Mobile ad hoc networking (MANET) has become an exciting and important technology in recent years, because of the rapid proliferation of wireless devices. Mobile ad hoc networks is highly vulnerable to attacks due to...Mobile ad hoc networking (MANET) has become an exciting and important technology in recent years, because of the rapid proliferation of wireless devices. Mobile ad hoc networks is highly vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, and lack of centralized monitoring and management point. The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective for those features. A distributed intrusion detection approach based on timed automata is given. A cluster-based detection scheme is presented, where periodically a node is elected as the monitor node for a cluster. These monitor nodes can not only make local intrusion detection decisions, but also cooperatively take part in global intrusion detection. And then the timed automata is constructed by the way of manually abstracting the correct behaviours of the node according to the routing protocol of dynamic source routing (DSR). The monitor nodes can verify the behaviour of every nodes by timed automata, and validly detect real-time attacks without signatures of intrusion or trained data. Compared with the architecture where each node is its own IDS agent, the approach is much more efficient while maintaining the same level of effectiveness. Finally, the intrusion detection method is evaluated through simulation experiments.展开更多
A QoS routing protocol based on mobility prediction is proposed. The protocol selects the steadiest path based on mobility prediction and QoS requirements on bandwidth, delay, and so forth. The main properties of the ...A QoS routing protocol based on mobility prediction is proposed. The protocol selects the steadiest path based on mobility prediction and QoS requirements on bandwidth, delay, and so forth. The main properties of the protocol as follows. (1) Each node just broadcasts its own information, so the packet is very small and can get to the destination in a very short time. (2) When another path is built for the same QoS requirements, the original path has higher priority. (3) The update messages are reduced by using mobility prediction. (4) Data packets carry the information of link change using piggyback, which is helpful for forecasting the link status more accurately. (5) When source node gets Resource Reserve and reconnect packets at the same time, it selects reconnect packet over Resource Reserve packet. The results of simulation show that the protocol has good network performance with low control overload, and efficiently supports transmitting multimedia with QoS requirements in mobile ad hoc networks.展开更多
Because the intrinsic characteristics of mobile ad hoc networks(MANETs) cause several vulnerabilities,anonymous routing protocols attract much more attention in secure mobile ad hoc networks for the purposes of secu...Because the intrinsic characteristics of mobile ad hoc networks(MANETs) cause several vulnerabilities,anonymous routing protocols attract much more attention in secure mobile ad hoc networks for the purposes of security and privacy concerns.Until recently,lots of anonymous routing protocols have been proposed.However,most of them are single path or use one path at a time,and the multipath schemes can not thwart both the passive attacks and active attacks simultaneously.Thus an anonymous multipath routing protocol based on secret sharing is proposed.The protocol provides identity anonymity,location anonymity,data and traffic anonymity by employing cryptograph technology and secret sharing in MANET communication process.Meanwhile,a hash function is introduced to detect active attacks in the data transmission process.The protocol can effectively thwart various passive attacks and reduce the successful probability of active attacks(such as interception and physical destroy attacks).Simulation results show that the proposed scheme provides a reasonably good level of network security and performance.展开更多
Tactical mobile ad hoc network (MANET) is a collection of mobile nodes forming a temporary network, without the aid of pre-established network infrastructure. The routing protocol has a crucial impact on the network...Tactical mobile ad hoc network (MANET) is a collection of mobile nodes forming a temporary network, without the aid of pre-established network infrastructure. The routing protocol has a crucial impact on the network performance in battlefields. Link reliability based hybrid routing (LRHR) is proposed, which is a novel hybrid routing protocol, for tactical MANET. Contrary to the traditional single path routing strategy, multiple paths are established between a pair of source-destination nodes. In the hybrid routing strategy, the rate of topological change provides a natural mechanism for switching dynamically between table-driven and on-demand routing. The simulation results indicate that the performances of the protocol in packet delivery ratio, routing overhead, and average end-to-end delay are better than the conventional routing protocol.展开更多
A novel reliable routing algorithm in mobile ad hoc networks using fuzzy Petri net with its reasoning mechanism was proposed to increase the reliability during the routing selection. The algorithm allows the structure...A novel reliable routing algorithm in mobile ad hoc networks using fuzzy Petri net with its reasoning mechanism was proposed to increase the reliability during the routing selection. The algorithm allows the structured representation of network topology, which has a fuzzy reasoning mechanism for finding the routing sprouting tree from the source node to the destination node in the mobile ad boc environment. Finally, by comparing the degree of reliability in the routing sprouting tree, the most reliable route can be computed. The algorithm not only offers the local reliability between each neighboring node, but also provides global reliability for the whole selected route. The algorithm can be applied to most existing on-demand routing protocols, and the simulation results show that the routing reliability is increased by more than 80% when applying the proposed algorithm to the ad hoc on demand distance vector routing protocol.展开更多
Due to their characteristics of dynamic topology, wireless channels and limited resources, mobile ad hoc networks are particularly vulnerable to a denial of service (DoS) attacks launched by intruders. The effects o...Due to their characteristics of dynamic topology, wireless channels and limited resources, mobile ad hoc networks are particularly vulnerable to a denial of service (DoS) attacks launched by intruders. The effects of flooding attacks in network simulation 2 (NS2) and measured performance parameters are investigated, including packet loss ratio, average delay, throughput and average number of hops under different numbers of attack nodes, flooding frequency, network bandwidth and network size. Simulation results show that with the increase of the flooding frequency and the number of attack nodes, network performance sharply drops. But when the frequency of flooding attacks or the number of attack nodes is greater than a certain value, performance degradation tends to a stable value.展开更多
This paper theoretically analyzes a deficiency of the existing scheme, and proposes a distributed multi-hop certification authority scheme for mobile Ad Hoc networks. In our design, we distribute the certification aut...This paper theoretically analyzes a deficiency of the existing scheme, and proposes a distributed multi-hop certification authority scheme for mobile Ad Hoc networks. In our design, we distribute the certification authority functions through a threshold secret sharing mechanism, in which each node holds a secret share and multiple nodes jointly provide complete services. Certification authority is not limited in a local neighborhood but can be completed within multi-hop location. In addition, we replace broadcast by multicast to improve system performance and reduce communication overhead. This paper resolves some technical problems of ubiquitous certification authority services, and presents a wieldy multi-hop certification authority algorithm. Simulation results confirm the availability and effectiveness of our design.展开更多
To deeply exploit the mechanisms of ant colony optimization (ACO) applied to develop routing in mobile ad hoe networks (MANETS),some existing representative ant colony routing protocols were analyzed and compared....To deeply exploit the mechanisms of ant colony optimization (ACO) applied to develop routing in mobile ad hoe networks (MANETS),some existing representative ant colony routing protocols were analyzed and compared.The analysis results show that every routing protocol has its own characteristics and competitive environment.No routing protocol is better than others in all aspects.Therefore,based on no free lunch theory,ant routing protocols were decomposed into three key components:route discovery,route maintenance (including route refreshing and route failure handling) and data forwarding.Moreover,component based ant routing protocol (CBAR) was proposed.For purpose of analysis,it only maintained basic ant routing process,and it was simple and efficient with a low overhead.Subsequently,different mechanisms used in every component and their effect on performance were analyzed and tested by simulations.Finally,future research strategies and trends were also summarized.展开更多
Mobile ad hoc networks are particularly vulnerable to denial of service (DOS) attacks launched through compromised nodes or intruders. In this paper, we present a new DOS attack and its defense in ad hoc networks. T...Mobile ad hoc networks are particularly vulnerable to denial of service (DOS) attacks launched through compromised nodes or intruders. In this paper, we present a new DOS attack and its defense in ad hoc networks. The new DOS attack, called AA hoc Flooding Attack(AHFA), is that intruder broadcasts mass Route Request packets to exhaust the communication bandwidth and node resource so that the valid communication can not be kept. After analyzed AM hoc Flooding Attack, we develop Flooding Attack Prevention (FAP), a genetic defense against the AM hoc Flooding Attack. When the intruder broadcasts exceeding packets of Route Request, the immediate neighbors of the intruder record the rate of Route Request. Once the threshold is exceeded, nodes deny any future request packets from the intruder. The results of our implementation show FAP can prevent the AM hoe Flooding attack efficiently.展开更多
As a new sort of mobile ad hoc network(MANET), aeronautical ad hoc network(AANET) has fleet-moving airborne nodes(ANs) and suffers from frequent network partitioning due to the rapid-changing topology. In this work, t...As a new sort of mobile ad hoc network(MANET), aeronautical ad hoc network(AANET) has fleet-moving airborne nodes(ANs) and suffers from frequent network partitioning due to the rapid-changing topology. In this work, the additional relay nodes(RNs) is employed to repair the network and maintain connectivity in AANET. As ANs move, RNs need to move as well in order to re-establish the topology as quickly as possible. The network model and problem definition are firstly given, and then an online approach for RNs' movement control is presented to make ANs achieve certain connectivity requirement during run time. By defining the minimum cost feasible moving matrix(MCFM), a fast algorithm is proposed for RNs' movement control problem. Simulations demonstrate that the proposed algorithm outperforms other control approaches in the highly-dynamic environment and is of great potential to be applied in AANET.展开更多
For wireless ad hoc networks simulation, node's mobility pattern and traffic pattern are two key elements. A new simulation model is presented based on the virtual reality collision detection algorithm in obstacle en...For wireless ad hoc networks simulation, node's mobility pattern and traffic pattern are two key elements. A new simulation model is presented based on the virtual reality collision detection algorithm in obstacle environment, and the model uses the path planning method to avoid obstacles and to compute the node's moving path. Obstacles also affect node's signal propagation. Considering these factors, this study implements the mobility model for wireless ad hoc networks. Simulation results show that the model has a significant impact on the performance of protocols.展开更多
There are inherent vulnerabilities that are not easily preventable in the mobile Ad-Hoc networks.To build a highly secure wireless Ad-Hoc network,intrusion detection and response techniques need to be deployed;The int...There are inherent vulnerabilities that are not easily preventable in the mobile Ad-Hoc networks.To build a highly secure wireless Ad-Hoc network,intrusion detection and response techniques need to be deployed;The intrusion detection and cluster-based Ad-Hoc networks has been introduced,then,an architecture for better intrusion detection based on cluster using Data Mining in wireless Ad -Hoc networks has been shown.A statistical anomaly detection approach has been used.The anomaly detection and trace analysis have been done locally in each node and possibly through cooperation with clusterhead detection in the network.展开更多
移动Ad hoc网络(mobile Ad hoc network,简称MANET)作为一种新型移动无线通信网,与其他通信网络相比独有的特性增加了网络管理的难度.目前对MANET网络管理的研究处于起步阶段,一些标准尚未制定,而且像存在单向链路和节点的相对移动性这...移动Ad hoc网络(mobile Ad hoc network,简称MANET)作为一种新型移动无线通信网,与其他通信网络相比独有的特性增加了网络管理的难度.目前对MANET网络管理的研究处于起步阶段,一些标准尚未制定,而且像存在单向链路和节点的相对移动性这类问题也在研究中被忽视.为此,提出了一个利用令牌机制与最小节点标识相结合,适用于层次性管理结构的基于图的MANET簇生成算法,以及对MIB(management information base)的建议性改进.算法充分考虑了网络存在的单向链路和节点的相对移动性,提高了网络管理的灵活性和可扩展性,为MANET的网络管理提出了一种新方法.展开更多
基金the National High Technology Development "863" Program of China (2006AA01Z436, 2007AA01Z452)the National Natural Science Foundation of China(60702042).
文摘Mobile ad hoc networking (MANET) has become an exciting and important technology in recent years, because of the rapid proliferation of wireless devices. Mobile ad hoc networks is highly vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, and lack of centralized monitoring and management point. The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective for those features. A distributed intrusion detection approach based on timed automata is given. A cluster-based detection scheme is presented, where periodically a node is elected as the monitor node for a cluster. These monitor nodes can not only make local intrusion detection decisions, but also cooperatively take part in global intrusion detection. And then the timed automata is constructed by the way of manually abstracting the correct behaviours of the node according to the routing protocol of dynamic source routing (DSR). The monitor nodes can verify the behaviour of every nodes by timed automata, and validly detect real-time attacks without signatures of intrusion or trained data. Compared with the architecture where each node is its own IDS agent, the approach is much more efficient while maintaining the same level of effectiveness. Finally, the intrusion detection method is evaluated through simulation experiments.
基金TheNationalHighTechnologyDevelopment"863"Program(No.2 0 0 1AA112051),TheNationalScienceFundforOverseasDistinguishedYoungScholars (No .6992 82 0 1)
文摘A QoS routing protocol based on mobility prediction is proposed. The protocol selects the steadiest path based on mobility prediction and QoS requirements on bandwidth, delay, and so forth. The main properties of the protocol as follows. (1) Each node just broadcasts its own information, so the packet is very small and can get to the destination in a very short time. (2) When another path is built for the same QoS requirements, the original path has higher priority. (3) The update messages are reduced by using mobility prediction. (4) Data packets carry the information of link change using piggyback, which is helpful for forecasting the link status more accurately. (5) When source node gets Resource Reserve and reconnect packets at the same time, it selects reconnect packet over Resource Reserve packet. The results of simulation show that the protocol has good network performance with low control overload, and efficiently supports transmitting multimedia with QoS requirements in mobile ad hoc networks.
基金supported by the National Basic Research Program of China(973 Program)(2011CB302903)the Key Program of Natural Science for Universities of Jiangsu Province(10KJA510035)+2 种基金the Science and Technology Innovation Group Foundation of Jiangsu Province ("Qing and Lan" Project)the Postgraduate Innovation Project Foundation of Jiangsu Province(CX10B 194ZCX09B 152Z)
文摘Because the intrinsic characteristics of mobile ad hoc networks(MANETs) cause several vulnerabilities,anonymous routing protocols attract much more attention in secure mobile ad hoc networks for the purposes of security and privacy concerns.Until recently,lots of anonymous routing protocols have been proposed.However,most of them are single path or use one path at a time,and the multipath schemes can not thwart both the passive attacks and active attacks simultaneously.Thus an anonymous multipath routing protocol based on secret sharing is proposed.The protocol provides identity anonymity,location anonymity,data and traffic anonymity by employing cryptograph technology and secret sharing in MANET communication process.Meanwhile,a hash function is introduced to detect active attacks in the data transmission process.The protocol can effectively thwart various passive attacks and reduce the successful probability of active attacks(such as interception and physical destroy attacks).Simulation results show that the proposed scheme provides a reasonably good level of network security and performance.
文摘Tactical mobile ad hoc network (MANET) is a collection of mobile nodes forming a temporary network, without the aid of pre-established network infrastructure. The routing protocol has a crucial impact on the network performance in battlefields. Link reliability based hybrid routing (LRHR) is proposed, which is a novel hybrid routing protocol, for tactical MANET. Contrary to the traditional single path routing strategy, multiple paths are established between a pair of source-destination nodes. In the hybrid routing strategy, the rate of topological change provides a natural mechanism for switching dynamically between table-driven and on-demand routing. The simulation results indicate that the performances of the protocol in packet delivery ratio, routing overhead, and average end-to-end delay are better than the conventional routing protocol.
文摘A novel reliable routing algorithm in mobile ad hoc networks using fuzzy Petri net with its reasoning mechanism was proposed to increase the reliability during the routing selection. The algorithm allows the structured representation of network topology, which has a fuzzy reasoning mechanism for finding the routing sprouting tree from the source node to the destination node in the mobile ad boc environment. Finally, by comparing the degree of reliability in the routing sprouting tree, the most reliable route can be computed. The algorithm not only offers the local reliability between each neighboring node, but also provides global reliability for the whole selected route. The algorithm can be applied to most existing on-demand routing protocols, and the simulation results show that the routing reliability is increased by more than 80% when applying the proposed algorithm to the ad hoc on demand distance vector routing protocol.
基金supported by the National Natural Science Foundation of China (60932003)the National High Technology Research and Development Program of China (863 Program)(2007AA01Z452+2 种基金 2009AA01Z118)Shanghai Municipal Natural Science Foundation (09ZR1414900)The National Undergraduate Innovative Test Program(091024812)
文摘Due to their characteristics of dynamic topology, wireless channels and limited resources, mobile ad hoc networks are particularly vulnerable to a denial of service (DoS) attacks launched by intruders. The effects of flooding attacks in network simulation 2 (NS2) and measured performance parameters are investigated, including packet loss ratio, average delay, throughput and average number of hops under different numbers of attack nodes, flooding frequency, network bandwidth and network size. Simulation results show that with the increase of the flooding frequency and the number of attack nodes, network performance sharply drops. But when the frequency of flooding attacks or the number of attack nodes is greater than a certain value, performance degradation tends to a stable value.
文摘This paper theoretically analyzes a deficiency of the existing scheme, and proposes a distributed multi-hop certification authority scheme for mobile Ad Hoc networks. In our design, we distribute the certification authority functions through a threshold secret sharing mechanism, in which each node holds a secret share and multiple nodes jointly provide complete services. Certification authority is not limited in a local neighborhood but can be completed within multi-hop location. In addition, we replace broadcast by multicast to improve system performance and reduce communication overhead. This paper resolves some technical problems of ubiquitous certification authority services, and presents a wieldy multi-hop certification authority algorithm. Simulation results confirm the availability and effectiveness of our design.
基金Project(61225012)supported by the National Science Foundation for Distinguished Young Scholars of ChinaProjects(61070162,71071028,70931001)supported by the National Natural Science Foundation of China+4 种基金Project(20120042130003)supported by the Specialized Research Fund of the Doctoral Program of Higher Education for the Priority Development Areas,ChinaProjects(20100042110025,20110042110024)supported by the Specialized Research Fund for the Doctoral Program of Higher Education,ChinaProject(2012)supported by the Specialized Development Fund for the Internet of Things from the Ministry of Industry and Information Technology of ChinaProject(N110204003)supported by the Fundamental Research Funds for the Central Universities of ChinaProject(L2013001)supported by the Scientific Research Fund of Liaoning Provincial Education Department,China
文摘To deeply exploit the mechanisms of ant colony optimization (ACO) applied to develop routing in mobile ad hoe networks (MANETS),some existing representative ant colony routing protocols were analyzed and compared.The analysis results show that every routing protocol has its own characteristics and competitive environment.No routing protocol is better than others in all aspects.Therefore,based on no free lunch theory,ant routing protocols were decomposed into three key components:route discovery,route maintenance (including route refreshing and route failure handling) and data forwarding.Moreover,component based ant routing protocol (CBAR) was proposed.For purpose of analysis,it only maintained basic ant routing process,and it was simple and efficient with a low overhead.Subsequently,different mechanisms used in every component and their effect on performance were analyzed and tested by simulations.Finally,future research strategies and trends were also summarized.
基金This project was supported by the National"863"High Technology Development Programof China (2003AA148010) Key Technologies R&D Programof China (2002DA103A03 -07)
文摘Mobile ad hoc networks are particularly vulnerable to denial of service (DOS) attacks launched through compromised nodes or intruders. In this paper, we present a new DOS attack and its defense in ad hoc networks. The new DOS attack, called AA hoc Flooding Attack(AHFA), is that intruder broadcasts mass Route Request packets to exhaust the communication bandwidth and node resource so that the valid communication can not be kept. After analyzed AM hoc Flooding Attack, we develop Flooding Attack Prevention (FAP), a genetic defense against the AM hoc Flooding Attack. When the intruder broadcasts exceeding packets of Route Request, the immediate neighbors of the intruder record the rate of Route Request. Once the threshold is exceeded, nodes deny any future request packets from the intruder. The results of our implementation show FAP can prevent the AM hoe Flooding attack efficiently.
文摘As a new sort of mobile ad hoc network(MANET), aeronautical ad hoc network(AANET) has fleet-moving airborne nodes(ANs) and suffers from frequent network partitioning due to the rapid-changing topology. In this work, the additional relay nodes(RNs) is employed to repair the network and maintain connectivity in AANET. As ANs move, RNs need to move as well in order to re-establish the topology as quickly as possible. The network model and problem definition are firstly given, and then an online approach for RNs' movement control is presented to make ANs achieve certain connectivity requirement during run time. By defining the minimum cost feasible moving matrix(MCFM), a fast algorithm is proposed for RNs' movement control problem. Simulations demonstrate that the proposed algorithm outperforms other control approaches in the highly-dynamic environment and is of great potential to be applied in AANET.
文摘For wireless ad hoc networks simulation, node's mobility pattern and traffic pattern are two key elements. A new simulation model is presented based on the virtual reality collision detection algorithm in obstacle environment, and the model uses the path planning method to avoid obstacles and to compute the node's moving path. Obstacles also affect node's signal propagation. Considering these factors, this study implements the mobility model for wireless ad hoc networks. Simulation results show that the model has a significant impact on the performance of protocols.
文摘There are inherent vulnerabilities that are not easily preventable in the mobile Ad-Hoc networks.To build a highly secure wireless Ad-Hoc network,intrusion detection and response techniques need to be deployed;The intrusion detection and cluster-based Ad-Hoc networks has been introduced,then,an architecture for better intrusion detection based on cluster using Data Mining in wireless Ad -Hoc networks has been shown.A statistical anomaly detection approach has been used.The anomaly detection and trace analysis have been done locally in each node and possibly through cooperation with clusterhead detection in the network.
文摘移动Ad hoc网络(mobile Ad hoc network,简称MANET)作为一种新型移动无线通信网,与其他通信网络相比独有的特性增加了网络管理的难度.目前对MANET网络管理的研究处于起步阶段,一些标准尚未制定,而且像存在单向链路和节点的相对移动性这类问题也在研究中被忽视.为此,提出了一个利用令牌机制与最小节点标识相结合,适用于层次性管理结构的基于图的MANET簇生成算法,以及对MIB(management information base)的建议性改进.算法充分考虑了网络存在的单向链路和节点的相对移动性,提高了网络管理的灵活性和可扩展性,为MANET的网络管理提出了一种新方法.
