中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/74646
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 41648921      Online Users : 1463
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/74646


    Title: 可執行於未授權物聯網裝置之認證機制;Perform Trusted Work over Untrusted IoT Devices
    Authors: 李東岳;Li, Dong-Yue
    Contributors: 資訊工程學系
    Keywords: IoT 安全;IoT 認證;一次性密碼;IoT security;IoT authentication;One Time password
    Date: 2017-07-17
    Issue Date: 2017-10-27 14:35:11 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 在物聯網越來越普及的這個時代,我們所面臨的資安問題不再侷限在個人電腦上,家中的電視冰箱等都有可能成為駭客攻擊的對象。當企業將自家產品傳感器佈署在管轄不到的範圍中,企業要如何確保所佈署的傳感器是否被入侵?若傳感器接收的訊息會傳送至企業內部的伺服器,攻擊者便有可能進一步滲透到企業內部。
    在正常情況下,傳感器每隔一段固定時間,傳送特定封包格式(beacon)來告訴伺服器目前此傳感器還在線上。由於傳感器不在企業能夠防禦的範圍內,攻擊者能夠拿到實體的機器,若攻擊者將實體記憶體的內容全數載下,透過反編譯技術將原始碼重現,傳感器內部的行為攻擊者是能夠完全模仿的。
    為了防止特定封包格式被模仿,本文提出以一次性密碼(One Time Password)來替代,並透過傳送執行檔的方式以及亂數的驗證來確保客戶端所執行的程式是安全的。在第四章會介紹一次性密碼的傳送以及偵測。
    ;In this era of increasingly popular Internet of things, we are facing the problem of security which is no longer limited to personal computers, on the contrary home TVs, refrigerators and so forth may also be the objects of hacker attacks. When the enterprises deployed sensors on their own product out of the controllable range, how does the enterprises make sure that the deployment of the sensor is not invaded? If the messages captured by the sensor were ready to be sent to the server in the enterprise, the attacker could probably able to penetrate into the enterprise further.
    Under normal circumstances, the sensor will send a specific packet format (beacon) during a fixed period of time, to tell the server that the sensor is still online. Because the sensor is not within the defense range of the enterprise, the attacker may be able to grab the entity of the machine. If the attacker loaded all the contents of the physical memory and reproduced the source code through the disassembly techniques, the behaviors within the sensor would be able to be imitated by the attacker completely.
    In order to prevent a particular format of packets from being imitated, this article proposes an alternative method to ensure that the program executed by the client is secure by using the One Time Password mechanism, sending executable files and verifying of the random numbers. In the fourth chapter, the transmission and detection of the one-time passwords will be introduced.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML114View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明