中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/74550
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 41642171      Online Users : 1491
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/74550


    Title: 一個伺服器端的地理位置偽造攻擊偵測機制;Fake GPS Defender: A Server-side Solution to Detect Fake GPS
    Authors: 張友恆;Chang, Yu-Heng
    Contributors: 通訊工程學系
    Keywords: 偽造;地理位置;路由器;Location;Fake;Spoof;Router
    Date: 2017-07-18
    Issue Date: 2017-10-27 14:01:44 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 隨著時代演進,不僅僅是智慧型手持電話,有越來越多行動裝置、物聯網裝置配備有能感知自身地理位置的感測器,因而衍生出許多基於實體地理位置的網路服務。像是以地理位置判斷速度,進而藉由資料分析判斷路況,抑或是特定目標的定位提供大眾運輸的公開資料,甚至是以實體位置為基礎建造虛擬環境的擴增實境遊戲等。然而,這些服務再由裝置獲得其所在的地理位置的同時,多半缺少了驗證其資料完整性的機制,亦即伺服器端無條件地接收移動裝置所回傳的資料,如此情況下實則暴露了許多機會給攻擊者,利用各種方式偽造其位置結果,進而衍生出所謂 Fake GPS 問題,影響了整體系統的穩定性與公平性。現今所見的防範驗證方式多半僅能提供以國家為範圍大小的偵測,且無法防範某些位於底層的偽造手法,攻擊者依舊可以在以國家為範圍的前提下進行小維度的偽造。
    本論文中我們為地理位置服務的服務提供商設計了一個基於邊境路由器的偵測方式:相較於先前提出的解決方式,本論文的檢測機制是以單純的網際網路控制方式實現,能有效的在上層驗證資料的合理性,解決針對在下層的干擾偽造攻擊。再者,現今大多數的方法僅能有效判斷以國家為單位的大範圍偵測,本論文設計的機制,根據其他群體的所在位置,與使用者網路環境之路由器對控制封包的開放程度,能有效的縮小偵測範圍,提供更加精準的檢測方法,並使得欲偽造GPS位置的攻擊者更加困難,藉此抵禦與解決 Fake GPS 問題。論文研究已完成進行大量的實體實驗,結果顯示所提出的檢測機制之可行性在實體位置與現今網路環境上皆能夠成立,研究更進一步分析有可能出現的 false positive 與 false negative 狀況,並提出相對應的解決方式。最後,我們提出針對本檢測機制還能進行強化的地方,並表示本系統若與現存系統合作改進之可能的優勢與好處。
    ;Nowadays, not merely smart phones, but also IoT devices are usually equipped with GPS sensors in order to obtain devices’ geo-location. This brings more and more network service based on GPS location to us. For instance, detect traffic jams by obtaining devices′ velocity, or some well-known real world location-based games like Pokémon GO, etc. However, most of those services lack the integrity check for GPS values they get. This leaves a good chance for attackers to manipulate GPS information results before sending it to server, affecting stability and fairness of the system, and cause so called "Fake GPS" problem.
    In this paper, we design a pure network-based detection for the LBS provider. Compared with previous solutions, our mechanism is based on Internet control message, which can verify the correctness of the data in upper layer, and solve the signal interference problem happened on hardware. In addition, most of the existing detection methods today can only effectively work for country-scale detection. The mechanism we purposed can effectively narrow down the scope of detection by using to the location of other normal users. Our mechanism successfully provides a more accurate detection method, and makes the attacker more difficult to launch the attack. The study further analysis situations which may probably cause false positive and negative, and give possible solutions for each corresponding issue. Finally, we propose some aspects where Fake GPS Defender can be improved, and also the potential advantages and benefits when cooperating with other existing detection systems.
    Appears in Collections:[Graduate Institute of Communication Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML241View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明