【作者】 刘海英；

【导师】 于炯；

【作者基本信息】 新疆大学 ， 控制理论与控制工程， 2007， 硕士

【摘要】 由于移动Ad hoc网络具有自配置和自维护的能力,所以在军事和民用系统中它的应用逐渐增多。许多应用是对安全敏感的,例如战场、安全家乡场景、法律执行和救援任务。因此,近来移动Ad hoc网络安全引起人们的强烈关注。目前,存在许多Ad hoc安全路由协议,但是,数据加密只能保护节点之间交换的内容,而路由信息以明文的形式发送,这样,路由信息泄露了通信节点的身份和通信节点之间的关系,而通信节点的身份和通信关系在许多应用中需要向外界隐藏。流量分析是一种安全攻击,攻击者对网络流量和内容进行观察和分析,获得通信方的身份和通信状态等重要信息,这些信息的泄露通常对安全敏感的场景是致命的。例如,军事网络中流量状况的异常变化预示着随即要发生一系列行动、一连串的命令或者网络变得警戒。这也可能暴露关键节点的位置,这样,攻击者就能对关键节点进行直接的物理攻击。流量分析是一种不可见的很难被发现的攻击。因此,设计对抗这种恶意流量分析攻击的措施是重要的。为了防御这种攻击,我们为Ad hoc网络设计了匿名路由协议。本文具体作了以下工作:首先,介绍了移动Ad hoc网络技术、网络安全机制和匿名通信技术。第二,介绍了现有的Ad hoc网络安全匿名路由协议,分析了它们的匿名性、协议计算开销和路由效率。在这个基础上,总结出为移动Ad hoc网络设计匿名路由协议的一般原则。最后,根据配对(pairing)技术,为Ad hoc网络设计了新的安全匿名路由协议。新协议计算开销低,并在不暴露通信的节点身份信息的情况下完成路由任务。更多还原

【Abstract】 Mobile Ad hoc networks (MANETs) are finding ever-increasing applications in both military and civilian systems due to their self-configuration and self-maintenance capabilities. Many of these applications are security scenarios, law enforcement, and rescue missions. As a result, security in MANETs has drawn intensive attention recently.A lot of security routing protocols appear for Ad hoc networks, but data encryption can protect the content exchanged between nodes, and routing information may reveal the identities of communicating nodes and their relationships.Traffic analysis is a security attack where an adversary observes network traffic in order to infer sensitive information about the identities of communicating parties and traffic patterns. The leakage of such information is often devastating in security-sensitive scenarios. For example, an unexpected change of the traffic pattern in a military network may indicate a forthcoming action, a chain of commands, or a state change of network alertness. It may also reveal the locations of command centers, which will enable the adversaries to launch the pinpoint attacks on them. Traffic analysis is“invisible”and difficult to detect. It is, therefore, important to design countermeasures against such malicious traffic analysis. This thesis includes three major contributions.First, we introduce the mobile Ad hoc network technology and network security mechanism. In addition, we also present the anonymous communication technology and several attack models.Second, this paper details the several anonymous routing protocols for MANETs and analyzes its anonymity property, evaluates the computational overhead and routing efficiency. Based on the comprehensive anonymity analysis, this paper abstracts a general principle of design on the anonymous routing protocols for MANETs.Last, according to the pairing technique, we proposed the novel security anonymous routing protocols for mobile wireless Ad hoc networks. The new protocols nicely fulfill the routing task without disclosing the real identities of participaty nodes without the high overhead.更多还原