Research On Secure Content Routing Mechanism Based On MPR For NDN-MANET

NDN is a promising future Internet architecture,and content routing is a big challenging problem in highly dynamic MANET.The integration of the NDN architecture with the MANET network and the security and efficiency of content routing are currently a hot topic in this field.Although bread crumb routing in native NDN is better suitable for MANET,however,the uncontrolled interest flooding can lead to broadcast storm in wireless communication;meanwhile,since the NDN does not take security measures on its interest packets,tampering with the interest packet for request content and routing update will lead to Do S attacks and bogus routing advertisement problems.In addition,the existing content routing for Named Data Mobile Ad hoc Network(NDN-MANET)is aimed at the implementation of the scheme,and the efficiency and security of routing are not fully considered.To solve the above problems,based on the mechanism of selecting MPR in OLSR and security mechanism such as Merkle tree,this thesis proposes a secure content routing system MPR-SCR(Multi Point Relay based Secure Content Routing)for NDN-MANET.The main research contents are as follows:1.Aiming at the broadcast storm problem in the routing of bread crumbs used by native NDN in NDN-MANET,an MPR selection algorithm based on network connectivity and node's data forwarding efficiency is proposed.First,each node uses the MPR set calculated by the algorithm to forward interest packets.Secondly,nodes in the network use the statistical information based on the PIT table to detect abnormal behavior.Finally,to prevent the selection of a malicious node into MPR,a collaborative voting is performed on nodes that are abnormal in behavior.Experiments show that the use of the MPR selection algorithm reduces the number of redundant packets in the network and improves the efficiency of data forwarding.2.To resolve the problem of security attacks in NDN-MANET,an identity verification method based on Merkle tree is proposed.First of all,when a new node joins the network,it must obtains the cryptographic material from a Merkle tree constructed by a trusted third party(TTP)to verify the identity information of the nodes within the network;secondly,by adding the abnormal nodes in the dataforwarding process into the blacklist and advertised to other nodes to reduce the persistent damage caused by the same abnormal nodes.Finally,a hash and signature mechanism is introduced into the interest packet to achieve the authentication of its integrity and originator.Simulation results under ndn SIM show that the proposed method can mitigate the problem of bogus routing advertisements existing during routing update and Do S attacks caused by tampering with the interest packets when requesting content,thereby ensuring the security of data transmission.