博碩士論文 105522077 詳細資訊




以作者查詢圖書館館藏 以作者查詢臺灣博碩士 以作者查詢全國書目 勘誤回報 、線上人數:10 、訪客IP:3.80.218.53
姓名 吳駿劭(Jyun-Shao Wu)  查詢紙本館藏   畢業系所 資訊工程學系
論文名稱
(IoTD:An SMTP-Based Approach to Identify IoT Devices)
相關論文
★ USB WORM KILLER: Cure USB Flash Worms Through a USB Flash Worm★ Discoverer- Rootkit即時偵測系統
★ 一項Android手機上詐騙簡訊的偵測與防禦機制★ SRA系統防禦ARP欺騙劫持路由器
★ 針對遠端緩衝區溢位攻擊之自動化即時反擊系統★ 即時血清系統: 具攻性防壁之自動化蠕蟲治癒系統
★ DNSPD: Entrap Botnets Through DNS Cache Poisoning Detection★ TransSQL: A Translation and Validation-based Solution for SQL-Injection Attacks
★ A Spam Mail-based Solution for Botnet Detection and Network Bandwidth Protection★ Shark: Phishing Information Recycling from Spam Mails
★ FFRTD: Beat Fast-Flux by Response Time Differences★ Antivirus Software Shield against Antivirus Terminators
★ MAC-YURI : My ACcount, YoUr ResponsIbility★ KKBB: Kernel Keylogger Bye-Bye
★ CIDP Treatment: An Innovative Mobile Botnet Covert Channel based on Caller IDs with P8 Treatment★ PrivacyGuard:A Kernel-based Solution to Enhance the User Privacy When Using Private Browsing
檔案 [Endnote RIS 格式]    [Bibtex 格式]    [相關文章]   [文章引用]   [完整記錄]   [館藏目錄]   至系統瀏覽論文 (2023-6-30以後開放)
摘要(中) 近年來,如何去防範網路攻擊是一直是被研究的領域,攻擊者會在進行攻擊時隱藏自己,讓防禦者或是調查人員無法掌握背後的攻擊者。其中,物聯網 (Internet of Things) 設備將越來越多,其所產生的安全問題也隨之一一浮上檯面。像是針對物聯網設備進行攻擊的惡意程式 Mirai,抑或是針對預設密碼的網路攝影機的攻擊等等,都已慢慢侵害到一般人的隱私或是進而造成危害。其中造成世界危害的攻擊包含影響網路狀況的 DDoS 攻擊、垃圾郵件散布、漏洞挖掘、使用者隱私洩露等等,這些攻擊將會因物聯網設備的增加而更難防禦。然而,對於物聯網設備的偵測與防禦還正處在萌芽階段,在本篇論文當中,將從垃圾郵件的角度來提出一個 IoTD 的方法,用於偵測寄送信件的寄信人是否為一台物聯網設備,進而有效利用此資訊在未來的安全研究領域之中,讓物聯網的安全性問題能更進一步的有所斬獲。
摘要(英) In recent years, how to prevent cyber attacks has always been in the field of research. Attackers will hide when they are attacking so that defenders or investigators cannot grasp the attackers behind them. Among them, the security problems of the increment of the Internet of Things (IoT) will come to the forefront. Mirai, a malware attacking IoT devices, and the problem on a network camera with default password issue, harm and leak the privacy of innocent people. The attacks cause harm to the world such as DDoS attacks that affect network bandwidth, email spam, vulnerability mining, user privacy leaks, and etc. These attacks will be more difficult to defend due to the increase in IoT devices. However, the detection and defense of IoT devices are still in its infancy. In this paper, an IoTD method will be proposed from the perspective of spam to detect whether a sender of the mail is an IoT device, and thus effectively use this information in security research field in the future.
關鍵字(中) ★ 物聯網
★ 垃圾郵件
★ 電子郵件
★ 防禦
★ 偵測
關鍵字(英) ★ Internet of Things
★ IoT
★ SMTP
★ spam
★ detection
★ TLS
論文目次 摘要v
Abstract vi
致謝vii
Contents viii
List of Figures x
List of Tables xi
1 Introduction 1
2 Background 4
2.1 E-mail Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.2 SMTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.3 Transport Layer Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3 Threat Model 11
4 System design 13
4.1 Methodology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
4.2 System overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
5 Evaluation 18
5.1 System environment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
5.2 Result . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
6 Related Work 22
7 Discussion 23
8 Conclusion 24
Reference 25
A Analysis 27
參考文獻 [1] Gartner, “Gartner Says 4.9 Billion Connected ‘Things’Will Be in Use in 2015,”2014,
http://www.gartner.com/newsroom/id/2905717.
[2] S. Notra, M. Siddiqi, H. H. Gharakheili, V. Sivaraman, and R. Boreli, “An Experimental
Study of Security and Privacy Risks with Emerging Household Appliances,”in Proc.
International Workshop on Security and Privacy in Machine-to-Machine Communications
(M2MSec), Oct 2014.
[3] S. Grover and N. Feamster,“The Internet of Unpatched Things,”in Proc. FTC PrivacyCon,
Jan 2016.
[4]“Your Fridge is Full of SPAM: Proof of An IoT-driven Attack,”Jan 2014,
https://www.proofpoint.com/us/threat-insight/post/Your-Fridgeis-
Full-of-SPAM. (Accessed on 5/2/2018)
[5] Justin M. Rao and David H. Reiley, “The Economics of Spam,”Journal of Economic
Perspectives??Volume 26, Number 3??Summer 2012??Pages 87–110, 2012.
[6] M3AAWG,“Email metrics report,”Nov 2014, https://www.m3aawg.org/for-theindustry/
email-metrics-report. (Accessed on 4/17/2018)
[7] Nadezhda Demidova, Tatyana Shcherbakova, Maria Vergelis, “Spam and phishing in
Q1 2018”, 2018, https://securelist.com/spam-and-phishing-in-q1-2018/
85650/. (Accessed on 4/26/2018)
[8] RFC 3207, SMTP Service Extension for Secure SMTP over Transport Layer Security, 2002.
[9] RFC 7598, Deprecating Secure Sockets Layer Version 3.0, 2015.
[10] Adam Langley, “Disabling SSLv3 and RC4,”Google Security Blog, 2015, https://
security.googleblog.com/2015/09/disabling-sslv3-and-rc4.html.
[11]“The Transport Layer Security (TLS) Protocol Version 1.3,”2018, https://tools.ietf.
org/html/draft-ietf-tls-tls13-28.
[12] Kuo, Fang-Chun and Tschofenig, Hannes and Meyer, Fabian and Fu, Xiaoming,
“Comparison studies between pre-shared key and public key exchange mechanisms for transport
layer security (TLS),”Institute for Informatics, University of Goettingen, Technical
Report IFI-TB-2006-01, 2006
[13] Vincent Berna,“TLS and Perfect Forward Secrecy,”2011, https://vincent.bernat.
im/en/blog/2011-ssl-perfect-forward-secrecy.
[14] Zhao, Li and Iyer, Ravi and Makineni, Srihari and Bhuyan, Laxmi, “Anatomy and Performance
of SSL Processing”, IEEE International Symposium on, page 197-206,” 2005.
[15] Postfix, http://www.postfix.org/
[16] Binu Ramakrishnan, “Measuring SMTP STARTTLS Deployment Quality,” 2015,
https://yahoo-security.tumblr.com/post/141495385400/measuringsmtp-
starttls-deployment-quality
[17] Facebook, “The Current State of SMTP STARTTLS Deployment,”2014,
https://www.facebook.com/notes/protect-the-graph/the-currentstate-
of-smtp-starttls-deployment/1453015901605223/.
[18] Incenp.org,“SMTP-over-TLS usage stats,”2017, https://incenp.org/notes/2017/
smtp-starttls-usage.html.
[19] Meidan, Yair et al., “Detection of Unauthorized IoT Devices Using Machine Learning
Techniques,”arXiv preprint arXiv:1709.04647, 2017.
[20] J. Pang et al., “802.11 user fingerprinting,”in Proceedings of the 13th Annual ACM International
Conference on Mobile Computing and Networking, ser. MobiCom ’07. ACM,
2007, pp. 99–110.
[21] R. Tomsˇu? et al.,“Profiling users by modeling web transactions,”in IEEE International
Conference on Distributed Computing Systems, 2017
[22] Bruhadeshwar
指導教授 許富皓 審核日期 2018-7-20
推文 facebook   plurk   twitter   funp   google   live   udn   HD   myshare   reddit   netvibes   friend   youpush   delicious   baidu   
網路書籤 Google bookmarks   del.icio.us   hemidemi   myshare   

若有論文相關問題,請聯絡國立中央大學圖書館推廣服務組 TEL:(03)422-7151轉57407,或E-mail聯絡  - 隱私權政策聲明