簡易檢索 / 詳目顯示

研究生: 林伯修
Po-Hsiu Lin
論文名稱: 無線隨意網路中防禦控制封包丟棄 之安全路由
An On-demand Secure Routing ProtocolResilient to Routing Control Packet Droppingin Mobile Ad Hoc Networks
指導教授: 洪西進
Shi-Jinn Horng
口試委員: 吳金雄
Chin-Hsiung Wu
蘇民揚
Ming-Yang Su
高宗萬
Tzong-Wann Kao
鍾國亮
Kuo-Liang Chung
學位類別: 碩士
Master
系所名稱: 電資學院 - 資訊工程系
Department of Computer Science and Information Engineering
論文出版年: 2008
畢業學年度: 96
語文別: 中文
論文頁數: 47
中文關鍵詞: 無線隨意行動網路攻擊網路安全DSR
外文關鍵詞: Packet Drop attack
相關次數: 點閱:222下載:1
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報
  • 早期無線隨意網路(mobile ad hoc networks, MANETs)中的路由協定(routing protocol)設計並沒有考量安全問題,只考慮到如何有效的找到路徑,後來開始有學者陸續分析各類型的攻擊並提出安全路由協定。
    在研究封包丟棄攻擊的許多論文大都以研究資料封包丟棄攻擊為主,少數學者是針對控制封包(control packet)丟棄攻擊著手制定安全路由協定。舉個例子,自私節點或惡意結點可藉由丟棄找路徑得封包使得自己不加入路由路徑中或是惡意結點不發送路由錯誤的封包以形成阻斷攻擊(denial of service)。本論文嘗試以DSR為基礎提出一個可以防禦控制封包(control packet)丟棄攻擊的安全路由協定,分析丟棄各類型封包對網路成效所造成的影響,並提出解決方案。模擬的結果顯示本論文提出的方法可以降低丟棄控制封包攻擊所帶來的衝擊。


    Initial work in mobile ad hoc networks routing has considered only the problem of providing efficient route discovery mechanisms, without considering security. Because of this, some attacks can be used to manipulate the routing in mobile ad hoc networks. In recent years, there have been many works focus on secure routing protocols.

    Most current proposals focus on data packets and few of papers focus on dropping control packets. But dropping control packets may happen when a selfish node did not forward route request packets for excluding itself from route and malicious node as well. Simply, a malicious node may drop route error packets to cause a denial of service. In this paper, first, we analyze the impact of control packets dropping attacks and provide a secure routing protocol against control packets dropping attacks. The simulation study shows that our solution can mitigate such route misbehavior.

    目錄 摘要2 Abstract3 誌 謝4 第一章 緒論7 1.1 前言7 1.2 研究動機與目的8 1.3 研究方法與步驟8 1.4 論文架構9 第二章 相關文獻探討10 2.1 無線隨意行動網路簡介10 2.1.1 Proactive路由協定10 2.1.2 Reactive路由協定11 2.1.3 混合式路由協定17 2.2 無線隨意行動網路路由攻擊簡介17 2.2.1 基本攻擊方式17 2.3 安全路由協定21 2.3.1 以加密技術為基礎的安全路由協定21 2.3.2 以監視技術為基礎的安全路由協定22 2.3.2 防禦特定攻擊為基礎的安全路由協定24 第三章 防禦控制封包丟棄攻擊之安全路由26 3.1 問題描述26 3.2 研究假設30 3.3 路由搜尋(Route Discovery)30 3.4 路由維護(Route Maintenance)34 3.5 分析36 第四章實驗模擬與結果38 4.1 模擬環境38 4.2 模擬一38 4.3 模擬二39 4.4 模擬三40 4.5 模擬四41 第五章結論43 參考文獻44

    參考文獻

    [1] Tiranuch Anantvalee, Jie Wu, “A Survey on Intrusion Detection in
    Mobile Ad Hoc Networks,” Wireless/Mobile Network Security,
    pp.170-196, 2003.

    [2] S. Buchegger and J. Le Boudec, “Performance Analysis of the CONFIDANT Protocol (Cooperation Of Nodes - Fairness In Dynamic Ad-hoc NeTworks),” Proceedings of the 3rd ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc'02), pp. 226-336, June 2002.

    [3] Djenouri, Djamel; Mahmoudi, Othmane; Bouamama, Mohamed;
    Llewellyn-Jones, David; Merabti, Madjid “On Securing MANET Routing Protocol Against Control Packet Dropping,”, IEEE International Conference on Volume , Issue , pp.100 – 108, July 2007

    [4]Y.-C. Hu, A. Perrig, D.B. Johnson, Ariadne: a secure on-demand routing protocol for ad hoc networks, in: ACM MobiCom'02, pp. 12-23, 2002.

    [5] Y.C. Hu, A. Perrig, D.B. Johnson, Packet leashes: a defense against wormhole attacks in wireless networks, in: IEEE INFOCOM, pp. 1976-1986, 2003.

    [6] Y.C. Hu, A. Perrig, and D. Johnson, “Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols,” Technical Report TR01-384, Department of Computer Science, Rice University, June 2002.

    [7] Y.-a. Huang and W. Lee, A Cooperative Intrusion Detection System for Ad Hoc Networks Security. Conference on Computer and Communications, Proceedings of the 1st ACM workshop on Security of Ad hoc and Sensor Networks, Fairfax, Virginia, pp.135-147, 2003.

    [8] Y.-C. Hu and A. Perrig, A Survey of Secure Wireless Ad Hoc Routing, IEEE Security and Privacy, pp.28 – 39, 2004.

    [9] Y.-C. Hu, A. Perrig, and D. B. Johnson, Efficient Security Mechanisms for Routing Protocols. Network and Distributed System Security Symposium, NDSS '03, San Diego, USA, pp.57-73, 2003.

    [10] Zygmunt J. Haas, Marc R. Pearlm, and prince Samar, “The Zone Routing Protocol (ZRP) for ad hoc networks”, in MANET Working Group. IETF, Internet Draft(work in progress), draft-ietf-manet-zone-zrp-04.txt, Jul. 2002.

    [11] D. B. Johnson, and D. A. Maltz, “The Dynamic Source Routing Protocol (DSR) for Mobile Ad Hoc Networks for IPv4 (Request for Comments: 4728),” Mobile Ad-hoc Network (MANET) Working Group, IETF, February 2007.

    [12] N. Milanovic, M. Malek, A. Davidson, and V.Milutinovic., Routing and Security in Mobile Ad Hoc Networks, IEEE Computer, 37(2), pp.61- 65, 2004.

    [13] S. Marti, T.J. Giuli, K. Lai, M. Baker, "Mitigating Routing Misbehavior in Movile Ad Hoc Networks," Proceedings of ACM/IEEE International Conference on Mobile Computing and Networking (Mobicom'00), pp. 255-265, 2000.

    [14] A. Perrig et al., “The TESLA Broadcast Authentication Protocol,” RSA CryptoBytes, vol. 5, no. 2, pp. 2-13, 2002.

    [15]C. E. Perkins, Royer, and S. Das, “Ad hoc on-demand distance vector (AODV) routing,” Internet Draft, draft-ietf-manet-aodv-13.txt, February. 2003.

    [16]C. E. Perkins and P. Bhagwat, “Highly Dynamic Destination-Sequenced Distance-Vector Routing (DSDV) for Mobile Computers”, In Proceedings of the SIGCOMM 1994 Conference on Communications Architectures, Protocols and Applications, pp. 234-244, August 1994.

    [17] Anil Rawat, Prakash Dattatraya Vyavahare, and Ashwani Kumar Ramani, “Enhanced DSR for MANET with Improved Secured Route Discovery and QoS” International Journal of Network Security, Vol.5, No.2, pp.158–166, Sept. 2007

    [18] Seredynski, M. Bouvry, P. Klopotek, M.A. “Preventing selfish behavior in Ad Hoc networks”. 2007 IEEE Congress on Evolutionary Computation, pp. 3554-3560, Sept. 2007

    [19] K. Sanzgiri, B. Dahill, B. N. Levine, C. Shields, and E. M. Belding-Royer, A Secure Routing Protocol for Ad Hoc Networks. 10th IEEE International Conference on Network Protocols (ICNP'02), Paris, France, pp.78-89, 2002.

    [20] Tamilselvan, Latha; Sankaranarayanan, V. “Prevention of Blackhole Attack in MANET”. Wireless Broadband and Ultra Wideband Communications, 2007. AusWireless 2007. The 2nd International Conference on Volume , Issue, pp.21 – 21 , Aug. 2007

    [21] H. Yang, X. Meng, and S. Lu, Self-Organized Network-Layer Security in Mobile Ad hoc Networks. International Conference on Mobile Computing and Networking, Atlanta, GA, USA, pp.11-20, 2002.

    [22]L. Zhou and Z. J. Haas, “Securing Ad Hoc Networks,” in IEEE Network Magazine, Vol. 13, No. 6, pp. 24-30, December 1999.

    [23] M. G. Zapata, N. Asokan, “Securing ad-hoc routing protocols,” in
    Proc. ACM WiSE '02, pp.1-10, Sep. 2002.

    [24] Wu, B., Wu, J., Fernandez, E. B., Ilyas, M., and Magliveras, S. “Secure and efficient key management in mobile ad hoc networks,”. Journal of Network and Computer Applications, pp.937--954, 2007.

    [25] The network simulator - ns-2, http://www.isi.edu/nsnam/ns/

    QR CODE