簡易檢索 / 詳目顯示

回結果列表
研究生: 林立偉
Li-Wei Lin
論文名稱: 植基於叢集架構混合式的無線感測網路群組金鑰管理之研究
A Cluster-based Hybrid Group Key Management Technique for Wireless Sensor Networks
指導教授: 邱舉明
Ge-Ming Chiu
口試委員: 項天瑞
Tien-Ruey, Hsiang
鄧惟中
Wei-Chung, Teng
黃仁俊
Ren-Junn Hwang
學位類別: 碩士
Master
系所名稱: 電資學院 - 資訊工程系
Department of Computer Science and Information Engineering
論文出版年: 2007
畢業學年度: 96
語文別: 英文
論文頁數: 44
中文關鍵詞: 網路安全無線感測網路群組金鑰管理
外文關鍵詞: security, wireless sensor network, group key management
相關次數: 點閱:211下載:1
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 近年來,無線感測網路的應用越來越廣泛,由於其資料是透過無線網路來傳送,加上其體積小、低成本、低耗電、容易佈建,使得它適用於過去無法利用人力達成的應用,由於感測網路是透過無線的方式來傳送的,其傳送環境的安全也就更加重要,其體積小的限制,造成感測節點有著電力容量小、計算能力弱以及記憶體空間少的限制,我們無法使用如非對稱式的密鑰管理機制,而以目前常見的金鑰管理機制,用途多為保護傳送的資料不被竊取或修改,這些對稱式的密鑰機制,在建立共同的私密金鑰之前,我們需要一個安全的機制來確保網路環境,保證感測節點彼此可以順利的交換資料。
    利用一個共同擁有的群組金鑰,來加密所有的網路訊息,保證除了擁有這把金鑰以外的感測節點,無法變更這個網路的結構,避免外來的攻擊者隨意散播惡意訊息,造成感測網路不正常或中斷,由於感測節點身處在容易被竊取的環境,我們假設如果有感測節點被竊取且竄改其功能,利用群組金鑰來破壞整個網路,我們必須建立一個快速且安全的更換群組金鑰的機制,防止破壞進一步的擴大。
    透過混合兩種不同的群組金鑰機制,一種為快速但有安全問題的EBS,一種是安全但不夠快速的LKH,利用階層式的方式將這兩套機制並將各自的特性發展出來,並保證,當系統發現有一個或多個不正常的感測節點出現時,我們能利用更換群組金鑰的動作使它們無法繼續使用且破壞感測網路。

    In recent years, the applications of wireless sensor networks increase extensive. It advances in miniaturization, low-power circuit design, simplify and reasonably efficient wireless communication equipment. The sensing information is transmitted through a wireless network. The reliable transmission depends on security environment. But the sensor nodes have the capacity of electricity, and the weak capacity of the memory less space constraints. We can’t use asymmetric key management mechanism which needs powerful computation ability. The purpose of recently key management mechanism is using to protect the information from stealing or modifying. We need a mechanism to ensure the security of network environments, sensing nodes that can smooth their exchange of information.
    Use of a group key to encrypt all network information before broadcast them will be a good idea. The sensor nodes which are not belong to this group can’t change the network topology. It as can avoid external attacker to broadcast malicious messages to interrupt network. We know the sensor nodes are deployed in the vulnerable environment. We have to renew the group key very quickly when our system has detect there are someone capture the group key to attack our network.
    We want to achieve this goal through mixing two different group key mechanisms. EBS is rapid but not secure enough and LKH doesn’t have the problem of EBS but it is slow. We establish a hierarchical structure to combine these two group key managements. When the system detects the abnormal sensor nodes, it can use rekey process to evict the abnormal sensor nodes fast and safety.

    Chapter 1 Introduction 1 1-1. Background 1 1-2. Goal 6 1-3. Organization 7 Chapter 2 Related Work 8 2-1. Exclusion Basis System (EBS) 9 2-2. SHELL 11 2-2.1. System’s Components and Capabilities 11 2-2.2. System Initialization and Operation 12 2-2.3. Attack/Failure Mitigation 14 2-2.4. Collusion Prevention 15 2-3. Logical Key Hierarchy (LKH) 19 2-4. One-Way Function Tree (OFT) 23 2-5. Remark 27 Chapter 3 A Hybrid System for Key Hierarchy 28 3-1. Problem definition 28 3-2. Basic Idea 29 3-3. Attack Model 29 3-4. System operation 29 3-4.1. Initialization 30 3-4.2. Network Operation 31 3-4.3. Node Addition 32 3-4.4. Attack/Failure Mitigation 32 3-5. Example 34 Chapter 4 Analysis and Comparison 39 4-1. Security Analysis 39 4-2. Comparison 40 4-3. Remark 41 Chapter 5 Conclusion and Future Directions 42 Reference 43

    [1] S. Rafaeli and D. Hutchison, “A Survey of Key Management for Secure Group Commu-nication,” ACM Computing Surveys, vol. 35, no. 3, pp. 309 - 329, September 2003.
    [2] Younis M, Ghumman K, Eltoweissy M. “Location-Aware combinatorial key manage-ment scheme for clustered sensor networks,” IEEE Trans. on Parallel and Distribution System, vol. 17, no. 8, pp. 865 - 882, 2006.
    [3] M. Eltoweissy, H. Heydari, L. Morales, and H. Sadborough, “Combinatorial Optimiza-tion of Group Key Management,” J. Network and Systems Management, vol. 12, no. 1, pp. 33-50, Mar. 2004.
    [4] Wallner D, Harder E, Agee R, “Key Management for Multicast: Issues and Architec-tures,” RFC 2627, 1999.
    [5] K. Wong, M. Gouda, and S. Lam, “Secure Group Communications Using Key Graphs,” IEEE/ACM Trans. Networking, vol. 8, no. 1, pp. 16-30, 2000.
    [6] Sherman AT, Mcgrew DA, “Key Establishment in Large Dynamic Groups Using One-Way Function Trees,” IEEE Trans. on Software Engineering, vol. 29, no. 6, pp. 444-458, 2003.
    [7] O. Younis and S. Fahmy, “HEED: A Hybrid, Energy-Efficient, Distributed Clustering Approach for Ad Hoc Sensor Networks,” IEEE Trans. Mobile Computing, vol. 3, no. 4, pp. 366-379, 2004.
    [8] A. Perrig, D. Song, and J. Tygar, “ELK, A New Protocol for Efficient Larg-Goup Key Distribution,” Proc. IEEE Symp. Security and Privacy, 2001.
    [9] A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J.D. Tygar, “SPINS: Security Protocols for Sensor Networks,” J. Wireless Networks, vol. 8, no. 5, pp. 5231-534, 2002.
    [10] C. Karlof and D. Wagner, “Secure Routing in Wirless Sensor Networks: Attacks and Countermeasures,” J. Ad-Hoc Networks, vol. 1, nos. 2-3, pp. 293-315, 2003.
    [11] S. Zhu, S. Setia, and S. Jajodia, “LEAP: Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks,” Proc. 10th ACM conf. Computer and Comm. Security (CCS ’03), 2003.
    [12] S. Yi and R. Kravets, “MOCA: Mobile Certificate Authority for Wireless Ad Hoc Net-works,” Proc. Second Ann. PKI Research Workshop (PKI ’03), 2003.
    [13] S. T. Redwine, Jr., “A Logic for the Exclusion Basis System”, Proc. 37th Annual Hawaii International Conf. on System Sciences, 2004
    [14] A. M. Hegland, E. Winjum, S. F. Mjolsnes, C. Rong, O. Kure and P. Spiloling, “A Sur-vey of Key Management in Ad Hoc Networks”, IEEE Communications Surveys & Tu-torials, 3rd Quarter 2006.
    [15] M. Moharrum, M. Eltoweissy and R. Mukkamala, “Dynamic Combinatorial Key Man-agement Scheme for Sensor Networks”, Wireless Communications and Mobile Compu-ting, vol. 6, pp. 1017-1035, 2006.

    QR CODE