簡易檢索 / 詳目顯示
| 研究生: |
楊秉翰 Bing-Han Yang |
|---|---|
| 論文名稱: |
一個在行動隨意網路上的時間同步防禦方法 A Defense Method to Time Synchronization Function in MANET |
| 指導教授: |
鄧惟中
Wei-Chung Teng |
| 口試委員: |
鄭欣明
Shin-Ming Cheng 金台齡 Tai-Lin Chin 陳秋華 Chyou-Hwa Chen |
| 學位類別: |
碩士 Master |
| 系所名稱: |
電資學院 - 資訊工程系 Department of Computer Science and Information Engineering |
| 論文出版年: | 2013 |
| 畢業學年度: | 101 |
| 語文別: | 中文 |
| 論文頁數: | 50 |
| 中文關鍵詞: | 行動隨意網路 、時間同步 、防禦 |
| 外文關鍵詞: | MANET, Time Synchronization, Defense |
| 相關次數: | 點閱:195 下載:5 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
由於行動隨意網路(MANET)具有不需要連線基礎設備以及動態拓撲等特性,使得各裝置間的時間同步成為了一個非常重要的議題。本研究針對IEEE 802.11標準上所制定的時間同步協定進行安全防禦,並提出中位數演算法(Median Method)來解決一種可破壞時間同步機制的攻擊 - Hit-and-Run攻擊。
我們利用收集各節點的時間資訊來計算一個校正值,並且利用這個校正值來預測出所收到較快節點的時間,再利用校正值與預測出的時間來過濾惡意節點。此外,本研究採取了一部分的Automatic Self-time-correction Procedure(ASP)來解決MANET上的規模性問題。我們也計算了各時間點中各節點時間差異的標準差來更加精確的觀察中位數演算法的防禦效果。
最後,我們使用了Network Simulator version 2(NS2)網路模擬器來測試中位數演算法防禦Hit-and-Run攻擊的效果。經過模擬實驗後的結果顯示,當攻擊者不超過總節點個數30%時,中位數演算法可完全防禦Hit-and-Run攻擊。在網路沒有攻擊者狀況下,各節點單位時間內時間差異的標準差值落在[5.31, 10.02]之間,而當總節點數為400,惡意節點個數為120時,此為模擬實驗中最差的結果,其標準差值仍落在[6.79, 11.69]之間。同時,在10秒內即可讓各節點無法同步的現象消失。
The dynamic topology feature of wireless ad hoc network (MANET) makes time synchronization an important issue to this kind of infrastructure-less netwrok. On the other hand, the IEEE 802.11 standard specifies a clock synchronization protocol for MANET, but it is designed without taking into consideration of possible security issues. In this paper, we introduce Median Method, which is developed to defend a feasible malicious attack to IEEE 802.11 TSF: the Hit-and-Run attack.
In Median method, we calculate a calibration value by collecting the clock information of each mobile hosts, then use the calibration value to predict the time of faster nodes and to filter out malicious nodes. In addition, we solved the scalability issue of MANET by adapting a part of Automatic Self-time-correction Procedure(ASP). We also calculated standard deviation of clock difference of every node at each time to observe the defensive performance of Median Method more precisely.
Simulations of Median Method defending Hit-and-Run attack are conducted in ns2 network simulator, and the simulation results show that the proposed method is able to completely defend the attack given the percentage of attackers no more than 30%. The standard deviation of clock difference, when there is no attack launched, is between 5.31 to 10.02.
On the other hand, our worst case happens when the numbers of legitimate nodes and the attacker node are 280 and 120 respectively. In this scenario, standard deviation still remains in the range of 6.79 to 11.69, and the status of lack of synchronism caused by the Hit-and-Run attack vanishes within 10 seconds.
[1]"The cmu monarch project’s wireless and mobility extensions to ns," 1998.
http://www.monarch.cs.cmu.edu/
[2]G.-N. Chen, C.-Y. Wang, and R.-H. Hwang. "MTSP: Multi-hop time synchronization protocol for IEEE 802.11 wireless ad hoc network," in Wireless Algorithms, Systems, , and Application, vol. 4138 of Lecture Notes in Computer Science, pp. 664 – 675, Springer Berlin Heidelberg, 2006.
[3]L. Chen and J. Leneutre, "Toward secure and scalable time synchronization in ad hoc networks," Computer Communications, vol.30, no. 11, pp. 2453-2467, 2007.
[4]I. C. Committee. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. IEEE Standard 802.11-1999, New York, 1999.
[5]S. Ganeriwal, S. Capkun, C. Han, and M. Srivastava, "Secure time synchronization service for sensor networks," in Proceedings of the 4th ACM Workshop on Wireless Security, pp. 97 – 106, ACM, 2005.
[6]G. Khanna, A. Masood, and C. Rotaru, "Synchronization attacks against 802.11," in Workshop of the 12th Networks and Distributed Systems Symposium (NDSS 05), Citeseer, 2005.
[7]L. Qi and W. Chen, "A clock synchronization method for ad hoc networks," in 2011 2nd International Conference on Artificial Intelligence, Management Science and Electronic Commerce (AIMSEC), pp. 3614 – 3617, 2011.
[8]J. Sheu, C. Chao, W. Hu, and C. Sun, "A clock synchronization algorithm for multihop wireless ad hoc networks," Wireless Personal Communications, vol. 43, no.2, pp. 185 – 200, 2007.
[9]D. Zhou and T. Lai, "A scalable and adaptive clock synchronization protocol for ieee 802.11-based multihop ad hoc networks," in IEEE International Conference on Mobile Adhoc and Sensor Systems Conference, 2005, pp. 8 – 558, 2005.
[10]B. Wu, J. Chen, J. Wu, and M. Cardei, "A Survey on Attacks and Countermeasures in Mobile Ad Hoc Networks," in Wireless/Mobile Network Security(Y. Xiao, X. Shen, and D.-Z. Du, eds.), pp. 103 – 135, Springer, 2006.
[11]D. Zhou and T.-H. Lai, "An accurate and scalable clock synchronization protocol for IEEE 802.11-based multihop ad hoc networks," IEEE Transactions on Parallel and Distributed Systems, vol.18, no.12, pp.1797 – 1808, 2007.
[12]A. Cardenas, N. Benammar, G. Papageorgiou, and J. Baras, "Cross-Layered Security Analysis of Wireless Ad Hoc Networks," in Proceedings of 24th Army Science Conference, 2004.
[13]S. Yi and R. Kravets, "Composite Key Management for Ad Hoc Networks," in Proceedings of the 1st Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services (MobiQuitous’04), pp. 52 - 61, 2004.
[14]"NTP Official Website," http://support.ntp.org/bin/view/Main/WebHome
