臺灣博碩士論文加值系統

多重播送是一種群組導向的傳輸方式。越來越多的應用都需要進行一對多或多對多的封包傳輸。所以多重播送很快的成為一種重要的通訊模式，同時也是一種良好的建構群組導向服務的平台。不過目前多重播送運作機制必須加入能保障傳輸過程、掌控參與者名單和限制未經許可的節點進行資料交換的機制，才能讓通訊過程受到信賴。
所以在本研究中，我們以無狀態多重播送(Stateless Multicast)類型的不同目的端多重播送(Differential Destination Multicast, DDM)通訊協定為研究對象，分析該協定在面對不同類型網路攻擊時會受到什麼樣的影響。透過分析通訊協定和網路攻擊的運作機制後，我們也提出建議的因應方式。
在攻擊類型方面，以常見四種攻擊類型作為影響協定運作的主要分析因素。這些攻擊類型分別為激增攻擊(Rushing Attack)、黑洞攻擊(Blackhole Attack)、鄰近攻擊(Neighbor Attack)和水母攻擊(Jellyfish Attack)。
從分析結果來看，DDM在本質上有不錯的防禦能力，但是缺乏完整的攻擊偵測機制。來源端若能加強對成員節點是否發動攻擊的偵測能力，適時將攻擊節點從會議中刪除，將有助於提昇整體網路的安全性。值得注意的是在無狀態模式下，如果來源端就是攻擊者時，就能發動資源消耗攻擊並且不會被中間節點發現。對於這類型的攻擊目前仍然沒有找到預防的方法，這也成為了DDM的隱憂之一。建議在未來加強DDM安全設計時，可以考慮將這些不足之處補足，以提昇無狀態多重播送通訊協定的安全性。

Multicasting is intended for group-oriented computing. There are more and more applications where one-to-many or many-to-many dissemination is an essential task. Multicast is rapidly becoming an important mode of communication and a good platform for building group-oriented services. To be used for trusted communication, however, current multicast schemes must be supplemented by mechanisms for protecting traffic, controlling participation, and restricting access of unauthorized users to data exchanged by the participants.
In this paper, we examine the use of stateless multicast, DDM (Differential Destination Multicast), routing protocol in MANETs had different types of attacks, and MANETs will have any effect. Through analysis of communication protocols and the operating mechanism of attack, we also propose to avoid attacks by the way. The paper considered the attacks, which mainly includes the following four common attacks, Rushing attack, Black hole attack, Neighbor attack, and Jellyfish attack.
According to analysis result, DDM has good defense capability in essence, but lack the intact attack sensing mechanism. If the source end can enhance detection ability to member node attack, and delete attack node from the set list in good time, which will contribute to promoting the security of the whole network. Under stateless mode, it is noteworthy that when the source end is an assailant, it can mobilize resources to consume and such attack will not be found by the middle node. Have not found the method to prevent the attack of this type yet, this has become one of the secret worries of DDM too. In future we suggest that strengthening the safety design of DDM can consider supplementing these weak points, in order to promote the security of stateless multicast routing protocol.

摘要．．．．．．．．．．．．．．．．．．．．．．．．．．．．．i
Abstract ．．．．．．．．．．．．．．．．．．．．．．．．．．ii
誌謝．．．．．．．．．．．．．．．．．．．．．．．．．．．．．iii
目錄．．．．．．．．．．．．．．．．．．．．．．．．．．．．．iv
表目錄．．．．．．．．．．．．．．．．．．．．．．．．．．．．vi
圖目錄．．．．．．．．．．．．．．．．．．．．．．．．．．．．vii
第一章 緒論．．．．．．．．．．．．．．．．．．．．．．．．．．1
1.1 研究背景．．．．．．．．．．．．．．．．．．．．．．．．．1
1.2 研究動機及目的．．．．．．．．．．．．．．．．．．．．．．1
1.3 研究限制．．．．．．．．．．．．．．．．．．．．．．．．．2
第二章 相關文獻探討．．．．．．．．．．．．．．．．．．．．．．3
2.1 多重播送協定類型．．．．．．．．．．．．．．．．．．．．．3
2.2 常見的攻擊類型．．．．．．．．．．．．．．．．．．．．．．4
2.2.1 激增攻擊．．．．．．．．．．．．．．．．．．．．．．．．4
2.2.2 黑洞攻擊．．．．．．．．．．．．．．．．．．．．．．．．6
2.2.3 鄰近攻擊．．．．．．．．．．．．．．．．．．．．．．．．7
2.2.4 水母攻擊．．．．．．．．．．．．．．．．．．．．．．．．7
第三章 不同目的端多重播送協定．．．．．．．．．．．．．．．．．9
3.1 DDM概述 ．．．．．．．．．．．．．．．．．．．．．．．．．9
3.2 DDM運作機制 ．．．．．．．．．．．．．．．．．．．．．．．10
3.2.1 通訊協定概要．．．．．．．．．．．．．．．．．．．．．．10
3.2.2 路徑資訊維護．．．．．．．．．．．．．．．．．．．．．．12
3.3 通訊協定假設．．．．．．．．．．．．．．．．．．．．．．．14
3.4 資料結構．．．．．．．．．．．．．．．．．．．．．．．．．14
3.4.1 封包格式．．．．．．．．．．．．．．．．．．．．．．．．15
3.4.2 資料封包格式．．．．．．．．．．．．．．．．．．．．．．18
3.4.3 DDM標頭格式 ．．．．．．．．．．．．．．．．．．．．．．21
3.4.4 成員管理．．．．．．．．．．．．．．．．．．．．．．．．22
3.5. 處理流程．．．．．．．．．．．．．．．．．．．．．．．．．23
3.5.1 FS、DS同步化．．．．．．．．．．．．．．．．．．．．．．27
3.5.2 定時器與二種運作模式 ．．．．．．．．．．．．．．．．．．27
3.5.3 多重播送封裝(Multicast Data Encapsulation)．．．．．28
3.6 DDM特性 ．．．．．．．．．．．．．．．．．．．．．．．．．29
3.6.1 無狀態模式．．．．．．．．．．．．．．．．．．．．．．．29
3.6.2 軟狀態模式．．．．．．．．．．．．．．．．．．．．．．．30
第四章 攻擊影響和因應方式．．．．．．．．．．．．．．．．．．．31
4.1 激增攻擊方式與目的．．．．．．．．．．．．．．．．．．．．31
4.1.1對DDM的影響分析(激增攻擊) ．．．．．．．．．．．．．．．32
4.1.2 建議因應方式(激增攻擊)．．．．．．．．．．．．．．．．．33
4.2 黑洞攻擊方式與目的．．．．．．．．．．．．．．．．．．．．34
4.2.1對DDM的影響分析(黑洞攻擊) ．．．．．．．．．．．．．．．35
4.2.2 建議因應方式(黑洞攻擊)．．．．．．．．．．．．．．．．．36
4.3 鄰近攻擊方式與目的 ．．．．．．．．．．．．．．．．．．．．37
4.3.1對DDM的影響分析(鄰近攻擊)．．．．．．．．．．．．．．．．37
4.3.2 建議因應方式(鄰近攻擊)．．．．．．．．．．．．．．．．．38
4.4 水母攻擊方式與目的 ．．．．．．．．．．．．．．．．．．．．39
4.4.1對DDM的影響分析(水母攻擊)．．．．．．．．．．．．．．．．39
4.4.2 建議因應方式(水母攻擊)．．．．．．．．．．．．．．．．．40
4.5 小結 ．．．．．．．．．．．．．．．．．．．．．．．．．．．40
第五章 結論及未來研究方向．．．．．．．．．．．．．．．．．．．42
5.1結論．．．．．．．．．．．．．．．．．．．．．．．．．．．．42
5.2未來研究方向．．．．．．．．．．．．．．．．．．．．．．．．43
參考文獻．．．．．．．．．．．．．．．．．．．．．．．．．．．．44

[1]Aad, I., J.P. Hubaux, and E.W. Knightly, “Denial of Service Resilience in Ad Hoc Networks”, ACM International Conference on Mobile Computing and Networking, Philadelphia, PA, Sep. 2004, pp. 202-215.
[2]Asokan, N. and G. Philip, “Key-agreement in ad-hoc networks”, Computer Communications, Vol. 23, No. 17, Nov. 2000, pp. 1627-1637.
[3]Boivie, R. , “A New Multicast Scheme for Small Groups”, IBM Research Report RC21512(97046), June, 1999
[4]Corderiro, C.M., H. Gossain, and D.P. Agrawal, “Multicast over Wireless Mobile Ad Hoc Networks: Present and Future Directions”, IEEE Network, Vol. 17, No. 1, Jan.-Feb. 2003, pp. 52-59.
[5]Garcia-Luna-Aceves, J. J. and E.L. Madruga, “A Multicast Routing Protocol for Ad-Hoc Networks”, Proceedings of IEEE INFOCOM'99, March, 1999.
[6]Garcia-Luna-Aceves, J.J. and E.L. Madruga, “The Core-Assisted Mesh Protocol”, IEEE Journal on Selected Areas in Communications, Vol. 17, No. 8, Aug. 1999, pp. 1380-1994.
[7]Gerla, M. , S.-J. Lee, and W. Su. “On-Demand Multicast Routing Protocol(ODMRP) for Ad Hoc Networks” , Internet draft, draft-ietf-manet-odmrp-02.txt, 2000.
[8]Hu, Y.C., A. Perrig, and D.B. Johnson, “Ariadne: A secure on-demand routing protocol for ad hoc networks”, Eighth ACM International Conference on Mobile Computing and Networking, Sep. 2002.
[9]Hu, Y.C., A. Perrig, and D.B. Johnson, “Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols”, ACM workshop on Wireless security, San Diego, CA, Sep. 2003.
[10]Ji, L. and M. Corson, “Light-weight Adaptive Multicast”, In Proceedings of IEEE GLOBECOM '98, November, 1998.
[11]Ji, L. and M. S. Corson, “Differential Destination Multicast - A MANET Multicast Routing Protocol for Small Groups” , Proc. INFOCOM, 2001, pp.1192–02.
[12]Josh, B., D. Johnson, and D. Maltz, “The dynamic source routing protocol for mobile ad hoc networks”, http://www.ietf.org/internetdrafts/draft-ietf-manet-dsr-03.txt, IETF Internet Draft, June 1999.
[13]Kiu, M., R.R. Talpade, A. McAuley, and E. Bommaiah, “AMRoute: Adhoc Multicst Routing Protocol”, Internet Draft, IETF, Aug. 1998.
[14]Nguyen, H.L. and U.T. Nguyen, “Study of Different Types of Attacks on Multicast in Mobile Ad Hoc Networks”, Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies, Apr. 2006, pp. 23-29.
[15]Ooms, D. and W. Livens, “Connectionless Multicast”, Internet Draft draft-ooms-cl-multicast-01.txt, October, 1999.
[16]Royer, E.M. and C.E. Perkins, “Multicast Operation of the Ad Hoc On-Demand Distance Vector Routing Protocol”, ACM International Conference on Mobile Computing and Networking, Seattle, WA, Aug. 1999, pp. 207-218.
[17]Sinha, P., R. Sivakumar, and V. Bharghavan, “MCEDAR: Multicast Core-Extraction Distributed Ad hoc Routing”, IEEE Wireless Commun. and Net.Conf., Sept. 1999, pp. 1313–17.
[18]Wu, C.W. and Y.C. Tay, “AMRIS: A Multicast Protocol for Ad hoc Wireless Networks”, IEEE Military Communications International Symposium, Nov. 1999, pp. 25-29.