【作者】 罗俊海；

【导师】 范明钰；

【作者基本信息】 电子科技大学 ， 信息安全， 2009， 博士

【摘要】 移动自组织网络(MANETs)是由一组带有无线收发装置的移动节点组成的无须固定设施支持的临时性的通信网络。其基本特点具有开放的媒质、动态的拓扑结构、分布式的合作和受限的网络能力，网络中移动节点具有匿名性和高度自治，网络通讯依靠在通信路径上的中间节点转发数据包，实现无线传输范围外节点间的正常通信。由于MANETs中移动节点本身要受诸如能量和计算能力等各种资源的限制，节点不愿意花费资源去转发它不感兴趣的数据包，甚至却期望其它节点转发自己的数据包。同时由于节点间缺乏对与之交互的节点的可信程度的知识，节点需应对交互过程中可能出现的威胁，每个移动节点都可能受到直接或间接的攻击。如何保障在MANETs网络环境下的通信安全成为一个不容忽视，必须解决的关键性问题。本文针对上述问题，以MANETs动态信任模型为主要研究对象，总结MANETs安全问题的发展现状和未来趋势，在借鉴传统网络安全方法的基础上，结合MANETs的固有特点，在不增加任何额外的硬件设备的情况下，对如何保障MANETs安全性进行创新性和探索性的研究。本文提出基于博弈、模糊和置信度的MANETs动态信任模型以及频率域下多目标可信路由发现算法。主要创新点体现在以下几方面：(1)针对MANETs中自私节点储存自身能量和其它资源，常常不参与转发数据，不利于网络节点间实现相互信赖路由和转发数据包的弊病，本文基于博弈研究MANETs中节点的行为，提出一种根据节点的信誉度来获得资源，刺激节点共享资源和转发数据的方法。此方法兼顾MANETs通信中没有第三方中心认证的特点，不是一种集中于网络节点强制合作的方法。基于博弈理论的信任模型，实现鼓励包转发，约束自私节点。仿真实验结果表明，此信任模型能够识别自私节点并且能在信任节点之间建立信任，提高整个网络效率。(2)基于模糊逻辑能够很好的处理不确定性和信任评价、包转发检查和可靠性调整的不精确性输入的特点，提出一种基于模糊推荐的MANETs信任模型，用于量化和评估节点的推荐可信程度，给出五种基于模糊关系理论的模糊信任推荐和模型的数学表述。该模型的目的在于削弱自私节点协同作弊的效果。通过节点间模糊推荐构造节点的全局信任，它综合整个网络对该节点的信任评价，因此自私节点不能通过“相识”的同伙给出不实评价而获得较高的信任，避免自私节点间相互伪造推荐度来互相“吹捧”，以获得虚高的信任的现象。仿真实验结果表明，此模型能够有效地适用于遏制更广泛类型的自私节点同谋攻击，在端到端分组传递率和网络中的平均能量消耗等性能指标上较传统模型有较大提高。在节点评价数据极端稀疏的情况下，仍能取得较理想的质量。(3)针对MANETs网络拓扑结构的改变或无线冲突的发生都可能导致作为信任值评估证据的样本空间不一定完整和可靠，使得现有的信任评估模型不能应用其上的问题，提出基于置信度的MANETs环境下的信任模型，给出模型的数学表述和实现方法，此模型用于量化和评估节点的可信程度。本文运用置信度对信任问题进行建模，建立信任的评价机制，提出推荐信任关系的推导规则，构造一个完整的信任模型。仿真实验结果表明，此模型与已有的基于证据理论的信任评估模型相比较，具有有效性和优越性，为MANETs网络环境中的信任模型研究提供一个有价值的新思路。(4)提出一种独特的MANETs中基于频率下多目标可信路由决策算法，它和现在大多数路由算法都是在时间域下使用单一约束参数选择路由的方式截然不同。此方法利用概率理论分析安全和可信路由，基于概率密度函数的时频相互转化，减小计算复杂度，解决MANETs中节点间缺乏物理安全以及在低信任水平和节点扰乱网络操作情况下，发现可信安全路由难的问题。案例分析证明此算法的可行性。更多还原

【Abstract】 Mobile Ad-hoc Networks (MANETs) are the multi-hop temporary communicationnetworks of mobile nodes equipped with wireless transmitters and receivers without theaid of any fixed network infrastructure. MANETs have their fundamental characteristics,such as open medium, dynamic topology, distributed cooperation, and constrainedcapability. Due to the anonymous and self-organization nature of mobile nodes in thenetwork, intermediate nodes on a communication path are expected to forward packetsof other nodes so that nodes can communicate beyond their wireless transmission range.Because mobile nodes are usually constrained by limited energy, bandwidth andcomputational power, a node may be unwilling to spend its resources in forwardingpackets which are not of its direct interest, even though it expects other nodes toforward its packets to the destination. At the same time, nodes have to manage the riskinvolved with the transactions without prior knowledge about each other’s trust. Eachmobile node in MANETs may even be attacked directly or indirectly by maliciousnodes. With increasing applications of MANETs, it is a crisis issue to guaranteenetwork security.To solve above topics, the dissertation focuses on researching on dynamic trustmodel for MANETs. It concludes and analyses the present status and future challengesof security issues in MANETs. Based on the traditional network security and theinherence characteristics of MANETs, some novel research on guaranteeing networksecurity for MANETs are explored without adding the additional hardware. Somerelated trust models and a trusted routing discovery algorithm in frequency-domain areproposed based on game theory, fuzzy theory and certainty-factor for MANETs in thepaper.Related efforts result in following major innovative achievements:(1)Selfish nodes in MANETs do not forward packets to save battery or otherresources, which leads to make against realizing trust routing between nodes andforwarding data. In this paper, game theory is used to study nodes’ behaviors whennodes receive service based on their reputations. Reputation is employed as a mechanism to incentives nodes to share resource and forward packets for other nodes.The model thinks synchronously over that there is not any central authority and acentralized solution to stimulate cooperation is not suitable for MANETs.Theoretical analysis and experimental results show the proposed trust model cansuccessfully identify selfish nodes and build trust among trust nodes to improve theefficiency of the network.(2)Based on that fuzzy logic provides a natural framework to deal with uncertaintyand the tolerance of imprecise data inputs for the subjective tasks of trust evaluation,packet-forwarding review and credibility adjustment, a trust model based on fuzzyrecommendation is proposed to quantify and evaluate the recommendationtrustworthiness of a node, which includes five types of fuzzy trust recommendationrelationships based on the fuzzy relation theory and a mathematical description forMANETs. The model aims at preventing the synergistic effect of selfish nodes. Theglobal trust value of a node is a global view of the whole network on the node bysummarizing the recommendations of nodes. Evaluation is not made only through someof "acquaintances" of selfish nodes. It simultaneity avoids the phenomenon that selfishnodes mutually forge recommendations to "flatter" each other in order to obtain themendacious and high trust values.Theoretical analysis and experimental results show that it is still robust under moregeneral conditions where selfish nodes cooperate in an attempt to deliberately subvertthe system, end-to-end packet delivery ratio more quickly, and decreases the averageenergy consumes more effectively compared with some traditional trust models. Theeffect of node rating data’s sparsity can be greatly reduced and show the excellentperformance on typical data set.(3)The sample space of evidence may be not integrative or reliable because of thechange of network topology or the occurrence of wireless collision, so the existing trustevaluation model can not be applied. In this paper, a trust model based oncertainty-factor is proposed to quantify and to evaluate the trustworthiness of nodes,which includes a mathematical description and an implementation. The certainty-factorhas been used to model the issues of trust management. The evaluation of trust model isdiscussed, the derivation rules of recommendation trust relationships in MANETs arepresented and a trust model is provided. Theoretical analyses and experimental results show the model is more effectivelycomparing with the trust model based on evidence-evaluation. The trust model providesa new valuable way for MANETs.(4)In this paper, a trusted routing selection algorithm based on multi-objectives infrequency-domain for MANETs is proposed. It is distinctly different with most ofrouting algorithms that select routing based on a single-objective in the time-domain.Our proposed algorithm tries to analyze the secure and trusted routing based onprobability theory to reduce the computation complex with the mutual transformation ofprobability functions between time-domain and frequency-domain. It solves thequestion of finding secure and trusted routing for MANETs in the ease of the lack ofphysical security, untrustworthy scenario and low trust levels among nodes in MANETsand malicious nodes colluding with one another to disrupt the network operation.Extensive analysis has been carried out to evaluate the design of our algorithm.更多还原