研究生: |
王凱弘 Kai-Hong Wang |
---|---|
論文名稱: |
無線感測網路上對於資料聚集之攻擊孤立機制 Attack Isolation for Data Aggregation in Wireless Sensor Networks |
指導教授: |
金台齡
Tai-Lin Chin |
口試委員: |
鄧惟中
Wei-Chung Teng 陳永昇 Yong-Sheng Chen |
學位類別: |
碩士 Master |
系所名稱: |
電資學院 - 資訊工程系 Department of Computer Science and Information Engineering |
論文出版年: | 2009 |
畢業學年度: | 97 |
語文別: | 中文 |
論文頁數: | 52 |
中文關鍵詞: | 無線感測網路 、資料聚集 |
外文關鍵詞: | wireless sensor networks, data aggregation |
相關次數: | 點閱:280 下載:3 |
分享至: |
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
在本篇論文中,我們主要探討在無線感測網路中資料聚集(Data Aggregation)的安全性機制。無線感測網路(Wireless Sensor Networks)通常應用於環境監控、交通監視和軍事環境的偵測等方面,此網路通常是由許多有限電力的感測節點所組成的,所以,各感測節點在做資料收集時,必須有效地節省電量消耗。雖然,結合資料聚集能力於感測網路中能減少資料傳輸量,並有效降低感測節點的電量消秏,但若沒有安全性機制的保護,收集到的資料很容易被他人篡改,例如:網路中有一個被敵人入侵的節點注入錯誤資料到一個封包內,導致最後做出不正確的判斷。
現今有許多文獻提出了許多關於無線感測網路中資料聚集的安全性機制,但這些安全性機制都不能把網路中的被敵人入侵的節點找出來,僅僅只是把有被注入錯誤資料的封包挑出來,並將它丟棄;然而,被敵人入侵的節點仍然存在於網路中,在每次收集資料的過程中,都要消耗不必要的資源,去過濾相同的被敵人入侵的節點所產生的錯誤資料封包。
所以,我們提出了Attack Isolation for Data Aggregation(AIDA)機制。AIDA 可以找出網路中被敵人入侵的節點,並且孤立它,這使得我們的網路不需要耗費多餘的電力去過濾已孤立的被敵人入侵節點所產生的錯誤資料封包。在我們的實驗過程中,也驗證了網路中的節點遭受到敵人入侵時,AIDA能提高網路中有效節點的個數(effective nodes),以及有較高的事件偵測機率(detection probability)。
Data aggregation has been exploited to resolve the problem of communication overhead and reduce power consumption during data collection in a wireless sensor network. In general, the sensed information from a number of sensors is compressed into one aggregation capsule in order to transfer a broader view of the sensors to the base station without significant power consumption. False aggregation values injected by compromised nodes can change the broader view from those sensors and cause enormous bias in the final decision of the sensor network at one stroke. Therefore, security problem has turned into an even more important issue in a sensor network with data aggregation than in a network without data aggregation. This thesis addresses the security issue for data aggregation in wireless sensor networks.
Most of recent studies in the literature for secure data aggregation have focused on filtering out the possibly false aggregates which is suspiciously injected by compromised nodes. However, since most sensor networks carry out sensing tasks periodically, the sensor networks have to filter out the suspicious aggregates all the time. The constant filtering operations are not necessary if the compromised nodes have been determined.
In this thesis, an Attack Isolation for Data Aggregation (AIDA) scheme is developed to determine the suspicious compromised nodes and isolate them from the operations of data aggregation. Once a compromised node is determined, the data generated by the compromised node will not be allowed to participate in the aggregation. Simulations show that AIDA will keep more effective normal nodes participating in data collection and result in better detection performance in surveillance applications.
[1] I. F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, “Wireless sensor networks: a survey,” Computer Networks, vol. 38, no. 4, pp. 393–422, 2002.
[2] F. Ye, H. Luo, S. Lu, and L. Zhang, “Statistical en-route filtering of injected false data in sensor networks,” In IEEE INFOCOM 2004, 2004.
[3] S. Zhu, S. Setia, S. Jajodia, and P. Ning, “An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks,” In IEEE Symposium on Security and Privacy, pp. 259–271, May 2004.
[4] C. Intanagonwiwat, R. Govindan, and D. Estrin, “Directed diffusion: a scalable and robust communication paradigm for sensor networks,” In Proceedings of the 6th Annual ACM/IEEE International Conference on Mobile Computing and Networking, pp. 56-67, 2000.
[5] C. Castelluccia, E. Mykletun, and G. Tsudik, “Efficient aggregation of encrypted data in wireless sensor networks,” In MobiQuitous, pp. 109–117, July 2005.
[6] L. Hu and D. Evans, “Secure aggregation for wireless networks,” In SAINT Workshops, pp. 384–394, 2003.
[7] L. Krishnamachari, D. Estrin, and S. Wicker, “The impact of data aggregation in wireless sensor networks,” In Proceedings of the 22nd International Conference on Distributed Computing Systems, pp. 575-578, 2002.
[8] T. Feng, C. Wang, W. Zhang, and L. Ruan, “Confidentiality protection for distributed sensor data aggregation,” In INFOCOM 2008, 2008.
[9] Y. Yang, X. Wang, S. Zhu, and G. Cao, “SDAP: A secure hop-by-hop data aggregation protocol for sensor networks,” In Proceedings of ACM International Symposium on Mobile Ad Hoc Networking and Computing, pp. 356-369, May 2006.
[10] S. Madden, M. J. Franklin, J. M. Hellerstein, and W. Hong, “Tag: a tiny aggregation service for ad-hoc sensor networks,” ACM Transactions on Sensor Networks, vol. 36, pp. 131–146, 2002.
[11] T. Clouqueur, V. Phipatanasuphorn, P. Ramanathan, and K. K. Saluja, “Sensor deployment strategy for detection of targets traversing a region,” Mobile Networks and Applications, vol. 8, pp. 453–461, 2003.
[12] H. Luo, J. Luo, and Y. Liu, “Energy efficient routing with adaptive data fusion in sensor networks,” In Proceedings of the 2005 joint workshop on Foundations of mobile computing , DIALM-POMC '05, pp. 80-88, Sep. 2005.
[13] W. Heinzelman, A. Chandrakasan, and H. Balakrishnan, “Energy-efficient communication protocol for wireless microsensor networks,” In Proceedings of IEEE 33rd Annual Hawaii International Conference on System Sciences, pp. 1-10, Jan. 2000.
[14] C. Intanagonwiwat, R. Govindan, D. Estrin, J. Heidemann, and F. Silva, “Directed diffusion for wireless sensor networking,” IEEE/ACM Transactions on Networking, vol. 11, pp. 2-16, Feb. 2003.