【作者】 刘巧平；

【导师】 王林；

【作者基本信息】 西安理工大学 ， 通信与信息系统， 2008， 硕士

【摘要】 移动Ad Hoc网络(Mobile Ad Hoc Networks,MANETS)组网方便、快捷,不受时间和空间限制,既可应用于救援、会议、战场、探险、远距离或危险环境中的目标监控等场合,还可用于末端网络的扩展,因此得到了广泛应用。移动Ad Hoc网络是一种临时自治的分布式系统,具有无中心接入和多跳的特征,网络中各个节点的地位平等,每个节点都具有主机与路由器的双重功能,根据网络规模,有平面和分级两种结构。移动Ad Hoc网络路由协议要求具有以下特性:分布式操作,能有效地避免路由环,良好的安全性,支持休眠模式操作,支持单向无线信道等。由于没有固定基础设施、拓扑频繁动态变化、无线信道完全开放、节点的恶意行为难以检测、网络缺乏自稳定性等原因,移动Ad Hoc网络容易遭受多种类型的攻击,主要有篡改报文、假冒、伪造报文等。因此设计安全的路由协议非常重要。本文首先从移动Ad Hoc网络的基本概念和特点入手,介绍了移动Ad Hoc网络的体系结构,以及移动Ad Hoc网络当前研究的主要问题和应用前景;其次介绍了安全协议的目标以及针对Ad Hoc网络路由协议的恶意攻击;接着详细分析了当前国内外移动Ad Hoc网络安全路由的研究现状,在对它们进行综合比较的基础上指出了存在的问题;最后鉴于现有协议的不足,本文提出了一种适用于移动Ad Hoc网络的安全按需源路由(Secure Ad HocOn-demand Routing,SAOR)协议。本协议利用移动节点之间的会话密钥和基于散列函数的消息鉴别码HMAC一起来验证路由发现和路由应答的有效性,提出的邻居节点维护机制通过把MAC地址和每个节点的ID绑定来防御各种复杂的攻击如虫洞攻击,此协议最优的性能就是自认证密钥体制产生共享密钥过程中只带来的很小通信开销。分析结果及NS-2仿真证明此协议能有效的探测和阻止针对Ad Hoc网络的大部分攻击。更多还原

【Abstract】 Such convenience and fast to built, and unrestricted by the time and space, MANETS can be applied in succors, sessions, militaries, explorations and objects monitor of long distance or dangerous environments, Besides it can be used to extend the terminal network, so mobile Ad Hoc networks have got wide and deep application. It has an infrastructure less distributed mufti-hop structure; all nodes have an equal status and act as two roles-router and node itself. MANETS are a kind of multi-hop wireless networks without centralized administration, in which nodes perform routing discovery and routing maintenance in a self-organized way. All nodes have an equal status and act as two roles-router and node itself. According the scale of different networks, MANETS have two kinds of structure: flat structure and hierarchy structure. Routing protocols in MANETS have some special requirements, such as distributed operation, loop freedom, sleep period operation, unidirectional link support, etc.Due to some of its characteristics such as the absence of infrastructure, frequent changes in network topology, openness of wireless links, no way to detect and isolate misbehaving nodes, and lack of self-stabilization property, MANETS are prone to be unstable and vulnerable. Possible attacks in MANETS routing protocols are modification, impersonation and fabrication, etc. Consequently, their security issues become more urgent requirements and it is more difficult to design and implement security solutions for MANETS than for wired networks.This dissertation starts with the basic conceptions and characteristics of wireless mobile Ad Hoc network, introduces the system structure of wireless mobile Ad Hoc network and the current problems and future application. We also discuss the goal of security protocol, as well as against MANETS routing protocols malicious attacks, followed by detailed analysis of the current domestic and foreign security MANETS routing protocol ,proposed the exist problems on the base of comparing them. In view of the inadequacy of the exist routing protocol, the paper present the Secure Ad Hoc On-demand Routing(SAOR) protocol, which uses pair wise shared keys between pairs of mobile nodes and hash values keyed with them to verify the validity of the route requests and route replies. By binding the MAC address with ID of every node, the paper propose a reliable neighbor-node authentication scheme to defend against complex attacks, such as wormhole attacks, An interesting property of SAOR is the small communication overhead caused by the key establishment process, which is due to the exploitation of a Self-Certified Key(SCK) cryptosystem. Analysis and NS-2 simulation results show that SAOR effectively detects or thwarts a wide range of attacks to MANETS.更多还原