(3.235.245.219) 您好!臺灣時間:2021/05/07 22:34
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

: 
twitterline
研究生:金山
研究生(外文):Shan Chin
論文名稱:適用於移動式隨意網路基於名聲值和救贖機制的入侵偵測系統
論文名稱(外文):Reputation and salvation based intrusion detection system for mobile ad hoc networks
指導教授:王智弘王智弘引用關係
指導教授(外文):Chih-Hung Wang
學位類別:碩士
校院名稱:國立嘉義大學
系所名稱:資訊工程學系研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
畢業學年度:97
語文別:中文
論文頁數:55
中文關鍵詞:入侵偵測系統移動式隨意網路網路安全
外文關鍵詞:Intrusion Detection System (IDS)Mobile Ad Hoc Networks (MANETs)Network Security
相關次數:
  • 被引用被引用:0
  • 點閱點閱:153
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:14
  • 收藏至我的研究室書目清單書目收藏:0
近年來,隨意網路由於其自我組織能力、動態網路拓墣、暫時網路週期以及各節點之間的平等關係而成為一項重要研究議題。然而,這些特徵使安全上的問題更加重要。入侵偵測系統(IDS)是現有技術中可以使無線隨意網路更加可靠及安全的一種技術。安裝於移動式隨意網路(MANETs)之入侵偵測系統(IDS)與安全路由協定的不同點在於安全路由協定需要將安全機制套用在所有的節點上,而安裝於移動式隨意網路(MANETs)的入侵偵測系統(IDS)只需將其安全機制套用在某些特定的監視節點上即可。基於上述理由,移動式隨意網路(MANETs)之入侵偵測系統(IDS)可以被廣泛的使用於多種不同的隨意網路路由協定上。在移動式隨意網路(MANETs)上有著多種有名的攻擊如: 氾濫攻擊、黑洞攻擊、灰洞攻擊以及黑函攻擊。許多學者嘗試使用不同的方法去偵測及避免這些攻擊,但是他們用的方法都無法完全適合預防所有的攻擊,尤其是灰洞攻擊和黑函攻擊這兩種。因此,我們提出了基於名聲值和救贖機制的入侵偵測系統,使用極少的計算量來偵測上述的那些著名的攻擊。我們採用名聲值的技巧來抵擋氾濫攻擊和黑洞攻擊這類的服務阻斷式攻擊,並用救贖機制來偵測灰洞攻擊。此外,我們採用了簽章的概念保護黑名單的傳送來避免黑函攻擊,使得我們的入侵偵測系統能夠變的更加強韌。
In recent years, the ad hoc network is becoming an important research issue due to the self-organization network, dynamically changing topology, temporary network life and equal relationship among member of nodes. However, these properties make the ad hoc network security problem more serious. Intrusion Detection System (IDS) is one of the famous techniques which can make the ad hoc routing protocol become more reliable and secure. The difference between IDS on mobile ad hoc networks (MANETs) and secure routing protocol is that the latter needs to implement its secure mechanism on all the member nodes while the former only needs to implement the secure mechanism on some specific monitoring nodes. For this reason, IDS on MANETs can be widely used on several kinds of ad hoc routing protocols. There are several kinds of famous attacks on MANETs such as flooding attack, black hole attack, gray hole attack and blackmail attack. In the past, many scholars has used some efficient methods to detect and avoid these kinds of attack, but their schemes are not suitable for detecting all the attacks especially for the gray hole attack and blackmail attack. For this reason, we proposed a reputation and salvation based IDS to detect all of the famous attacks with low computation cost. We use the reputation technique to avoid the denial of service attacks such as flooding attack and black hole attack and the salvation mechanism to detect the gray hole attack. Moreover, we protect the transmission of the blacklist by using the signature concept to avoid the blackmail attack and make our IDS become more robust.
中文摘要 i
Abstract ii
誌謝 iv
Contents v
List of Figures viii
List of Tables x
Chapter 1: Introduction 1
Chapter 2: Related works 4
2.1 AODV routing protocol 4
2.1.1 The packet format of AODV 4
2.1.1.1 Packet format of RREQ 5
2.1.1.2 Packet format of RREP and RERR 6
2.1.2 The routing technique of AODV 8
2.1.2.1 Route discovery 8
2.1.2.2 Route maintenance 9
2.2 Threats on AODV routing protocol 9
2.2.1 Passive attack 10
2.2.2 Active attack 10
2.2.2.1 Routing availability attack 11
2.2.2.2 Resource consumption attack 12
2.3 Current IDS classification and related works 13
2.3.1 Observation based IDS 13
2.3.2 SVM based IDS 16
2.3.3 Authentication based IDS 19
2.3.4 Cross layer based IDS 20
2.3.5 A comparison of current IDS classification 21
Chapter 3: Reputation and salvation based IDS 23
3.1 System architecture 23
3.2 Reputation and salvation based intrusion detection system 24
3.2.1 Local anomaly detection 24
3.2.2 Local reputation system 30
3.2.3 Salvation mechanism and gray hole attack 31
3.2.4 Global response 36
Chapter 4: Simulation and analysis 38
4.1 The definition of the malicious nodes 38
4.1.1 Flooding attack 38
4.1.2 Black hole attack 38
4.1.2.1 Black hole attack caused by modified RREQ control packets 39
4.1.2.2 Black hole attack caused by modified RREP control packets 39
4.1.3 Gray hole attack 40
4.2 Simulation setup 40
4.3 Performance and analysis 42
4.3.1 Performance Metrics 42
4.3.2 Simulation Results 42
4.3.2.1 Impacts of different number of monitoring nodes 43
4.3.2.2 Impacts of different number of malicious nodes 45
4.3.2.3 Detection of gray hole attack with salvation mechanism 48
4.3.3 Property comparison and analysis 50
Chapter 5: Conclusions and future works 52
Reference 54
[1]Ad Hoc Routing Protocol Classification, February, 2009, Available: http://wiki.uni.lu/secan-lab/Ad-Hoc+Protocols+($28)Classification($29).html
[2]P. Agrawal, R. K. Ghosh and S. K. Das, “Cooperative black and gray hole attacks in mobile ad hoc networks,” in Proc. 2nd international conference on Ubiquitous information management and communication, January, 2008, pp. 310-314.
[3]S. Bose and A. Kannan, “Detecting denial of service attacks using cross layer based intrusion detection system in wireless ad hoc networks,” Signal Processing, Communications and Networking, January, 2008, pp. 182 – 188.
[4]J.B.D. Cabrera, C. Gutierrez and R.K. Mehra, “Infrastructures and algorithms for distributed anomaly-based intrusion detection in mobile ad-hoc networks,” Military Communications Conference, October, 2005, pp.1831 – 1837.
[5]H. Chen, Z. Ji, M. Hu, Z. Fu and R. Jiang, “Design and performance evaluation of a multi-agent-based dynamic lifetime security scheme for AODV routing protocol,” Journal of Network and Computer Applications Vol. 30, Issue 1, January, 2007, pp. 145-166.
[6]H. Deng, Q. A. Zeng and D. P. Agrawal, “SVM-based intrusion detection system for wireless ad hoc networks, ” in Proc. IEEE VTC '03, Vol. 3, October, 2003, pp. 2147-2151.
[7]H-W. Femg and C-L. Liu, “Design of a Joint Defense System for mobile ad hoc networks,” in Proc. IEEE VTC '06, May, 2006, pp. 742 – 746.
[8]X-P. Gao and W. Chen, “A novel gray hole attack detection scheme for mobile ad hoc networks,” Network and Parallel Computing Workshops, IFIP International Conference on, September, 2007, pp. 209 - 214.
[9]A. Hasswa, M. Zulkernine and H. Hassanein, “Routeguard:an intrusion detection and response system for mobile ad hoc networks,” Wireless And Mobile Computing, Networking And Communications, (WiMob'2005), IEEE International Conference, Vol. 3, August 2005, pp. 336 – 343.
[10]Y.-A. Huang, W. Fan, W. Lee, P.S. Yu, “Cross-feature analysis for detecting ad hoc routing anomalies,” in Proc. 23th International Conference on Distributed Computing Systems, Providence, RI, May, 2003, pp. 478 – 487.
[11]S. Kurosawa, H. Nakayama, N. Kato, A. Jamalipour and Y. Nemoto, “Detecting black hole attack on AODV-based mobile ad hoc networks by dynamic learning method,” International Journal of Network Security, Vol.5, No.3, November, 2007, pp. 338 – 346.
[12]S. Madhavi, “An intrusion detection system in mobile ad hoc networks,” Information Security and Assurance, April, 2008, pp. 7 – 14.
[13]S. Marti, T.J. Giuli, K. Lai, M. Baker, “Mitigating routing misbehavior in mobile ad hoc networks,” in 6th International Conference on Mobile Computing and Networking, MOBICOM’00, Auguest, 2000, pp. 255 – 265.
[14]P. Ning , K. Sun, “How to Misuse AODV:a case study of insider attacks against mobile ad hoc routing protocols”, Ad Hoc Networks, Vol. 3, Issue 6, November, 2005, pp. 795-819.
[15]A. Patwardhan, J. Parker, M. Iorga, A. Joshi, T. Karygiannis and Y. Yesha, “Threshold-based intrusion detection in ad hoc networks and secure AODV,” Ad Hoc Networks Vol. 6, Issue 4, June, 2008, pp. 578 – 599.
[16]C. E. Perkins and E. M. Royer, “Ad-hoc on-demand distance vector routing,” in Proc. 2nd IEEE Workshop on Mobile Computing Systems and Applications, February, 1999, pp. 90 – 100.
[17]S.A. Razak, S.M. Furnell, N.L. Clarke, and P.J. Brooke, ”Friend-assisted intrusion detection and response mechanisms for mobile ad hoc networks,” Ad Hoc Networks, Vol. 6, Issue 7, September, 2008, pp. 1151-1167.
[18]J. Sen, M.G. Chandra, S.G. Harihara, H. Reddy, P. Balamuralidhar, “A mechanism for detection of gray hole attack in mobile Ad Hoc networks,” Information, Communications & Signal Processing, 6th International Conference, December, 2007, pp. 1 – 5.
[19]K. F. Ssu, C. H. Chou, and L. W. Cheng, “Using overhearing technique to detect malicious packet-modifying attacks in wireless sensor networks,” Computer Communications, Vol. 30, Issues 11-12, September, 2007, pp. 2342-2352.
[20]L. Tamilselvan and V. Sankaranarayanan, “Prevention of black hole attack in MANET,” Wireless Broadband and Ultra Wideband Communications, AusWireless 2007, the 2nd International Conference, Auguest, 2007, pp. 21 – 26.
[21]G. Vigna, S. Gwalani, K. Srinivasan, E.M. Belding-Royer and R.A Kemmerer, “An intrusion detection tool for AODV-based ad hoc wireless networks,” Computer Security Applications Conference, 20th Annual, December, 2004, pp. 16 – 27.
[22]H. Weerasinghe and H. Fu, “Preventing cooperative black hole attacks in mobile ad hoc networks:simulation implementation and evaluation,” Future generation communication and networking (FGCN 2007) Vol. 2, December, 2007, pp. 362 – 367.
[23]Y. Xiao, X. Shen, and D.-Z. Du , “A survey on intrusion detection in mobile ad hoc networks,” Wireless/Mobile Network Security, pp. 170 – 196.
[24]W. Yu, Y. Sun and K.J.R. Liu, “HADOF:defense against routing disruptions in mobile ad hoc networks,” INFOCOM 2005, 24th Annual Joint Conference of the IEEE Computer and Communications Societies, Vol. 2, March, 2005, pp. 1252–1261.
[25]G. Zhang and S. Wang, “Aggregate and separate of signatures in wireless network,” Advanced Information Networking and Applications Workshops, 22nd International Conference, March, 2008, pp. 428 - 433.
[26]L. Zhou and Z. Haas, “Securing ad hoc network,” IEEE Network Magazine, Special issue on network security, Vol. 13, No. 6, November/December 1999, pp. 24-30.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊
 
系統版面圖檔 系統版面圖檔