基于朋友机制的移动Ad Hoc网络路由入侵检测技术研究

发布时间：2018-07-28 09:17

【摘要】：移动Ad Hoc网络是一种无需基础设施、自组织、网络拓扑动态变化的无线多跳对等网络,具有快速组网、配置方便、成本低、抗毁性能好等优点,近些年来,在战术通信、商业及民用环境、抢险救灾等场合的应用越发广泛。然而,和其他网络相比,正是由于其独有的特性给移动自组网带来了节点间协作、路由、安全等多种新问题。其中,选择合适的路由及路由信息的维护是提供正常网络服务的基础,对网络拓扑的维护尤为重要。移动Ad Hoc网络中任何终端都可能加入路由选择过程,很容易遭受外部或内部攻击,因此路由安全研究是移动Ad Hoc网络进一步发展的关键问题之一。作为入侵防御机制的加密、认证等技术虽然在自组网路由安全中广泛应用,对来自网络内部的攻击却无能为力,这就需要将行为检测和响应技术与之互为补充,共同保障路由安全。本文在对国内外有关移动自组网安全路由及路由入侵检测方面工作深入研究的基础上,从如何有效检测移动Ad Hoc网络路由入侵行为,如何准确的响应将恶意路由节点移除网络,提供可信度的路由环境角度进行了分析研究。通过参考有线和已有无线自组网的入侵检测模型和方法,充分考虑到Ad Hoc网络的无中心、自组织、拓扑随机变化、有限能量等特性,本论文提出一种基于朋友机制的轻量级入侵检测模型,来保障移动Ad Hoc网络路由安全。该模型分两层实现,第一层为局部入侵检测模块,通过配置混合入侵检测引擎快速识别初级朋友节点;第二层为全局检测模块,对初级朋友节点进行综合检测之后最终确定节点是否为真正的朋友节点,降低误报率;最后根据投票机制生成各节点的信任等级。基于本文提出的入侵检测模型,应用AODV协议为移动自组网中两种典型路由攻击设计了检测方案,并采用OPNET等软件对方案进行了仿真分析,结果表明该方案能够有效的检测出攻击,同时将本文检测结果和已有模型的检测结果做了比较,进一步验证了本文提出的入侵检测系统的可行性和有效性。
[Abstract]:Mobile Ad Hoc network is a kind of wireless multi-hop peer-to-peer network with no infrastructure, self-organization and dynamic change of network topology. It has the advantages of fast networking, convenient configuration, low cost and good survivability. In recent years, mobile Ad Hoc network has been used in tactical communication. Commercial and civil environment, emergency relief and other occasions are more widely used. However, compared with other networks, due to its unique characteristics, mobile ad hoc networks bring a variety of new problems, such as cooperation, routing, security and so on. Among them, choosing appropriate routing and maintaining routing information is the basis of providing normal network services, especially for the maintenance of network topology. Any terminal in mobile Ad Hoc networks may join the routing process and be vulnerable to external or internal attacks. Therefore, the research of routing security is one of the key issues in the further development of mobile Ad Hoc networks. As an intrusion prevention mechanism, encryption, authentication and other technologies are widely used in the Ad Hoc network routing security, but there is no way to attack from within the network, which needs to complement the behavior detection and response technology. Jointly guarantee routing security. On the basis of deep research on secure routing and routing intrusion detection in mobile ad hoc networks at home and abroad, this paper focuses on how to effectively detect routing intrusion behavior in mobile Ad Hoc networks and how to accurately respond to remove malicious routing nodes from the network. The reliability of the routing environment is analyzed. By referring to the intrusion detection models and methods of wired and existing wireless ad hoc networks, the characteristics of Ad Hoc networks such as centerless, self-organizing, random topology variation and finite energy are fully considered. This paper proposes a lightweight intrusion detection model based on friend mechanism to ensure routing security in mobile Ad Hoc networks. The model is implemented in two layers. The first layer is the local intrusion detection module, and the second is the global detection module by configuring the hybrid intrusion detection engine to quickly identify the primary friend nodes. After comprehensive detection of primary friend nodes, it is finally determined whether the node is a true friend node, and the false alarm rate is reduced. Finally, the trust level of each node is generated according to the voting mechanism. Based on the intrusion detection model proposed in this paper, the detection scheme for two typical routing attacks in Manet is designed by using AODV protocol, and the simulation analysis is carried out by using OPNET and other software. The results show that the proposed scheme can detect the attack effectively, and compare the detection results of this paper with those of the existing models, and further verify the feasibility and effectiveness of the intrusion detection system proposed in this paper.
【学位授予单位】：西安电子科技大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TN915.08

【相似文献】