跳到主要內容

臺灣博碩士論文加值系統

(18.97.14.91) 您好!臺灣時間:2024/12/10 06:40
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:林敬超
研究生(外文):Ching-Chao Lin
論文名稱:行動物聯網路安全下基於流量之分群式修補
論文名稱(外文):Clustered Traffic-Aware Patching for Cyber Security in Mobile IoT
指導教授:鄭欣明鄭欣明引用關係
指導教授(外文):Shin-Ming Cheng
口試委員:蕭旭君黃俊穎李漢銘
口試委員(外文):Hsu-Chun HsiaoChun-Ying HuangHahn-Ming Lee
口試日期:2017-06-27
學位類別:碩士
校院名稱:國立臺灣科技大學
系所名稱:資訊工程系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2017
畢業學年度:105
語文別:英文
論文頁數:30
中文關鍵詞:異質連結物聯網惡意程式值譜分群法
外文關鍵詞:heterogeneous linksIoT malwarespectral clustering
相關次數:
  • 被引用被引用:0
  • 點閱點閱:167
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
現今通信技術的迅速發展以及物連網裝置的種種特性,包含了受限的運算資源、異質連結性以及脆弱的可用性,使處於物連網上的惡意使用者們能更容易地散佈惡意軟體,從而讓物連網受到巨大的安全挑戰。我們通常假設在傳統無線網路環境中,所有的節點均可以直接進行修補,相較於傳統網路設備而言,物連網裝置不具備足夠的資源,因此傳統的修補方法並無法套用在物連網的領域中。為了能高效率抑制惡意軟體的傳染速率,我們選擇修補通訊用的中介節點(intermediate node),有別於過往直接修補物連網裝置本身的方法,我們的選擇能有更好的效果。另一方面,我們利用傳染病模型(SIR模型)以及光譜叢集(Spectral Clustering)的概念針對整體網路進行分析,且分群演算法可避免所有的修補資源都被提供給具有最高平均流量的區域,而忽略其他處於需要修補區域中的中介節點。在本篇論文中,我們提出了一個新興的方法來針對物連網中重要的中介節點進行修補,其名為基於分群的流量感測修補法,這方法非常適用於修補資源受限且通訊響應時間被約束的物連網系統。最後我們利用機會網路環境(Opportunistic Network Environment, ONE)模擬器和真實世界的追溯資料來進行模擬,同時印證我們提出的基於分群的流量感測修補法確實能有效減輕惡意軟體的散佈速度。且此方法比起直觀的基於流量修補法有更好的修補效果。
The development of communication technology has provided malicious users formidable means to launch attacks through Internet of Things (IoT). The features of IoT devices which include constrained resources, heterogeneous links, and vulnerable usability facilitate the malware propagation, thereby raising new challenges on handling IoT-empowered malware for cyber security. The malware propagation control scheme in traditional wireless networks where nodes can be directly repaired and secured is not suitable for IoT since IoT devices are hard to be patched. To efficiently and effectively suppress the spreading of harmful information, blocking malware via patching the intermediate nodes (e.g., base stations, access point) instead of the infected mobile devices becomes our better choice. On the other hand, we analyze this network by exploiting the well-known epidemic model and the concept of spectral clustering. The clustering algorithm can avoid that all the patching resources being given to the area with the highest average traffic volume and neglect the intermediate node in other areas which also need to be patched. This article proposes a novel clustered traffic-aware patching scheme to select important infrastructures to patch, which is suitable for the IoT system with limited patching resources and response time constraint. We conduct experiments on real-world trace datasets by using Opportunistic Network Environment (ONE) simulator to show the advantage of clustered traffic-aware patching scheme in mitigating malware propagation, and clustered traffic-aware patching has better performance than intuitive degree-based patching.
Chinese Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Table of Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
List of Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
List of Illustrations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2 Related Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.1 Compromising IoT devices via infrastructure links . . . . . . . . . . . 10
2.2 Compromising IoT devices via device-to-device links . . . . . . . . . 10
3 System Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
4 Clustering on similarity graphs . . . . . . . . . . . . . . . . . . . . . . . . 16
4.1 Graph notation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
4.2 Cluster-based patching Algorithms . . . . . . . . . . . . . . . . . . . 17
5 Performance Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
6 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
3
1. G. Gan, Z. Lu, and J.Jiang, “Internet of things security analysis,” in Proc. IEEE iTAP 2011, Aug. 2011.
2. J. Granjal, E. Monteiro, and J. Silva, “Security for the Internet of Things: A survey of existing protocols and open research issues,” IEEE Commun. Surveys Tuts., vol. 17, pp. 1294–1312, July 2015.
3. Y. Minn, P. Pa, S. Suzuki, K. Yoshioka, T. Matsumoto, T. Kasama, and C. Rossow, “IoTPOT: Analysing the rise of IoT compromises,” in Proc.
USENIX Workshop 2015, Aug. 2015.
4. G. Zyba, G. M. Voelker, M. Liljenstam, A. Mehes, and P. Johansson, “Defending mobile phones from proximity malware,” in Proc. IEEE Infocom 2009, Apr. 2009, pp. 1503–1511.
5. M. Miettinen, S. Marchal, I. Hafeez, N. Asokan, A.-R. Sadeghi, and S. Tarkoma, “IoT Sentinel: Automated device-type identification for security enforcement in IoT,” CoRR, vol. abs/1611.04880v2, 2016.
6. P.-Y. Chen and S.-M. Cheng, “Sequential defense against random and intentional attacks in complex networks,” Phys. Rev. E, vol. 91, p. 022805, Feb. 2015.
7. P.-Y. Chen and A. O. Hero, “Assessing and safeguarding network resilience to nodal attacks,” IEEE Commun. Mag., vol. 52, no. 11, pp. 138–143, Nov. 2014.
8. S.-M. Cheng, P.-Y. Chen, C.-C. Lin, and H.-C. Hsiao, “Traffic-aware patching for cyber security in mobile iot,” arXiv preprint arXiv:1703.05400, July 2017.
9. E. Ronen and A. Shamir, “Extended functionality attacks on IoT devices: The case of smart lights,” in Proc. IEEE S&P Europe 2016, Mar. 2016.
10. J. Habibi, D. Midi, A. Mudgerikar, and E. Bertino, “Heimdall: Mitigating the internet of insecure things,” 2017.
11. P.-Y. Chen, S.-M. Cheng, and K.-C. Chen, “Optimal control of epidemic information dissemination over networks,” IEEE Tran. on Cybernetics, vol. 44, no. 12, pp. 2316–2328, Dec. 2014.
12. P. De, Y. Liu, and S. K. Das, “An epidemic theoretic framework for vulnerability analysis of broadcast protocols in wireless sensor networks,” IEEE Trans. Mobile Comput., vol. 8, no. 3, pp. 413–425, Mar. 2009.
13. S. Peng, S. Yu, and A. Yang, “Smartphone malware and its propagation modeling: A survey,” IEEE Commun. Surveys Tuts., vol. 16, no. 2, pp. 952–941, Apr. 2014.
14. S. Tanachaiwiwat and A. Helmy, “Encounter-based worms: analysis and defense,” Ad Hoc Netw., vol. 7, no. 7, pp. 1414–1430, Sept. 2009.
15. P. Wang, M. C. Gonzalez, C. A. Hidalgo, and A.-L. Barabasi, “Understanding the spreading patterns of mobile phone viruses,” Science, vol. 324, no. 5930, pp. 1071–1075, May 2009.
16. S.-M. Cheng, W. C. Ao, P.-Y. Chen, and K.-C. Chen, “On modeling malware propagation in generalized social networks,” IEEE Commun. Lett., vol. 15, no. 1, pp. 25–27, Jan. 2011.
17. V. L. Ulrike, “A tutorial on spectral clustering,” Statistics and computing, vol. 17, no. 4, pp. 395–416, Aug. 2007.
18. W. Dong, B. Lepri, and A. Pentland, “Modeling the co-evolution of behaviors and social relationships using mobile phone data,” in Proc. MUM 2011, Dec. 2011, pp. 134–143.
19. P.-Y. Chen, C.-C. Lin, S.-M. Cheng, H.-C. Hsiao, and C.-Y. Huang, “Decapitation via digital epidemics: A bio-inspired transmissive attack,” IEEE Commun. Mag., vol. 54, p. 75—81, June 2016.
電子全文 電子全文(網際網路公開日期:20270725)
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top