本文關鍵詞： 無線自組網(wǎng) 路由協(xié)議 攻擊 網(wǎng)絡模型　出處：《電子科技大學》2014年碩士論文　論文類型：學位論文

【摘要】：無線自組網(wǎng)不同于現(xiàn)在的無線網(wǎng)絡,它可以利用網(wǎng)絡內(nèi)的節(jié)點自發(fā)地組建網(wǎng)絡,憑借節(jié)點的多跳來完成數(shù)據(jù)的轉發(fā)。到目前為止,它快速、便捷的組網(wǎng)特性使其在軍事、民用、商用上都有著不可估量的前途。但是由于它無線信道的特性使得其極容易遭遇外部環(huán)境的攻擊,再加上節(jié)點的使用壽命有限,這些都給無線自組網(wǎng)攻擊的防護設計增加了難度。因此,關于它攻擊的防護研究成了當今研究人員探討的熱點。本文針對路由協(xié)議AODV面臨的兩種攻擊提出了相應的防護研究。具體做法如下:AODV協(xié)議是按照先進先出的規(guī)則來處理接收到的RREQ消息,RREQ的泛洪攻擊就是根據(jù)這個漏洞開展的。當正常節(jié)點收到泛洪的RREQ消息后,會對這些消息進行處理。結果,這些消息不斷地消耗有限的帶寬,造成傳輸?shù)臄?shù)據(jù)被大量丟棄。本文針對這個攻擊進行了防護研究。改變協(xié)議AODV處理RREQ消息的規(guī)則,通過選用優(yōu)先級高低的規(guī)則來處理不同節(jié)點發(fā)送的RREQ消息,孤立發(fā)送RREQ頻繁的節(jié)點,從而有效地抑制RREQ的泛洪攻擊。在AODV協(xié)議的RREQ消息內(nèi),RREQ ID的值越大代表著此消息越新。RREQ篡改攻擊就是根據(jù)這個漏洞開展的。當正常節(jié)點收到被篡改RREQ ID的RREQ消息后會誤以為這是新的RREQ消息,會對此消息進行處理并將攻擊節(jié)點選作路由內(nèi)的關鍵節(jié)點。本文針對這個攻擊進行了防護研究。根據(jù)源節(jié)點每隔NET_TRAVERSAL_TIME的時間沒有收到對先前發(fā)送RREQ消息的響應消息,會再次發(fā)送新的RREQ消息,因此,確定其他節(jié)點先后收到新的RREQ消息的時間間隔應該大于NET_TRAVERSAL_TIME。根據(jù)這個原則來判斷正常節(jié)點是否收到篡改過的RREQ消息,對于收到篡改過的RREQ消息進行拋棄來有效地阻斷RREQ篡改攻擊的影響。本文為了驗證上述兩種防護措施的性能效果,首先,分析了三種不同的網(wǎng)絡模型:鏈式網(wǎng)絡、星狀網(wǎng)絡、網(wǎng)狀網(wǎng)絡,并用仿真軟件搭建這三種網(wǎng)絡模型,實現(xiàn)針對AODV的RREQ泛洪攻擊與篡改攻擊的仿真,利用網(wǎng)絡吞吐量、時延、丟包率驗證了攻擊給網(wǎng)絡帶來的負面影響,然后又在仿真軟件內(nèi)完成了相應的防護仿真。最后利用對仿真結果的分析,證實了上述兩種防護方法的可行性。
[Abstract]:Wireless ad hoc network is different from the current wireless network, it can make use of the nodes in the network to spontaneously set up the network, by virtue of multi-hop nodes to complete the transmission of data. Up to now, it is fast. Because of its convenient network characteristics, it has an inestimable future in military, civil and commercial applications. However, because of its wireless channel characteristics, it is vulnerable to external environment attacks. In addition, the service life of nodes is limited, which makes it more difficult to design the protection against wireless ad hoc network attacks. The research on the protection of AODV attacks has become a hot topic. In this paper, two kinds of attacks facing routing protocol AODV are studied. The specific methods are as follows:. The AODV protocol deals with received RREQ messages according to first-in first-out rules. The flooding attack of RREQ is based on this vulnerability. When normal nodes receive flooding RREQ messages, they will be processed. As a result, these messages continue to consume limited bandwidth. This paper studies the protection against this attack and changes the rules of protocol AODV to handle RREQ messages. The RREQ messages sent by different nodes are processed by selecting the rules of priority, and the nodes that send RREQ frequently are isolated. In order to effectively suppress the flooding attack of RREQ. In the RREQ message of AODV protocol. The larger the value of the RREQ ID means that the message is newer. RREQ tamper attacks are based on this vulnerability. When the normal node receives the tampered RREQ. ID's RREQ message will be mistaken for the new RREQ message. This message will be processed and the attack node will be selected as the key node in the route. This paper studies the protection against this attack. According to the time of the source node every NET_TRAVERSAL_TIME. No response message was received to the previous RREQ message. A new RREQ message is sent again, so. Determine whether the other nodes receive new RREQ messages at a time interval greater than that of new RREQ messages. Use this principle to determine whether a normal node receives a tampered RRE. Q message. Jettisoning the received tampered RREQ messages to block the impact of RREQ tampering attacks effectively. In order to verify the performance of the two protective measures mentioned above, first of all. This paper analyzes three different network models: chain network, star network, mesh network, and builds these three network models with simulation software to realize the simulation of RREQ flooding attack and tampering attack against AODV. Using network throughput, delay, packet loss rate to verify the negative impact of the attack on the network, and then in the simulation software to complete the corresponding protection simulation. Finally, the simulation results are analyzed. The feasibility of the above two methods is confirmed.
【學位授予單位】：電子科技大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TN915.08

【參考文獻】

相關博士學位論文 前1條

1 吳振強;無線局域網(wǎng)安全體系結構及關鍵技術[D];西安電子科技大學;2007年

，

本文編號：1447009