with the characteristics of dynamically self-organizing and self-configuration.It not only has high bandwidth,high speed characteristics,but also has a strong scalability and survivability.With the continuous development of Wireless Mesh Network technology,it is applied in the community network,hospital,transportation,building automation,medical and health.Because the Wireless Mesh Network has the characteristics of channel openness,identity authentication decentralization,dynamic topology and client node with complicated identity,it is easy to get many kinds of attacks.Even,the malicious users often appear,hindering the healthy development of Wireless Mesh Network.There are threatens,such as Do S attack(the denial of service attack),wormhole attacks,replay attacks,black hole attacks,etc.Among them,Do S attack is the biggest threaten,but it is also the most difficult to defend.The launch of Denial of service attack is simple and the attack means are diverse and the harm of Denial of service attack is serious.Therefore,it is of great practical significance to study the protection strategy of Do S attack in wireless Mesh network.As the Do S attacks mostly occur at the network layer and they are always extremely close with the routing protocol.In this paper,considered the characteristics of high real-time services,the OLSR protocol is choosed as the network layer routing protocol.The defense strategy of Do S attacks is divided into two parts: detection and tracking of Do S attacks.The purpose of this paper is to reduce the risk of Do S attack by improving the detection accuracy and efficiency and designing the new method of the attack source tracking.In this paper,two aspects are mainly considered of in the detection of Do S attacks.Firstly,the detection of data feature can only be used for the detection of known features.The combined of AP algorithm and k-means algorithm is proposed in this paper to give the abnormal alarm.Through the artificial judgment can continue to enrich and improve the attack pattern of the characteristics of the database.So the ability to resist the attacks of unknown data features is enhanced.Secondly,in order to reduce the overhead of data feature real-time detection for wireless Mesh network terminal node,the NSL_KDD database is used as an example to improve the detection efficiency of the Do S attack.In the tracking of the Do S attack source,the current traceability technology can only trace the attack packet back to the routing node of the attack source.Due to the dual identity of the terminal node in the Wireless Mesh Network,making this method can not accurately determine the attack source node.In this paper,the algorithm of the controllable parent node routing algorithm is designed,which is combined with the packet probability marking technique to find the precise positioning of the attack source,and then to achieve the purpose of accurate isolation of the attack source node and reduce the harm of the Do S attack to the whole network.And the performance of the routing algorithm under large traffic is verified by simulation.In addition,this paper presents a new attack method,Isolation_Do S,which is aimed on the topology of OLSR routing protocol.In this paper,the principle of combining rule conflict detection and MPR temporary addition is proposed to resist the new attack mode,and verify the success rate of the defense strategy and the increase of MPR.Finally,the Qt software combined with the mysql database is used to carry out the defense strategy proposed in this paper including the process of the Do S attack detection and the tracking of attack source.