基于移动AD Hoc和传感器网络安全问题的调查,翻译文献.docx

基于移动AD Hoc和传感器网络安全问题的调查Nowadays, with the rapid proliferation of wireless lightweight devices such as laptops, PDAs, wireless telephones, and wireless sensors, the potential and importance of nomadic computing, and particularly mobile ad hoc networking, have become apparent. Some applications of mobile networks could not support the dependence on any fixed infrastructure. As examples of such applications we cite: emergency disaster relief in a damaged area after a storm or an earthquake; a set of digital sensors positioned to take measurements in a region unreachable by humans; military tanks and planes in a battlefield; and finally, students (or researchers) sharing information during a lecture (or conference). This infrastructure independency requirement leads to a new kind of mobile network, namely,ad hoc networks.A mobile ad hoc network, or MANET, is a temporary infrastructureless network, formed by a set of wireless mobile hosts that dynamically establish their own network on the fly, without relying on any central administration.Mobile hosts used in MANETs must ensure the roles that are ensured by the powerful fixed infrastructure in traditional networks. This is a challenging task, since these devices have limited resources (CPU, storage, energy, etc.). Moreover, the networks environment has some features that add extra complications, such as the frequent topology changes caused by nodes mobility, as well as the unreliability and the bandwidth limitation of wireless channels.如今，随着无线轻便的设备，如笔记本电脑，PDA，无线电话机，无线传感器，潜在的和游牧计算的重要性，特别是移动Ad hoc网络的快速普及，已经成为显而易见的。某些应用程序的移动网络可能不支持任何固定基础设施的依赖。作为这类应用的例子，我们举：抢险救灾中损坏的区域风暴或地震后，一组数字传感器定位测量人类不能到达的地区，在战场上军队的坦克和飞机，最后，学生（或研究员）的演讲（或会议）期间的信息共享。这种基础设施的独立性的要求导致了一种新的移动网络，即Ad Hoc网络。移动ad hoc网络，或MANET，是一个临时的，由一组无线移动主机动态地建立自己的网络上的苍蝇，不依靠任何中央管理的基础设施的网络。MANET中的移动主机必须确保在传统网络中的角色是确保强大的固定基础设施。这是一项具有挑战性的任务，因为这些设备具有有限的资源（CPU，存储，能源，等等）。此外，网络的环境中有一些功能，添加额外的并发症，如频繁的拓扑结构的变化引起的节点的移动性，以及无线信道的不可靠性和带宽限制。Earlier studies on ad hoc networks aimed to propose solu-tions for some fundamental problems, coping with the new challenges caused by the features cited above. Nevertheless,these solutions should be secure and tamper-resistant in order to ensure the proper functioning of the system, and to provide a tolerable quality of service in such an open vulnerable envi-ronment. More recent studies have focused on security prob-lems in MANETs, proposing mechanisms and techniques to protect the basic protocols and applications.Our contribution in this article is to survey several security issues in MANETs by covering different network layers. The rest of the article is organized as follows. First we present some basic concepts, followed by security issues regarding routing protocols and those regarding data forwarding at the same layer (network). We will also deal with MAC-layer secu-rity issues. Afterwards, the key management will be presented (which is a basic framework essential to secure application as well as underlying protocols), followed by MANETs intrusion detection systems (IDSs). We devote a section to a newly e mergent type of ad hoc networking, i.e. sensor networks,where different security issues related to this particular appli-cation will be presented. Finally, we conclude the article.ad hoc网络的早期研究旨在提出解决方案的一些基本问题，应对新的挑战上面提到的功能所造成的。然而，这些解决方案应该是安全的，防篡改，以保证系统的正常运作，并提供一个容忍在这样一个开放的脆弱环境中的服务质量。最近的研究集中在无线自组网的安全问题LEMS，提出机制和技术，以保护基本的协议和应用程序。在这篇文章中，我们的贡献是MANET中的几个安全问题进行调查，覆盖不同的网络层。本文的其余部分安排如下：。首先，我们提出了一些基本概念，路由协议和有关数据转发在同一层（网络）安全问题。我们也将处理与MAC层的安全Rity的问题。之后，密钥管理将提出（这是一个基本的框架，以确保应用程序以及底层协议），其次是无线自组网入侵检测系统（IDS）。我们致力于一个部分，一个的新版E mergent类型的ad hoc网络，即传感器网络，在不同的安全问题，将提交有关这个特殊的应用。最后，我们总结这篇文章。BASIC CONCEPTS SECURITY REQUIREMENTS基本概念安全性的要求The security services of ad hoc networks are not altogether different from those of other network. The goal of these ser-vices is to protect information and resources from ttacks and misbehavior. In dealing with network security, we will explain the following requirements that an effective security architec-ture must ensure:Availability: Ensures that the desired network services are available whenever they are expected, in spite of the presence of attacks. Systems that ensure availability in MANETs seek to combat denial of service and energy starvation attacks, as well as node misbehavior such as node selfishness in packet forwarding. All these threats will be presented later.Authentication: Ensures that communication from one node to another is genuine. In other words, it ensures that a malicious node cannot masquerade as a trusted network node.Data confidentiality: Ensures that a given message cannot be understood by anyone other than its (their) desired recipi-ent(s). Data confidentiality is typically enabled by applying symmetric or asymmetric data encryption.Integrity: Denotes the authenticity of data sent from one node to another. That is, it ensures that a message sent from node A to node B was not modified by any malicious node C during its transmission. If a robust confidentiality mechanism is employed, ensuring data integrity may be as simple as adding one-way hashes 1 before encrypting messages.Non-repudiation: In computer networks, non-repudiation is the ability to ensure that a node cannot deny the sending of a message that it originated. Digital signatures 1 may be used to ensure this.从其他网络服务的ad hoc网络的安全是完全不同的。这些服务设备的目的是为了保护信息和资源从ttacks和不当行为。在处理与网络安全，我们将解释一个有效的安全体系结构必须确保以下要求：可用性：确保所需的网络服务时，他们预计，尽管存在的攻击。在无线自组网系统，以确保可用性寻求打击拒绝服务和能源饥饿的攻击，以及节点的不当行为，如数据包的转发节点自私。所有这些威胁将稍后提交。身份验证：确保通信从一个节点到另一个是真实的。换句话说，它可以确保恶意节点可以伪装成一个可信任的网络节点。数据的机密性：确保一个给定的消息不能被理解的人以外（他们的）所需的收件人ENT（S）。通常采用对称或不对称的数据加密启用数据保密性。完整性：表示发送的数据从一个节点到另一个的真实性。也就是说，它确保从节点A到节点B发送的消息由任何恶意节点C在其传输中没有被修改。如果一个可靠的保密机制，确保数据的完整性，可能是简单的添加单向散列加密消息之前，1。不可抵赖性：在计算机网络中，不可抵赖性的能力，以确保节点不能否认发送的消息，它起源。可以使用数字签名1，以确保这一点。MANET FEATURES AND THEIR IMPACT ON SECURITYMANET在安全的特点及其影响The following features make MANETs more vulnerable than traditional networks. Infrastructureless: Central servers, specialized hardware,and fixed routers are necessarily absent. The lack of such infrastructure precludes the deployment of centralized host relationships. Instead, nodes uphold egalitarian relationships,that is, any security solution should rely on a distributed coop-erative scheme instead of a centralized scheme. Wireless link use: Wireless link usage renders ad hoc net-works susceptible to attacks. Unlike wired networks, in which an adversary must gain physical access to the networks wires or pass through several lines of defense at firewalls and gate-ways, attacks on a wireless ad hoc network can come from all directions and target any node. Hence, ad hoc networks will not have a clear line of defense, and every node must be pre-pared to defend against threats. Moreover, the MAC proto-cols used in ad hoc networks, such IEEE8O2. 11, rely on trusted cooperation in a neighborhood to ensure channel access, which leads to high vulnerability.Multi-hop: Because of the lack of central routers and gate-ways, hosts are themselves routers. Thus, packets follow multi-hop routes and pass through different mobile nodes before arriving at their final destination. Due to the possible untrust-worthiness of such nodes, this feature presents a serious vul-nerability. Node movement autonomy: Mobile nodes are generally autonomous units that are capable of roaming independently.This means that tracking down a particular mobile node in a large-scale ad hoc network cannot be done easily. Amorphous: Node mobility and wireless connectivity allow nodes to enter and leave the network spontaneously, to form and break links unintentionally. Therefore, the network topol-ogy has no fixed form regarding both its size and shape, i.e., it changes frequently. Any security solution must take this fea-ture into account. Power limitation: Ad hoc enabled mobile hosts are small and lightweight, and they are often supplied with limited power resources, such as small batteries. This limitation caus-es a vulnerability, namely, attackers may target some nodes batteries to disconnect them, which may lead to a network partition. This is called an energy starvation attack or sleep deprivation torture attack 2. This feature also represents a challenging constraint when designing security solutions for MANETs. Memory and computation power limitation: Ad hoc enabled mobile nodes have limited storage devices and weak computational capabilities. Consequently, high complexity security solutions, such as symmetric or asymmetric data encryption, are difficult to implement.Mobile devices physical vulnerability: Mobile devices used in MANETs, and in mobile networks in general, are lightweight and portable. This represents a vulnerability, since the devices and the information stored in the devices can be easily stolen. Mechanisms for protecting both devices and information should be employed.无线自组网比传统网络更容易受到以下功能。基础设施的中央服务器，专用硬件和固定路由器都必须离开。这些基础设施的缺乏排除了部署集中式的主机关系。相反，节点维护平等的关系，那就是任何安全解决方案应该依靠一个分布式的鸡舍它们的方案，而不是一个集中的计划。使用无线连接：无线链路的利用率，使ad hoc网络工程容易受到攻击。与有线网络不同的是，在对手必须进行物理访问网络的电线或通过几道防线，防火墙和门的方式，在无线ad hoc网络的攻击，可以从四面八方赶来，并针对任何节点。因此，Ad Hoc网络没有一个明确的防线，而每一个节点都必须预先准备抵御威胁。此外，MAC协议协议Ad hoc网络中，如IEEE8O2使用。 11，依靠在附近的值得信赖的合作以确保信道接入，从而导致高的弱点。多跳：由于缺乏中央路由器和栅极的方法，主机本身是路由器。因此，数据包遵循多跳路由，并通过不同的移动节点之前到达其最终目的地。由于可能不可信的信誉，这样的节点，此功能介绍严重的脆弱nerability。节点运动的自主权：移动节点一般都是自主的单位，能够漫游independently.This手段，跟踪了大规模的Ad hoc网络特别是移动节点在不能这样做容易。非晶节点的移动性和无线连接，让节点进入和离开网络的自发形成和无意中断开链接。因此，网络拓扑结构有没有固定的形式，它的大小和形状，也就是说，它经常更改。任何安全解决方案必须考虑的功能。功率限制：特设功能的移动主机体积小，重量轻，他们通常提供有限的电力资源，如小电池。即，这种限制导致ES的一个漏洞，攻击者可能会针对一些节点的电池断开，这可能会导致网络分区。这就是所谓的能量耗竭的攻击或睡眠不足的折磨攻击2。此功能还可以是一个具有挑战性的限制，设计时，安全的无线自组网解决方案。内存和计算能力的限制：特设功能的移动节点有限的存储设备和计算能力较弱。因此，高复杂性的安全解决方案，如对称或不对称的数据加密，是难以实现的。移动设备的物理脆弱性：移动设备在无线自组网使用，一般在移动网络中，轻巧便携。这代表一个漏洞，由于设备和存储在设备中的信息，可以很容易被盗。为保护设备和信息的机制。THREATS威胁We divide threats that can affect security in ad hoc networks into two classes, attacks and misbehavior.Attacks Attacks include any action that intentionally aims to cause any damage to the network. They can be divided according to their origin or their nature. An origin-based classification splits attacks into two categories, external and internal, where-as a nature-based classification splits them into passive attacks and active attacks. External attacks: Includes attacks launched by a node that does not belong to the logical network, or is not allowed to access to it. Internal attacks: Includes attacks launched by an internal compromised or malicious node. This is a more severe type of threat since the proposed defense toward external attacks is ineffective against compromised and internal malicious nodes. Passive attacks: A passive attack is a continuous collection of information that might be used later when launching an active attack. For that, the attacker eavesdrops packets and analyzes them to pick up required information. Due to the nature of the wireless communication medium which is widely shared, it is easier for an attacker to launch such an attack in this environment than in traditional wired environments. The security attribute that must be provided here is information confidentiality.Active attacks: Includes almost all other attacks launched by actively interacting with victims, such as: sleep deprivation torture, which targets the batteries; hijacking, in which the attacker takes control of a communication between two enti- ties and masquerades as one of them; jamming, which causes channel unavailability by overusing it, attacks against routing protocols that we will see in the next section, etc. Most of these attacks result in a denial of service (DoS), which is a degradation or a complete halt in communication between nodes. 我们划分，可以分为两大类，攻击和不当行为影响安全性的Ad hoc网络中的威胁.攻击包括任何行动，故意目的的网络造成任何损害。他们可以根据其来源或他们的性质划分。原产地为基础的分类分裂攻击分为两类，外部和内部，在那里，作为一个自然为基础的分类，把他们分为被动攻击和主动攻击。外部的攻击：包括不属于逻辑网络，或不允许访问的节点发起的攻击。内部攻击包括由内部泄露或恶意节点发起的攻击。这是一种更严重的威胁，因为提议中的防御向外部的攻击是无效的对损害和内部的恶意节点。被动攻击：被动攻击的信息可能被用来发动主动攻击后，当连续采集。对于这一点，攻击者窃听数据包，并分析他们所需要的信息。由于被广泛共享的无线通信介质的性质，它是比较容易的攻击者发动这样的攻击在这样的环境中比在传统的有线环境。这里必须提供的安全属性是信息的保密性。主动攻击：通过积极与受害者，如：睡眠剥夺的折磨，它的目标是电池几乎所有其他攻击，劫持，其中攻击者控制的通信两个实体之间的关系，并伪装成其中之一;干扰，从而导致通道无法使用，过度使用它，攻击路由协议，在下一节中，我们将看到大多数的这些攻击导致拒绝服务（DoS）攻击，这是一种退化或完全停止之间的沟通节点。MisbehaviorWe define misbehavior threats as an unauthorized behavior of an internal node that can result unintentionally in damage to other nodes, i.e., the aim of the node is not to launch an attack, but it may have other aims such as obtaining an unfair advantage compared with the other nodes. For instance, one may do not correctly execute the MAC protocol, with the intent of getting higher bandwidth, or it may refuse to forward packets for others to save its resources, while using their resources and asking them to forward its own packets. Up to now we have presented basic concepts regarding security in MANETs. In the following sections we will deal with the current research areas related to security in MANETs, and we will discus existing problems and proposed solutions.不当行为我们定义不端行为的威胁，如未经授权的行为，可能会导致无意损害到其他节点，即目的节点的内部节点是不发动攻击，但也可能有其他的目标，如获得不公平的优势相比，其他节点。例如，一个可能不正确地执行MAC协议的意图越来越高的带宽，或者它可能会拒绝报文转发给别人节省资源，同时利用自己的资源，并要求他们提出了自己的包。到现在为止，我们已经提出了基本的概念，在无线自组网的安全性。在下面的章节中，我们将讨论目前的研究领域涉及到在无线自组网的安全性，我们将铁饼存在的问题并提出解决方案。ROUTING SECURITY ISSUES路由安全问题A MANETs routing protocol finds routes between nodes over which data packets are forwarded toward the final desti-nation. In contrast to traditional network routing protocols, MANET routing protocols must be adaptable to cope with the features presented previously, especially the frequent changes in network topology. The challenging problem of routing in ad hoc networks has been extensively studied, par-ticularly in the MANET working group of the Internet Engi-neering Task Force (IETF) 3. These studies have resulted in several mature protocols 410, which can be divided into two classes: proactive (table driven) and reactive (on-demand). (A survey of the two classes of routing protocols is available in 11.) It has been shown in 12 that reactive protocols are more adaptable to MANET environments than proactive pro-tocols. However, the problem with all of these solutions is that they trust all nodes and do not account for security, therefore they are vulnerable to attacks. It is highly important to secure the routing protocol. If the routing protocol can be subverted and messages can be altered in transit, then no amount of security on the data packets at the upper layers can mitigate threats. Recently, sev-eral secure MANET routing protocols have been proposed 1323. Some of these solutions have been surveyed in 24. In this section we deal with the security issues of routing pro-tocols. After an overview of DSR and AODV, two routing protocols involved in this section, we will present a classifica-tion of different attacks that threat traditional MANET rout-ing protocols, and we will discuss recent proposed solutions.一个MANET的路由协议发现的路由节点之间的数据报文的转发向最终的目的地国家。在传统的网络路由协议相比，MANET路由协议必须能适应，以配合前面介绍的功能，尤其是在网络拓扑结构的频繁变动。 Ad hoc网络中的路由的富有挑战性的问题已经得到了广泛的研究，特别是在MANET工作组，互联网工程任务组（IETF）3。这些研究结果在一些成熟的协议4-10，可分为两大类：主动（表驱动）和反应（按需）。 （这两个类的路由协议的一项调查11）。它已被证明12被动协议更适用于MANET环境不是主动的协议。然而，所有这些解决方案的问题是，他们相信所有的节点和不考虑安全性，因此他们很容易受到攻击。这是非常重要的，以确保路由协议。如果该路由协议可以被颠覆，信息可以在传输过程中被修改，那么再多的安全上层的数据包可以减轻威胁。最近，几个安全的MANET路由协议被提出13-23。一些这些解决方案已在24调查。在本节中，我们处理路由协议的安全问题。 DSR，AODV，本节中所涉及的两个路由协议的概述后，我们将提出一个不同的攻击分类，威胁传统MANET路由协议，和我们将讨论最近提出的解决方案。DSR AND AODV IN A NUTSHELL概括地说DSR，AODVIn the following sections we give general descriptions of DSR and AODV, two protocols largely adopted by IETFs MANET working group 3. An overview of these two protocols is essential, since the attacks presented later are analyzed in terms of these protocols.在下面的章节中，我们给出的一般描述，DSR和AODV协议，两个协议主要是通过IETF的MANET工作组3。概述了这两个协议是必不可少的，因为后面的攻击进行了分析，这些协议的条款。DSR (Dynamic Source Routing)DSR 4 is a reactive protocol based on the source route approach. The principal of this approach is that the whole route is chosen by the source, and is put within each packet sent. Each node keeps in its cache the source routes learned.When it needs to send a packet, it first checks in its cache for the existence of such a route. If no entry to the appropriate destination is available in the cache, then the node launches a route discovery by broadcasting a request (RREQ) packet through the network. When receiving the (RREQ), a node seeks a route in its cache for the RREQs destination; finding such a route results in sending a route reply (RREP) packet to the source. However, if no appropriate route exists then the node adds its address to the RREQ and continues broadcast-ing. When a node detects a route failure, it sends a route error (RER) packet to the source that uses this link, then this one applies again the route discovery process.DSR（动态源路由）DSR 4是一种反应性的协议，基于源路由的方法。这种方法主要是整个路由选择的来源，并在每个发送的数据包。每个节点都要在其缓存中的源路由learned.When它需要发送一个数据包，它首先检查其高速缓存的存在，这样的路线。如果没有进入到相应的目的地是在高速缓存中，然后通过广播请求（RREQ）分组通过网络的节点启动一个路由发现。 （RREQ），当接收到一个节点的目的在其缓存中的RREQ的目的地的路线;找到这样一个途径，结果，在发送一个路由答复（RREP）数据包发送到源。但是，如果没有合适的路由存在，那么节点将它的地址的RREQ，并继续广播。当节点检测到一个路由故障时，它发送一个路由错误（RER）使用该链路的源数据包，然后这一个适用于再次的路由发现过程。AODV (Ad hoc On-Demand Distance Vector)AODV 7 is a hop-by-hop routing protocol. When a node needs to send a data packet to a destination to which it has no route, it has to broadcast a RREQ to all its neighbors, then each neighbor does so until reaching the destination (or a node with a valid route to the destination). This node sends a RREP packet that travels the inverse path until reaching the source. Upon the reception of this reply each intermediary updates its routing table. In this way a route between the source and the destination is built. Unlike in DSR, the source does not put the whole route within the outgoing packets; rather