| Mobile ad hoc network (MANET) is a multi-hop wireless network comprised by a collection of mobile nodes which are able to communicate among themselves without any infrastructure. MANET is attracting more and more attention and has been widely used in military and emergency situations for its attractive features, such as easy deployment and configuration. Integrating MANET with the Internet is very important and beneficial. The integration not only can increase the ability and extend the use of MANET in more scenarios with the help of rich information and services of the Internet, but also can enable the Internet to cover a wider area in a simple way with the help of rapid deployment capability of mobile ad hoc network.MANET is designed as an independent autonomous system, and runs different protocols compared with the Internet. Thus, the mobile node cannot directly communicate with the node in the Internet. In order to solve the technical differences, a special device, named gateway, is deployed between MANET and the Internet to translate the protocol. So, the gateway is the Internet access point for ad hoc nodes. Thus, gateway discovery is the first step to get the Internet connection for source nodes which need the Internet services. However, MANET has a dynamic topology as all nodes have random mobility behaviors. As a result, gateway discovery mechanism should be periodically performed, and this will produce many control messages. These control messages will consume the resources of nodes, and degrade the performance of MANET. Furthermore, MANET is vulnerable to a variety of security risks due to the inherent characteristic of openness. These security risks are also a threat to the integration of MANET and the Internet. For example, if a node is not authenticated or hijacked, it may works as a malicious node or a selfish node. Once the malicious node participates in the gateway discovery, the reliability and the security of the integration cannot be guaranteed, and furthermore, the security of the information is threatened. Therefore, to achieve efficient and secure communication between MANET and the Internet, it is an important essential work to design an efficient and trust architecture for the integration. The research work has important meaning to further extend this heterogeneous network to more application fields.In this dissertation, we research on the overhead control and trust assurance for the integration of MANET and the Internet. By designing efficient gateway discovery schemes, the control overhead is reduced, and thus more wireless bandwidth can be used for data transmission. By designing some security strategies, we attempt to provide a secure access environment which can be evaluated, controlled and trusted. However, it is a very challenging task to achieve these goals. This dissertation makes the following innovative work:(1) We propose a spreading subnet based gateway discovery scheme. In the gateway discovery process, the node can know the existence of the gateway and obtain some configuration information by receiving a gateway advertisement (GWADV) message. However, the GWADV messages are always flooded in the whole MANET, and as a consequence a large amount of control overhead is produced. In fact, only the source nodes need the information of the gateway. So if the periodic GWADV messages are only sent towards the source nodes with less intermediate nodes, less control overhead will be produced. We develop a new mechanism to restrict the propagation of GWADV messages in a special area named spreading subnet which is delineated by gateway pheromone. A spreading subnet is a logical sub network which contains the source node, gateway and some intermediate nodes. To adapt to dynamic network topology, spreading subnets are adjusted periodically to keep their availability by adaptive maintenance operations. Extensive experiments have been conducted to evaluate the effectiveness of the spreading subnet in different scenarios and the results show that the proposed method can improve the performance of gateway discovery mechanism especially in terms of control overhead reduction.(2) We propose an on-demand gateway broadcast scheme for connecting mobile ad hoc network to the Internet. Traditional gateway discovery mechanism adopts the method of periodically broadcast GWADV messages with a time interval. However, this method may suffer from redundant broadcast operations and produces some unnecessary overhead. To solve this problem, we propose a novel adaptive scheme, in which each gateway broadcasts advertisements only on demand instead of simultaneous periodic emissions of all gateway nodes. To support the on-demand gateway broadcast strategy, the network’s actual demands for advertisements are obtained by monitoring the status of routes to the gateway. In particular, if a route is going to be break, the corresponding gateway will be triggered to broadcast. Furthermore, we propose another strategy of deferring each gateway broadcast operation, comprising a route stability evaluation model. The simulation results show that the on-demand broadcast strategy is able to contribute to the reduction of control overhead.(3) We propose a certificate revocation scheme with gateway arbitration ability for hybrid mobile ad hoc network. Authentication mechanism is a basic security strategy which helps validate the trustworthiness of mobile nodes. However, mobile nodes may be captured by the enemy and illegally controlled due to the poor physical protection. This is a threat to the network security. Therefore, the certificate of the malicious node should be revoked in time to provide a trust environment. We propose a lightweight certificate revocation scheme with gateway arbitration ability to achieve this goal. In particular, to improve the efficiency, the scheme revokes certificate when the accusation weight of the accuser is larger than the accused node; to guarantee the reliability, the revoked nodes are evaluated again by gateway based wrong revocation recovery mechanism, so the wrongly revoked nodes will be detected and recovered. Simulation results demonstrate that the proposed scheme can achieve a performance trade-off between high accuracy obtained by voting-based scheme and other performance metrics like short revocation time and low overhead obtained by non-voting based scheme.(4) We propose a trust based gateway discovery scheme. MANET is a self-organized network, thus the implementation of integrating MANET with the Internet needs honest collaboration between the participants. However, the malicious node or selfish node may not be cooperative in the gateway discovery process. Therefore, it is necessary to evaluate the trustworthiness of all nodes, and avoid un-trusted nodes to participate in the communications between MANET and the Internet. We propose a trust based gateway discovery scheme to secure the integration of MANET and the Internet. First, we develop a trust management model to evaluate the trustworthiness of mobile nodes in terms of collaboration ability and willingness. The trust value of the node is used as an import parameter in the gateway discovery process. Each GWADV message will be assigned a rebroadcast delay according to the trust value of the node by which the GWADV message is retransmitted. The probabilistic rebroadcast strategy is adopted to retransmit the GWADV message, in which the rebroadcast probabilistic is calculated according to the node’s trust value and additional neighbor coverage ratio. The aim of the use of trust based rebroadcast delay and probabilistic rebroadcast strategy is that the integration of MANET and the Internet is achieved only by trustworthy nodes. Several experiments have been conducted to evaluate the effectiveness of the proposed trust based gateway discovery scheme. The results show that the proposed scheme can successfully avoid the malicious node to participate in the gateway discovery process.
|
PDF Full Text Request