基於輕量化硬體可偵測代理人攻擊之感測網路遠程證實方法

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：66

、訪客IP：13.58.215.45

姓名

蔡欣芸(Xin-yun Cai) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

基於輕量化硬體可偵測代理人攻擊之感測網路遠程證實方法
(Lightweight Hardware-based Remote Attestation Scheme against Proxy Attack on Sensor Network)

相關論文

★ 多種數位代理簽章之設計	★ 小額電子支付系統之研究
★ 實體密碼攻擊法之研究	★ 商業性金鑰恢復與金鑰託管機制之研究
★ AES資料加密標準之實體密碼分析研究	★ 電子競標系統之研究
★ 針對堆疊滿溢攻擊之動態程式區段保護機制	★ 通用型數域篩選因數分解法之參數探討
★ 於8051單晶片上實作可防禦DPA攻擊之AES加密器	★ 以非確定式軟體與遮罩分割對策防禦能量攻擊之研究
★ 遮罩保護機制防禦差分能量攻擊之研究	★ AES資料加密標準之能量密碼分析研究
★ 小額電子付費系統之設計與密碼分析	★ 公平電子現金系統之研究
★ RSA公開金鑰系統之實體密碼分析研究	★ 保護行動代理人所收集資料之研究

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

近年來，無線感測網路的應用日益廣泛，舉凡從個人健康監控到軍事安全議題上都可以看見其蹤跡。但也由於無線感測網路通常都部屬在部屬者難以監控的環境之下，使得感測器成為攻擊者能攻擊的目標，攻擊者可以取得其中的感測器並分析內部的軟體，進而去發掘系統漏洞以及將惡意程式碼植入其中，藉此傳遞錯誤的資料誤導部屬者做出錯誤的決策或分析。

有學者提出使用遠端認證 (Remote Attestation) 的方式讓基地台驗證感測器的完整性，以確認其是否遭受入侵或非法的篡改。遠端認證的方法大略可分為兩種：基於軟體或是基於硬體。基於軟體的遠端認證方法通常都採用計時的機制來發現是否在檢查的過程中有不正常的程序執行，此類的方法系統軟體的修改彈性大並且造價較為低廉。然而，此類方法會因為攻擊者可以利用配備較高級之裝置幫助被植入惡意程式之感測器運算，驗證者將被誤導此感測器依舊未受到竄改而遭受到代理人攻擊。基於硬體的遠端認證方法大多都依賴可信平台模組(Trusted Platform Module)，可信平台模組功能強大並且可以偵測代理人攻擊但不適用於感測器，感測器的各方面資源均有限制，故需要較為輕量化的硬體模組來執行遠端認證。

在本論文中，我們提出一種使用輕量化硬體來偵測代理人攻擊的遠端認證方法，融合基於軟體的方法以及基於硬體的方法雙方特點，並且此方法能抵禦大多數無線感測網路遇到的軟體攻擊，硬體相關的攻擊並不在此論文討論範圍內。最後，我們提供數種模擬的數據，這些數據可以讓使用者在安全性以及系統負擔之間做出平衡取捨。

摘要(英)

Wireless sensor networks have been applied in healthcare monitoring systems, military surveillance systems, and Internet of Things. Sensor nodes are usually deployed in an un monitored geographic area and become attractive targets to an adversary. A major security issue to sensor nodes is a malicious code injection attack that results in fake data delivery and private data disclosure. Software-based remote attestation schemes are used for verifying the firmware integrity of a sensor node and have advantages of flexible system implementation and low deployment cost. However, such schemes are vulnerable to a proxy attack that enables a compromised sensor node to provide a correct integrity evidence through the assistance of colluding. Hardware-based schemes mostly rely on TPM. However, the TPM-based schemes are not suitable for resource-constraint sensor nodes because public key cryptography and complicated operations are involved and consumes the energy of sensor node, particularly battery-equipped sensor nodes. This thesis proposes a lightweight hardware-based remote attestation scheme against the proxy attack. A simple hardware security module executing only symmetric key cryptographic computation is employed in the proposed scheme, and is particularly suitable for resource-constrained sensor nodes. Simulation results demonstrating the effectiveness of the proposed scheme are also provided.

關鍵字(中)

★ 無線感測網路
★ 代理人攻擊

關鍵字(英)

★ Remote attestation
★ Wireless sensor network
★ Proxy attack

論文目次

Contents
1 Introduction 1
1.1 Motivation of the Research . . . . . . . . . . . . . . . . . . . . . . . . 1
1.1.1 Background of WSN . . . . . . . . . . . . . . . . . . . . . . . 1
1.1.2 Remote attestation scheme . . . . . . . . . . . . . . . . . . . . 2
1.1.3 The proxy attack . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.2 Contribution of the Research . . . . . . . . . . . . . . . . . . . . . . . 4
2 Related Work 7
2.1 Software-based Remote Attestation . . . . . . . . . . . . . . . . . . . 7
2.2 Hardware-based Remote Attestation . . . . . . . . . . . . . . . . . . 9
2.3 Proxy Attack on Time-measurement-oriented Remote Attestation Schemes 11
2.4 Potential Countermeasure against Proxy Attack . . . . . . . . . . . . 11
3 Security Assumptions of WSN 15
3.1 Assumption of the WSN . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.1.1 Assumptions of verifier . . . . . . . . . . . . . . . . . . . . . . 15
3.1.2 Assumptions of prover . . . . . . . . . . . . . . . . . . . . . . 16
3.1.3 Assumptions of HSM . . . . . . . . . . . . . . . . . . . . . . . 16
3.2 Attack Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
3.2.1 Assumptions of adversary . . . . . . . . . . . . . . . . . . . . 17
3.2.2 Deﬁnition of several attacks . . . . . . . . . . . . . . . . . . . 17
4 The Proposed Remote Attestation Scheme Based on Lightweight HSM 22
4.1 Security Properties Related to Checksum Computation . . . . . . . . 22
4.1.1 Randomness of challenge . . . . . . . . . . . . . . . . . . . . . 23
4.1.2 Non-parallelizable checksum generation . . . . . . . . . . . . 23
4.1.3 Resistance against exploitation of unused program memory space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
4.1.4 Local measurement of elapsed time of checksum computation . 24
4.2 The Proposed Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . 25
4.3 Security against Existing Attacks . . . . . . . . . . . . . . . . . . . . 27
4.3.1 Resistance against proxy attack . . . . . . . . . . . . . . . . . 27
4.3.2 Resistance against impersonation attack . . . . . . . . . . . . 29
4.3.3 Resistance against precomputation attack . . . . . . . . . . . 29
4.3.4 Resistance against replay attack . . . . . . . . . . . . . . . . . 30
4.3.5 Resistance against collusion attack . . . . . . . . . . . . . . . 31
4.3.6 Resistance against memory copy attack . . . . . . . . . . . . . 31
4.3.7 Resistance against prediction of accessed memory addresses . 31
4.3.8 Parameter design . . . . . . . . . . . . . . . . . . . . . . . . . 32
4.4 Trade-oﬀ between Security and System Burden . . . . . . . . . . . . 33
5 Conclusions 38
Bibliography 40

參考文獻

Bibliography
[1] S. Prasanna and S. Rao, “An Overview of Wireless Sensor Networks Applications and Security,” International Journal of Soft Computing and Engineering,
Vol. 2, Issue 2, pp. 538-540, 2012.

[2] C. Hartung, J. Balasalle, and R. Han, “Node Compromise in Sensor Networks:The Need for Secure Systems,” Technical Report CU-CS-990-05, Dept. of Computer Science, University of Colorado at Boulder, Jan. 2005.

[3] P. H¨am¨al¨ainen, M. Kuorilehto, T. Alho, M. H¨annik¨ainen, and T. D. H¨am¨al¨ainen, “Security in Wireless Sensor Networks: Considerations and Experiments,” In Proceedings of the 6th International Workshop on Embedded Computer Systems: Architectures, Modeling, and Simulation, SAMOS ’06, pp. 167-177, 2006.

[4] A. Francillon and C. Castelluccia, “Code Injection Attacks on Harvard-architecture Devices,” In Proceedings of the 15th ACM Conference on Computer and Communications Security, CCS ’08, pp. 15-26, 2008.

[5] Q. Gu and R. Noorani, “Towards Self-propagate Mal-packets in Sensor Networks,” In Proceedings of the 1st ACM Conference on Wireless Network Security, WiSec ’08, pp. 172-182, 2008.

[6] T. Giannetsos, T. Dimitriou, I. Krontiris, and N. R. Prasad, “Arbitrary Code Injection through Self-propagating Worms in Von Neumann Architecture Devices,” The Computer Journal, Vol. 53, Issue 10, pp. 1576-1593, 2010.

[7] T. AbuHmed, N. Nyamaa, and D. Nyang, “Software-Based Remote Code Attestation in Wireless Sensor Network,” In Proceedings of IEEE Global Telecommunications Conference, pp. 1-8, 2009.

[8] Y. Li, J. M. McCune, and A. Perrig, “VIPER: Verifying the Integrity of PERipherals’ Firmware,” In Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 3-16, 2011.

[9] I. Makhdoom, M. Afzal, and I. Rashid, “A Novel Code Attestation Scheme Against Sybil Attack in Wireless Sensor Networks,” In Proceedings of National Software Engineering Conference, pp. 1-6, 2014.

[10] A. Seshadri, A. Perrig, L. Van Doorn, and P. Khosla, “SWATT: SoftWare-based Attestation for Embedded Devices,” In Proceedings of the 2004 IEEE Symposium on Security and Privacy, pp. 272-282, 2004.

[11] A. Seshadri, M. Luk, A. Perrig, L. van Doorn, and P. Khosla, “SCUBA: Secure Code Update by Attestation in Sensor Networks,” In Proceeding of the 5th
ACM Workshop on Wireless Security, pp. 85-94, 2006.

[12] Y. Yang, X. Wang, S. Zhu, and G. Cao, “Distributed Software- based Attestation for Node Compromise Detection in Sensor Networks,” In Proceedings of 26th IEEE International Symposium on Reliable Distributed Systems, pp. 219-230, 2007.

[13] ISO/IEC 11889, “Information Technology-Trusted Platform Module,” ﬁrst edi-
tion, 2009.

[14] D. Schellekens, B. Wyseur, and B. Preneel, “Remote Attestation on Legacy Operating Systems With Trusted Platform Modules,” Science of Computer Programming, Vol. 74, Issues 1-2, pp. 13-22, 2008.

[15] H. Tan, W. Hu, and S. Jha, “A TPM-enabled Remote Attestation Protocol (TRAP) in Wireless Sensor Networks,” In Proceedings of the 6th ACM Workshop on Performance Monitoring and Measurement of Heterogeneous Wireless
and Wired Networks, PM2HW2N ’11, pp. 9-16, 2011.

[16] K. E. Defrawy, A. Francillon, D. Perito, and G. Tsudik, “SMART: Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust,” In Proceed-
ings of the 19th Annual Network and Distributed System Security Symposium, NDSS ’12, 2012.

[17] P. Yang and S. Yen, “Memory Attestation of Wireless Sensor Nodes by Trusted Local Agents,” In Proceeding of the 2015 IEEE Trustcom/BigDataSE/ISPA, pp. 82-89, 2015.

[18] S. Zhu, S. Setia, and S. Jajodia, “LEAP: Eﬃcient Security Mechanisms for Large-scale Distributed Sensor Networks,” In Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 62-72, 2003.

[19] D. Liu, P. Ning, and R. Li, “Establishing Pairwise Keys in Distributed Sensor Networks,” ACM Transactions on Information and System Security, Vol. 8, No. 1, pp. 41-77, 2005.

[20] C. Castelluccia, A. Francillon, D. Perito, and C. Soriente, “On the Difficulty of Software-based Attestation of Embedded Devices,” In Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS ’09, pp. 400-409, 2009.

[21] ZigBee Alliance, “ZigBee Speciﬁcation,” ZigBee Alliance, 2008.

[22] D. Perito and G. Tsudik, “Secure Code Update for Embedded Devices via Proofs of Secure Erasure,” In Proceedings of the 15th European conference on Research in computer security , pp. 643-662, 2010.

[23] G. Ateniese, R. Di Pietro, L.V. Mancini, G. Tsudik, “Scalable and Efficient Provable Data Possession,” In Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, pp. 1-10, 2008.

[24] X. Kovah, C. Kallenberg, C. Weathers, A. Herzog, M. Albin, and J. Butterworth, “New Results for Timing-Based Attestation,” In Proceedings of the 2012 IEEE Symposium on Security and Privacy, pp. 239-253, 2012.

指導教授

顏嵩銘(Sung-Ming Yen)

審核日期

2020-1-22

推文