摘要
MANET(移动自组织网络)由于采用无线信道、分布式控制等原因,比有线网络更易受到安全威胁。MANET对带宽和计算量的敏感性使得移动代理成为MANET安全架构的首选。文中介绍了一种基于移动代理的MANET的入侵检测系统(IDS)模型。重点分析了该模型中的网络监测代理的部署算法,并基于已有的算法提出了一种改进算法———IDANMA(Improved D isposal A lgorithm forNetwork Mon itoring Agent)。IDANMA通过两轮投票选举在规定通信半径内可达节点最多的节点为网络监测代理节点。用NS软件对IDANMA进行仿真的结果表明,IDANMA有效地克服了已有算法的缺陷,通信开销更小,网络监测代理分布更均匀,算法收敛性好。
MANET is more vulnerable to intrusion than wire networks, as it operates in wireless channel and employs distributed control mechanisms. MANET is sensitive to bandwidth and computation, which makes mobile agents the first choice for security framework in MANET. After introducing a Mobile Agent Based IDS Model for MANET, this paper focuses on the analysis of the disposal algorithm of network-monitoring agent, and proposes an improved algorithm-IDANMA based on an existing algorithm. IDANMA elects the node, which has most reachable nodes in given communication radius, as the network-monitoring agent through two-time voting. The results of simulating IDANMA on NS have shown that IDANMA has effectively overcome the limitation of the existing algorithm. It is of lower communication cost, better uniform distribution of network-monitoring agents, and good algorithm convergence.
出处
《南京邮电大学学报(自然科学版)》
EI
2006年第3期52-57,共6页
Journal of Nanjing University of Posts and Telecommunications:Natural Science Edition
基金
国家自然科学基金(60173037和70271050)
国家高技术研究发展计划(863计划)(2002AA776032)
江苏省自然科学基金(BK2003105)
江苏省计算机信息处理技术重点实验室基金(kjs03061)
江苏省教育厅自然科学研究专项基金(02SJD520002)资助项目
