《基于移动ADHoc和传感器网络安全问题的调查翻译文献》由会员分享,可在线阅读,更多相关《基于移动ADHoc和传感器网络安全问题的调查翻译文献(24页珍藏版)》请在金锄头文库上搜索。
1、基于移动 AD Hoc和传感器网络安全问题的调查Nowadays, with the rapid proliferation of wireless lightweight devices such as laptops, PDAs, wireless telephones, and wireless sensors, the potential and importance of nomadic computing, and particularly mobile ad hoc networking, have become apparent. Some applications of mo
2、bile networks could not support the dependence on any fixed infrastructure. As examples of such applications we cite: emergency disaster relief in a damaged area after a storm or an earthquake; a set of digital sensors positioned to take measurements in a region unreachable by humans; military tanks
3、 and planes in a battlefield; and finally, students (or researchers) sharing information during a lecture (or conference). This infrastructure independency requirement leads to a new kind of mobile network, namely,ad hoc networks.A mobile ad hoc network, or MANET, is a temporary infrastructureless n
4、etwork, formed by a set of wireless mobile hosts that dynamically establish their own network on the fly, without relying on any central administration.Mobile hosts used in MANETs must ensure the roles that are ensured by the powerful fixed infrastructure in traditional networks. This is a challengi
5、ng task, since these devices have limited resources (CPU, storage, energy, etc.). Moreover, the networks environment has some features that add extra complications, such as the frequent topology changes caused by nodes mobility, as well as the unreliability and the bandwidth limitation of wireless c
6、hannels.如今,随着无线轻便的设备,如笔记本电脑,PDA,无线电话机,无线传感器,潜在的和游牧计算的重要性,特别是移动Ad hoc网络的快速普及,已经成为显而易见的。某些应用程序的移动网络可能不支持任何固定基础设施的依赖。作为这类应用的例子,我们举:抢险救灾中损坏的区域风暴或地震后,一组数字传感器定位测量人类不能到达的地区,在战场上军队的坦克和飞机,最后,学生(或研究员)的演讲(或会议)期间的信息共享。这种基础设施的独立性的要求导致了一种新的移动网络,即Ad Hoc网络。移动ad hoc网络,或MANET,是一个临时的,由一组无线移动主机动态地建立自己的网络上的苍蝇,不依靠任何中央管理的
7、基础设施的网络。MANET中的移动主机必须确保在传统网络中的角色是确保强大的固定基础设施。这是一项具有挑战性的任务,因为这些设备具有有限的资源(CPU,存储,能源,等等) 。此外,网络的环境中有一些功能,添加额外的并发症,如频繁的拓扑结构的变化引起的节点的移动性,以及无线信道的不可靠性和带宽限制。Earlier studies on ad hoc networks aimed to propose solu-tions for some fundamental problems, coping with the new challenges caused by the features cit
8、ed above. Nevertheless,these solutions should be secure and tamper-resistant in order to ensure the proper functioning of the system, and to provide a tolerable quality of service in such an open vulnerable envi-ronment. More recent studies have focused on security prob-lems in MANETs, proposing mec
9、hanisms and techniques to protect the basic protocols and applications.Our contribution in this article is to survey several security issues in MANETs by covering different network layers. The rest of the article is organized as follows. First we present some basic concepts, followed by security iss
10、ues regarding routing protocols and those regarding data forwarding at the same layer (network). We will also deal with MAC-layer secu-rity issues. Afterwards, the key management will be presented (which is a basic framework essential to secure application as well as underlying protocols), followed
11、by MANETs intrusion detection systems (IDSs). We devote a section to a newly e mergent type of ad hoc networking, i.e. sensor networks,where different security issues related to this particular appli-cation will be presented. Finally, we conclude the article.ad hoc网络的早期研究旨在提出解决方案的一些基本问题,应对新的挑战上面提到的功
12、能所造成的。然而,这些解决方案应该是安全的,防篡改,以保证系统的正常运作,并提供一个容忍在这样一个开放的脆弱环境中的服务质量。最近的研究集中在无线自组网的安全问题LEMS,提出机制和技术,以保护基本的协议和应用程序。在这篇文章中,我们的贡献是MANET中的几个安全问题进行调查,覆盖不同的网络层。本文的其余部分安排如下:。首先,我们提出了一些基本概念,路由协议和有关数据转发在同一层(网络)安全问题。我们也将处理与MAC层的安全Rity的问题。之后,密钥管理将提出(这是一个基本的框架,以确保应用程序以及底层协议) ,其次是无线自组网入侵检测系统(IDS) 。我们致力于一个部分,一个的新版E mer
13、gent类型的ad hoc网络,即传感器网络,在不同的安全问题,将提交有关这个特殊的应用。最后,我们总结这篇文章。BASIC CONCEPTS SECURITY REQUIREMENTS基本概念安全性的要求The security services of ad hoc networks are not altogether different from those of other network. The goal of these ser-vices is to protect information and resources from ttacks and misbehavior. I
14、n dealing with network security, we will explain the following requirements that an effective security architec-ture must ensure:Availability: Ensures that the desired network services are available whenever they are expected, in spite of the presence of attacks. Systems that ensure availability in
15、MANETs seek to combat denial of service and energy starvation attacks, as well as node misbehavior such as node selfishness in packet forwarding. All these threats will be presented later.Authentication: Ensures that communication from one node to another is genuine. In other words, it ensures that
16、a malicious node cannot masquerade as a trusted network node.Data confidentiality: Ensures that a given message cannot be understood by anyone other than its (their) desired recipi-ent(s). Data confidentiality is typically enabled by applying symmetric or asymmetric data encryption.Integrity: Denotes the authenticity of data sent from one node to another. That is, it ensures that a message sent from node A to node B was not modified by any malicious node C during its transmission. If a r
