跳到主要內容

臺灣博碩士論文加值系統

(44.220.62.183) 您好!臺灣時間:2024/03/01 18:57
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:張格銘
研究生(外文):Ko-Ming Chang
論文名稱:應用在叢聚式感測網路上的入侵預防與偵測方法
論文名稱(外文):An Intrusion Prevention and Detection Approach for Clustering-Based Sensor Networks
指導教授:郭耀煌郭耀煌引用關係
指導教授(外文):Yau-Huang Kuo
學位類別:碩士
校院名稱:國立成功大學
系所名稱:資訊工程學系碩博士班
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2004
畢業學年度:92
語文別:英文
論文頁數:56
中文關鍵詞:感測網路叢聚式入侵預防入侵偵測
外文關鍵詞:Intrusion DetectionIntrusion PreventionSensor networkClustering-based
相關次數:
  • 被引用被引用:0
  • 點閱點閱:133
  • 評分評分:
  • 下載下載:7
  • 收藏至我的研究室書目清單書目收藏:5
  感測網路(sensor network)主要散佈在廣大的區域,且自動地建立路由,因此安全性的議題變得十分重要。現今有許多著名的叢聚式(clustering-based)路由協定,提供了聚集資料的方法以節省感測網路傳遞所需的電力。但是,沒有一種叢聚式路由協定在設計時加入安全性的考量。

  在本篇論文中,我們分析一些常見攻擊用在叢聚式感測網路的可能行為,並且針對這些攻擊行為提出二個主要的方法來增加感測網路的安全性:一、基於認證機制的入侵預防二、節省能源的入侵偵測機制。在第一個方法中,我們針對叢集管理者(cluster-head)和成員節點(member node)使用二種不同的認證方式以節省成員節點在傳送大量資料時所需認證資訊的計算。在第二個方法中,我們也針對不同的節點角色使用不同的監控機制。在監控叢集管理者時,我們讓鄰近的節點來輪流監控叢集管理者。這樣可以節省每個節點在做監控的時間,進而節省能源。在監控成員節點時,叢集管理者有充分的權利去偵測和廢止惡意的成員節點,但只限於該叢聚時間。因為只有叢集管理者去監控成員節點,而不是讓所有鄰近的成員節點相互監控,這樣可以節省許多能源。

  最後,我們利用數學論證及實驗模擬來證明我們的方法能在一定的安全程度下達到能源節省。
  Security issues are important for the sensor network deployed in large area and automatically establishing the data route. Recently many famous clustering-based routing protocols provide energy-aware solutions for sensor network. However,the security related works are rare.

  In this paper, we analyze some famous attack methods on clustering-based sensor networks and propose two methods to improve the security of sensor networks: authentication based intrusion prevention and energy saving intrusion detection mechanism. In the first method, we use two different authentications for cluster-head and member nodes to save the computation power of each node. In the second method, we also use two different mechanisms for monitoring cluster-head and member nodes. When monitoring cluster-head, we let neighbor nodes take turns to monitor
cluster-head. This can reduce the monitoring-time, and therefore save the energy of monitor nodes. When monitoring member nodes, cluster-head has the authority to detect and revoke malicious member nodes in the round time. It can save lots of energy because we using cluster-head to monitor member nodes instead of using all neighbors to monitor each other.

  Finally, we demonstrate that our method is energy saving and has tolerance of certain intrusions with mathematical analysis and simulations
Abstract                                I
誌謝                                  V
List of Figures                            IX
List of Tables                            XI
Chapter 1 Introduction ______________________________________________ 1
1.1 Overview of Sensor Networks                    1
 1.1.1 Structure and topology                    1
 1.1.2 Data routing                         1
 1.1.3 Energy issue                         2
1.2 Motivation                            2
1.3 Assumptions and design goals                   3
1.4 Layout of thesis                         3
Chapter 2 Related Works of Secure Sensor Networks___          5
2.1 Symmetric keys management                     5
2.2 Categorization of clustering-based routing protocols       8
2.3 Attacks against clustering-based sensor networks         10
 2.3.1 Bogus routing information                  10
 2.3.2 Hello floods                         11
 2.3.3 Sinkhole attack                       12
 2.3.4 Black hole attack                      14
 2.3.5 Select forward                        14
 2.3.6 Denial of service                      15
Chapter 3 Authentication-Based Intrusion Prevention_________________ 16
3.1 Summary of attacks and their solutions              16
3.2 Authenticate cluster-head, forwarding node and base station   19
3.3 Authenticate member node                     20
Chapter 4 Energy-Saving Intrusion Detection ________________________ 23
4.1 General detection methods                    23
 4.1.1 Monitoring packet-dropping misbehavior            24
 4.1.2 Monitoring packet-duplicating misbehavior          25
 4.1.3 Monitoring packet-jamming misbehavior            25
4.2 Energy-saving monitor mechanism                 26
 4.2.1 Monitor cluster-head                     26
 4.2.2 Monitor member nodes                     27
4.3 Reactions to the intrusion                    28
 4.3.1 The intrusion reaction of an abnormal cluster-head      28
 4.3.2 The intrusion reaction of abnormal member nodes       31
4.4 Determination of alarm threshold and group size         32
 4.4.1 Determination of alarm threshold X              32
 4.4.2 Determination of group size k                34
4.5 The mathematical analysis of energy-saving monitoring      37
Chapter 5 System Analysis and Simulation ___________________________ 40
5.1 Simulation environment                      40
 5.1.1 Situation 1: LEACH                      41
 5.1.2 Situation 2: LEACH under attack               41
 5.1.3 Situation 3: LEACH + IPD                   41
 5.1.4Situation 4: LEACH + IPD under attack             42
5.2 Simulation result and analysis                  43
 5.2.1 Experimental Set-up                     43
 5.2.2 Simulation result                      47
 5.2.3 Analysis                           48
Chapter 6 Conclusions and Future Work_______________________________ 51
6.1 Summary of contributions                     51
6.2 Future Work                           52
References __________________________________________________________ 53
Biography ___________________________________________________________ 56
[1]I.F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, "Wireless sensor networks: a survey," Computer Networks, Elsevier Science, vol. 38, no. 4, pp.393-442, 2002.

[2]W. Heinzelman, A. Chandrakasan, and H. Balakrishnan, "Energy-efficient communication protocols for wireless microsensor networks," in Proceedings of Hawaiian International Conference on Systems Science, January 2000.

[3]A. Manjeshwar and D. P. Agrawal, "TEEN: a routing protocol for enhanced efficiency in wireless sensor networks," in 1st International Workshop on Parallel and Distributed Computing Issues in Wireless Networks and Mobile Computing, April 2001.

[4]A. Manjeshwar and D. P. Agrawal, "APTEEN: a hybrid protocol for efficient routing and comprehensive information retrieval in wireless sensor networks," in Proceedings of the International Parallel and Distributed Processing Symposium, pp. 48, April 2002.

[5]S. Lindsey and C. S. Raghavendra, "PEGASIS: power-efficient gathering in sensor information systems," in IEEE Aerospace Conference Proceedings, vol. 3, pp. 3-1125, March 2002.

[6]D. Wood and J. A. Stankovic, "Denial of service in sensor networks computer," IEEE JNL vol. 35, Issue 10, pp. 54 - 62, October 2002.

[7]A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. D. Tygar, "SPINS: Security protocols for sensor networks," in Proceedings of Seventh Annual ACM International Conference of Mobile Computing and Networks (MOBICOM 2001), July 2001.

[8]L. Eschenaure and V. D. Gligor, "A key-management scheme for distributed sensor networks," in Proceedings of ACM CCS 2002. Washington D.C., 2002.

[9]S. Zhu, S. Setia, and S. Jajodia, "LEAP: efficient security mechanisms for large-scale distributed sensor networks," in Proceedings of the 10th ACM conference on Computer and communication security, Washington, DC, USA., October 27-31, 2003.

[10]O. Goldreich, S. Goldwasser, and S. Micali, "How to construct random functions," Journal of the ACM, vol. 33, No. 4, pp. 792-807, October 1986.

[11]C. Karlof and D. Wanger, "Secure routing in wireless sensor networks: attacks and countermeasures," in Sensor Network Protocols and Applications, 2003. Proceedings of the First IEEE. 2003 IEEE International Workshop, May 11, 2003

[12]H. Yang, X. Meng, and S. Lu, "Self-organized network-layer security in mobile Ad Hoc networks," in ACM MOBICOM Wireless Security Workshop (WiSe'02), Atlanta, September, 2002

[13]MIT uAMPS project LEACH CAD tool http://www-mtl.mit.edu/research/icsystems/uamps/research/cad.shtml

[14]The Network Simulator - ns-2 http://www.isi.edu/nsnam/ns/

[15]R. Rivest, "The MD5 Message Digest Algorithm, " RFC 1321, 1992

[16]R. M. Davis, "The Data Encryption Standard in Persepective," Computer Security and the Data Encryption Standard, National Bureau of Standards Special Publication, February 1978.

[17]NBS FIPS PUB 46, "Data Encryption Standard," National Bureau of Standards, U.S. Department of Commerce, January 1977.

[18]NBS FIPS PUB 46-1, "Data Encryption Standard," National Bureau of Standards, U.S. Department of Commerce, January 1988.

[19]W. Heinzelman. "Applications-specific protocol architectures for wireless networks." PhD thesis, Massachusetts Institute of Technology, 2000.

[20]Adrian Perrig, Ran Canetti, J.D. Tygar, and Dawn Song. "Efficient authentication and signing of multicast streams over lossy channels." in Proceedings of the IEEE Symposium on Research in Security and Privacy, pp. 56-73, Oakland, CA, May 2000.
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
1. 67. 楊明恭、郭政源(2000)。企業文化與員工教育訓練的關係探討。就業與訓練,18(5),49-52。
2. 74. 張肅婷(2002)。員工工作態度與組織文化、領導行為、工作滿足及組織承諾間之關係研究。弘光學報,40,1-10。
3. 85. 劉佩雲 (2000)。自我調整學習模式之驗證。教育與心理研究, 23,173-205。
4. 66. 楊仁壽(2000)。動態複雜任務中挑戰性標的與短期標的。管理學報,17(1),43-69。
5. 64. 楊淑萍(1995)。自我效能在認知技巧學習和生涯發展上的應用(上)。諮商與輔導,110,20-25。
6. 63. 黃瓊慧(2002)。改變員工行為措施成效對變革結果的影響─社會學習的觀點。人力資源管理學報,2(2),夏季號,65-80。
7. 96. 蕭錫錡、沈健華(2000)。企業訓練遷移基本概念之探討。人力資源發展月刊,130,1-6。
8. 92. 簡俊成、翁志成、楊玲惠 (2001)。服務業員工角色壓力、自我效能、工作滿意度與內部服務品質之關係─以百貨業為例之實證研究。中山管理評論,9(3),395-423。
9. 80. 萬金生(2003)。探討一般自我效能對台灣地區資訊人員特殊自我效能影響委外工作績效之研究。高雄餐旅學報,2,135-145。
10. 88. 鄭紹成 (2002)。服務補救滿意構面之探索性研究。管理評論, 21(3),46-68。
11. 87. 鄭英耀、黃正鵠(1996)。教師自我效能相關因素之研究。教育學刊,12,219-244。
12. 62. 黃毓華、鄭英耀(1996)。一般性自我效能量表之修訂。中國測驗學會測驗年刊,43,279-286。
13. 61. 黃惇勝(1991)。服務業訓練的特性及推動策略。就業與訓練,9(3),6-8。
14. 46. 湯大緯(2002)。自我效能與工作績效之關聯性探討。人事月刊,34(4),5-13。
15. 45. 徐新逸、黃麗鈴(1999)。高中生學業成就自我效能與學業成就表現之探討:影響自我效能因素與成就表現相關研究。教育與心理研究,22,267-294。