臺灣博碩士論文加值系統

本篇論文探討流量控制傳輸協定(Stream Control Transmission Protocol,SCTP)於無線網路換手程序中防禦阻絕式服務(Denial of Service,DoS)攻擊和換手延遲的分析。在無線網路環境裡，換手延遲導致封包遺失的問題與阻絕式服務攻擊的威脅一直被關注，而SCTP的多元宿主(Multi-Homed)和多路串流(Multi-Streams)功能，可有效減少無線網路換手延遲時間並提升端點到端點的吞吐量，SCTP的四路交握的連線建立程序加上曲奇(Cookie)的使用以及核查標記的設計可防禦阻絕式服務攻擊的威脅。基於上述原因，本論文在NS-2(Network Simulator)模擬器上實作SCTP的通訊協定，以模擬SCTP在換手程序時防禦阻絕式服務攻擊的能力、分析換手延遲時間、以及分析端點對端點的吞吐量。

This paper explores the performance analysis of Denial of Service(DoS) protection scheme for Stream Control Transmission Protocol(SCTP) in the process of wireless handoff. In wireless networks, the problem of packet loss caused by handoff process and the threat of DoS attack has been concerned. The Multi-Homed and Multi-Streams function of SCTP effectively reduce the handoff delay and enhance the end-to-end throughput. However, 4-way handshake function of SCTP cooperate with Cookie and Verification Tag to prevent the threat of DoS attack.
Based on above reasons, we implement the SCTP module in NS-2. Finally, we simulated SCTP in wireless network with or without the attacks, reflected the handoff delay and end-to-end throughput.

中文摘要 i
英文摘要 ii
誌 謝 iii
目 錄 iv
表目錄 vi
圖目錄 vii
1.1 研究背景 1
1.2 研究動機與目的 1
1.3 文獻探討 2
1.4 論文架構 3
第二章 行動式網際網路通訊協定 4
2.1 行動式網際網路通訊協定架構 4
2.2 行動式網際網路通訊協定運作原理 6
2.2.1發現代理器 6
2.2.2註冊 7
2.2.3建立隧道 8
2.3 行動式網際網路通訊協定換手機制 9
第三章 流量控制傳輸協定 10
3.1流量控制傳輸協定特色 10
3.2 訊息格式 11
3.2.1 初始區塊 13
3.2.2 曲奇回聲區塊 14
3.2.3 資料區塊 14
3.2.4 選擇性回應區塊 15
3.3 多元宿主 16
3.4 多路串流 17
3.5 關聯的建立與關閉 17
3.6 資料傳送與壅塞控制 21
第四章 流量控制傳輸協定實作 22
4.1 安全性機制概述 22
4.1.1 安全性運作方式 22
4.1.2 安全性機制應用於行動式網際網路通訊協定 24
4.2 程式流程 24
4.2.1 SCTP模組 25
4.2.2 SCTP程式流程 25
4.3 實現SCTP安全性機制 27
第五章 模擬實驗 29
5.1 模擬環境簡介 29
5.2 模擬架構與參數選定 32
5.3 模擬實驗結果 34
第六章 結論與未來展望 39
6.1 結論 39
6.2 未來展望 39
參考文獻 40

[1]IEEE Std. 802.11-1999, Information technology – Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific requirements – Part11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications, IEEE, 1999.
[2]IEEE Std. 802.11a-1999, Supplement to IEEE Standard for Information technology - Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific requirements – Part11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications:High-speed Physical Layer in 5 GHz Band, IEEE, 1999.
[3]IEEE Std. 802.11b-1999, Supplement to IEEE Standard for Information technology - Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific requirements – Part11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications:High-speed Physical Layer Extension in 2.4 GHz Band, IEEE, 1999.
[4]IEEE Std. 802.11g-2004, IEEE Standard for Information technology – Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific requirements – Part11:Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications: Amendment 4: Further Higher Data Rate Extension in the 2.4 GHz Band, IEEE, 2004.
[5]C. Perkins, “IP Mobility Support,” RFC 2002, IETF, 1996.
[6]A. Belenky and N. Ansari, “On IP traceback,” IEEE Communications Magazine, Volume 41, Issue 7, July 2003, pp. 142–153.
[7]J. Postel, “Transmission Control Protocol,” RFC 793, IETF, January 1980.
[8]Z.W. Park, J.H. Lee and M.K. Kim, “Design of an extended TCP for preventing DOS attacks,” International Symposium on Science and Technology, Volume:2, July 2003, pp.385-389.
[9]R. Stewart et al., “Stream Control Transmission Protocol,” RFC 2960, IETF, October 2000.
[10]Md. Nurul Islam and A. Kara, “Throughput Analysis of SCTP over a Multi-homed Association,” Proceedings of IEEE CIT’06, 2006.
[11]L. Sourabh and D. A. Paul, “Improving Multiple File Transfers Using SCTP Multistreaming,” Proceedings IPCCC, April 2004.
[12]J. K. Song and W. Wang, “A simulation study of IP-based vertical handoff in wireless convergent networks”, Wirel. Commun. Mob. Comput., 2006.
[13]The network simulator - ns-2: http://www.isi.edu/nsnam/ns, June 2008.
[14]C. Perkins, “IP Mobility Support for IPv4,” RFC 3220, IETF, 2002.
[15]C. Perkins, “IP Mobility Support for IPv4,” RFC 3344, IETF, 2002.
[16]S. Deering, “ICMP Router Discovery Messages,” RFC 1256, IETF, 1991.
[17]ns-2 sctp module: http://pel.cis.udel.edu, June 2008.
[18]K. Fall and K. Varadhan, The ns Manual (formerly ns otes and Documentation), http://www.isi.edu/nsnam/ns/doc/, June 2008.
[19]E. Altman and T. Jimenez, NS Simulator for beginners, http://www-sop.inria.fr/maestro/personnel/Eitan.Altman/COURS-NS/n3.pdf, June 2008.
[20]A. V. Aho, B. W. Kernighan and P. J. Weinberger, The AWK Programming Language, Addison-Wesley, 1988.
[21]T. Chen, M. Sortais, G. Schäfer, S. Adams, C. Fan and A. Wolisz, “Performance analysis of a Denial of Service protection scheme for optimized and QoS-aware handover, ” Computer Networks, Volume:49, 2005, pp.449-464.