Mobile ad hoc networks create additional challenges for implementing the group key establishment due to resource constraints on nodes and dynamic changes on topology. The nodes in mobile ad hoc networks are usually lo...Mobile ad hoc networks create additional challenges for implementing the group key establishment due to resource constraints on nodes and dynamic changes on topology. The nodes in mobile ad hoc networks are usually low power devices that run on battery power. As a result, the costs of the node resources should be minimized when constructing a group key agreement protocol so that the battery life could be prolonged. To achieve this goal, in this paper we propose a security efficient group key agreement protocol based on Burmester-Desmedt (BD) scheme and layer-cluster group model, referred to as LCKM-BD, which is appropriate for large mobile ad hoe networks. In the layer-cluster group model, BD scheme is employed to establish group key, which can not only meet security demands of mobile ad hoc networks but also improve executing performance. Finally, the proposed protocol LCKM-BD are compared with BD, TGDH (tree-based group Diffe-Hellman), and GDH (group Diffie-Hellman) group key agreement protocols. The analysis results show that our protocol can significantly decrease both the computational overhead and communication costs with respect to these comparable protocols.展开更多
This paper addresses an interesting security problem in wireless ad hoc networks: the dynamic group key agreement key establishment. For secure group communication in an ad hoc network, a group key shared by all group...This paper addresses an interesting security problem in wireless ad hoc networks: the dynamic group key agreement key establishment. For secure group communication in an ad hoc network, a group key shared by all group members is required. This group key should be updated when there are membership changes (when the new member joins or current member leaves) in the group. In this paper, we propose a novel, secure, scalable and efficient region-based group key agreement protocol for ad hoc networks. This is implemented by a two-level structure and a new scheme of group key update. The idea is to divide the group into subgroups, each maintaining its subgroup keys using group elliptic curve diffie-hellman (GECDH) Protocol and links with other subgroups in a tree structure using tree-based group elliptic curve diffie-hellman (TGECDH) protocol. By introducing region-based approach, messages and key updates will be limited within subgroup and outer group;hence computation load is distributed to many hosts. Both theoretical analysis and experimental results show that this Region-based key agreement protocol performs well for the key establishment problem in ad hoc network in terms of memory cost, computation cost and communication cost.展开更多
This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relat...This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relationship between nodes, the ad hoc network works in a self-organizing way to provide the key generation and key management services using threshold secret sharing schemes, which effectively solves the problem of single point of failure. The proposed approach combines the best aspects of identity-based key management approaches (implicit certification) and traditional public key infrastructure approaches (no key escrow).展开更多
As the wireless medium is characterized by its lossy nature, reliable communication cannot be assumed in the key management scheme. Therefore self-healing is a good property for key distribution scheme in wireless app...As the wireless medium is characterized by its lossy nature, reliable communication cannot be assumed in the key management scheme. Therefore self-healing is a good property for key distribution scheme in wireless applications. A new self-healing key distribution scheme was proposed, which is optimal in terms of user memory storage and efficient in terms of communication complexity.展开更多
Initial works in ad hoc routing have considered only the problem of providing efficient mechanisms for finding paths in such networks,without considering security as a major problem.In such a trusted environment,malic...Initial works in ad hoc routing have considered only the problem of providing efficient mechanisms for finding paths in such networks,without considering security as a major problem.In such a trusted environment,malicious behaviors can disturb routing process.We present the design and performance evaluation of a new secure on-demand routing protocol for ad hoc networks, called CASR.CASR is robust against attackers from outside of the network and even it prevents compromised nodes from tampering with uncompromised routes consisting of uncompromised nodes.Because of using symmetric cryptography in its structure,CASR is robust against large number of types of Denial-of -Service attacks.However,due to the applying of the random key predistributions method to the routing process our proposed scheme reaches a trade-off between the degree of security and complexity.展开更多
Purpose–Security is one of the major challenges in the design and implementation of protocols for mobile ad hoc networks(MANETs).In such systems,the cooperation between nodes is one of the important principles being ...Purpose–Security is one of the major challenges in the design and implementation of protocols for mobile ad hoc networks(MANETs).In such systems,the cooperation between nodes is one of the important principles being followed in the current research works to formulate various security protocols.Many existing works assume that mobile nodes will follow prescribed protocols without deviation.However,this is not always the case,because these networks are subjected to a variety of malicious attacks.Since there are various models of attack,trust routing scheme can guarantee security and trust of the network.The purpose of this paper is to propose a novel trusted routing model for mitigating attacks in MANETs.Design/methodology/approach–The proposed model incorporates the concept of trust into the MANETs and applies grey relational analysis theory combined with fuzzy sets to calculate a node’s trust level based on observations from neighbour nodes’trust level,these trust levels are then used in the routing decision-making process.Findings–In order to prove the applicability of the proposed solution,extensive experiments were conducted to evaluate the efficiency of the proposed model,aiming at improving the network interaction quality,malicious node mitigation and enhancements of the system’s security.Originality/value–The proposed solution in this paper is a new approach combining the fundamental basics of fuzzy sets with the grey theory,where establishment of trust relationships among participating nodes is critical in order to enable collaborative optimisation of system metrics.Experimental results indicate that the proposed method is useful for reducing the effects of malicious nodes and for the enhancements of system’s security.展开更多
Ad Hoc网是一种不依赖于任何固定基础设施、没有中心控制节点、计算资源受限的新型无线移动网络.最近王晓峰等学者提出了一个新的适用于Ad Hoc网的具有口令认证和共享口令进化的多方密钥协商协议,并认为他们的协议是安全而高效的.然而...Ad Hoc网是一种不依赖于任何固定基础设施、没有中心控制节点、计算资源受限的新型无线移动网络.最近王晓峰等学者提出了一个新的适用于Ad Hoc网的具有口令认证和共享口令进化的多方密钥协商协议,并认为他们的协议是安全而高效的.然而我们发现这一协议存在严重的安全缺陷:不能抵抗离线口令猜测攻击和伪造攻击;不能提供前向安全性和后向安全性;不能动态更新群组成员的密钥.展开更多
Vehicular ad hoc network(VANET)is a self-organizing wireless sensor network model,which is extensively used in the existing traffic.Due to the openness of wireless channel and the sensitivity of traffic information,da...Vehicular ad hoc network(VANET)is a self-organizing wireless sensor network model,which is extensively used in the existing traffic.Due to the openness of wireless channel and the sensitivity of traffic information,data transmission process in VANET is vulnerable to leakage and attack.Authentication of vehicle identitywhile protecting vehicle privacy information is an advantageous way to improve the security of VANET.We propose a scheme based on fair blind signature and secret sharing algorithm.In this paper,we prove that the scheme is feasible through security analysis.展开更多
Security systems are a necessity for the deployment of smart vehicles in our society. Security in vehicular ad hoe networks is crucial to the reliable exchange of information and control data. In this paper, we propos...Security systems are a necessity for the deployment of smart vehicles in our society. Security in vehicular ad hoe networks is crucial to the reliable exchange of information and control data. In this paper, we propose an intelligent Intrusion Detection System (IDS) to protect the external communication of self-driving and semi self-driving vehicles. This technology has the ability to detect Denial of Service (DOS) and black hole attacks on vehicular ad hoe networks (VANETs). The advantage of the proposed IDS over existing security systems is that it detects attacks before they causes significant damage. The intrusion prediction technique is based on Linear Discriminant Analysis (LDA) and Quadratic Diseriminant Analysis (QDA) which are used to predict attacks based on observed vehicle behavior. We perform simulations using Network Simulator 2 to demonstrate that the IDS achieves a low rate of false alarms and high accuracy in detection.展开更多
基金The National Natural Science Foundation of China (No.60403027)the Research Foundation for Out-standing Young Teachers, China University of Geosciences(Wuhan) (No.CUGQNL0836)
文摘Mobile ad hoc networks create additional challenges for implementing the group key establishment due to resource constraints on nodes and dynamic changes on topology. The nodes in mobile ad hoc networks are usually low power devices that run on battery power. As a result, the costs of the node resources should be minimized when constructing a group key agreement protocol so that the battery life could be prolonged. To achieve this goal, in this paper we propose a security efficient group key agreement protocol based on Burmester-Desmedt (BD) scheme and layer-cluster group model, referred to as LCKM-BD, which is appropriate for large mobile ad hoe networks. In the layer-cluster group model, BD scheme is employed to establish group key, which can not only meet security demands of mobile ad hoc networks but also improve executing performance. Finally, the proposed protocol LCKM-BD are compared with BD, TGDH (tree-based group Diffe-Hellman), and GDH (group Diffie-Hellman) group key agreement protocols. The analysis results show that our protocol can significantly decrease both the computational overhead and communication costs with respect to these comparable protocols.
文摘This paper addresses an interesting security problem in wireless ad hoc networks: the dynamic group key agreement key establishment. For secure group communication in an ad hoc network, a group key shared by all group members is required. This group key should be updated when there are membership changes (when the new member joins or current member leaves) in the group. In this paper, we propose a novel, secure, scalable and efficient region-based group key agreement protocol for ad hoc networks. This is implemented by a two-level structure and a new scheme of group key update. The idea is to divide the group into subgroups, each maintaining its subgroup keys using group elliptic curve diffie-hellman (GECDH) Protocol and links with other subgroups in a tree structure using tree-based group elliptic curve diffie-hellman (TGECDH) protocol. By introducing region-based approach, messages and key updates will be limited within subgroup and outer group;hence computation load is distributed to many hosts. Both theoretical analysis and experimental results show that this Region-based key agreement protocol performs well for the key establishment problem in ad hoc network in terms of memory cost, computation cost and communication cost.
文摘This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relationship between nodes, the ad hoc network works in a self-organizing way to provide the key generation and key management services using threshold secret sharing schemes, which effectively solves the problem of single point of failure. The proposed approach combines the best aspects of identity-based key management approaches (implicit certification) and traditional public key infrastructure approaches (no key escrow).
基金The Specialized Research Fund for the Doctoral Program of Higher Education of China (No. 20050248043)
文摘As the wireless medium is characterized by its lossy nature, reliable communication cannot be assumed in the key management scheme. Therefore self-healing is a good property for key distribution scheme in wireless applications. A new self-healing key distribution scheme was proposed, which is optimal in terms of user memory storage and efficient in terms of communication complexity.
基金supported by Iran Telecommunication Research Center
文摘Initial works in ad hoc routing have considered only the problem of providing efficient mechanisms for finding paths in such networks,without considering security as a major problem.In such a trusted environment,malicious behaviors can disturb routing process.We present the design and performance evaluation of a new secure on-demand routing protocol for ad hoc networks, called CASR.CASR is robust against attackers from outside of the network and even it prevents compromised nodes from tampering with uncompromised routes consisting of uncompromised nodes.Because of using symmetric cryptography in its structure,CASR is robust against large number of types of Denial-of -Service attacks.However,due to the applying of the random key predistributions method to the routing process our proposed scheme reaches a trade-off between the degree of security and complexity.
文摘Purpose–Security is one of the major challenges in the design and implementation of protocols for mobile ad hoc networks(MANETs).In such systems,the cooperation between nodes is one of the important principles being followed in the current research works to formulate various security protocols.Many existing works assume that mobile nodes will follow prescribed protocols without deviation.However,this is not always the case,because these networks are subjected to a variety of malicious attacks.Since there are various models of attack,trust routing scheme can guarantee security and trust of the network.The purpose of this paper is to propose a novel trusted routing model for mitigating attacks in MANETs.Design/methodology/approach–The proposed model incorporates the concept of trust into the MANETs and applies grey relational analysis theory combined with fuzzy sets to calculate a node’s trust level based on observations from neighbour nodes’trust level,these trust levels are then used in the routing decision-making process.Findings–In order to prove the applicability of the proposed solution,extensive experiments were conducted to evaluate the efficiency of the proposed model,aiming at improving the network interaction quality,malicious node mitigation and enhancements of the system’s security.Originality/value–The proposed solution in this paper is a new approach combining the fundamental basics of fuzzy sets with the grey theory,where establishment of trust relationships among participating nodes is critical in order to enable collaborative optimisation of system metrics.Experimental results indicate that the proposed method is useful for reducing the effects of malicious nodes and for the enhancements of system’s security.
基金supported by Key project of Hunan Provincial Education Department(20A191)Hunan teaching research and reformproject(2019-134)+2 种基金Cooperative Education Fund of ChinaMinistry of Education(201702113002,201801193119)Hunan Natural Science Foundation(2018JJ2138)Hunan teaching research and reform project(2019).
文摘Vehicular ad hoc network(VANET)is a self-organizing wireless sensor network model,which is extensively used in the existing traffic.Due to the openness of wireless channel and the sensitivity of traffic information,data transmission process in VANET is vulnerable to leakage and attack.Authentication of vehicle identitywhile protecting vehicle privacy information is an advantageous way to improve the security of VANET.We propose a scheme based on fair blind signature and secret sharing algorithm.In this paper,we prove that the scheme is feasible through security analysis.
文摘Security systems are a necessity for the deployment of smart vehicles in our society. Security in vehicular ad hoe networks is crucial to the reliable exchange of information and control data. In this paper, we propose an intelligent Intrusion Detection System (IDS) to protect the external communication of self-driving and semi self-driving vehicles. This technology has the ability to detect Denial of Service (DOS) and black hole attacks on vehicular ad hoe networks (VANETs). The advantage of the proposed IDS over existing security systems is that it detects attacks before they causes significant damage. The intrusion prediction technique is based on Linear Discriminant Analysis (LDA) and Quadratic Diseriminant Analysis (QDA) which are used to predict attacks based on observed vehicle behavior. We perform simulations using Network Simulator 2 to demonstrate that the IDS achieves a low rate of false alarms and high accuracy in detection.
文摘针对战术移动自组网协议的安全性、脆弱性等问题,分析并仿真出适用于战术移动自组网的攻击方案,增强对敌方战场通信电台的控制能力,造成敌方战场通信指挥系统性能衰减甚至瘫痪。该方案从战术移动自组网的介质访问控制(media access control,MAC)层、内联网层、传输层的协议特征分析,解析战术网络电台在MAC层信道竞争接入、内联网层拓扑更新和传输层传输控制协议(transmission control protocol,TCP)的3次握手机制下存在的协议漏洞,并在NS3网络仿真平台中分层构建不同的攻击模型。该模型在内联网层解决了传统移动自组网中路由黑洞攻击不适用于战术移动自组网的问题,同时在传输层重构了TCP半连接队列机制。对比了攻击前网络性能的变化,仿真结果表明,各层实施的攻击技术都能有效降低战术移动自组网的网络性能,验证了所建攻击模型的合理性。
