透過您的圖書館登入
IP:54.160.243.44
  • 學位論文

在隨意網路上抵擋惡意路由詢問封包的攻擊

Withstanding Malicious RREQ Packets Flooding Attacks in MANET

指導教授 : 孫宏民

摘要


隨意網路(Ad Hoc Network)是一群可移動裝置,能夠自我動態組織互相溝通,而不需要中央集中式管理(Base Station)的區域網路模組,他們能夠自由的漫遊在彼此能收送訊息的範圍之內,互相傳送資料給對方。隨意網路的應用非常廣泛,舉凡軍事設施、個人電子設備、Ad Hoc視訊會議等等,皆可運用到相關的技術。儘管隨意網路帶來許多的便利,但是由於路由協定設計上的一些漏洞,使得隨意網路容易遭受到入侵者惡意的攻擊。黑洞攻擊(black hole attack)、灰洞攻擊(grey hold attack)、蟲洞攻擊(wormhole attack)、流量分析攻擊(traffic analysis attack)以及急送攻擊(rushing attack)皆為隨意網路上常見的攻擊。 在這個碩士論文中,我們介紹一個重要的攻擊叫做路由詢問封包(Route Request Packet)氾濫攻擊。在這種攻擊中,入侵者藉由不斷的發送路由詢問封包到網路上消耗網路頻寬以及其他裝置的資源,使得其他的裝置無法正常執行工作,最後導致整個網路的阻絶服務(denial of service)。針對這種攻擊,我們提出一個變動門檻的防治方法來偵測。我們使用到兩個門檻值來偵測惡意的行為,且門檻值是根據網路環境的狀態來設定,使得整個偵測系統更具有彈性。從模擬的結果可以發現我們所提出的防禦方法可以有效的抵擋單一甚至是多個惡意入侵者同時發動路由詢問封包的氾濫攻擊。

並列摘要


Mobile ad hoc network (MANET) is a group of mobile wireless nodes that communicate with each other without the aid of the infrastructure such as base station. It has been used in many applications, for example, military application, personal electronic device, ad hoc meeting, etc. Because of the shortcoming of the routing protocol, MANET is vulnerable to some kinds of attacks. Black hole attack, gray hole attack, wormhole attack, traffic analysis attack, and rushing attack are common attacks in ad hoc network. In this thesis, we introduce a critical attack in MANET:the Route Request (RREQ) packets flooding attack. In RREQ packets flooding attack, malicious node floods RREQ packets rapidly and finally result in denial of service (DoS) in the network. Consequently, we develop a dynamic-threshold based scheme to detect this kind of attack. Our scheme uses two threshold values to defend the packets flooding attack. Besides, we adjust the thresholds according to the network status. Finally, the simulation results can verify the efficiency of our scheme.

參考文獻


[1] A. Veres, A. Campbell, M. Barry, and L. Sun, “Supporting Service Differentiation in Wireless Packet Networks Using Distributed Control (SWAN),” IEEE J. Select. Areas in Communications, Volume19 Pages:2081-2093, 2001.
[3] T. Thumthawatworn, T. Yeophantong, and P. Sirikriengkrai, “Adaptive Sinkhole Detection on Wireless Ad Hoc Networks,” 2006 IEEE Aerospace Conference, Page: 10, 2006.
[4] B. Sun, Y. Guan, J. Chen, and U. W. Pooch, “Detecting black-hole attack in mobile ad hoc networks,” Personal Mobile Communications Conference, 5th European, Pages: 490 – 495, 2003.
[6] Y. C. Hu, A. Perrig, and D. B. Johnson, “Wormhole attacks in wireless networks,” Selected Areas in Communications, IEEE Journal, Volume 24, Pages: 370 – 380, 2006.
[7] Y. C. Hu, A. Perrig, and D. B. Johnson, “Packet leashes: a defense against wormhole attacks in wireless networks,” INFOCOM 2003, Volume 3, Pages: 1976 – 1986, 2003.

延伸閱讀