Existing multi-channel Medium Access Control (MAC) protocols have been demonstrated to significantly increase wireless network performance compared to single channel MAC protocols. Traditionally, the channelization st...Existing multi-channel Medium Access Control (MAC) protocols have been demonstrated to significantly increase wireless network performance compared to single channel MAC protocols. Traditionally, the channelization structure in IEEE 802.11 based wireless networks is pre-configured, and the entire available spectrum is divided into subchannels and equal channel widths. In contrast, this paper presents a Traffic-Aware Channelization MAC (TAC-MAC) protocol for wireless ad hoc networks, where each node is equipped with a single half duplex transceiver. TAC-MAC works in a distributed, fine-grai-ned manner, which dynamically divides variable-width subchannels and allocates subchannel width based on the Orthogonal Frequency Division Multiplexing (OFDM) technique according to the traffic demands of nodes. Simulations show that the TAC-MAC can significantly improve network throughput and reduce packet delay compared with both fixed-width multi-channel MAC and single channel 802.11 protocols, which illustrates a new paradigm for high-efficient multi-channel MAC design in wireless ad hoc networks.展开更多
With correlating with human perception, quality of experience(Qo E) is also an important measurement in evaluation of video quality in addition to quality of service(Qo S). A cross-layer scheme based on Lyapunov optim...With correlating with human perception, quality of experience(Qo E) is also an important measurement in evaluation of video quality in addition to quality of service(Qo S). A cross-layer scheme based on Lyapunov optimization framework for H.264/AVC video streaming over wireless Ad hoc networks is proposed, with increasing both Qo E and Qo S performances. Different from existing works, this scheme routes and schedules video packets according to the statuses of the frame buffers at the destination nodes to reduce buffer underflows and to increase video playout continuity. The waiting time of head-ofline packets of data queues are considered in routing and scheduling to reduce the average end-to-end delay of video sessions. Different types of packets are allocated with different priorities according to their generated rates under H.264/AVC. To reduce the computational complexity, a distributed media access control policy and a power control algorithm cooperating with the media access policy are proposed. Simulation results show that, compared with existing schemes, this scheme can improve both the Qo S and Qo E performances. The average peak signal-to-noise ratio(PSNR) of the received video streams is also increased.展开更多
Fast data synchronization in wireless ad hoc networks is a challenging and critical problem.It is fundamental for efficient information fusion,control and decision in distributed systems.Previously,distributed data sy...Fast data synchronization in wireless ad hoc networks is a challenging and critical problem.It is fundamental for efficient information fusion,control and decision in distributed systems.Previously,distributed data synchronization was mainly studied in the latency-tolerant distributed databases,or assuming the general model of wireless ad hoc networks.In this paper,we propose a pair of linear network coding(NC)and all-to-all broadcast based fast data synchronization algorithms for wireless ad hoc networks whose topology is under operator’s control.We consider both data block selection and transmitting node selection for exploiting the benefits of NC.Instead of using the store-and-forward protocol as in the conventional uncoded approach,a compute-and-forward protocol is used in our scheme,which improves the transmission efficiency.The performance of the proposed algorithms is studied under different values of network size,network connection degree,and per-hop packet error rate.Simulation results demonstrate that our algorithms significantly reduce the times slots used for data synchronization compared with the baseline that does not use NC.展开更多
An Ad hoc network is composed of wireless mobile nodes.Because there is no other wired infrastructure such as base stations,the ad hoc network,unlike other wireless networks such as Wireless Local Area Network(WLAN),h...An Ad hoc network is composed of wireless mobile nodes.Because there is no other wired infrastructure such as base stations,the ad hoc network,unlike other wireless networks such as Wireless Local Area Network(WLAN),has to face attacks from both the control plane and the data plane.Ad hoc should ensure the routing security on the control plane,and the secure forwarding of packets on the data plane.The distributed network protocol should operate safely,and peer-to-peer nodes should have trusting relations for each other.For this purpose,a complete security solution should include three parts:security on the control plane,security on the data plane,and security of key management.展开更多
With the rapid development of wireless networks,the Ad Hoc networks are widely used in many fields,but the current network security solutions for the Ad Hoc network are not competitive enough.So the critical technolog...With the rapid development of wireless networks,the Ad Hoc networks are widely used in many fields,but the current network security solutions for the Ad Hoc network are not competitive enough.So the critical technology of Ad Hoc network applications shall be how to implement the security scheme.Here the discussions are focused on the specific solution against the security threats which the Ad Hoc networks will face,the methodology of a management model which uses trusted computing technology to solve Ad Hoc network security problems,and the analysis and verification for the security of this model.展开更多
Wireless Mesh Networks (WMNs) are vulnerable to various security threats because of their special infrastructure and communication mode, wherein insider attacks are the most challenging issue. To address this proble...Wireless Mesh Networks (WMNs) are vulnerable to various security threats because of their special infrastructure and communication mode, wherein insider attacks are the most challenging issue. To address this problem and protect innocent users from malicious attacks, it is important to encourage cooperation and deter malicious behaviors. Reputation systems constitute a major category of techniques used for managing trust in distributed networks, and they are effective in characterizing and quantifying a node's behavior for WMNs. However, conventional layered reputation mechanisms ignore several key factors of reputation in other layers; therefore, they cannot provide optimal performance and accurate malicious node identification and isolation for WMNs. In this paper, we propose a novel dynamic reputation mechanism, SLCRM, which couples reputation systems with a cross-layer design and node-security-rating classification techniques to dynamically detect and restrict insider attacks. Simulation results show that in terms of network throughput, packet delivery ratio, malicious nodes' identification, and success rates, SI_CRM imple- ments security protection against insider attacks in a more dynamic, effective, and efficient manner than the subjective logic and uncertainty-based reputation model and the familiarity-based reputation model.展开更多
This paper focuses on investigating immunological principles in designing a multi-agent security architecture for intrusion detection and response in wireless mesh networks.In this approach,the immunity-based agents m...This paper focuses on investigating immunological principles in designing a multi-agent security architecture for intrusion detection and response in wireless mesh networks.In this approach,the immunity-based agents monitor the situation in the network.These agents can take appropriate actions according to the underlying security policies.Specifically,their activities are coordinated in a hierarchical fashion while sensing,communicating,determining and generating responses.Such an agent can learn about and adapt to its environment dynamically and can detect both known and unknown intrusions.The proposed intrusion detection architecture is designed to be flexible,extendible,and adaptable so that it can perform real-time monitoring.This paper provides the conceptual view and a general framework of the proposed system.In the end,the architecture is illustrated by an example and by simulation to show it can prevent attacks efficiently.展开更多
Wireless Mesh Networks is vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, Lack of centralized monitoring and management point. The traditional way of protec...Wireless Mesh Networks is vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, Lack of centralized monitoring and management point. The traditional way of protecting networks with firewalls and encryption software is no longer suffi- cient and effective for those features. In this paper, we propose a distributed intrusion detection ap- proach based on timed automata. A cluster-based detection scheme is presented, where periodically a node is elected as the monitor node for a cluster. These monitor nodes can not only make local intrusion detection decisions, but also cooperatively take part in global intrusion detection. And then we con- struct the Finite State Machine (FSM) by the way of manually abstracting the correct behaviors of the node according to the routing protocol of Dynamic Source Routing (DSR). The monitor nodes can verify every node's behavior by the Finite State Ma- chine (FSM), and validly detect real-time attacks without signatures of intrusion or trained data.Compared with the architecture where each node is its own IDS agent, our approach is much more efficient while maintaining the same level of effectiveness. Finally, we evaluate the intrusion detection method through simulation experiments.展开更多
A novel scheme is presented to integrate mobile ad hoc networks (MANETs) with the lnternet and support mobility across wireless local area networks (WLANs) and MANETs. The mobile nodes, connected as a MANET, emplo...A novel scheme is presented to integrate mobile ad hoc networks (MANETs) with the lnternet and support mobility across wireless local area networks (WLANs) and MANETs. The mobile nodes, connected as a MANET, employ the optimize d link state routing (OLSR) protocol for routing within the MANET. Mobility management across WLANs and MANETs is achieved through the hierarchical mobile IPv6 (HMIPv6) protocol. The performance is evaluated on a HMIPv6 based test-bed composed of WLANs and MANETs. The efficiency gain obtained from using HMIPv6 in such a hybrid network is investigated. The investigation result shows that the use of HMIPv6 can achieve up to 27% gain on reducing the handoff latency when a mobile roams within a domain. Concerning the reduction of the signaling load on the lnternet, the use of HMIPv6 can achieve at least a 54% gain and converges to 69%.展开更多
In a Wireless Mesh Network(WMN),the convenience of a routing strategy strongly depends on the mobility of the intermediate nodes that compose the paths.Taking this behaviour into account,this paper presents a routing ...In a Wireless Mesh Network(WMN),the convenience of a routing strategy strongly depends on the mobility of the intermediate nodes that compose the paths.Taking this behaviour into account,this paper presents a routing scheme that works differently accordingly to the node mobility.In this sense,a proactive routing scheme is restricted to the backbone to promote the use of stable routes.Conversely,the reactive protocol is used for searching routes to or from a mobile destination.Both approaches are simultaneously implemented in the mesh nodes so that the routing protocols share routing information that optimises the network performance.Aimed at guaranteeing the IP compatibility,the combination of the two protocols in the core routers is carried out in the Medium Access Control(MAC)layer.In contrast to the operation in the IP layer where two routing protocols cannot work concurrently,the transfer of the routing tasks to the MAC layer enables the use of multiple independent forwarding tables.Simulation results show the advantage of the proposal in terms of packet losses and data delay.展开更多
In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc...In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc networks is proposed.In this scheme, a sender can simultaneously signcrypt n messeges for n receivers, and a receiver can unsigncrypt the ciphertext to get his message with his own private key.An analysis of this scheme indicates that it achieves authenticity and confidentiality in the random oracle model while being of lower computation and communication overhead.Finally, for the application of our scheme in ad hoc, a threshold key updating protocol for ad hoc networks is given.展开更多
Nodes cooperation is a significant prerequisite for the realization of the relaying Ad Hoc.While with the development of multi-hop cellular networks, how to stimulate intermediate nodes to do the packet-forwarding des...Nodes cooperation is a significant prerequisite for the realization of the relaying Ad Hoc.While with the development of multi-hop cellular networks, how to stimulate intermediate nodes to do the packet-forwarding deserves more concerning.At present research,the incentive schemes in pure Ad Hoc and multi-hop cellular networks are analyzed and compared to classify the strengths and drawbacks of each scheme.We explain in particular what the key issues are to implement incentive schemes for cooperation. Finally,an incentive scheme based on integration of reputation and charging systems is proposed not only to block the existence of selfish nodes,but to satisfy the rational requirement of nodes.展开更多
Initial works in ad hoc routing have considered only the problem of providing efficient mechanisms for finding paths in such networks,without considering security as a major problem.In such a trusted environment,malic...Initial works in ad hoc routing have considered only the problem of providing efficient mechanisms for finding paths in such networks,without considering security as a major problem.In such a trusted environment,malicious behaviors can disturb routing process.We present the design and performance evaluation of a new secure on-demand routing protocol for ad hoc networks, called CASR.CASR is robust against attackers from outside of the network and even it prevents compromised nodes from tampering with uncompromised routes consisting of uncompromised nodes.Because of using symmetric cryptography in its structure,CASR is robust against large number of types of Denial-of -Service attacks.However,due to the applying of the random key predistributions method to the routing process our proposed scheme reaches a trade-off between the degree of security and complexity.展开更多
In an ad hoc network, it is usually difficult to optimize the assignment of network routing resources using a single type of routing protocol due to the differences in network scale, node moving mode and node distribu...In an ad hoc network, it is usually difficult to optimize the assignment of network routing resources using a single type of routing protocol due to the differences in network scale, node moving mode and node distribution. Therefore, it is desirable to have nodes run multiple routing protocols simultaneously so that more than one protocols can be chosen to work jointly. For this purpose, a multiple routing platform for Ad hoc networks is proposed on a higher level of current routing protocols. In order to ensure the security of the platform, a security mechanism and its formal analysis by BAN logic is given. The simulation results of the network performance demonstrate that the proposed multi-routing platform is practicable in some complex applications.展开更多
Wireless mesh networks (WMNs) are new kind of networking technology which facilitate the extension of wireless local area networks into wide areas and have emerged as a key technology for next-generation wireless netw...Wireless mesh networks (WMNs) are new kind of networking technology which facilitate the extension of wireless local area networks into wide areas and have emerged as a key technology for next-generation wireless networking.Due to the advantages of WMNs over other wireless networks,they are now a promising approach for future network access.Typical applications range from home broadband Internet access and community networking to wireless metropolitan area networks.Meanwhile,the considerable efforts in academic range from network architecture,network capacity,layered communication protocols,security,cross-layer design,etc.Still many technical challenges exist in designing affordable,reliable,and sustainable WMNs infrastructures.In order to provide a better understanding of these challenges,this paper presents a detailed investigation of current technologies for WMNs,and it will help to guide and refocus future works in this area.展开更多
Wireless mesh network is a new emerging field with its potential applications in extremely unpredictable and dynamic environments.However,it is particularly vulnerable due to its features of open medium,dynamic changi...Wireless mesh network is a new emerging field with its potential applications in extremely unpredictable and dynamic environments.However,it is particularly vulnerable due to its features of open medium,dynamic changing topology, cooperative routing algorithms.The article surveys the state of the art in security for wireless mesh networks.Firstly,we analyze various possible threats to security in wireless mesh networks.Secondly,we introduce some representative solutions to these threats,including solutions to the problems of key management,secure network routing,and intrusion detection.We also provide a comparison and discussion of their respective merits and drawbacks,and propose some improvements for these drawbacks.Finally,we also discuss the remaining challenges in the area.展开更多
With the rapid development of the WLAN,the 802. 11 s mesh network is emerging.Reliability,adaptability and scalability are the most important attributes of a mesh network.However,the security in an 802.11s mesh networ...With the rapid development of the WLAN,the 802. 11 s mesh network is emerging.Reliability,adaptability and scalability are the most important attributes of a mesh network.However,the security in an 802.11s mesh network is not well defined or specified,and there is no standard method to authenticate a mesh point that is creating a mesh link.In this paper,we propose solutions for the authentication of mesh points.For the Basic Infrastructure Security Mode,we combine the 802.1X/EAP and neighbor graph to realize the fast mutual authentication between a new mesh point and every its mesh link.We prove that our scheme maintains the security of the standardized EAP authentication algorithm.At the same time,the simulation result shows that the authentication latency of our scheme is much lower than that of the scheme in[2].In the Basic Decentralized Security Mode(BDSM),802.11s mesh networks are very similar to ad hoc networks,but they are different in several aspects.We first analyze the differences between them.Based on this analysis, we investigate the main authentication methods used in ad hoc networks and select the pairwise key pre-distribution model and identity-based model for the WLAN mesh network.展开更多
基金supported by the National Natural Science Foundation of China under Grant No. 61002032the Doctoral Fund of Ministry of Education of China under Grant No. 20094307110004
文摘Existing multi-channel Medium Access Control (MAC) protocols have been demonstrated to significantly increase wireless network performance compared to single channel MAC protocols. Traditionally, the channelization structure in IEEE 802.11 based wireless networks is pre-configured, and the entire available spectrum is divided into subchannels and equal channel widths. In contrast, this paper presents a Traffic-Aware Channelization MAC (TAC-MAC) protocol for wireless ad hoc networks, where each node is equipped with a single half duplex transceiver. TAC-MAC works in a distributed, fine-grai-ned manner, which dynamically divides variable-width subchannels and allocates subchannel width based on the Orthogonal Frequency Division Multiplexing (OFDM) technique according to the traffic demands of nodes. Simulations show that the TAC-MAC can significantly improve network throughput and reduce packet delay compared with both fixed-width multi-channel MAC and single channel 802.11 protocols, which illustrates a new paradigm for high-efficient multi-channel MAC design in wireless ad hoc networks.
文摘With correlating with human perception, quality of experience(Qo E) is also an important measurement in evaluation of video quality in addition to quality of service(Qo S). A cross-layer scheme based on Lyapunov optimization framework for H.264/AVC video streaming over wireless Ad hoc networks is proposed, with increasing both Qo E and Qo S performances. Different from existing works, this scheme routes and schedules video packets according to the statuses of the frame buffers at the destination nodes to reduce buffer underflows and to increase video playout continuity. The waiting time of head-ofline packets of data queues are considered in routing and scheduling to reduce the average end-to-end delay of video sessions. Different types of packets are allocated with different priorities according to their generated rates under H.264/AVC. To reduce the computational complexity, a distributed media access control policy and a power control algorithm cooperating with the media access policy are proposed. Simulation results show that, compared with existing schemes, this scheme can improve both the Qo S and Qo E performances. The average peak signal-to-noise ratio(PSNR) of the received video streams is also increased.
基金This work is financially supported by Beijing Municipal Natural Science Foundation(No.L202012)the Open Research Project of the State Key Laboratory of Media Convergence and Communication,Communication University of China(No.SKLMCC2020KF008)the Fundamental Research Funds for the Central Universities(No.2020RC05).
文摘Fast data synchronization in wireless ad hoc networks is a challenging and critical problem.It is fundamental for efficient information fusion,control and decision in distributed systems.Previously,distributed data synchronization was mainly studied in the latency-tolerant distributed databases,or assuming the general model of wireless ad hoc networks.In this paper,we propose a pair of linear network coding(NC)and all-to-all broadcast based fast data synchronization algorithms for wireless ad hoc networks whose topology is under operator’s control.We consider both data block selection and transmitting node selection for exploiting the benefits of NC.Instead of using the store-and-forward protocol as in the conventional uncoded approach,a compute-and-forward protocol is used in our scheme,which improves the transmission efficiency.The performance of the proposed algorithms is studied under different values of network size,network connection degree,and per-hop packet error rate.Simulation results demonstrate that our algorithms significantly reduce the times slots used for data synchronization compared with the baseline that does not use NC.
基金This work was funded by the National Basic Research Program (973 Program) of China under Grant 2007CB310704.
文摘An Ad hoc network is composed of wireless mobile nodes.Because there is no other wired infrastructure such as base stations,the ad hoc network,unlike other wireless networks such as Wireless Local Area Network(WLAN),has to face attacks from both the control plane and the data plane.Ad hoc should ensure the routing security on the control plane,and the secure forwarding of packets on the data plane.The distributed network protocol should operate safely,and peer-to-peer nodes should have trusting relations for each other.For this purpose,a complete security solution should include three parts:security on the control plane,security on the data plane,and security of key management.
基金National Natural Science Foundation of China under Grant No. 60970115,National Natural Science Funds Projects of China under Grant No. 91018008
文摘With the rapid development of wireless networks,the Ad Hoc networks are widely used in many fields,but the current network security solutions for the Ad Hoc network are not competitive enough.So the critical technology of Ad Hoc network applications shall be how to implement the security scheme.Here the discussions are focused on the specific solution against the security threats which the Ad Hoc networks will face,the methodology of a management model which uses trusted computing technology to solve Ad Hoc network security problems,and the analysis and verification for the security of this model.
基金supported by the Program for Changjiang Scholars and Innovative Research Team in University under Grant No.IRT1078the Key Program of NSFC-Guangdong Union Foundation under Grant No.U1135002+1 种基金Major National S&T Program under Grant No.2011ZX03005-002the Fundamental Research Funds for the Central Universities under Grant No.JY10000903001
文摘Wireless Mesh Networks (WMNs) are vulnerable to various security threats because of their special infrastructure and communication mode, wherein insider attacks are the most challenging issue. To address this problem and protect innocent users from malicious attacks, it is important to encourage cooperation and deter malicious behaviors. Reputation systems constitute a major category of techniques used for managing trust in distributed networks, and they are effective in characterizing and quantifying a node's behavior for WMNs. However, conventional layered reputation mechanisms ignore several key factors of reputation in other layers; therefore, they cannot provide optimal performance and accurate malicious node identification and isolation for WMNs. In this paper, we propose a novel dynamic reputation mechanism, SLCRM, which couples reputation systems with a cross-layer design and node-security-rating classification techniques to dynamically detect and restrict insider attacks. Simulation results show that in terms of network throughput, packet delivery ratio, malicious nodes' identification, and success rates, SI_CRM imple- ments security protection against insider attacks in a more dynamic, effective, and efficient manner than the subjective logic and uncertainty-based reputation model and the familiarity-based reputation model.
基金supported by National Natural Science Foundation of China under Grant No.60932003National High Technical Research and Development Program of China(863 program) Grant No.2007AA01Z452,No.2009AA01Z118+1 种基金Shanghai Municipal Natural Science Foundation under Grant No.09ZR1414900National Undergraduate Innovative Test Program under Grant No.091024812
文摘This paper focuses on investigating immunological principles in designing a multi-agent security architecture for intrusion detection and response in wireless mesh networks.In this approach,the immunity-based agents monitor the situation in the network.These agents can take appropriate actions according to the underlying security policies.Specifically,their activities are coordinated in a hierarchical fashion while sensing,communicating,determining and generating responses.Such an agent can learn about and adapt to its environment dynamically and can detect both known and unknown intrusions.The proposed intrusion detection architecture is designed to be flexible,extendible,and adaptable so that it can perform real-time monitoring.This paper provides the conceptual view and a general framework of the proposed system.In the end,the architecture is illustrated by an example and by simulation to show it can prevent attacks efficiently.
基金Acknowledgements Project supported by the National Natural Science Foundation of China (Grant No.60932003), the National High Technology Development 863 Program of China (Grant No.2007AA01Z452, No. 2009AA01 Z118 ), Project supported by Shanghai Municipal Natural Science Foundation (Grant No.09ZRI414900), National Undergraduate Innovative Test Program (091024812).
文摘Wireless Mesh Networks is vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, Lack of centralized monitoring and management point. The traditional way of protecting networks with firewalls and encryption software is no longer suffi- cient and effective for those features. In this paper, we propose a distributed intrusion detection ap- proach based on timed automata. A cluster-based detection scheme is presented, where periodically a node is elected as the monitor node for a cluster. These monitor nodes can not only make local intrusion detection decisions, but also cooperatively take part in global intrusion detection. And then we con- struct the Finite State Machine (FSM) by the way of manually abstracting the correct behaviors of the node according to the routing protocol of Dynamic Source Routing (DSR). The monitor nodes can verify every node's behavior by the Finite State Ma- chine (FSM), and validly detect real-time attacks without signatures of intrusion or trained data.Compared with the architecture where each node is its own IDS agent, our approach is much more efficient while maintaining the same level of effectiveness. Finally, we evaluate the intrusion detection method through simulation experiments.
文摘A novel scheme is presented to integrate mobile ad hoc networks (MANETs) with the lnternet and support mobility across wireless local area networks (WLANs) and MANETs. The mobile nodes, connected as a MANET, employ the optimize d link state routing (OLSR) protocol for routing within the MANET. Mobility management across WLANs and MANETs is achieved through the hierarchical mobile IPv6 (HMIPv6) protocol. The performance is evaluated on a HMIPv6 based test-bed composed of WLANs and MANETs. The efficiency gain obtained from using HMIPv6 in such a hybrid network is investigated. The investigation result shows that the use of HMIPv6 can achieve up to 27% gain on reducing the handoff latency when a mobile roams within a domain. Concerning the reduction of the signaling load on the lnternet, the use of HMIPv6 can achieve at least a 54% gain and converges to 69%.
文摘In a Wireless Mesh Network(WMN),the convenience of a routing strategy strongly depends on the mobility of the intermediate nodes that compose the paths.Taking this behaviour into account,this paper presents a routing scheme that works differently accordingly to the node mobility.In this sense,a proactive routing scheme is restricted to the backbone to promote the use of stable routes.Conversely,the reactive protocol is used for searching routes to or from a mobile destination.Both approaches are simultaneously implemented in the mesh nodes so that the routing protocols share routing information that optimises the network performance.Aimed at guaranteeing the IP compatibility,the combination of the two protocols in the core routers is carried out in the Medium Access Control(MAC)layer.In contrast to the operation in the IP layer where two routing protocols cannot work concurrently,the transfer of the routing tasks to the MAC layer enables the use of multiple independent forwarding tables.Simulation results show the advantage of the proposal in terms of packet losses and data delay.
文摘In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc networks is proposed.In this scheme, a sender can simultaneously signcrypt n messeges for n receivers, and a receiver can unsigncrypt the ciphertext to get his message with his own private key.An analysis of this scheme indicates that it achieves authenticity and confidentiality in the random oracle model while being of lower computation and communication overhead.Finally, for the application of our scheme in ad hoc, a threshold key updating protocol for ad hoc networks is given.
基金supported by National "863" High Technology Research and Development Program Foundation(No.2006AA01Z208)Six Talented Eminence Foundation of Jiangsu Province+1 种基金Natural Science Foundation of Jiangsu Province(No. BK2004149)Green-Blue Academic Talented Project Foundation of Jiangsu Province
文摘Nodes cooperation is a significant prerequisite for the realization of the relaying Ad Hoc.While with the development of multi-hop cellular networks, how to stimulate intermediate nodes to do the packet-forwarding deserves more concerning.At present research,the incentive schemes in pure Ad Hoc and multi-hop cellular networks are analyzed and compared to classify the strengths and drawbacks of each scheme.We explain in particular what the key issues are to implement incentive schemes for cooperation. Finally,an incentive scheme based on integration of reputation and charging systems is proposed not only to block the existence of selfish nodes,but to satisfy the rational requirement of nodes.
基金supported by Iran Telecommunication Research Center
文摘Initial works in ad hoc routing have considered only the problem of providing efficient mechanisms for finding paths in such networks,without considering security as a major problem.In such a trusted environment,malicious behaviors can disturb routing process.We present the design and performance evaluation of a new secure on-demand routing protocol for ad hoc networks, called CASR.CASR is robust against attackers from outside of the network and even it prevents compromised nodes from tampering with uncompromised routes consisting of uncompromised nodes.Because of using symmetric cryptography in its structure,CASR is robust against large number of types of Denial-of -Service attacks.However,due to the applying of the random key predistributions method to the routing process our proposed scheme reaches a trade-off between the degree of security and complexity.
文摘In an ad hoc network, it is usually difficult to optimize the assignment of network routing resources using a single type of routing protocol due to the differences in network scale, node moving mode and node distribution. Therefore, it is desirable to have nodes run multiple routing protocols simultaneously so that more than one protocols can be chosen to work jointly. For this purpose, a multiple routing platform for Ad hoc networks is proposed on a higher level of current routing protocols. In order to ensure the security of the platform, a security mechanism and its formal analysis by BAN logic is given. The simulation results of the network performance demonstrate that the proposed multi-routing platform is practicable in some complex applications.
基金supported in part by the National High Technology Research and Development Program of China (863 Program) (No. 2006AA01Z232,2009AA01Z212, 2009AA01Z202)Key Science and Technology Supporting Plan Item of Jiangsu Province(No. BE2008134)Special Fund of Trans-formation of Scientific and Technological Achievements of Jiangsu Province(No. BA2007012)
文摘Wireless mesh networks (WMNs) are new kind of networking technology which facilitate the extension of wireless local area networks into wide areas and have emerged as a key technology for next-generation wireless networking.Due to the advantages of WMNs over other wireless networks,they are now a promising approach for future network access.Typical applications range from home broadband Internet access and community networking to wireless metropolitan area networks.Meanwhile,the considerable efforts in academic range from network architecture,network capacity,layered communication protocols,security,cross-layer design,etc.Still many technical challenges exist in designing affordable,reliable,and sustainable WMNs infrastructures.In order to provide a better understanding of these challenges,this paper presents a detailed investigation of current technologies for WMNs,and it will help to guide and refocus future works in this area.
基金Project supported by the Shanghai Minicipal Natural Science Foundation(Grant No09ZR1414900)the National High Technology Development 863 Program of China(Grant No2006AA01Z436,No2007AA01Z452,No2009AA01Z118)
文摘Wireless mesh network is a new emerging field with its potential applications in extremely unpredictable and dynamic environments.However,it is particularly vulnerable due to its features of open medium,dynamic changing topology, cooperative routing algorithms.The article surveys the state of the art in security for wireless mesh networks.Firstly,we analyze various possible threats to security in wireless mesh networks.Secondly,we introduce some representative solutions to these threats,including solutions to the problems of key management,secure network routing,and intrusion detection.We also provide a comparison and discussion of their respective merits and drawbacks,and propose some improvements for these drawbacks.Finally,we also discuss the remaining challenges in the area.
基金supported by National Natural Science Foundation of China(Grant No.60633020, 90204012,60573035,60573036)
文摘With the rapid development of the WLAN,the 802. 11 s mesh network is emerging.Reliability,adaptability and scalability are the most important attributes of a mesh network.However,the security in an 802.11s mesh network is not well defined or specified,and there is no standard method to authenticate a mesh point that is creating a mesh link.In this paper,we propose solutions for the authentication of mesh points.For the Basic Infrastructure Security Mode,we combine the 802.1X/EAP and neighbor graph to realize the fast mutual authentication between a new mesh point and every its mesh link.We prove that our scheme maintains the security of the standardized EAP authentication algorithm.At the same time,the simulation result shows that the authentication latency of our scheme is much lower than that of the scheme in[2].In the Basic Decentralized Security Mode(BDSM),802.11s mesh networks are very similar to ad hoc networks,but they are different in several aspects.We first analyze the differences between them.Based on this analysis, we investigate the main authentication methods used in ad hoc networks and select the pairwise key pre-distribution model and identity-based model for the WLAN mesh network.
