Adaptive and Randomized Time-based Wireless Sensor Networks Remote Attestation Against Proxy Attack
碩士 === 國立中央大學 === 資訊工程學系 === 106 === Wireless sensor network (WSNs) have been widely applied in medical, scientific, military, and business applications. A huge number of sensor nodes are deployed in a specific geographic area to collect environmental data for analysis purposes. However, the sensor...
Main Authors: | , |
---|---|
Other Authors: | |
Format: | Others |
Language: | zh-TW |
Published: |
2018
|
Online Access: | http://ndltd.ncl.edu.tw/handle/m3u63s |
id |
ndltd-TW-106NCU05392070 |
---|---|
record_format |
oai_dc |
spelling |
ndltd-TW-106NCU053920702019-11-28T05:22:16Z http://ndltd.ncl.edu.tw/handle/m3u63s Adaptive and Randomized Time-based Wireless Sensor Networks Remote Attestation Against Proxy Attack 減輕代理人攻擊之具有自適應性與隨機性的基於計算時間無線感測網路遠端檢測方案 Cheng-Po Chien 簡丞博 碩士 國立中央大學 資訊工程學系 106 Wireless sensor network (WSNs) have been widely applied in medical, scientific, military, and business applications. A huge number of sensor nodes are deployed in a specific geographic area to collect environmental data for analysis purposes. However, the sensor nodes are often deployed in a public geographic area that allows an adversary to physically capture a sensor node. Any software vulnerability and sensitive data inside the captured node will be identified. The adversary can store malicious codes in the captured node and redeploy it. The infected sensor node then spreads the malicious codes; consequently the neighboring nodes are infected with the malicious codes. These infected sensor nodes can collude each other to perform a variety of attacks, such as fake data delivery, selective packet forwarding, denial of service (DoS), etc. A security mechanism used for detecting an infected sensor node is necessary. The time-based remote attestation scheme provides a mechanism for checking the memory integrity of the sensor nodes. During the remote attestation, the memory integrity of sensor node is endorsed by evidences provided by sensor node. If the memory content of sensor node is modified, sensor node could not produce the evidence. In addition, verifier will set threshold and measure time which sensor nodes produces the evidences of memory integrity that prevents adversary forging evidence by additional operation. Unfortunately, the measured time is susceptible to communication delay in WSNs. This may result in the normal sensor nodes fail the attestation. Furthermore, time-based remote attestation is vulnerable to proxy attack, which the evidence of memory integrity is able to be generated by the powerful device of adversary. In this study, we proposed remote attestation that more adaptive time-based remote attestation scheme and counteract the proxy attack of sensor nodes. Our scheme is designed in a multiple-round approach which a whole remote attestation will be divided into several round and at end of each round the round evidences will be randomly determined to be sent to the verifier or not. Those evidence which does not sent to the verifier will be check through the subsequent evidences which produce by the response block chaining. The key idea in proposed scheme is that misjudgment of normal node is avoided through multiple round time measurement. Additionally, multiple-round approach can exhaust the battery of the compromised nodes and makes the malicious intrusion become significantly less powerful. We also proposed alternative scheme which install the lightweight hardware secure modules before employed to reduce the power consumption of normal sensor nodes and remain the power consumption of compromised sensor nodes. Sung-Ming Yen 顏嵩銘 2018 學位論文 ; thesis 57 zh-TW |
collection |
NDLTD |
language |
zh-TW |
format |
Others
|
sources |
NDLTD |
description |
碩士 === 國立中央大學 === 資訊工程學系 === 106 === Wireless sensor network (WSNs) have been widely applied in medical, scientific,
military, and business applications. A huge number of sensor nodes are deployed in
a specific geographic area to collect environmental data for analysis purposes. However,
the sensor nodes are often deployed in a public geographic area that allows
an adversary to physically capture a sensor node. Any software vulnerability and
sensitive data inside the captured node will be identified. The adversary can store
malicious codes in the captured node and redeploy it. The infected sensor node then
spreads the malicious codes; consequently the neighboring nodes are infected with
the malicious codes. These infected sensor nodes can collude each other to perform
a variety of attacks, such as fake data delivery, selective packet forwarding, denial
of service (DoS), etc. A security mechanism used for detecting an infected sensor
node is necessary.
The time-based remote attestation scheme provides a mechanism for checking
the memory integrity of the sensor nodes. During the remote attestation, the memory
integrity of sensor node is endorsed by evidences provided by sensor node. If
the memory content of sensor node is modified, sensor node could not produce the
evidence. In addition, verifier will set threshold and measure time which sensor
nodes produces the evidences of memory integrity that prevents adversary forging
evidence by additional operation. Unfortunately, the measured time is susceptible
to communication delay in WSNs. This may result in the normal sensor nodes fail
the attestation. Furthermore, time-based remote attestation is vulnerable to proxy
attack, which the evidence of memory integrity is able to be generated by the powerful
device of adversary.
In this study, we proposed remote attestation that more adaptive time-based
remote attestation scheme and counteract the proxy attack of sensor nodes. Our
scheme is designed in a multiple-round approach which a whole remote attestation
will be divided into several round and at end of each round the round evidences
will be randomly determined to be sent to the verifier or not. Those evidence which
does not sent to the verifier will be check through the subsequent evidences which
produce by the response block chaining. The key idea in proposed scheme is that
misjudgment of normal node is avoided through multiple round time measurement.
Additionally, multiple-round approach can exhaust the battery of the compromised
nodes and makes the malicious intrusion become significantly less powerful. We also
proposed alternative scheme which install the lightweight hardware secure modules
before employed to reduce the power consumption of normal sensor nodes and remain
the power consumption of compromised sensor nodes.
|
author2 |
Sung-Ming Yen |
author_facet |
Sung-Ming Yen Cheng-Po Chien 簡丞博 |
author |
Cheng-Po Chien 簡丞博 |
spellingShingle |
Cheng-Po Chien 簡丞博 Adaptive and Randomized Time-based Wireless Sensor Networks Remote Attestation Against Proxy Attack |
author_sort |
Cheng-Po Chien |
title |
Adaptive and Randomized Time-based Wireless Sensor Networks Remote Attestation Against Proxy Attack |
title_short |
Adaptive and Randomized Time-based Wireless Sensor Networks Remote Attestation Against Proxy Attack |
title_full |
Adaptive and Randomized Time-based Wireless Sensor Networks Remote Attestation Against Proxy Attack |
title_fullStr |
Adaptive and Randomized Time-based Wireless Sensor Networks Remote Attestation Against Proxy Attack |
title_full_unstemmed |
Adaptive and Randomized Time-based Wireless Sensor Networks Remote Attestation Against Proxy Attack |
title_sort |
adaptive and randomized time-based wireless sensor networks remote attestation against proxy attack |
publishDate |
2018 |
url |
http://ndltd.ncl.edu.tw/handle/m3u63s |
work_keys_str_mv |
AT chengpochien adaptiveandrandomizedtimebasedwirelesssensornetworksremoteattestationagainstproxyattack AT jiǎnchéngbó adaptiveandrandomizedtimebasedwirelesssensornetworksremoteattestationagainstproxyattack AT chengpochien jiǎnqīngdàilǐréngōngjīzhījùyǒuzìshìyīngxìngyǔsuíjīxìngdejīyújìsuànshíjiānwúxiàngǎncèwǎnglùyuǎnduānjiǎncèfāngàn AT jiǎnchéngbó jiǎnqīngdàilǐréngōngjīzhījùyǒuzìshìyīngxìngyǔsuíjīxìngdejīyújìsuànshíjiānwúxiàngǎncèwǎnglùyuǎnduānjiǎncèfāngàn |
_version_ |
1719297839889121280 |