| Underwater acoustic communication technology is an important approach and methodology for message transmission and reception in the ocean,designing a safe and reliable underwater acoustic communication networks(UACNs)has important theoretical significance and application value for realizing marine creature investigation,marine resources exploitation and marine wireless navigation.Almost all the existing designs of UACNs are focused on reducing the energy consumption to prolong the network lifetime,the security issues of UACNs are neglected in these researches.Designing applicable secure mechanisms for UACNs is exceedingly necessary for protecting the present UACNs from potential threats and attacks.According to the characteristics and security demands of the UACN,a hybrid identity authentication protocol and intrusion detection scheme are proposed in this thesis.The major contents of this thesis can be described as follow:(1)Through comparing with terrestrial wireless sensor networks(TWSNs),UACN's basic characteristics are elaborated and analyzed,including network topology,communication channel and sensor node.Existing security threats and demands are introduced and analyzed on the basis of the UACN channel and the fabrication of communication nodes.A secure architecture suitable for the UACN is proposed based on entity structure and security function according to the safety demands of the UACN and inner logic relation of composite entities.Composite entities of UACN are represented and safety function assignment of the entities are discussed.(2)An applicable hybrid authentication protocol of UACN based on cluster topology is proposed,including two kinds of protocols: either is based on symmetric polynomial and Elliptic Curve Cryptography,the other is based on credence transfer and symmetric cryptography.The authentication of UACN can be divided into three parts: networking authentication,joining node authentication and mobile node re-authentication.Networking authentication and joining node authentication both adopt first authentication protocol,which only needs two times interactions and can resist middle-man-attack.Mobile node reauthentication adopts second authentication protocol,which consumes little computation resources.Besides,the second protocol is formally analyzed using BAN logic and it turns out that the protocol is safe.(3)An intrusion detection scheme(IDS)based on traffic abnormal and ARMA model is proposed in this thesis.The scheme is composed of traffic model establishment,traffic detection and exception alarming mechanism.Firstly,the necessity of adding IDS into UACN and the design basis of IDS is elaborated.After that,the common criteria of IDS is analyzed,which includes propagation delay,packet loss ratio and node traffic.Node traffic is chosen as the criteria of our IDS.Then the IDS's node traffic model and abnormal detection mechanism are introduced.Finally,the alarming mechanism of IDS is represented.While the intrusion being detected,the cluster broadcasts the encrypted alarming message using the group key aiming to notify other member nodes of the attacked node's identity.When member nodes received the alarming message,they will isolate the attacked node to avoid further damage in the network causing by the intrusion. |
PDF Full Text Request