Adhoc安全路由协议的研究与改进
摘要
Adhoc网络具有自组织、无中心、动态拓扑等特点,广泛应用于民用、军事、救灾等各个领域。现有的Adhoc安全路由协议,大多运用密码学手段对路由消息进行安全操作,提供路由消息的机密性、完整性和抗否性。然而,密码学手段在保障路由协议安全性的同时,也产生了运算量大、消耗能量多等问题。因此,如何减少安全路由协议的运算量、降低能耗成为Adhoc网络的研究热点。
本文介绍了Adhoc路由协议的特点及分类,分析了Adhoc路由协议所面临的攻击行为及相应安全措施,探讨了几种具有代表性的安全路由协议。在此基础上,对SAODV协议运算量大的问题展开讨论,提出了改进的ISAODV协议。
ISAODV协议具有如下特点:(1)避免对冗余反向路径的签名验证,减少了协议的运算量。(2)在协议中引入信任链,通过使用信任链避免中间节点传送RREP消息时对源节点的验证。(3)设置临时路由表和信任链路由表,存储不同类型的路由条目,保证协议的安全性。
最后,利用网络模拟软件NS2对ISAODV协议和SAODV协议进行仿真实验。实验结果表明,与SAODV协议相比,ISAODV协议具有较低的能量消耗和网络延时。
Adhoc network is self-organized,no-centered and has dynamic-topology.It is widely used in civilian,military,disaster relief and other fields.Most of the security routing protocols use cryptography to provide routing message confidentiality,integrity and anti-whether.The cryptography provides routing protocol security,but brings high computational complexity,large energy Consumption and other issues with it.How to reduce the computation and energy consumption of secure routing protocl become the research focus of Adhoc network.
In this thesis,Features and categories of Adhoc network routing protocol are introduced at first.Its security problems and appropriate safety measures are analysised.Several types of security routing protocols are discussed.On this basis, SAODV protocol is discussed for the large public-key computation it has.Finally ISAODV protocol is proposed.
ISAODV protocol has the following characteristics:(1) Signature verifications for the redundant reverse-path are avoided,so computation of the protocol is reduced.(2)Trust chain in the protocol is used,so the verification for the source-node before intermediate node send RREP is avoided.(3)Temporary routing table and trust chain routing table are established to store the path of different types. It help to ensure the security of the protocol.
At last,simulation tests of ISAODV protocol and SAODV protocol are made. The results show that,energy consumption and network latency in ISAODV protocol are lower than in SAODV protocol.
本文介绍了Adhoc路由协议的特点及分类,分析了Adhoc路由协议所面临的攻击行为及相应安全措施,探讨了几种具有代表性的安全路由协议。在此基础上,对SAODV协议运算量大的问题展开讨论,提出了改进的ISAODV协议。
ISAODV协议具有如下特点:(1)避免对冗余反向路径的签名验证,减少了协议的运算量。(2)在协议中引入信任链,通过使用信任链避免中间节点传送RREP消息时对源节点的验证。(3)设置临时路由表和信任链路由表,存储不同类型的路由条目,保证协议的安全性。
最后,利用网络模拟软件NS2对ISAODV协议和SAODV协议进行仿真实验。实验结果表明,与SAODV协议相比,ISAODV协议具有较低的能量消耗和网络延时。
Adhoc network is self-organized,no-centered and has dynamic-topology.It is widely used in civilian,military,disaster relief and other fields.Most of the security routing protocols use cryptography to provide routing message confidentiality,integrity and anti-whether.The cryptography provides routing protocol security,but brings high computational complexity,large energy Consumption and other issues with it.How to reduce the computation and energy consumption of secure routing protocl become the research focus of Adhoc network.
In this thesis,Features and categories of Adhoc network routing protocol are introduced at first.Its security problems and appropriate safety measures are analysised.Several types of security routing protocols are discussed.On this basis, SAODV protocol is discussed for the large public-key computation it has.Finally ISAODV protocol is proposed.
ISAODV protocol has the following characteristics:(1) Signature verifications for the redundant reverse-path are avoided,so computation of the protocol is reduced.(2)Trust chain in the protocol is used,so the verification for the source-node before intermediate node send RREP is avoided.(3)Temporary routing table and trust chain routing table are established to store the path of different types. It help to ensure the security of the protocol.
At last,simulation tests of ISAODV protocol and SAODV protocol are made. The results show that,energy consumption and network latency in ISAODV protocol are lower than in SAODV protocol.
引文
[1] David B. Johnson. and David A. Maltz. Dynamic Source Routing in Ad hoc Wireless Networks[M]. In: Tomasz Imielinski and Hank Korth, Mobile Computing 1996, chapter 5:153-181.
[2] C.E.Perkins and E.M.Royer. Ad hoc On-Demand Distance Vector Routing[C].In: Proceedings of the 2nd IEEE Workshop on Mobile Computing Systems and Applications(WMCSA'99), New Orleans, LA, February 1999:90-100.
[3] C.E.Perkins and Bhagwat P.Highly Dynamic Destination-Sequenced Distance-Vector Routing(DSDV) for Mobile Computers[C]. In: Proceedings of the ACM SIGCOMM'94 Conference on Communications Architectures, Protocols and Applications, London, UK,August 1994:254-244.
[4] M. Zapata and N.Asokan. Securing Ad Hoc Routing Protocol[C]. In:Proc. ot ACM WiSe'02,Atlanta ,Geogia,USA,Sep 2002:1-10.
[5] Optimized Link State Routing Protocol (OLSR) [EB/OL]. http://www.ietf.org/rfc/rfc3626.txt, 2008.8.
[6] S.Marti, T.J.Giuli, K Lai et al. Mitigating routing misbehavior in mobile ad hoc Networks[C]. Proceedings of the 6~(th) Annual ACM/IEEE International Conference on Mobile Computing and Networking, 2000.8:255-265.
[7] S.Yi, P.Naldurg, R.Kravets. Security-Aware Ad-Hoc Routing for Wireless Networks[R]. Tech Report UIUCDCS-R,Department of Computer Science,University of Illinois at Urbana-Champaign,2001:2001-2241.
[8] Papadimitratos P and Haas Z J. Secure routing for mobile Adhoc networks. SCS Communication Networks and Distributed Systems Modeling and Simulation Conference (CNDS 2002),San Antonio, TX,January 2002:1-13.
[9] Y.C.Hu, A.Perring, D.B.Johnson. Ariadne:A Secure On-Demand Routing Protocol for Ad Hoc Networks. IEEE WMCSA , 2002:23-28.
[10] Y.C.Hu, D.Johnson , and A. Perring. SEAD:secure efficient distance vector routing for mobile wireless adhoc networks[C]. In Fourth IEEE Workshop on Mobile Computing Systems and Applications (WMCSA '02), June 2002:3-13.
[11] Sanzgiri K, Dahill B. A secure routing protocol for Ad Hoc networks[C].Proceedings of the 10~(th) IEEE International Conference on Network Protocol (ICNP),November 2002:78-87.
[12] M.Guerrero. Secure ad hoc on-demand distance vector (SAODV) routing.IETF MANET Mailing List,Message-ID 3BC17B40.BBF52E09@nokia.com,http://www.cs.ucsb.edu/ eroyer/txt/saodv.txt, Oct.2001.
[13]J.Jubin,J.D.Tornow The DARPA packet radio network protocol[C].Proc.of the IEEE,Washington,D.C.1987,75(1):21-32.
[14]赵志峰,郑少仁.Ad Hoc网络体系结构研究[J].电信科学,2001,1(1):14-17.
[15]B.Welsh,N.Rehn,B.Vincent,et al.Multicasting with the near tern digital radio(NTDR) in the Tactical Internet[C].In:Military Communications Conference,1998:1-5.
[16]Akyildiz I,Su W,Sankarasubramaniam Y,et al.Wireless Sensor Networks:A Survey[J].Computer Networks,2002,38(4):393-422.
[17]T.Karapantelakis,G.Iacovidis,Experimenting with Real Time Applications in an IEEE 802.11b Ad Hoc Network[C].In:The IEEE Conference on Local Computer Networks 30th Anniversary(LCN'05),2005,vol.1,p.554-559.
[18]P.Ramjee,G.Liljana.Research Challenges for Wireless Personal Area Networks[C].Proceedings of 3rd ICICS,Singapore,October 2001,p.23-26.
[19]Mobile Ad hoc Networks(MANET)[EB/OL]http://www.ietf.org/html.charters/manet-charter.htm,2006.2.
[20]S.Xu,I.Saadawi.Revealing the problems with 802.11 MAC protocol in multihop wireless networks[J].Computer Networks,2002,38(4):531-548.
[21]L Buttyan,J P Hubaux.Report on a working session on security in wireless Ad Hoc networks[J].Mobile Computing and Communications Review,2003,7(1):74-94.
[22]P.Yi,Y.C.Jiang,S.Y.Zhang,Y.P.Zhong.Survey of security for mobile ad hoc networks[J].Acta Electronica Sinica,2005,33(1):893-899.
[23]翁睿,任祥颖,钱松荣.基于NS2的Adhoc网络路由协议性能比较分析[J].计算机应用与软件,2007.11,24(11):1-3.
[24]S.J.Lee,M.Gerla and C.K.Toh.A Simulation Study of Table-Driven and On-Demand Routing Protocols for Mobile Ad hoc Networks[C].In:IEEE Network,1999,23(4):48-53.
[25]P.Johanson,T.Larsson,N.Hedman,et al.Scenario Based Performance Analysis of Routing Protocols for Mobile Ad hoc Networks[C].In:Proceeding of the ACM/IEEE International Conference on Mobile Computing and networking,August 1999:195-206.
[26]T Kaya,GLin,et al.Secure multicast groups on Ad Hoc networks[A].Proc of the 2003 ACM Workshop on Security of Ad Hoc and Sensor Networks(SASN'03)[C].Fairfax,VA,USA,2003:94-102.
[27]Yih-Chun Hu,Adrian Perrig.A survey of secure wireless ad hoc routing[M].IEEE Security & Privacy;2004,vol 02,issue 3:28-39.
[28]G.Montenegro and C.Castelluccia.Statistically unique and cryptographically verifiable(SUCV) identifiers and addresses.Network and Distributed System Security Symposium(NDSS 02),Feb 2002.
[29]Frank Stajano,Ross Anderson.The resurrecting duckling:security issues for Ad2hoc wireless networks[A].Proc of the 7th InternationalWorkshop on Security Protocols[C].LNCS 1796,Springer2Verlag,Berlin Germany,April 1999:172-194.
[30]N Asokan,Philip Ginzboorg.Key agreement in ad hoc networks[J].Computer Communications,2000,23(17):1627-1637.
[31]Zheng Yan.Security in Ad Hoc Networks[DB/OL].http://citeseer.nj.nec.com/536945.html,2002.
[32]Srdjan Capkun,Jean2Pierre Hubaux,Levente Buttyan.Mobility helpssecurity in Ad Hoc networks[A].The Fourth ACM International Symposiumon Mobile Ad Hoc Networking and Computing[C].Annapolis,Maryland,USA,June 1-3,2003:46-56.
[33]MARTIS,GIULIT J,LAIK,et al.Mitigating routing misbehavior in mobile Ad hoc networks[C].Boston,Massachuset ts:MobiCom2000,2000.
[34]易平,钟亦平等.移动adhoc网络中DOS攻击及其防御机制[J].计算机研究与发展,2005,42(4):697-704.
[35]Hu Y C,Perrig A,Johnson D B.Rushing attacks and defense in wireless Ad hoc network routing protocols[C].In:ACM Workshop on Wireless Security(WiSe 2003),2003:30-40.
[36]John RDouceur.The Sybil Attack[EB/OL].http://research.microsoft.com/sn/Farsite/IPTPS2002.pdf,2002.
[37]Ljubica B,Levente B,Srdjan C,et al.Self-organization in mobile Ad hoc network:the approach of terminodes[J].IEEE Communication Magazine,2001,39(6):166-174.
[38]Y-C Hu,A Perrig,D B Johnso.Wormhole Detection in Wireless AdHoc Networks[R].Department of Computer Science,Technical Report TR01-384,Rice University,December 2001:1-15.
[39]Lidong Zhou,Zygmunt J Haas.Securing ad hoc networks[J].IEEE Networks Special Issue on Network Security,1999,13(6):24-30.
[40]Srdjan Capkun,Levente Nuttyan,Jearr Pierre Hubaux.Self-organized public-key Management for mobile ad hoc networks[J].IEEE Transactions on mobile computing,january-March,2003,2(1):52-64.
[41]NS-2 Manual[EB/OL].http://www.isi.edu/nsnam/ns/doc/ns_doc.pdf,2005.3
[42] Ad hoc On-Demand Distance Vector (AODV) Routing .http: // www.ietf.org/rfc/rfc3561, 2003.8.
[2] C.E.Perkins and E.M.Royer. Ad hoc On-Demand Distance Vector Routing[C].In: Proceedings of the 2nd IEEE Workshop on Mobile Computing Systems and Applications(WMCSA'99), New Orleans, LA, February 1999:90-100.
[3] C.E.Perkins and Bhagwat P.Highly Dynamic Destination-Sequenced Distance-Vector Routing(DSDV) for Mobile Computers[C]. In: Proceedings of the ACM SIGCOMM'94 Conference on Communications Architectures, Protocols and Applications, London, UK,August 1994:254-244.
[4] M. Zapata and N.Asokan. Securing Ad Hoc Routing Protocol[C]. In:Proc. ot ACM WiSe'02,Atlanta ,Geogia,USA,Sep 2002:1-10.
[5] Optimized Link State Routing Protocol (OLSR) [EB/OL]. http://www.ietf.org/rfc/rfc3626.txt, 2008.8.
[6] S.Marti, T.J.Giuli, K Lai et al. Mitigating routing misbehavior in mobile ad hoc Networks[C]. Proceedings of the 6~(th) Annual ACM/IEEE International Conference on Mobile Computing and Networking, 2000.8:255-265.
[7] S.Yi, P.Naldurg, R.Kravets. Security-Aware Ad-Hoc Routing for Wireless Networks[R]. Tech Report UIUCDCS-R,Department of Computer Science,University of Illinois at Urbana-Champaign,2001:2001-2241.
[8] Papadimitratos P and Haas Z J. Secure routing for mobile Adhoc networks. SCS Communication Networks and Distributed Systems Modeling and Simulation Conference (CNDS 2002),San Antonio, TX,January 2002:1-13.
[9] Y.C.Hu, A.Perring, D.B.Johnson. Ariadne:A Secure On-Demand Routing Protocol for Ad Hoc Networks. IEEE WMCSA , 2002:23-28.
[10] Y.C.Hu, D.Johnson , and A. Perring. SEAD:secure efficient distance vector routing for mobile wireless adhoc networks[C]. In Fourth IEEE Workshop on Mobile Computing Systems and Applications (WMCSA '02), June 2002:3-13.
[11] Sanzgiri K, Dahill B. A secure routing protocol for Ad Hoc networks[C].Proceedings of the 10~(th) IEEE International Conference on Network Protocol (ICNP),November 2002:78-87.
[12] M.Guerrero. Secure ad hoc on-demand distance vector (SAODV) routing.IETF MANET Mailing List,Message-ID 3BC17B40.BBF52E09@nokia.com,http://www.cs.ucsb.edu/ eroyer/txt/saodv.txt, Oct.2001.
[13]J.Jubin,J.D.Tornow The DARPA packet radio network protocol[C].Proc.of the IEEE,Washington,D.C.1987,75(1):21-32.
[14]赵志峰,郑少仁.Ad Hoc网络体系结构研究[J].电信科学,2001,1(1):14-17.
[15]B.Welsh,N.Rehn,B.Vincent,et al.Multicasting with the near tern digital radio(NTDR) in the Tactical Internet[C].In:Military Communications Conference,1998:1-5.
[16]Akyildiz I,Su W,Sankarasubramaniam Y,et al.Wireless Sensor Networks:A Survey[J].Computer Networks,2002,38(4):393-422.
[17]T.Karapantelakis,G.Iacovidis,Experimenting with Real Time Applications in an IEEE 802.11b Ad Hoc Network[C].In:The IEEE Conference on Local Computer Networks 30th Anniversary(LCN'05),2005,vol.1,p.554-559.
[18]P.Ramjee,G.Liljana.Research Challenges for Wireless Personal Area Networks[C].Proceedings of 3rd ICICS,Singapore,October 2001,p.23-26.
[19]Mobile Ad hoc Networks(MANET)[EB/OL]http://www.ietf.org/html.charters/manet-charter.htm,2006.2.
[20]S.Xu,I.Saadawi.Revealing the problems with 802.11 MAC protocol in multihop wireless networks[J].Computer Networks,2002,38(4):531-548.
[21]L Buttyan,J P Hubaux.Report on a working session on security in wireless Ad Hoc networks[J].Mobile Computing and Communications Review,2003,7(1):74-94.
[22]P.Yi,Y.C.Jiang,S.Y.Zhang,Y.P.Zhong.Survey of security for mobile ad hoc networks[J].Acta Electronica Sinica,2005,33(1):893-899.
[23]翁睿,任祥颖,钱松荣.基于NS2的Adhoc网络路由协议性能比较分析[J].计算机应用与软件,2007.11,24(11):1-3.
[24]S.J.Lee,M.Gerla and C.K.Toh.A Simulation Study of Table-Driven and On-Demand Routing Protocols for Mobile Ad hoc Networks[C].In:IEEE Network,1999,23(4):48-53.
[25]P.Johanson,T.Larsson,N.Hedman,et al.Scenario Based Performance Analysis of Routing Protocols for Mobile Ad hoc Networks[C].In:Proceeding of the ACM/IEEE International Conference on Mobile Computing and networking,August 1999:195-206.
[26]T Kaya,GLin,et al.Secure multicast groups on Ad Hoc networks[A].Proc of the 2003 ACM Workshop on Security of Ad Hoc and Sensor Networks(SASN'03)[C].Fairfax,VA,USA,2003:94-102.
[27]Yih-Chun Hu,Adrian Perrig.A survey of secure wireless ad hoc routing[M].IEEE Security & Privacy;2004,vol 02,issue 3:28-39.
[28]G.Montenegro and C.Castelluccia.Statistically unique and cryptographically verifiable(SUCV) identifiers and addresses.Network and Distributed System Security Symposium(NDSS 02),Feb 2002.
[29]Frank Stajano,Ross Anderson.The resurrecting duckling:security issues for Ad2hoc wireless networks[A].Proc of the 7th InternationalWorkshop on Security Protocols[C].LNCS 1796,Springer2Verlag,Berlin Germany,April 1999:172-194.
[30]N Asokan,Philip Ginzboorg.Key agreement in ad hoc networks[J].Computer Communications,2000,23(17):1627-1637.
[31]Zheng Yan.Security in Ad Hoc Networks[DB/OL].http://citeseer.nj.nec.com/536945.html,2002.
[32]Srdjan Capkun,Jean2Pierre Hubaux,Levente Buttyan.Mobility helpssecurity in Ad Hoc networks[A].The Fourth ACM International Symposiumon Mobile Ad Hoc Networking and Computing[C].Annapolis,Maryland,USA,June 1-3,2003:46-56.
[33]MARTIS,GIULIT J,LAIK,et al.Mitigating routing misbehavior in mobile Ad hoc networks[C].Boston,Massachuset ts:MobiCom2000,2000.
[34]易平,钟亦平等.移动adhoc网络中DOS攻击及其防御机制[J].计算机研究与发展,2005,42(4):697-704.
[35]Hu Y C,Perrig A,Johnson D B.Rushing attacks and defense in wireless Ad hoc network routing protocols[C].In:ACM Workshop on Wireless Security(WiSe 2003),2003:30-40.
[36]John RDouceur.The Sybil Attack[EB/OL].http://research.microsoft.com/sn/Farsite/IPTPS2002.pdf,2002.
[37]Ljubica B,Levente B,Srdjan C,et al.Self-organization in mobile Ad hoc network:the approach of terminodes[J].IEEE Communication Magazine,2001,39(6):166-174.
[38]Y-C Hu,A Perrig,D B Johnso.Wormhole Detection in Wireless AdHoc Networks[R].Department of Computer Science,Technical Report TR01-384,Rice University,December 2001:1-15.
[39]Lidong Zhou,Zygmunt J Haas.Securing ad hoc networks[J].IEEE Networks Special Issue on Network Security,1999,13(6):24-30.
[40]Srdjan Capkun,Levente Nuttyan,Jearr Pierre Hubaux.Self-organized public-key Management for mobile ad hoc networks[J].IEEE Transactions on mobile computing,january-March,2003,2(1):52-64.
[41]NS-2 Manual[EB/OL].http://www.isi.edu/nsnam/ns/doc/ns_doc.pdf,2005.3
[42] Ad hoc On-Demand Distance Vector (AODV) Routing .http: // www.ietf.org/rfc/rfc3561, 2003.8.
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |