【摘要】：網(wǎng)絡(luò)編碼是一種全新的網(wǎng)絡(luò)傳輸形式,它提供了使網(wǎng)絡(luò)吞吐量達(dá)到理論最大值的可能,還可以有效降低網(wǎng)絡(luò)傳輸數(shù)據(jù)的能源消耗,提高網(wǎng)絡(luò)中數(shù)據(jù)傳輸?shù)目煽啃浴?在網(wǎng)絡(luò)編碼方法中,前向節(jié)點(diǎn)接收到數(shù)據(jù)分組后,會(huì)將其進(jìn)行緩存并編碼混合,得到新的數(shù)據(jù)分組后再向下游節(jié)點(diǎn)轉(zhuǎn)發(fā)。因?yàn)榫W(wǎng)絡(luò)編碼所固有的特性,應(yīng)用網(wǎng)絡(luò)編碼的系統(tǒng)在遭受污染攻擊時(shí)十分脆弱�，F(xiàn)有的應(yīng)對(duì)污染攻擊的處理機(jī)制會(huì)造成較大的計(jì)算量開銷并削弱網(wǎng)絡(luò)的編碼的作用,因此提出了基于置信度傳播的安全方案。 本文針對(duì)網(wǎng)絡(luò)編碼的安全性問(wèn)題進(jìn)行了以下研究。 (1)介紹了安全網(wǎng)絡(luò)編碼的研究背景,對(duì)污染攻擊的主要形式及其對(duì)網(wǎng)絡(luò)編碼系統(tǒng)的危害進(jìn)行了分析。著重論述了基于生日悖論構(gòu)造hash碰撞的過(guò)程、基于置信度傳播的安全方案及所存在的問(wèn)題。 (2)針對(duì)基于置信度傳播安全方案的不足提出一種改進(jìn)方案。在改進(jìn)方案中,中間節(jié)點(diǎn)依據(jù)前向節(jié)點(diǎn)的置信度值來(lái)濾除污染數(shù)據(jù)。同時(shí),通過(guò)將置信節(jié)點(diǎn)與中間節(jié)點(diǎn)間的連接方式改為網(wǎng)狀連接,擴(kuò)大網(wǎng)絡(luò)區(qū)域的覆蓋范圍,提高安全方案在實(shí)際應(yīng)用中的靈活性。采用基于對(duì)數(shù)函數(shù)的延遲轉(zhuǎn)發(fā)算法對(duì)置信度取值區(qū)間進(jìn)行劃分,依據(jù)其置信度值對(duì)應(yīng)的區(qū)間選取轉(zhuǎn)發(fā)概率,如不轉(zhuǎn)發(fā)則計(jì)算延遲時(shí)間并調(diào)整轉(zhuǎn)發(fā)概率,直到分組被轉(zhuǎn)發(fā)為止。該算法通過(guò)延遲低置信度分組的轉(zhuǎn)發(fā),起到抑制污染數(shù)據(jù)傳播、提高網(wǎng)絡(luò)吞吐量的作用。 在此基礎(chǔ)上提出基于DSDV的改進(jìn)路由協(xié)議。通過(guò)將置信度信息寫入DSDV協(xié)議的路由更新分組,使前向節(jié)點(diǎn)通過(guò)該分組獲得其在下游節(jié)點(diǎn)中的置信度值。節(jié)點(diǎn)轉(zhuǎn)發(fā)數(shù)據(jù)時(shí),依據(jù)其置信度值選擇合適的路由路徑,進(jìn)而達(dá)到加速可信分組的轉(zhuǎn)發(fā),阻滯不可信分組,提高網(wǎng)絡(luò)吞吐量的目的。 (3)通過(guò)引入基于同態(tài)hash函數(shù)的快速簽名算法改進(jìn)安全方案的性能與執(zhí)行效率。在基于置信度傳播的安全方案中,由置信節(jié)點(diǎn)通過(guò)校驗(yàn)數(shù)字簽名來(lái)判斷數(shù)據(jù)分組是否為污染數(shù)據(jù)。因此,本文采用比原方案中有更低計(jì)算復(fù)雜度的簽名算法,可以減小置信節(jié)點(diǎn)執(zhí)行基于該算法的簽名方案時(shí)的計(jì)算延時(shí),進(jìn)而提高安全方案總體運(yùn)行效率。通過(guò)有效提高網(wǎng)絡(luò)區(qū)域中置信節(jié)點(diǎn)檢驗(yàn)污染數(shù)據(jù)的速度和效率,加快安全方案中受污染數(shù)據(jù)影響的中間節(jié)點(diǎn)置信度的收斂速度,達(dá)到更迅速有效的濾除污染數(shù)據(jù)、提高數(shù)據(jù)傳輸中有效數(shù)據(jù)的吞吐量并降低網(wǎng)絡(luò)延時(shí)的目的。
[Abstract]:Network coding is a new form of network transmission. It provides the possibility that the network throughput can reach the maximum theoretical value. It can also effectively reduce the energy consumption of network data transmission and improve the reliability of data transmission in the network. In the network coding method, after the forward node receives the data packet, it will cache and encode the new data packet, and then forward the data packet to the downstream node. Because of the inherent characteristics of network coding, the system with network coding is vulnerable to pollution attack. The existing mechanism to deal with pollution attack will cause large computational overhead and weaken the role of network coding. Therefore, a security scheme based on confidence propagation is proposed. In this paper, the security of network coding is studied as follows. (1) the research background of secure network coding is introduced, and the main forms of pollution attack and its harm to network coding system are analyzed. In this paper, the process of constructing hash collision based on birthday paradox, the security scheme based on confidence propagation and the existing problems are discussed. (2) an improved scheme is proposed to overcome the shortcomings of the security scheme based on confidence propagation. In the improved scheme, the intermediate node filters the contaminated data according to the confidence value of the forward node. At the same time, by changing the connection mode between the confidence node and the middle node into a mesh connection, the coverage of the network area is expanded, and the flexibility of the security scheme in practical application is improved. The delay forwarding algorithm based on logarithmic function is used to divide the interval of confidence value, and the forwarding probability is selected according to the interval corresponding to the confidence value. If it is not forwarded, the delay time is calculated and the forwarding probability is adjusted until the packet is forwarded. By delaying the forwarding of low confidence packet, the algorithm can restrain the transmission of contaminated data and improve the network throughput. Based on this, an improved routing protocol based on DSDV is proposed. By writing the confidence information into the routing update packet of the DSDV protocol, the forward node obtains its confidence value in the downstream node through the packet. When the node forwards the data, it selects the appropriate routing path according to its confidence value, and then accelerates the forwarding of trusted packets and blocks the untrusted packets. The purpose of improving network throughput is to improve the performance and execution efficiency of the security scheme by introducing a fast signature algorithm based on homomorphic hash function. In the security scheme based on confidence propagation, the confidence node verifies the digital signature to determine whether the data packet is contaminated or not. Therefore, by using a signature algorithm with lower computational complexity than the original scheme, the computational delay of the confidence node in executing the signature scheme based on the algorithm can be reduced, and the overall efficiency of the security scheme can be improved. By effectively improving the speed and efficiency of testing contaminated data by confidence nodes in network regions, the convergence speed of confidence degree of intermediate nodes affected by contaminated data in safety schemes is accelerated, and the filtering of contaminated data is achieved more quickly and effectively. The purpose of improving the throughput of effective data and reducing the network delay in data transmission.
【學(xué)位授予單位】：遼寧大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.08

【共引文獻(xiàn)】

相關(guān)期刊論文 前6條

1 張祥麗;;一種基于指紋識(shí)別的云安全登錄系統(tǒng)設(shè)計(jì)[J];電視技術(shù);2013年13期

2 陳春良;陳新;;密集節(jié)點(diǎn)區(qū)域的自組織網(wǎng)絡(luò)路由算法研究[J];單片機(jī)與嵌入式系統(tǒng)應(yīng)用;2014年10期

3 裴恒利;尚濤;劉建偉;;融合時(shí)間戳和同態(tài)簽名的安全網(wǎng)絡(luò)編碼方法[J];通信學(xué)報(bào);2013年04期

4 屈天剛;;網(wǎng)絡(luò)編碼在戰(zhàn)術(shù)數(shù)據(jù)鏈中的應(yīng)用[J];通信技術(shù);2013年05期

5 潘魯遠(yuǎn);周亞建;郭玉翠;徐國(guó)愛;;基于網(wǎng)絡(luò)編碼的ARQ機(jī)制在WiFi單播中的應(yīng)用[J];北京電子科技學(xué)院學(xué)報(bào);2013年04期

6 尚濤;裴恒利;劉建偉;;基于格簽名的安全網(wǎng)絡(luò)編碼（英文）[J];中國(guó)通信;2014年01期

相關(guān)會(huì)議論文 前1條

1 陳海勇;朱詩(shī)兵;童菲;;基于網(wǎng)絡(luò)編碼的軍事物聯(lián)網(wǎng)防竊聽研究[A];2011年全國(guó)電子信息技術(shù)與應(yīng)用學(xué)術(shù)會(huì)議論文集[C];2011年

相關(guān)博士學(xué)位論文 前3條

1 劉光軍;安全網(wǎng)絡(luò)編碼及其應(yīng)用[D];西安電子科技大學(xué);2013年

2 李博;物理層網(wǎng)絡(luò)編碼及其在非對(duì)稱雙向中繼通信中的性能研究[D];哈爾濱工業(yè)大學(xué);2013年

3 梁滿;網(wǎng)絡(luò)編碼污染攻擊的防御技術(shù)研究[D];復(fù)旦大學(xué);2013年

，

本文編號(hào)：2140390