摘要
移动自组网(MANETs)的固有特性(如有限资源、动态拓扑等)使其比有线网络更易遭受各种安全威胁。但现有的MANETs安全技术难以有效适应这些特性,尤其是不能在网络性能和网络安全之间保持平衡。在研究MANETs时空动态性及其识别的基础上,首先构建了安全威胁和入侵防御收益与代价的量化评估指标体系,其次提出了一种系统化的MANETs入侵防御系统模型(IDMSLP),最后实现了基于网络安全和性能平衡的防御策略生成与防御性能优化方法。研究结果表明,与现有的IDS系统相比,IDMSLP可有效地克服已有MANETs安全技术存在的缺陷,能更好地应用于MANETs网络。因此,对于MANETs的入侵行为,需要从时空动态性角度并通过构建量化评估指标进行防御。
The inherent characteristics such as finite resources and dynamic topology in mobile Ad hoc networks (MANETs) make them more vulnerable than the wired networks. However, the existing security technologies for MANETs are almost unfit for these characteristics. Especially, they could not maintain a balance between network performance and network security. On the basis of analysis of the space-time dynamic properties and their identifications, this paper firstly established the quantization evaluation index system with gains and costs for security threats and intrusion defense. Secondly it presented a systemic intrusion defense model for MANETs, named IDMSLP. Finally it achieved the defense strategies generation and defense performance optimization based on the balance of network security and network performance. The results show that, compared with the existing IDS systems, IDMSLP can effectively meet application of MANETs. Consequently, the intrusions in MANETs could be defended by producing the quantization evaluation index based on space-time dynamic properties.
作者
王伟
王嘉珺
王明明
张文静
陈金广
Wang Wei Wang Jiajun Wang Mingming Zhang Wenjing Chen Jinguang(School of Computer Science, Xi' an Polytechnic University, Xi' an 710048, China School of Software, Xiamen University, Xiamen Fu fian 361005, China)
出处
《计算机应用研究》
CSCD
北大核心
2016年第12期3748-3754,3793,共8页
Application Research of Computers
基金
陕西省教育厅专项科研计划资助项目(15JK1317)
国家自然科学基金青年项目(61201118)
国家自然科学基金面上项目(61175039)
关键词
时空动态特性
入侵防御
量化评估
防御策略
性能优化
space-time dynamic properties
intrusion defense
quantization evaluation
defense strategy
performance optimization