自组织网络攻击的防护研究

发布时间：2018-01-20 05:22

本文关键词： 无线自组网路由协议攻击网络模型　出处：《电子科技大学》2014年硕士论文　论文类型：学位论文

【摘要】：无线自组网不同于现在的无线网络,它可以利用网络内的节点自发地组建网络,凭借节点的多跳来完成数据的转发。到目前为止,它快速、便捷的组网特性使其在军事、民用、商用上都有着不可估量的前途。但是由于它无线信道的特性使得其极容易遭遇外部环境的攻击,再加上节点的使用寿命有限,这些都给无线自组网攻击的防护设计增加了难度。因此,关于它攻击的防护研究成了当今研究人员探讨的热点。本文针对路由协议AODV面临的两种攻击提出了相应的防护研究。具体做法如下:AODV协议是按照先进先出的规则来处理接收到的RREQ消息,RREQ的泛洪攻击就是根据这个漏洞开展的。当正常节点收到泛洪的RREQ消息后,会对这些消息进行处理。结果,这些消息不断地消耗有限的带宽,造成传输的数据被大量丢弃。本文针对这个攻击进行了防护研究。改变协议AODV处理RREQ消息的规则,通过选用优先级高低的规则来处理不同节点发送的RREQ消息,孤立发送RREQ频繁的节点,从而有效地抑制RREQ的泛洪攻击。在AODV协议的RREQ消息内,RREQ ID的值越大代表着此消息越新。RREQ篡改攻击就是根据这个漏洞开展的。当正常节点收到被篡改RREQ ID的RREQ消息后会误以为这是新的RREQ消息,会对此消息进行处理并将攻击节点选作路由内的关键节点。本文针对这个攻击进行了防护研究。根据源节点每隔NET_TRAVERSAL_TIME的时间没有收到对先前发送RREQ消息的响应消息,会再次发送新的RREQ消息,因此,确定其他节点先后收到新的RREQ消息的时间间隔应该大于NET_TRAVERSAL_TIME。根据这个原则来判断正常节点是否收到篡改过的RREQ消息,对于收到篡改过的RREQ消息进行抛弃来有效地阻断RREQ篡改攻击的影响。本文为了验证上述两种防护措施的性能效果,首先,分析了三种不同的网络模型:链式网络、星状网络、网状网络,并用仿真软件搭建这三种网络模型,实现针对AODV的RREQ泛洪攻击与篡改攻击的仿真,利用网络吞吐量、时延、丢包率验证了攻击给网络带来的负面影响,然后又在仿真软件内完成了相应的防护仿真。最后利用对仿真结果的分析,证实了上述两种防护方法的可行性。
[Abstract]:Wireless ad hoc network is different from the current wireless network, it can make use of the nodes in the network to spontaneously set up the network, by virtue of multi-hop nodes to complete the transmission of data. Up to now, it is fast. Because of its convenient network characteristics, it has an inestimable future in military, civil and commercial applications. However, because of its wireless channel characteristics, it is vulnerable to external environment attacks. In addition, the service life of nodes is limited, which makes it more difficult to design the protection against wireless ad hoc network attacks. The research on the protection of AODV attacks has become a hot topic. In this paper, two kinds of attacks facing routing protocol AODV are studied. The specific methods are as follows:. The AODV protocol deals with received RREQ messages according to first-in first-out rules. The flooding attack of RREQ is based on this vulnerability. When normal nodes receive flooding RREQ messages, they will be processed. As a result, these messages continue to consume limited bandwidth. This paper studies the protection against this attack and changes the rules of protocol AODV to handle RREQ messages. The RREQ messages sent by different nodes are processed by selecting the rules of priority, and the nodes that send RREQ frequently are isolated. In order to effectively suppress the flooding attack of RREQ. In the RREQ message of AODV protocol. The larger the value of the RREQ ID means that the message is newer. RREQ tamper attacks are based on this vulnerability. When the normal node receives the tampered RREQ. ID's RREQ message will be mistaken for the new RREQ message. This message will be processed and the attack node will be selected as the key node in the route. This paper studies the protection against this attack. According to the time of the source node every NET_TRAVERSAL_TIME. No response message was received to the previous RREQ message. A new RREQ message is sent again, so. Determine whether the other nodes receive new RREQ messages at a time interval greater than that of new RREQ messages. Use this principle to determine whether a normal node receives a tampered RRE. Q message. Jettisoning the received tampered RREQ messages to block the impact of RREQ tampering attacks effectively. In order to verify the performance of the two protective measures mentioned above, first of all. This paper analyzes three different network models: chain network, star network, mesh network, and builds these three network models with simulation software to realize the simulation of RREQ flooding attack and tampering attack against AODV. Using network throughput, delay, packet loss rate to verify the negative impact of the attack on the network, and then in the simulation software to complete the corresponding protection simulation. Finally, the simulation results are analyzed. The feasibility of the above two methods is confirmed.
【学位授予单位】：电子科技大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TN915.08

【参考文献】