Basic Search / Detailed Display

Author: 黃鼎傑
Ding-Jie Huang
Thesis Title: 基於時鐘偏斜的裝置識別技術及其應用
Clock Skew Based Device Identification and its Applications
Advisor: 鄧惟中
Wei-Chung Teng
Committee: 林宗男
Tsungnan Lin
黃仁俊
Ren-Junn Hwang
項天瑞
Tien-Ruey Hsiang
金台齡
Tai-Lin Chin
Degree: 博士
Doctor
Department: 電資學院 - 資訊工程系
Department of Computer Science and Information Engineering
Thesis Publication Year: 2013
Graduation Academic Year: 101
Language: 英文
Pages: 152
Keywords (in Chinese): 複製攻擊時間同步時鐘偏斜無線感測網路氾濫式時間同步協定雲端運算
Keywords (in other languages): Replication Attack, Time Synchronization, Clock Skew, WSNs, FTSP, Cloud Computing
Reference times: Clicks: 1599Downloads: 4
Share:
School Collection Retrieve National Library Collection Retrieve Error Report
  • 隨著科技的發展和無線技術的應用,人與人之間的距離變得越來越近。但是,科技的進步也帶來了無可避免的資訊安全問題,例如,惡意的使用者可以藉由盜取受害者的帳號密碼並且取得受害者的權限,進而破壞整個系統或是藉此取得他人的資源。有鑑於此,本研究旨在利用時鐘偏斜 (clock skew) 的硬體特性,在不同的網路環境中,建立裝置識別系統 (device identification system),以確認在通訊的過程中,各裝置身分的正確性,更進一步保障系統的安全性。
    本論文分為兩個部份深入探討如何運用時鐘偏斜設計裝置識別系統 (device identification system),並且提出可能的相關應用。第一部份專注在解決無線感測網路環境中,各感測節點的身分問題。無線感測網路因為其硬體上之限制,早期設計的協定都沒有考量到安全上的議題,導致惡意的感測節點可以輕易地變更自己的身分,並且對整個系統發起女巫攻擊 (Sybil attack)、複製攻擊 (replication attack) 等與身分相關的攻擊。本論文首先提出一個以時鐘偏斜為基礎的感測節點身分識別機制,並成功地偵測出女巫攻擊。其次,我們利用這個識別機制實作了一個時鐘偏斜過濾器 (skew filter),以濾掉惡意節點所發起的身分攻擊,並利用此技術來確保泛濫式時間同步協定 (Flooding Time Synchronization Protocol) 的安全性。最後,我們更深入研究如何防範惡意節點複製時鐘偏斜 (clock skew replication attack)。在這個研究中,我們實作了攻擊,也提出了一個可靠的演算法,成功地防禦了時鐘偏斜複製攻擊。
    論文的第二個部份將時鐘偏斜裝置識別 (clock skew based device identification) 機制運用在雲端環境。我們利用 AJAX 技術,收集使用者的客戶端裝置 (client device) 上的時戳,並且計算該裝置和時戳採集伺服器之間的時鐘偏斜,用以識別裝置的身分。根據實驗的結果,我們開發的時鐘偏斜裝置識別系統,可以成功地識別使用者所使用裝置,而且偽陰性 (false negative) 的機率僅有 8%。此外,為了因應雲端運算所需的擴充性,我們設計了一個更具彈性的系統構架,可以確保時鐘偏斜裝置識別機制能在雲端的環境中,應付大量使用者的需求。


    With the rapid growth of the technology, people nowadays can easily communicate with each other through wireless devices. However, new technology is also accompanied with new security issues. For instance, any malicious user may misuse these devices and launch serious attack to make illegal profit, such as identity stealing or password cracking on a bank account. To this end, we propose to build device identification system to ensure the security of communication procedure by utilizing clock skew.
    We will address how to design clock skew device identification system (CSDI) in different networks, such as wireless sensor networks and cloud environments, and divide this dissertation into two parts. In the first part, as the node identification is one of the most important issues to wireless sensor network security, we develop a clock skew based node identification scheme in wireless sensor networks. The experiment results show that the proposed mechanism can successfully defend against Sybil attack. Besides, we also provide an application that can secure the flooding time synchronization protocol by implementing a clock skew filter. This skew filter can filter out the packets from the malicious nodes by using clock skew device identification mechanism. After discussing the basic concept of CSDI in wireless sensor networks, we further study on the issue that a malicious node attempts to generate fake clock skew by altering the timestamp in the sending packets, which is named clock skew replication attack. To resolve this issue, we propose an algorithm to significantly reduce the effect of the attack.
    In the second part, we provide a lightweight yet reliable method for device identification, an application layer approach based on clock skew fingerprint. The developed experimental platform adopts AJAX technology to collect the timestamps of client devices in the cloud server during connection time, and then calculates the clock skews of client devices. The experiment results illustrate that the false positive rate and the false negative rate, in the worst case, are both no more than 8% when the tolerance threshold is set appropriately. To expand the device identification in the cloud environments, we provide a design of scalable system architecture. The results show that clock skew is a promising client device fingerprinting technique over cloud environments.

    Recommendation Letter............... ................. i Approval Letter ................... ................. ii Abstract in Chinese .................................. iii Abstract in English .................................. iv Acknowledgements.................................. v Contents........................................ vi List of Figures..................................... x List of Tables ..................................... xiii List of Algorithms................................... xiv 1 Introduction.................................… 1 1.1 Introduction to Clock Skew......................... 1 1.2 Motivations and Research Goals ...................... 5 1.3 Thesis Contributions ............................ 5 2 Related Work ................................... 8 2.1 Clock Skew Based Device Identification (CSDI) in WSNs........ 8 2.2 Flooding Time Synchronization Protocol (FTSP) . . . . . . . . . . . . . 9 2.2.1 Relative Clock Skews of Sensor Nodes by FTSP . . . . . . . . . 10 2.2.2 Syncing Process of FTSP...................... 11 2.2.3 Vulnerability of FTSP and Existing Defenses . . . . . . . . . . . 14 2.3 Secure Synchronization Protocol in WSNs. . . . . . . . . . . . . . . . . 18 2.4 Device Identification in Cloud Computing . . . . . . . . . . . . . . . . . 19 2.4.1 Device Identification Issues .................... 19 2.4.2 Device Identification Techniques ................. 20 2.4.3 Clock Skew based Attack and Defense Schemes . . . . . . . . . 20 3 Clock Skew Based Node Identification in Wireless Sensor Networks . . . . . . 22 3.1 Analysis to Empirical Data......................... 23 3.1.1 Exploring the Flooding Time Synchronization Protocol . . . . . . 23 3.1.2 Experimental Platform ....................... 23 3.1.3 Two Time Synchronization Scenarios . . . . . . . . . . . . . . . 24 3.1.4 ID Classification .......................... 28 3.2 Applications................................. 30 3.2.1 Sybil Attack Detection....................... 30 3.2.2 Replication Attack Detection.................... 32 3.2.3 Other Possible Attacks and Countermeasure . . . . . . . . . . . . 32 3.3 Summary .................................. 34 4 Secured Flooding Time Synchronization Protocol with Moderator . . . . . . . . 35 4.1 Security Enhancement for FTSP ...................... 36 4.1.1 Reference Node Selection Mechanism . . . . . . . . . . . . . . . 36 4.1.2 Synchronization Message Filters.................. 38 4.1.3 Root Selection Mechanism with Moderator . . . . . . . . . . . . 46 4.1.4 Discussion of Secured FTSP with Moderator . . . . . . . . . . . 51 4.2 Experimental Results ............................ 54 4.2.1 Experiment Scenario........................ 56 4.2.2 Experiment 1: Effect of Multiple Reference Nodes . . . . . . . . 56 4.2.3 Experiment 2: Incorrect Global Time Sent from a Malicious Node 57 4.2.4 Experiment 3: Fake seqNum Sent from a Malicious Node . . . . 58 4.2.5 Experiment 4: Node ID Replication Attack from a Malicious Node 59 4.2.6 Experiment 5: Defense against the Traitor Attack . . . . . . . . . 60 4.3 Summary .................................. 61 5 Defense Against Replication Attack via Clock Skew Device Identification . . . 63 5.1 Replication Attack with Duplicate of Clock Skew . . . . . . . . . . . . . 64 5.1.1 Replication Attack ......................... 64 5.1.2 Imitating the Clock Skews of Neighbor Nodes . . . . . . . . . . 67 5.1.3 Countermeasure Against Clock Skew Replication Attack . . . . . 74 5.2 Experiments and Performance Evaluation ................. 78 5.2.1 Preliminary Experiments...................... 79 5.2.2 Clock Skew Replication Attack Experiments . . . . . . . . . . . 81 5.2.3 Defense Against Replication Attack Experiments . . . . . . . . . 86 5.3 Summary .................................. 89 6 Clock Skew Based Client Device Identification in Cloud Environments . . ... 91 6.1 Clock Skew Based Host Identification: Scenario and Preliminaries . ... 92 6.1.1 Scenario of Clock Skew Based Client Device Identification ... 92 6.1.2 Usage of Timestamps........................ 95 6.2 Clock Skew Estimation........................... 97 6.2.1 Linear Regression Algorithm.................... 97 6.2.2 Quick Piecewise Minimum Algorithm . . . . . . . . . . . . . . . 99 6.2.3 Jump Point Detection and Elimination . . . . . . . . . . . . . . . 102 6.3 Experiments and Evaluation ........................106 6.3.1 Same Device under Different Networks . . . . . . . . . . . . . . 106 6.3.2 Skew Distribution of Different Devices . . . . . . . . . . . . . . 108 6.4 Summary ..................................109 7 Scalable Clock Skew Based Client Device Identification in Cloud Environments 111 7.1 Clock Skew Estimation........................…112 7.1.1 Skew Estimation Methods ..................... 112 7.1.2 Comparison of These Three Methods . . . . . . . . . . . . . . . 115 7.1.3 Characteristics of Clock Skews .................. 116 7.2 Design of Client Device Identification...................121 7.2.1 Scalable System Architecture ...................121 7.2.2 Authentication as a Service(AaaS) ................122 7.2.3 Evaluation of Multiple Clock Skew Measuring System . . . . . . 124 7.3 Summary ..................................127 8 Summary and Conclusion.............................128 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129 Letter of Authority ..................................137

    [1] T. Kohno, A. Broido, and K. Claffy, ``Remote physical device fingerprinting,'' in IEEE Transactions on Dependable and Secure Computing, vol. 2, pp. 93--108, April-June 2005.
    [2] S. Ganeriwal, S. Capkun, S. Han, and M. B. Srivastava, ``Secure time synchronization service for sensor networks,'' in the ACM Workshop on Wireless Security (WiSe), October 2005.
    [3] V. Paxson, ``On calibrating measurements of packet transit times,'' in Proceedings of the 1998 ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems, pp. 11--21, 1998.
    [4] S. Moon, P. Skelly, and D. Towsley, ``Estimation and removal of clock skew from network delay measurements,'' in Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings., vol. 1, pp. 227--234 vol.1, March 1999.
    [5] M. Uddin and C. Castelluccia, ``Toward clock skew based wireless sensor node services,'' pp. 1--9, March 2010.
    [6] S. Jana and S. K. Kasera, ``On fast and accurate detection of unauthorized wireless access points using clock skews,'' in MobiCom '08: Proceedings of the 14th ACM international conference on Mobile computing and networking, pp. 104--115, 2008.
    [7] S. J. Murdoch, ``Hot or not: revealing hidden services by their clock skew,'' in CCS '06: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 27--36, 2006.
    [8] R. Fink, ``A statistical approach to remote physical device fingerprinting,'' in IEEE Military Communications Conference, pp. 1--7, October 2007.
    [9] D.-J. Huang, W.-C. Teng, C.-Y. Wang, H.-Y. Huang, and J. M. Hellerstein, ``Clock skew based node identification in wireless sensor networks,'' in IEEE Global Communications Conference, pp. 1877--1881, 2008.
    [10] S. Zander and S. J. Murdoch, ``An improved clock-skew measurement technique for revealing hidden services,'' in Proceedings of the 17th conference on Security symposium, pp. 211--225, 2008.
    [11] C. Arackaparambil, S. Bratus, A. Shubina, and D. Kotz, ``On the reliability of wireless fingerprinting using clock skews,'' in Proceedings of the third ACM conference on Wireless network security, WiSec '10, 2010.
    [12] S. Sharma, H. Saran, and S. Bansal, ``An empirical study of clock skew behavior in modern mobile and hand-held devices,'' in 2011 Third International Conference on Communication Systems and Networks (COMSNETS), pp. 1--4, January 2011.
    [13] D.-J. Huang, K.-T. Yang, C.-C. Ni, W.-C. Teng, T.-R. Hsiang, and Y.-J. Lee, ``Clock skew based client device identification in cloud environments,'' in Proc. The 26th IEEE International Conference on Advanced Information Networking and Applications, March 2012.
    [14] D.-J. Huang, K.-J. You, and W.-C. Teng, ``Secured flooding time synchronization protocol,'' in 2011 IEEE 8th International Conference on Mobile Adhoc and Sensor Systems (MASS), pp. 620--625, October 2011.
    [15] M. Maroti, B. Kusy, G. Simon, and Akos Ledeczi, ``The flooding time synchronization protocol,'' in SenSys '04: Proceedings of the Second International Conference on Embedded Networked Sensor Systems, pp. 39--49, 2004.
    [16] T. Roosta and S. Sastry, ``Securing flooding time synchronization protocol in sensor networks,'' 2006.
    [17] B. Kusy and S. Abdelwahed, ``FTSP protocol verification using SPIN,'' tech. rep., Institute for Software Integrated Systems, ISIS technical report ISIS- 06-704, May 2006.
    [18] T. Roosta, W.-C. Liao, W.-C. Teng, and S. Sastry, ``Testbed implementation of a secure flooding time synchronization protocol,'' in Wireless Communications and Networking Conference, pp. 3157--3162, March 2008.
    [19] A. McInnes, ``Model-checking the flooding time synchronization protocol,'' in IEEE International Conference on Control and Automation, pp. 422--429, 9-11 2009.
    [20] L. Gheorghe, R. Rughinis, and N. Tapus, ``Fault-tolerant flooding time synchronization protocol for wireless sensor networks,'' in 2010 Sixth International Conference on Networking and Services (ICNS), pp. 143--149, March 2010.
    [21] K.-J. You, ``A Secured Time Synchronization Protocol for Wireless Sensor Network,'' Master's thesis, National Taiwan University of Science and Technology, Taiwan, 2010.
    [22] M. Manzo, T. Roosta, and S. Sastry, ``Time synchronization attacks in sensor networks,'' in Proceedings of the 3rd ACM workshop on Security of ad hoc and sensor networks, pp. 107--116, 2005.
    [23] J. R. Douceur, ``The sybil attack,'' in IPTPS '01: Revised Papers from the First International Workshop on Peer-to-Peer Systems, pp. 251--260, 2002.
    [24] S. Marti and H. Garcia-Molina, ``Taxonomy of trust: categorizing p2p reputation systems,'' Computer Networks, vol. 50, pp. 472--484, March 2006.
    [25] S. Chen, Y. Zhang, P. Liu, and J. Feng, ``Coping with traitor attacks in reputation models for wireless sensor networks,'' in IEEE Global Telecommunications Conference, pp. 1 --6, December 2010.
    [26] J. Elson, L. Girod, and D. Estrin, ``Fine-grained network time synchronization using reference broadcasts,'' in OSDI '02: Proceedings of the Fifth Symposium on Operating Systems Design and Implementation, vol. 36, pp. 147--163, 2002.
    [27] S. Ganeriwal, R. Kumar, and M. B. Srivastava, ``Timing-sync protocol for sensor networks,'' in SenSys '03: Proceedings of the First International Conference on Embedded Networked Sensor Systems, pp. 138--149, September 2003.
    [28] J. van Greunen and J. Rabaey, ``Lightweight time synchronization for sensor networks,'' in Proceedings of the 2nd ACM international conference on Wireless sensor networks and applications, pp. 11--19, 2003.
    [29] W. Su and I. F. Akyildiz, ``Time-diffusion synchronization protocol for wireless sensor networks,'' IEEE/ACM Transactions on Networking, vol. 13, pp. 384--397, April 2005.
    [30] P. Sommer and R. Wattenhofer, ``Gradient clock synchronization in wireless sensor networks,'' in Proceedings of the 2009 International Conference on Information Processing in Sensor Networks, pp. 37--48, 2009.
    [31] K.-l. Noh, E. Serpedin, and K. Qaraqe, ``A new approach for time synchronization in wireless sensor networks: Pairwise broadcast synchronization,'' IEEE Transactions on Wireless Communications, vol. 7, pp. 3318--3322, September 2008.
    [32] K. Sun, P. Ning, and C. Wang, ``TinySeRSync: secure and resilient time synchronization in wireless sensor networks,'' in Proceedings of the 13th ACM conference on Computer and communications security, pp. 264--277, 2006.
    [33] H. Song, S. Zhu, and G. Cao, ``Attack-resilient time synchronization for wireless sensor networks,'' Ad Hoc Networks (Elsevier), vol. 5, no. 1, pp. 112--125, 2007.
    [34] X. Hu, T. Park, and K. Shin, ``Attack-tolerant time-synchronization in wireless sensor networks,'' in The 27th IEEE International Conference on Computer Communications., pp. 41--45, April 2008.
    [35] S. M. M. Rahman and K. El-Khatib, ``Secure time synchronization for wireless sensor networks based on bilinear pairing functions,'' IEEE Transactions on Parallel and Distributed Systems, vol. PP, no. 99, 2010.
    [36] C. Benzaid, A. Saiah, and N. Badache, ``Secure pairwise broadcast time synchronization in wireless sensor networks,'' in 2011 International Conference on Distributed Computing in Sensor Systems and Workshops (DCOSS), pp. 1--6, June 2011.
    [37] M. A. Vouk, ``Cloud computing: Issues, research and implementations,'' in 30th International Conference on Information Technology Interfaces, 2008. ITI 2008., pp. 31--40, Jun 2008.
    [38] M. Jensen, J. Schwenk, N. Gruschka, and L. Iacono, ``On technical security issues in cloud computing,'' in IEEE International Conference on Cloud Computing, 2009. CLOUD '09., pp. 109--116, September 2009.
    [39] L. Kaufman, ``Data security in the world of cloud computing,'' IEEE Security Privacy, vol. 7, pp. 61--64, July-Augest 2009.
    [40] H. Li, Y. Dai, L. Tian, and H. Yang, ``Identity-based authentication for cloud computing,'' in Cloud Computing, vol. 5931, pp. 157--166, Springer Berlin / Heidelberg, 2009.
    [41] C. Schridde, T. Dornemann, E. Juhnke, B. Freisleben, and M. Smith, ``An identity-based security infrastructure for cloud environments,'' in 2010 IEEE International Conference on Wireless Communications, Networking and Information Security (WCNIS), pp. 644 --649, June 2010.
    [42] S. Subashini and V. Kavitha, ``A survey on security issues in service delivery models of cloud computing,'' Journal of Network and Computer Applications, vol. 34, no. 1, pp. 1--11, 2011.
    [43] ``Top threats to cloud computing v1.0,'' 2012. https://cloudsecurityalliance.org/
    topthreats/csathreats.v1.0.pdf.
    [44] J. Hall, M. Barbeau, and E. Kranakis, ``Detection of transient in radio frequency fingerprinting using signal phase,'' in Proceedings of IASTED International Conference on Wireless and Optical Communications (WOC '03), 2003.
    [45] R. M. Gerdes, T. E. Daniels, M. Mina, and S. F. Russell, ``Device identification via analog signal fingerprinting: A matched filter approach,'' in Proceedings of the 2006 Network and Distributed System Security Symposium (NDSS '06), February 2006.
    [46] K. Bonne Rasmussen and S. Capkun, ``Implications of radio fingerprinting on the security of sensor networks,'' pp. 331--340, September 2007.
    [47] P. Eckersley, ``How unique is your web browser?,'' in Privacy Enhancing Technologies, vol. 6205, pp. 1--18, Springer Berlin / Heidelberg, 2010.
    [48] T. Roosta, S. P. Shieh, and S. Sastry, ``Taxonomy of security attacks in sensor networks and countermeasures,'' in The First IEEE International Conference on System Integration and Reliability Improvements, (Hanoi, Vietnam), December 2006.
    [49] H. Fu, K. Satoshi, M. Zhang, and L. Zhang, ``Replication attack on random key pre-distribution schemes for wireless sensor networks,'' in Information Assurance Workshop, 2005. IAW '05. Proceedings from the Sixth Annual IEEE SMC, pp. 134--141, June 2005.
    [50] W. Du, J. Deng, Y. S. Han, P. K. Varshney, J. Katz, and A. Khalili, ``A pairwise key predistribution scheme for wireless sensor networks,'' in ACM Transactions on Information and System Security, vol. 8, (New York, NY, USA), pp. 228--258, 2005.
    [51] A. Perrig, R. Szewczyk, V. Wen, D. E. Culler, and J. D. Tygar, ``Spins: security protocols for sensor netowrks,'' in Mobile Computing and Networking, (Rome, Italy), pp. 189--199, 2001.
    [52] R. Watro, D. Kong, S. fen Cuti, C. Gardiner, C. Lynn, and P. Kruus, ``Tinypk: securing sensor
    networks with public key technology,'' in SASN '04: Proceedings of the Second ACM Workshop on
    Security of Ad hoc and Sensor Networks, pp. 59--64, 2004.
    [53] ``Tinyos,'' 2012. http://www.tinyos.net/.
    [54] C. Karlof and D. Wagner, ``Secure routing in wireless sensor networks: attacks and countermeasures,'' in First IEEE International Workshop on Sensor Network Protocols and Applications, pp. 113--127, May 2003.
    [55] J. Newsome, E. Shi, D. Song, and A. Perrig, ``The sybil attack in sensor networks: analysis & defenses,'' in IPSN'04: Proceedings of the Third International Symposium on Information Processing in Sensor Networks, pp. 259--268, 2004.
    [56] B. N. Levine, C. Shields, and N. B. Margolin, ``A survey of solutions to the sybil attack,'' Tech report 2006-052, University of Massachusetts Amherst, October 2006.
    [57] A. Gehani and S. Chandra, ``Past: probabilistic authentication of sensor timestamps,'' in Computer Security Applications Conference, 2006. ACSAC '06. 22nd Annual, (Miami Beach, Florida, USA), pp. 439--448, December 2006.
    [58] M. Hamdi, N. Boudriga, and M. S. Obaidat, ``Whomoves: An optimized broadband sensor network for military vehicle tracking,'' International Journal of Communication Systems, vol. 21, no. 3, pp. 277--300, 2008.
    [59] N. Xiong, M. Cao, A. V. Vasilakos, L. T. Yang, and F. Yang, ``An energy-efficient scheme in nextgeneration sensor networks,'' International Journal of Communication Systems, vol. 23, no. 9-10, pp. 1189--1200, 2010.
    [60] N. D. Pham, T. D. Le, K. Park, and H. Choo, ``Sccs: Spatiotemporal clustering and compressing schemes for efficient data collection applications in wsns,'' International Journal of Communication Systems, vol. 23, no. 11, pp. 1311--1333, 2010.
    [61] X. Xu, J. Wan, W. Zhang, C. Tong, and C. Wu, ``Pmsw: a passive monitoring system in wireless sensor networks,'' International Journal of Network Management, vol. 21, no. 4, pp. 300--325, 2011.
    [62] R. Jurdak, A. G. Ruzzelli, A. Barbirato, and S. Boivineau, ``Octopus: monitoring, visualization, and control of sensor networks,'' Wireless Communications and Mobile Computing, vol. 11, no. 8, pp. 1073--1091, 2011.
    [63] L. Xue, X. Guan, Z. Liu, and B. Yang, ``Tree: Routing strategy with guarantee of qos for industrial wireless sensor networks,'' International Journal of Communication Systems, 2012.
    [64] B. Hohlt, L. Doherty, and E. Brewer, ``Flexible power scheduling for sensor networks,'' in Proceedings of the 3rd international symposium on Information processing in sensor networks, IPSN '04, pp. 205--214, 2004.
    [65] S. Oh, S. Russell, and S. Sastry, ``Markov chain monte carlo data association for general multipletarget tracking problems,'' in IEEE Conference on Decision and Control, vol. 1, pp. 735 --742 Vol.1, December 2004.
    [66] B. Sundararaman, U. Buy, and A. D. Kshemkalyani, ``Clock synchronization for wireless sensor networks: a survey,'' Ad Hoc Networks (Elsevier), vol. 3, no. 3, pp. 281--323, 2005.
    [67] A. Boukerche and D. Turgut, ``Secure time synchronization protocols for wireless sensor networks,'' Special Issue of IEEE Wireless Communications Magazine on Security in Wireless Mobile Ad Hoc and Sensor Networks, vol. 14, pp. 64--69, October 2007.
    [68] K. Sun, P. Ning, and C. Wang, ``Secure and resilient clock synchronization in wireless sensor networks,'' IEEE Journal on Selected Areas in Communications, vol. 24, pp. 395--408, February 2006.
    [69] Y. Xianglan, Q. Wangdong, and F. Fei, ``ASTS: An agile secure time synchronization protocol for wireless sensor networks,'' in International Conference on Wireless Communications, Networking and Mobile Computing, pp. 2808--2811, September 2007.
    [70] K. B. Rasmussen, S. Capkun, and M. Cagalj, ``SecNav: secure broadcast localization and time synchronization in wireless networks,'' in Proceedings of the 13th annual ACM international conference on Mobile computing and networking, pp. 310--313, 2007.
    [71] X. Du, M. Guizani, Y. Xiao, and H.-H. Chen, ``Secure and efficient time synchronization in heterogeneous sensor networks,'' IEEE Transactions on Vehicular Technology, vol. 57, pp. 2387--2394, July 2008.
    [72] S. Ganeriwal, C. Popper, S. Čapkun, and M. B. Srivastava, ``Secure time synchronization in sensor networks,'' ACM Trans. Inf. Syst. Secur., vol. 11, pp. 23:1--23:35, July 2008.
    [73] V. C. Giruka, M. Singhal, J. Royalty, and S. Varanasi, ``Security in wireless sensor networks,'' Wireless Communications and Mobile Computing, vol. 8, no. 1, pp. 1--24, 2008.
    [74] C. Karlof, N. Sastry, and D. Wagner, ``TinySec: a link layer security architecture for wireless sensor networks,'' in SenSys '04: Proceedings of the 2nd international conference on Embedded networked sensor systems, pp. 162--175, 2004.
    [75] A. Liu and P. Ning, ``TinyECC: A configurable library for elliptic curve cryptography in wireless sensor networks,'' in Information Processing in Sensor Networks, 2008. IPSN '08. International Conference on, pp. 245--256, April 2008.
    [76] W. Du, J. Deng, Y. Han, S. Chen, and P. K. Varshney, ``A key management scheme for wireless sensor networks using deployment knowledge,'' pp. 586--597, 2004.
    [77] O. Gnawali, R. Fonseca, K. Jamieson, D. Moss, and P. Levis, ``Collection tree protocol,'' in SenSys '09: Proceedings of the 7th ACM Conference on Embedded Networked Sensor Systems, pp. 1--14, 2009.
    [78] D. Gay, P. Levis, R. von Behren, M. Welsh, E. Brewer, and D. Culler, ``The nesc language: A holistic approach to networked embedded systems,'' in PLDI '03: Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation, (New York, NY, USA), pp. 1--11, ACM Press, 2003.
    [79] M. Y. S. Demirbas, ``An RSSI-based scheme for sybil attack detection in wireless sensor networks,'' June 2006.
    [80] J. Wang, G. Yang, Y. Sun, and S. Chen, ``Sybil attack detection based on RSSI for wireless sensor network,'' in In International Conference on Wireless Communications, Networking and Mobile Computing, pp. 2684--2687, September 2007.
    [81] K.-F. Ssu, W.-T. Wang, and W.-C. Chang, ``Detecting sybil attacks in wireless sensor networks using neighboring information,'' Computer Networks, vol. 53, no. 18, pp. 3042--3056, 2009.
    [82] B. Ransford and E. Rosensweig, ``Skewmask: Frustrating clock skew fingerprinting attempts,'' 2007.
    [83] B. Parno, A. Perrig, and V. Gligor, ``Distributed detection of node replication attacks in sensor networks,'' in Proceedings of the 2005 IEEE Symposium on Security and Privacy, pp. 49--63, 2005.
    [84] C.-H. Yeh, ``An Approach of Imitating the Clock Skew of Sensor Nodes Based on Flooding Time Synchronization Protocol,'' Master's thesis, National Taiwan University of Science and Technology, Taiwan, 2009.
    [85] B. Zhu, S. Setia, S. Jajodia, S. Roy, and L. Wang, ``Localized multicast: Efficient and distributed replica detection in large-scale sensor networks,'' IEEE Transactions on Mobile Computing, vol. 9, pp. 913--926, July 2010.
    [86] X. Deng, Y. Xiong, and D. Chen, ``Mobility-assisted detection of the replication attacks in mobile wireless sensor networks,'' in IEEE 6th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), pp. 225--232, October 2010.
    [87] T. Tran and J. Agbinya, ``Early and lightweight distributed detection of node replication attack in sensor networks,'' in IEEE Wireless Communications and Networking Conference (WCNC), pp. 1--6, April 2010.
    [88] Y. Zeng, J. Cao, S. Zhang, S. Guo, and L. Xie, ``Random-walk based approach to detect clone attacks in wireless sensor networks,'' IEEE Journal on Selected Areas in Communications, vol. 28, pp. 677--691, June 2010.
    [89] M. Conti, R. Di Pietro, L. Mancini, and A. Mei, ``Distributed detection of clone attacks in wireless sensor networks,'' IEEE Transactions on Dependable and Secure Computing, vol. 8, pp. 685--698, September-October 2011.
    [90] D. Sheela, Priyadarshini, and G. Mahadevan, ``Efficient approach to detect clone attacks in wireless sensor etworks,'' in 3rd International Conference on Electronics Computer Technology (ICECT), vol. 5, pp. 194--198, April 2011.
    [91] W. T. Zhu, ``Node replication attacks in wireless sensor networks: Bypassing the neighbor-based detection scheme,'' in International Conference on Network Computing and Information Security (NCIS), vol. 2, pp. 156--160, May 2011.
    [92] W. T. Zhu, J. Zhou, R. H. Deng, and F. Bao, ``Detecting node replication attacks in wireless sensor networks: A survey,'' Journal of Network and Computer Applications, vol. 35, no. 3, pp. 1022--1034, 2012.
    [93] M. Conti, R. Di Pietro, L. V. Mancini, and A. Mei, ``A randomized, efficient, and distributed protocol for the detection of node replication attacks in wireless sensor networks,'' in Proceedings of the 8th ACM international symposium on Mobile ad hoc networking and computing, pp. 80--89, 2007.
    [94] S.-Y. Lau, T.-H. Chang, S.-Y. Hu, H.-J. Huang, L.-d. Shyu, C.-M. Chiu, and P. Huang, ``Sensor networks for everyday use: The bl-live experience,'' in Proceedings of the IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing -Vol 1 (SUTC'06) - Volume 01, SUTC '06, pp. 336--343, 2006.
    [95] P. Levis, S. Madden, J. Polastre, R. Szewczyk, A. Woo, D. Gay, J. Hill, M. Welsh, E. Brewer, and
    D. Culler, ``Tinyos: An operating system for sensor networks,'' in in Ambient Intelligence, 2004.
    [96] D. Gay, P. Levis, and D. Culler, ``Software design patterns for tinyos,'' ACM Transactions on Embedded Computing Systems (TECS), vol. 6, no. 4, p. 22, 2007.
    [97] R. Buyya, C. S. Yeo, S. Venugopal, J. Broberg, and I. Brandic, ``Cloud computing and emerging it platforms: Vision, hype, and reality for delivering computing as the 5th utility,'' Future Generation Computer Systems, vol. 25, no. 6, pp. 599 -- 616, 2009.
    [98] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson,
    A. Rabkin, I. Stoica, and M. Zaharia, ``A view of cloud computing,'' Commun. ACM, vol. 53, pp. 50--58, April 2010.
    [99] N. Megiddo, ``Linear-time algorithms for linear programming in r3 and related problems,'' in Proceedings of the 23rd Annual Symposium on Foundations of Computer Science, SFCS '82, pp. 329--338, 1982.
    [100] M. E. Dyer, ``Linear time algorithms for two- and three-variable linear programs,'' SIAM Journal on Computing, vol. 13, no. 1, pp. 31--45, 1984.
    [101] ``Citrix xenserver,'' 2012. http://www.citrix.com/English/ps2/products/product.asp?contentID=683148.

    QR CODE