Spelling suggestions: "subject:"amobile Ad hoc betworks"" "subject:"amobile Ad hoc conetworks""
81 |
Network Design and Routing in Peer-to-Peer and Mobile Ad Hoc NetworksMerugu, Shashidhar 19 July 2005 (has links)
Peer-to-peer networks and mobile ad hoc networks are emerging
distributed networks that share several similarities. Fundamental
among these similarities is the decentralized role of each
participating node to route messages on behalf of other nodes, and
thereby, collectively realizing communication between any pair of
nodes. Messages are routed on a topology graph that is determined by
the peer relationship between nodes. Although routing is fairly
straightforward when the topology graph is static, dynamic variations
in the peer relationship that often occur in peer-to-peer and mobile
ad hoc networks present challenges to routing.
In this thesis, we examine the interplay between routing messages and
network topology design in two classes of these networks --
unstructured peer-to-peer networks and sparsely-connected mobile ad
hoc networks.
In unstructured peer-to-peer networks, we add structure to overlay
topologies to support file sharing. Specifically, we investigate the
advantages of designing overlay topologies with small-world properties
to improve (a) search protocol performance and (b) network
utilization. We show, using simulation, that "small-world-like"
overlay topologies where every node has many close neighbors and few
random neighbors exhibit high chances of locating files close to the
source of file search query. This improvement in search protocol
performance is achieved while decreasing the traffic load on the links
in the underlying network.
In the context of sparsely-connected mobile ad hoc networks where
nodes provide connectivity via mobility, we present a protocol for
routing in space and time where the message forwarding decision
involves not only where to forward (space), but also when to forward
(time). We introduce space-time routing tables and develop methods to
compute these routing tables for those instances of ad hoc networks
where node mobility is predictable over either a finite horizon or
indefinitely due to periodicity in node motion. Furthermore, when the
node mobility is unpredictable, we investigate several forwarding
heuristics to address the scarcity in transmission opportunities in
these sparsely-connected ad hoc networks. In particular, we present
the advantages of fragmenting messages and augmenting them with
erasure codes to improve the end-to-end message delivery performance.
|
82 |
Intrusion Identification For Mobile Ad Hoc NetworksSahoo, Chandramani 03 1900 (has links)
A Mobile Ad Hoc Network (MANETs) is a collection of wireless hosts that can be rapidly deployed as a multi hop packet radio network without the aid of any established infrastructure or centralized administration. Such networks can be used to enable next generation of battlefield applications envisioned by the military, including situation awareness systems for maneuvering war fighters, and remotely deployed unmanned microsensor networks. Ad Hoc networks can also provide solutions for civilian applications such as disaster recovery and message exchanges among safety and security personnel involved in rescue missions.
Existing solutions for wired network Intrusion Detection Systems (IDSs) do not suit wireless Ad Hoc networks. To utilize either misuse detection or anomaly detection to monitor any possible compromises, the IDS must be able to distinguish normal from anomaly activities. To enable intrusion detection in wireless Ad Hoc networks, the research problems are:
• How to efficiently collect normal and anomaly patterns of Ad Hoc networks? The lifetime of the hosts is short and Ad Hoc networks do not have traffic concentration points (router, switch).
• How to detect anomalies? The loss could be caused by host movement instead of attacks. Unexpectedly long delay could be caused by unreliable channel instead of malicious discard.
In this thesis, we have proposed a novel architecture that uses specification based intrusion detection techniques to detect active attacks against the routing protocols of mobile Ad Hoc networks. Our work analyzes some of the vulnerabilities and discuss the attacks against the AODV protocol. Our approach involves the use of an FSM (Finite State Machine) for specifying the AODV routing behavior and the distributed network monitors for detecting the sequence number attack. Our method can detect most of the bad nodes with low false positive rate and the packet delivery ratio can also be increased with high detection rate.
For packet dropping attack, we present a distributed technique to detect this attack in wireless Ad Hoc networks. A bad node can forward packets but in fact it fails to do so. In our technique, every node in the network will check the neighboring nodes to detect if any of them fail to forward the packets. Our technique can detect most of the bad nodes with low false positive rate and the packet delivery ratio can also be increased. The proposed solution can be applied to identify multiple malicious nodes cooperating with each other in MANETs and discover secure routes from source to destination by avoiding malicious nodes acting in cooperation. Our technique will detect the sequence number and Packet Dropping attacks in real time within its radio range with no extra overhead.
For resource consumption attack, the proposed scheme incurs no extra overhead, as it makes minimal modifications to the existing data structures and functions related to bad listing a node in the existing version of pure AODV. The proposed scheme is more efficient in terms of the resultant routes established, resource reservations, and computational complexity. If multiple malicious nodes collaborate, they in turn will be restricted and isolated by their neighbors, because they monitor and exercise control over forwarding RREQs by nodes. Hence, the scheme successfully prevents Distributed attacks. The proposed scheme shifts the responsibility of monitoring this parameter to the node's neighbor, ensuring compliance of this restriction. This technique solves all of the problems caused due to unnecessary RREQs from a compromised node. Instead of self-control, the control exercised by a node's neighbor results in preventing this attack. Experiments show that the tool provides effective intrusion detection functionality while using only a limited amount of resources. The loop freedom property has been reduced to an invariant on pairs of nodes. Each node decides & transmits its decision to a control center. Robustness to Threats, Robustness to nodes destruction: Loss of Performance (in terms of ratio) is least for Distributed Option and highest for Centralized Option and Robustness to observations deletion.
All the proposed schemes were analyzed and tested under different topologies and conditions with varying number of nodes .The proposed algorithms for improving the robustness of the wireless Ad Hoc networks using AODV protocol against Packet Dropping Attack, Sequence Number attack and resource consumption attack have been simulated for an illustrative network of about 30 nodes. Our experiments have shown that the pattern extracted through simulation can be used to detect attacks effectively. The patterns could also be applied to detect similar attacks on other protocols.
|
83 |
Aprimorando o desempenho de algoritmos de roteamento em VANETs utilizando classificaçãoCosta, Lourdes Patrícia Portugal Poma 31 July 2013 (has links)
Made available in DSpace on 2016-06-02T19:06:08Z (GMT). No. of bitstreams: 1
5463.pdf: 18006027 bytes, checksum: 047b84b38eb03b475dacbf51b7bf50b1 (MD5)
Previous issue date: 2013-07-31 / Financiadora de Estudos e Projetos / Vehicular ad-hoc networks (VANETs) are networks capable of establishing communications between vehicles and road-side units. VANETs could be employed in data transmission applications. However, due to vehicle mobility, VANETs present intermittent connectivity, making message transmission a challenging task. Due to the lack of an end-to-end connectivity, messages are forwarded from vehicle to vehicle and stored when it is not possible to retransmit. Additionally, in order to improve delivery probability, messages are replicated and disseminated over the network. However, message replication may cause high network overhead and resource usage. As result, considerable research e_ort has been devoted to develop algorithms for speci_c scenarios: low, moderate and high connectivity. Nevertheless, algorithms projected for scenarios with a speci_c connectivity lack the ability to adapt to situations with zones presenting diferent node density. This lack of adaptation may negatively a_ect the performance in application such as data transmission in cities. This masters project proposes develops a method to automatically adapt message replication routing algorithms to diferent node density scenarios. The proposed method is composed of three phases. The first phase collects data from message retransmission events using a standard routing algorithms. The second phase consists in training a decision tree classifier based on the collected data. Finally, in the third phase the trained classifier is used to determine whether a message should be retransmitted or not based on the local node density. Therefore, the proposed method allows routing algorithms to query the trained classifier to decide if a message should be retransmitted. The proposed method was evaluated with real movement traces in order to improve Spray and Wait and Epidemic routing algorithms. Results indicate that the proposed method may contribute to performance enhancement. / As VANETs são redes de veículos com capacidade de estabelecer comunicações sem fio entre veículos e com equipamentos nas estradas. Estas redes poderiam ser usadas para a transferência de dados de diversas aplicações. No entanto, devido á mobilidade dos veículos, as VANETs apresentam conectividade intermitente entre os nós, dificultando a transmissão de mensagens. Ante a impossibilidade de ter conectividade de fim a fim, as mensagens são encaminhadas progressivamente de veículo em veículo, e armazenadas quando não houver a possibilidade de retransmitir. Adicionalmente, para incrementar a probabilidade de entrega, as mensagens são replicadas e disseminadas pela rede. Não obstante, a replicação de mensagens pode gerar alta sobrecarga de rede e alto consumo de recursos. Por causa disto, projetaram-se algoritmos para cenários específicos de: baixa, moderada e alta conectividade. Estes algoritmos, quando aplicados em ambientes de zonas de diferente densidade de nós,como cidades, podem diminuir o seu desempenho pela falta da capacidade de se adaptar a diferentes condições de conectividade. Contudo, neste trabalho foi desenvolvido um método para adaptar o comportamento dos algoritmos de roteamento por replicação de mensagens a diferentes situações de conectividade segundo a densidade das zonas onde se movimentam os nós retransmissores. O método consiste em três fases. Na primeira, são coletados os dados dos eventos de repasse de mensagens utilizando o algoritmo de roteamento padrão. Na segunda fase, utilizam-se os dados coletados para treinar um classificador baseado em _arvores de decisão. Na _ultima fase, o classificador é então empregado para determinar se uma situação de repasse de mensagem _e favorável segundo a densidade de nós. Desta forma, os algoritmos de roteamento podem decidir se repassar ou não uma mensagem com o suporte do classificador. Esta abordagem foi avaliada com traces de movimentos reais, para aprimorar o desempenho dos algoritmos de roteamento Spray and Wait e Epidemic. Os resultados dos experimentos realizados revelam que esta abordagem pode contribuir para o aprimoramento do desempenho.
|
84 |
An Energy-aware multipath routing extension for heterogeneous Ad hoc networksLima Junior, Josias Barbosa de 05 1900 (has links)
Submitted by João Arthur Martins (joao.arthur@ufpe.br) on 2015-03-11T18:10:20Z
No. of bitstreams: 2
license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5)
Dissertaçao JOSIAS de LIMA JUNIOR.pdf: 4252506 bytes, checksum: 714cb7aa7e2dc62943c697bd35a222ed (MD5) / Approved for entry into archive by Daniella Sodre (daniella.sodre@ufpe.br) on 2015-03-13T13:00:53Z (GMT) No. of bitstreams: 2
license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5)
Dissertaçao JOSIAS de LIMA JUNIOR.pdf: 4252506 bytes, checksum: 714cb7aa7e2dc62943c697bd35a222ed (MD5) / Made available in DSpace on 2015-03-13T13:00:53Z (GMT). No. of bitstreams: 2
license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5)
Dissertaçao JOSIAS de LIMA JUNIOR.pdf: 4252506 bytes, checksum: 714cb7aa7e2dc62943c697bd35a222ed (MD5)
Previous issue date: 2013-05 / Recent years have witnessed the emergence of new communication techniques in Computer Science that use both wireless technologies and self-organizing features. Their combination eliminates the need for using pre-defined wired structures and prior configurations. In this work, we develop a simulated version, using the network simulator 3 (ns-3), of the Heterogeneous Technologies Routing (HTR) framework that is suitable for interconnecting devices in a heterogeneous ad hoc network, extending its supported heterogeneous technologies with the addition of WiMAX and LTE devices, proposes an extension to enable multipath routing over this framework and investigates the impact of tuning routing parameters on convergence interval and energy consumption. Although a large number of works exist that investigate the tuning of routing parameter settings, to the best of our knowledge, none of them investigate the impact of these on protocol convergence and energy consumption. Multipath HTR routing, the extension we propose, offers several benefits such as load balancing, fault tolerance, routing loop prevention, energy-conservation, low end-to-end delay, and congestion avoidance, among others. This work performs a comparative analysis of the proposed HTR extension, with the baseline HTR, and the widely used Optimized Link State Routing (OLSR) protocol. Moreover, we investigate the impacts of tuning the HELLO refresh interval and perform a comparative analysis of the tuned HTR with the OLSR protocol. Both evaluations are validated through the simulation of heterogeneous technologies such as WiMAX, 3GPP LTE and Wi-Fi. Results show that the multipath extension effectively improves the data delivery ratio, and reduces the end-to-end delay without major impact on network energy consumption. For the tuned HTR, results show that varying the HELLO refresh interval can improve the convergence of the protocol and reduce the energy consumption. / Recentemente, novas técnicas de comunicação surgiram que usam tecnologia sem fio e são capazes de se autoconfigurar. A combinação desses fatores elimina a necessidade de utilizar estruturas cabeadas e configurações pré-definidas. Neste trabalho, o autor desenvolve uma versão simulada, através do simulador de rede “network Simulator 3” (ns-3), do arcabouço “Heterogeneous Technologies Routing” (HTR), que se propõe à interconectar dispositivos em redes heterogêneas ad hoc, estendendo o seu suporte às tecnologias heterogêneas com a adição de dispositivos WiMAX e LTE, propõe uma extensão para fornecer um roteamento baseado em múltiplos caminhos (“Multipath”) e investiga o impacto de modificar os parâmetros de configuração do roteamento no tempo de convergência da rede e consumo de energia. Apesar de um grande número de obras existentes que investigam o impacto da mudança de parâmetros de configuração do roteamento, no meu conhecimento, nenhum deles investiga o impacto destes no tempo de convergência do protocolo e consumo de energia. O “Multipath HTR”, a extensão proposta, oferece vários benefícios como balanceamento de carga, tolerância a falhas, prevenção de “loops” de roteamento, conservação de energia, baixo atraso fim-a-fim, e evita o congestionamento, entre outros. Este trabalho faz uma análise comparativa da extensão ao HTR proposta, com a base do HTR, e o protocolo amplamente utilizado “Optimized Link State Routing” (OLSR). Além disso, o esse trabalho investiga o impacto de variar o intervalo de envio de mensagens de HELLO e realiza uma análise comparativa do HTR modificado (“Tuned HTR”) com o protocolo OLSR. As duas avaliações são realizadas através de simulação usando tecnologias heterogêneas como WiMAX, 3GPP LTE e Wi-Fi. Resultados mostram que a extensão de múltiplos caminhos proposta melhora a taxa de transmissão de dados, e reduz o atraso fim-a-fim sem maiores impactos no consumo de energia da rede. Para o “Tuned HTR”, resultados mostram que a variação do intervalo de envio de mensagens de HELLO pode melhorar a convergência do protocolo e reduz o consumo de energia.
|
85 |
Design and Analysis of QoS-Aware Key Management and Intrusion Detection Protocols for Secure Mobile Group Communications in Wireless NetworksCho, Jin-Hee 10 December 2008 (has links)
Many mobile applications in wireless networks such as military battlefield, emergency response, and mobile commerce are based on the notion of secure group communications. Unlike traditional security protocols which concern security properties only, in this dissertation research we design and analyze a class of QoS-aware protocols for secure group communications in wireless networks with the goal to satisfy not only security requirements in terms of secrecy, confidentiality, authentication, availability and data integrity, but also performance requirements in terms of latency, network traffic, response time, scalability and reconfigurability.
We consider two elements in the dissertation research: design and analysis. The dissertation research has three major contributions. First, we develop three "threshold-based" periodic batch rekeying protocols to reduce the network communication cost caused by rekeying operations to deal with outsider attacks. Instead of individual rekeying, i.e., performing a rekeying operation right after each group membership change event, these protocols perform batch rekeying periodically. We demonstrate that an optimal rekey interval exists that would satisfy an imposed security requirement while minimizing the network communication cost.
Second, we propose and analyze QoS-aware intrusion detection protocols for secure group communications in mobile ad hoc networks to deal with insider attacks. We consider a class of intrusion detection protocols including host-based and voting-based protocols for detecting and evicting compromised nodes and examine their effect on the mean time to security failure metric versus the response time metric. Our analysis reveals that there exists an optimal intrusion detection interval under which the system lifetime metric can be best traded off for the response time performance metric, or vice versa. Furthermore, the intrusion detection interval can be dynamically adjusted based on the attacker behaviors to maximize the system lifetime while satisfying a system-imposed response time or network traffic requirement.
Third, we propose and analyze a scalable and efficient region-based group key management protocol for managing mobile groups in mobile ad hoc networks. We take a region-based approach by which group members are broken into region-based subgroups, and leaders in subgroups securely communicate with each other to agree on a group key in response to membership change and member mobility events. We identify the optimal regional area size that minimizes the network communication cost while satisfying the application security requirements, allowing mobile groups to react to network partition/merge events for dynamic reconfigurability and survivability. We further investigate the effect of integrating QoS-aware intrusion detection with region-based group key management and identify combined optimal settings in terms of the optimal regional size and the optimal intrusion detection interval under which the security and performance properties of the system can be best optimized.
We evaluate the merits of our proposed QoS-aware security protocols for mobile group communications through model-based mathematical analyses with extensive simulation validation. We perform thorough comparative analyses against baseline secure group communication protocols which do not consider security versus performance tradeoffs, including those based on individual rekeying, no intrusion detection, and/or no-region designs. The results obtained show that our proposed QoS-aware security protocols outperform these baseline algorithms. â / Ph. D.
|
86 |
Securing data dissemination in vehicular ad hoc networksAldabbas, Hamza January 2012 (has links)
Vehicular ad hoc networks (VANETs) are a subclass of mobile ad hoc networks (MANETs) in which the mobile nodes are vehicles; these vehicles are autonomous systems connected by wireless communication on a peer-to-peer basis. They are self-organized, self-configured and self-controlled infrastructure-less networks. This kind of network has the advantage of being able to be set-up and deployed anywhere and anytime because it has no infrastructure set-up and no central administration. Distributing information between these vehicles over long ranges in such networks, however, is a very challenging task, since sharing information always has a risk attached to it especially when the information is confidential. The disclosure of such information to anyone else other than the intended parties could be extremely damaging, particularly in military applications where controlling the dissemination of messages is essential. This thesis therefore provides a review of the issue of security in VANET and MANET; it also surveys existing solutions for dissemination control. It highlights a particular area not adequately addressed until now: controlling information flow in VANETs. This thesis contributes a policy-based framework to control the dissemination of messages communicated between nodes in order to ensure that message remains confidential not only during transmission, but also after it has been communicated to another peer, and to keep the message contents private to an originator-defined subset of nodes in the VANET. This thesis presents a novel framework to control data dissemination in vehicle ad hoc networks in which policies are attached to messages as they are sent between peers. This is done by automatically attaching policies along with messages to specify how the information can be used by the receiver, so as to prevent disclosure of the messages other than consistent with the requirements of the originator. These requirements are represented as a set of policy rules that explicitly instructs recipients how the information contained in messages can be disseminated to other nodes in order to avoid unintended disclosure. This thesis describes the data dissemination policy language used in this work; and further describes the policy rules in order to be a suitable and understandable language for the framework to ensure the confidentiality requirement of the originator. This thesis also contributes a policy conflict resolution that allows the originator to be asked for up-to-date policies and preferences. The framework was evaluated using the Network Simulator (NS-2) to provide and check whether the privacy and confidentiality of the originators’ messages were met. A policy-based agent protocol and a new packet structure were implemented in this work to manage and enforce the policies attached to packets at every node in the VANET. Some case studies are presented in this thesis to show how data dissemination can be controlled based on the policy of the originator. The results of these case studies show the feasibility of our research to control the data dissemination between nodes in VANETs. NS-2 is also used to test the performance of the proposed policy-based agent protocol and demonstrate its effectiveness using various network performance metrics (average delay and overhead).
|
87 |
Ant colony optimization and its application to adaptive routing in telecommunication networksDi Caro, Gianni 10 November 2004 (has links)
In ant societies, and, more in general, in insect societies, the activities of the individuals, as well as of the society as a whole, are not regulated by any explicit form of centralized control. On the other hand, adaptive and robust behaviors transcending the behavioral repertoire of the single individual can be easily observed at society level. These complex global behaviors are the result of self-organizing dynamics driven by local interactions and communications among a number of relatively simple individuals.<p><p>The simultaneous presence of these and other fascinating and unique characteristics have made ant societies an attractive and inspiring model for building new algorithms and new multi-agent systems. In the last decade, ant societies have been taken as a reference for an ever growing body of scientific work, mostly in the fields of robotics, operations research, and telecommunications.<p><p>Among the different works inspired by ant colonies, the Ant Colony Optimization metaheuristic (ACO) is probably the most successful and popular one. The ACO metaheuristic is a multi-agent framework for combinatorial optimization whose main components are: a set of ant-like agents, the use of memory and of stochastic decisions, and strategies of collective and distributed learning.<p><p>It finds its roots in the experimental observation of a specific foraging behavior of some ant colonies that, under appropriate conditions, are able to select the shortest path among few possible paths connecting their nest to a food site. The pheromone, a volatile chemical substance laid on the ground by the ants while walking and affecting in turn their moving decisions according to its local intensity, is the mediator of this behavior.<p><p>All the elements playing an essential role in the ant colony foraging behavior were understood, thoroughly reverse-engineered and put to work to solve problems of combinatorial optimization by Marco Dorigo and his co-workers at the beginning of the 1990's.<p><p>From that moment on it has been a flourishing of new combinatorial optimization algorithms designed after the first algorithms of Dorigo's et al. and of related scientific events.<p><p>In 1999 the ACO metaheuristic was defined by Dorigo, Di Caro and Gambardella with the purpose of providing a common framework for describing and analyzing all these algorithms inspired by the same ant colony behavior and by the same common process of reverse-engineering of this behavior. Therefore, the ACO metaheuristic was defined a posteriori, as the result of a synthesis effort effectuated on the study of the characteristics of all these ant-inspired algorithms and on the abstraction of their common traits.<p><p>The ACO's synthesis was also motivated by the usually good performance shown by the algorithms (e.g. for several important combinatorial problems like the quadratic assignment, vehicle routing and job shop scheduling, ACO implementations have outperformed state-of-the-art algorithms).<p><p>The definition and study of the ACO metaheuristic is one of the two fundamental goals of the thesis. The other one, strictly related to this former one, consists in the design, implementation, and testing of ACO instances for problems of adaptive routing in telecommunication networks.<p><p>This thesis is an in-depth journey through the ACO metaheuristic, during which we have (re)defined ACO and tried to get a clear understanding of its potentialities, limits, and relationships with other frameworks and with its biological background. The thesis takes into account all the developments that have followed the original 1999's definition, and provides a formal and comprehensive systematization of the subject, as well as an up-to-date and quite comprehensive review of current applications. We have also identified in dynamic problems in telecommunication networks the most appropriate domain of application for the ACO ideas. According to this understanding, in the most applicative part of the thesis we have focused on problems of adaptive routing in networks and we have developed and tested four new algorithms.<p><p>Adopting an original point of view with respect to the way ACO was firstly defined (but maintaining full conceptual and terminological consistency), ACO is here defined and mainly discussed in the terms of sequential decision processes and Monte Carlo sampling and learning.<p><p>More precisely, ACO is characterized as a policy search strategy aimed at learning the distributed parameters (called pheromone variables in accordance with the biological metaphor) of the stochastic decision policy which is used by so-called ant agents to generate solutions. Each ant represents in practice an independent sequential decision process aimed at constructing a possibly feasible solution for the optimization problem at hand by using only information local to the decision step.<p>Ants are repeatedly and concurrently generated in order to sample the solution set according to the current policy. The outcomes of the generated solutions are used to partially evaluate the current policy, spot the most promising search areas, and update the policy parameters in order to possibly focus the search in those promising areas while keeping a satisfactory level of overall exploration.<p><p>This way of looking at ACO has facilitated to disclose the strict relationships between ACO and other well-known frameworks, like dynamic programming, Markov and non-Markov decision processes, and reinforcement learning. In turn, this has favored reasoning on the general properties of ACO in terms of amount of complete state information which is used by the ACO's ants to take optimized decisions and to encode in pheromone variables memory of both the decisions that belonged to the sampled solutions and their quality.<p><p>The ACO's biological context of inspiration is fully acknowledged in the thesis. We report with extensive discussions on the shortest path behaviors of ant colonies and on the identification and analysis of the few nonlinear dynamics that are at the very core of self-organized behaviors in both the ants and other societal organizations. We discuss these dynamics in the general framework of stigmergic modeling, based on asynchronous environment-mediated communication protocols, and (pheromone) variables priming coordinated responses of a number of ``cheap' and concurrent agents.<p><p>The second half of the thesis is devoted to the study of the application of ACO to problems of online routing in telecommunication networks. This class of problems has been identified in the thesis as the most appropriate for the application of the multi-agent, distributed, and adaptive nature of the ACO architecture.<p><p>Four novel ACO algorithms for problems of adaptive routing in telecommunication networks are throughly described. The four algorithms cover a wide spectrum of possible types of network: two of them deliver best-effort traffic in wired IP networks, one is intended for quality-of-service (QoS) traffic in ATM networks, and the fourth is for best-effort traffic in mobile ad hoc networks.<p><p>The two algorithms for wired IP networks have been extensively tested by simulation studies and compared to state-of-the-art algorithms for a wide set of reference scenarios. The algorithm for mobile ad hoc networks is still under development, but quite extensive results and comparisons with a popular state-of-the-art algorithm are reported. No results are reported for the algorithm for QoS, which has not been fully tested. The observed experimental performance is excellent, especially for the case of wired IP networks: our algorithms always perform comparably or much better than the state-of-the-art competitors.<p><p>In the thesis we try to understand the rationale behind the brilliant performance obtained and the good level of popularity reached by our algorithms. More in general, we discuss the reasons of the general efficacy of the ACO approach for network routing problems compared to the characteristics of more classical approaches. Moving further, we also informally define Ant Colony Routing (ACR), a multi-agent framework explicitly integrating learning components into the ACO's design in order to define a general and in a sense futuristic architecture for autonomic network control.<p><p>Most of the material of the thesis comes from a re-elaboration of material co-authored and published in a number of books, journal papers, conference proceedings, and technical reports. The detailed list of references is provided in the Introduction.<p><p><p> / Doctorat en sciences appliquées / info:eu-repo/semantics/nonPublished
|
88 |
Efficient Key Management, and Intrusion Detection Protocols for Enhancing Security in Mobile Ad Hoc NetworksMaity, Soumyadev January 2014 (has links) (PDF)
Security of communications is a major requirement for Mobile Adhoc NETworks(MANETs) since they use wireless channel for communications which can be easily tapped, and physical capture of MANET nodes is also quite easy. From the point of view of providing security in MANETs, there are basically two types of MANETs, viz., authoritarian MANETs, in which there exist one or more authorities who decide the members of the network, and self-organized MANETs, in which there is no such authority. Ensuring security of communications in the MANETs is a challenging task due to the resource constraints and infrastructure-less nature of these networks, and the limited physical security of MANET nodes. Attacks on security in a MANET can be launched by either the external attackers which are not legitimate members of the MANET or the internal attackers which are compromised members of the MANET and which can hold some valid security credentials or both. Key management and authentication protocols(KM-APs)play an important role in preventing the external attackers in a MANET. However, in order to prevent the internal attackers, an intrusion detection system(IDS) is essential. The routing protocols running in the network layer of a MANET are most vulnerable to the internal attackers, especially to the attackers which launch packet dropping attack during data packet forwarding in the MANET. For an authoritarian MANET, an arbitrated KM-AP protocol is perfectly suitable, where trusts among network members are coordinated by a trusted authority. Moreover, due to the resource constraints of a MANET, symmetric key management protocols are more efficient than the public key management protocols in authoritarian MANETs. The existing arbitrated symmetric key management protocols in MANETs, that do not use any authentication server inside the network are susceptible to identity impersonation attack during shared key establishments. On the other hand, the existing server coordinated arbitrated symmetric key management protocols in MANETs do not differentiate the role of a membership granting server(MGS) from the role of an authentication server, and so both are kept inside the network. However, keeping the MGS outside the network is more secure than keeping it inside the network for a MANET. Also, the use of a single authentication server inside the network cannot ensure robustness against authentication server compromise. In self-organized MANETs, public key management is more preferable over symmetric key management, since the distribution of public keys does not require a pre-established secure channel. The main problem for the existing self-organized public key management protocols in MANETs is associated with the use of large size certificate chains. Besides, the proactive certificate chaining based approaches require each member of a MANET to maintain an updated view of the trust graph of the entire network, which is highly resource consuming. Maintaining a hierarchy of trust relationships among members of a MANET is also problematic for the same reason. Evaluating the strength of different alternative trust chains and restricting the length of a trust chain used for public key verification is also important for enhancing the security of self-organized public key management protocols. The existing network layer IDS protocols in MANETs that try to defend against packet dropping attack use either a reputation based or an incentive based approach. The reputation based approaches are more effective against malicious principals than the incentive based approaches. The major problem associated with the existing reputation based IDS protocols is that they do not consider the protocol soundness issue in their design objectives. Besides, most of the existing protocols incorporate no mechanism to fight against colluding principals. Also, an IDS protocol in MANETs should incorporate some secure and efficient mechanism to authenticate the control packets used by it. In order to mitigate the above mentioned problems in MANETs, we have proposed new models and designed novel security protocols in this thesis that can enhance the security of communications in MANETs at lesser or comparable cost. First, in order to perform security analysis of KM-AP protocols, we have extended the well known strand space verification model to overcome some of its limitations. Second, we have proposed a model for the study of membership of principals in MANETs with a view to utilize the concept for analyzing the applicability and the performance of KM-AP protocols in different types of MANETs. Third and fourth, we have proposed two novel KM-AP protocols, SEAP and CLPKM, applicable in two different types of MANET scenarios. The SEAP protocol is an arbitrated symmetric key management protocol designed to work in an authoritarian MANET, whereas the CLPKM protocol is a self-organized public key management protocol designed for self-organized MANETs. Fifth, we have designed a novel reputation based network layer IDS protocol, named EVAACK protocol, for the detection of packet dropping misbehavior in MANETs. All of the three proposed protocols try to overcome the limitations of the existing approaches in their respective categories. We have provided rigorous mathematical proofs for the security properties of the proposed protocols. Performance of the proposed protocols have been compared with those of the other existing similar approaches using simulations in the QualNet simulator. In addition, we have also implemented the proposed SEAP and CLPKM protocols on a real MANET test bed to test their performances in real environments. The analytical, simulation and experimentation results confirm the effectiveness of the proposed schemes.
|
Page generated in 0.0586 seconds