跳到主要內容

臺灣博碩士論文加值系統

(18.97.14.90) 您好!臺灣時間:2025/01/22 13:59
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:李思穎
研究生(外文):Ssu-YinLi
論文名稱:無線軟體定義網路中可用於不同SSID之Openflow AP間的單一金鑰認證機制
論文名稱(外文):Single-key-based Wi-Fi Authentication for Multiple Openflow APs with Different SSIDs in Wireless SDN
指導教授:蔡孟勳蔡孟勳引用關係
指導教授(外文):Meng-Hsun Tsai
學位類別:碩士
校院名稱:國立成功大學
系所名稱:資訊工程學系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2015
畢業學年度:103
語文別:英文
論文頁數:41
中文關鍵詞:認證機制無線網路軟體定義網路服務設定識別碼識別元
外文關鍵詞:authenticationIEEE 802.11Software Defined Network(SDN)Service Set Identifier(SSID)
相關次數:
  • 被引用被引用:0
  • 點閱點閱:194
  • 評分評分:
  • 下載下載:9
  • 收藏至我的研究室書目清單書目收藏:0
隨著移動型裝置使用量不斷地成長,存取網路的使用量也大為增加,無線網路服務的提供變得相當重要。儘管在日常環境中已佈署許多無線存取點(AP)可供應無線網路服務,但大多AP是屬於個人建置之封閉式AP (具不同SSID),僅為數有限的使用者可認證、使用。導致雖然有大量AP佈建在生活周遭,卻無法使用。
軟體定義網路有別於傳統網路,將資料和控制模組分開,採用集中式控制器進行管理。其中控制器與交換器之間的OpenFlow協定,可以讓控制器與多種支援OpenFlow的交換器溝通,大幅增加軟體定義網路於硬體設備上的彈性。
在論文中,我們提出讓軟體定義網路與無線網路結合的方案。讓控制器管理不同SSID的AP。並將AP組成一個個群組,只要使用者曾經認證、連線其中一個AP,即可不需密碼地暫時借用同個群組中的其他AP。實測與模擬的結果顯示,所有的方法中,我們的方法有最快的使用者連線建立速度,並且確實能夠大幅的增加使用者可使用AP的比例。
The number of mobile devices is constantly growing, and the internet access utilization has also increased a lot. Providing wireless network service becomes more and more important. A lot of APs with different SSIDs are widely deployed, but most APs are closed (only authenticated users could access). Deployment of these APs does nothing to help with the massive users.
Software Defined Network (SDN) separates data plane and control plane, and the network is managed by centralized controllers. In SDN, Openflow protocol is used to communicate between controller and APs. Thus, it is more flexible to choose different vendors' hardware.
In this thesis, we propose a Wi-Fi auto authentication scheme which integrates SDN into personal mode of wireless network. The proposed scheme uses the controller to control APs with different SSIDs. We define that an AP group consists of more than one AP. After a user connects to an AP with passphrase, the user is then allowed to use other APs in the same AP group. In actual measurement, our scheme has the fastest speed of user connection with APs. In simulation, our scheme significantly increase the successful rate of user connection.
中文摘要. . . . . . . . . . . . . . . . . . . . . . . . i
Abstract . . . . . . . . . . . . . . . . . . .. . . . . ii
Acknowledgements . . . . . . . . . . . . . . . . . .. . iv
Contents . . . . . . . . . . . . . . . . . . . . . . . . v
List of Tables . . . . . . . . . . . . . . . . . . . . .vi
List of Figures . . . . . . . . . . . . . . . . . . . .vii
1 Introduction . . . . . . . . . . . . . . . . . . . .. .1
1.1 Software Defined Network . . . . . . . . . . . . . ..2
2 Related Works . . . . . . . . . . . . . . . . . . . . .6
3 Proposed Scheme . . . . . . . . . . . . . . . . . . . .8
3.1 Architecture and procedure . . . . . . . . . . . . ..8
3.2 Security Consideration . . . . . . . . . . . . . . .12
3.2.1 Modied WEP Passphrase Validation . . . . . . . . 12
3.2.2 Modied WPA2 Passphrase Validation . . . . . . . .14
4 Vulnerability analysis . . . . . . . . . . . . . . . .21
5 Performance Evaluation . . . . . . . . . . . . . . . .26
5.1 Actual measurement . . . . . . . . . . . . . . . . .26
5.2 Simulation experiment . . . . . . . . . . . . . . . 30
5.2.1 Impact of |Gn| on user successful connection . . .32
5.2.2 Impact of Valid time on user successful connection..35
6 Conclusion . . . . . . . . . . . . . . . . . . . . . .38
References . . . . . . . . . . . . . . . . . . . . . . .39
[1] 財團法人資訊工業策進會, 2014年上半年消費者行為調查. http://www.iii.org.tw/m/News-more.aspx?id=1367.
[2] 財團法人資訊工業策進會, 2013年台灣民眾行動與無線上網現況. http://www.find.org.tw/find/home.aspx?page=many&id=362.
[3] iPass Mobile Network. http://www.ipass.com/.
[4] Kok-Kiong Yap, Rob Sherwood, Masayoshi Kobayashi, Te-Yuan Huang, Michael Chan, Nikhil Handigol, Nick McKeown, and Guru Parulkar. Blueprint for introducing innovation into wireless mobile networks. In Proceedings of the second ACM SIGCOMM workshop on Virtualized infrastructure systems and architectures, pages 25-32. ACM, 2010.
[5] Martin Casado, Michael J Freedman, Justin Pettit, Jianying Luo, Nick McKeown, and Scott Shenker. Ethane: Taking control of the enterprise. In ACM SIGCOMM Computer Communication Review, volume 37, pages 1-12. ACM, 2007.
[6] Martin Casado, Tal Garfinkel, Aditya Akella, Michael J Freedman, Dan Boneh, Nick McKeown, and Scott Shenker. Sane: A protection architecture for enterprise networks. In Usenix Security, 2006.
[7] Natasha Gude, Teemu Koponen, Justin Pettit, Ben Pfaff, Martin Casado, Nick McKeown, and Scott Shenker. Nox: towards an operating system for networks. ACM SIGCOMM Computer Communication Review, 38(3):105-110, 2008.
[8] Nick McKeown, Tom Anderson, Hari Balakrishnan, Guru Parulkar, Larry Peterson, Jennifer Rexford, Scott Shenker, and Jonathan Turner. Openflow: enabling innovation in campus networks. ACM SIGCOMM Computer Communication Review, 38(2):69-74, 2008.
[9] Open Networking Foundation. https://www.opennetworking.org/.
[10] IEEE Standards Association et al. IEEE Standard for Information Technology-Telecommunications and Information Exchange Between Systems-Local and Metropolitan Area Networks-Specific Requirements: Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. IEEE, 2001.
[11] Nikita Borisov, Ian Goldberg, and David Wagner. Intercepting mobile communications: the insecurity of 802.11. In Proceedings of the 7th annual international conference on Mobile computing and networking, pages 180-189. ACM, 2001.
[12] Shawn Hernan, Scott Lambert, Tomasz Ostwald, and Adam Shostack. Uncover security design flaws using the stride approach msdn. microsoft. com, nov. 2006.
[13] Diego Kreutz, Fernando Ramos, and Paulo Verissimo. Towards secure and dependable software-defined networks. In Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking, pages 55-60. ACM, 2013.
[14] Sakir Sezer, Sandra Scott-Hayward, Pushpinder-Kaur Chouhan, Barbara Fraser, David Lake, Jim Finnegan, Niel Viljoen, Mary Miller, and Neeraj Rao. Are we ready for sdn? implementation challenges for software-defined networks. Communications Magazine, IEEE, 51(7):36-43, 2013.
[15] Aaron Yi Ding, Jon Crowcroft, Sasu Tarkoma, and Hannu Flinck. Software defined networking for security enhancement in wireless mobile networks. Computer Networks, 66:94-101, 2014.
[16] Seungwon Shin, Yongjoo Song, Taekyung Lee, Sangho Lee, Jaewoong Chung,Phillip Porras, Vinod Yegneswaran, Jiseong Noh, and Brent Byunghoon Kang. Rosemary: A robust, secure, and high-performance network operating system. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pages 78-89. ACM, 2014.
[17] Seungwon Shin, Vinod Yegneswaran, Phillip Porras, and Guofei Gu. Avant-guard: Scalable and vigilant switch ow management in software-de_ned networks. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 413-424. ACM, 2013.
[18] Philip Porras, Seungwon Shin, Vinod Yegneswaran, Martin Fong, Mabry Tyson, and Guofei Gu. A security enforcement kernel for openflow networks. In Proceedings of the first workshop on Hot topics in software defined networks, pages 121-126. ACM, 2012.
[19] Kevin Benton, L Jean Camp, and Chris Small. Openflow vulnerability assessment. In Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking, pages 151-152. ACM, 2013.
[20] Rowan Kloti, Vasileios Kotronis, and Paul Smith. Openflow: A security analysis. In Network Protocols (ICNP), 2013 21st IEEE International Conference on, pages 1-6. IEEE, 2013.

QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top