跳到主要內容

臺灣博碩士論文加值系統

(98.84.18.52) 您好!臺灣時間:2024/10/10 19:47
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:張克塵
研究生(外文):Ko-Chen Chang
論文名稱:在無線網路中對抗MAC位址欺騙威脅之代理人機制設計
論文名稱(外文):Design of an Agent-based Mechanism to Counter MAC Address Spoofing Threats in Wireless Networks
指導教授:楊正仁楊正仁引用關係
學位類別:碩士
校院名稱:元智大學
系所名稱:資訊工程學系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2007
畢業學年度:95
語文別:中文
論文頁數:31
中文關鍵詞:存取控制MAC 位址欺騙威脅代理人機制無線網路
外文關鍵詞:Access ControlMAC Address Spoofing ThreatsAgent-based MechanisumWireless Networks
相關次數:
  • 被引用被引用:0
  • 點閱點閱:353
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
無線網路提供了便利的網路存取服務,但是惡意使用者卻可以透過偽造MAC位址的方式來非法使用網路。在這種網路威脅中,惡意使用者不但可以自由存取網路,竊取使用者的機密,甚至可以對遠端伺服器達成阻斷式攻擊,或是對使用者正在進行的網路連線進行綁架攻擊。在目前的存取控制協定中,雖然有方法可以對抗偽造MAC位址所產生的威脅,但是其佈建或更新的代價相當高昂。針對於此,本論文中提出了一個代理人機制來對抗MAC位址偽造的威脅。此機制的作法主要是利用合法下載之代理人將傳送出去的封包加密,經由存取控管伺服器之驗證與解密,才進行正常傳送流程。由於惡意使用者無法取得合法代理人,傳送出去的封包便會變成無效封包,進而對抗MAC位址偽造所產生的威脅。我們將此機制以JAVA實作在Linux與Windows上,並驗證此機制可對抗MAC位址偽造的威脅,未來可進一步推廣在無線網路中。
Wireless networks provide convenient Internet services. Unfortunately, malicious users can illegally access the network using MAC address spoofing. They may also initiate othter network attacks to violate the rights of legal users. Although many approaches exist to counter MAC address spoofing threats in current access control protocols, their deployment costs are very high. In this thesis, we propose an agent-based mechanism to counter MAC address spoofing threats. Because malicious users cannot get the agent, the illegal transmitted packets will be treated as invalid packets and filtered out. We have implemented this mechanism on Linux and Windows in JAVA. We also show that the mechanism can counter MAC address spoofing threats.
1 導論 1
1.1 研究背景 1
1.2 研究動機 2
1.3 設計概念及特點 2
1.4 論文章節概述 3
2 相關研究 4
2.1 WEP 4
2.1.1 認證方式 4
2.1.2 WEP所存在的問題 4
2.2 IEEE 802.11i 及IEEE 802.1x 標準 5
2.2.1 存取控制方式 5
2.2.2 IEEE 802.11i 的問題 7
2.3 Stanford Protocol 7
2.3.1 Secure Internet Access Protocol 8
2.3.2 Secure Link Access Protocol 8
2.3.3 Stanford Protocol 的討論 9
2.4 Lancaster Protocol 9
2.4.1 認證方式 9
2.4.2 Lancaster Protocol 的討論 10
2.5 Radio Frequency Fingerprinting 10
2.5.1 頻率指紋特性 10
2.5.2 RFF之討論 11
2.6 本章總結 11
3 代理人存取控制機制 14
3.1 運作流程 14
3.2 代理人機制及管理方式 15
3.2.1 加密模式 16
3.2.2 代理人的管理方式 19
3.3 安全威脅分析 19
3.3.1 MAC位址欺騙 19
3.3.2 竊聽防護 20
3.3.3 DoS攻擊 20
3.3.4 綁架攻擊 21
3.4 本章總結 21
4 實驗結果 22
4.1 實驗環境介紹 22
4.2 實驗內容 22
4.2.1 封包傳輸實驗 23
4.2.2 檔案傳輸實驗 25
4.3 本章總結 26
5 結論 27
參考文獻 29
自傳 31
[1] http://www.winpcap.org/.
[2] http://www.wu-ftpd.org/.
[3] “Wi-fi protected access,” http://www.wi-fi.org/.
[4] “Advanced Encryption Standard (AES),” FIPS PUB 197, Nov. 2001. [Online]. Available: http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
[5] B. Aboba and D. Simon, “PPP EAP TLS Authentication Protocol,” RFC 2716 (Informational),1996.
[6] IEEE Standard for Information technology — telecommunications and information exchange between systems - Local and metropolitan area networks- Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications Amendment 6: Medium Access Control (MAC) Security Enhancements, Amendment to ISO/IEC 8802-11/1999(I) ANSI/IEEE Std 802.11,1999 edition, 2004.
[7] W. A. Arbaugh, N. Shankar, and Y. J. Wan, “Your 802.11 Network has no Clothes,” in Proceedings of the First IEEE International Conference on Wireless LANs and Home Networks, Dec. 2001, pp. 131–144.
[8] D. B. Faria and D. R. Cheriton, “DoS and Authentication in Wireless Public Access Networks,” in Proceedings of the Third ACM Workshop on Wireless Security (WiSE’02), 2002, pp. 47–56.
[9] S. Fluhrer, I. Mantin, and A. Shamir, “Weaknesses in the Key Scheduling Algorithm of RC4,” in Proceedings of 8th Annual Workshop on Selected Areas of Cryptography, Toronto, Aug. 2001, pp. 1–24.
[10] J. Hall, M. Barbeau, and E. Kranakis, “Detecting Rogue Devices in Bluetooth Networks Using Radio Frequency Fingerprinting,” in Proceedings of the 15th International Conference on Computer Communications and Networks (ICCCN’06), Oct. 2006.
[11] IEEE Standard for Local and metropolitan area networks Port-Based Network Access Control, IEEE Std 802.1X-2004 (Revision of IEEE Std 802.1X-2001), 2004.
[12] A. Mishra, N. L. Petroni, and W. A. Arbaugh, “Security Issues in IEEE 802.11 Wireless Local-Area Networks: A Survey,” Wireless Communications and Mobile Computing Journal, vol. 4, no. 8, pp. 821–833, 2004.
[13] J. S. Park and D. Dicoi, “WLAN Security: Current and Future,” IEEE Internet Computing, vol. 7, no. 5, pp. 60–65, Sept. 2003.
[14] S. Schmid, J. Finney, M. Wu, A. Friday, A. Scott, and D. Shepherd, “An Access Control Architecture for Metropolitan Area Wireless Networks,” in Proceedings of the 8th Interactive Distributed Multimedia Systems and telecommunication Services (IDMS), Nov. 2001, pp. 29–37.
[15] Z. Wan, R. H. Deng, F. Bao, and A. L. Ananda, “Access Control Protocols with Two-layer Architecture for Wireless Networks,” Computer Networks, vol. 51, pp. 655–670, Feb. 2007.
[16] H. Wang, A. Prasad, P. Schoo, K. Bayarou, and S. Rohr, “Security mechanisms and security analysis: hotspot WLANs and inter-operator roaming,” in Vehicular Technology Conference, 2004. VTC 2004-Spring. 2004 IEEE 59th, May 2004, pp. 2492–2496.
[17] Best Current Practices for Wireless Internet Service Provider (WISP) Roaming, v1.0 ed., Wi-Fi Alliance, Feb. 2003.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top