Open Access Open Access  Restricted Access Subscription Access

在隨意行動網路通訊架構下利用拜占庭協議演算法來防禦及偵測女巫攻擊

Sheng Hong Cheng,
Shih-Hao Chang,

Abstract


近年來網路科技快速蓬勃發展,現代人隨時隨地都能使用網路與其他使用者交流,不僅改變現代人生活的方式,也帶來更便利的生活。使用各種可攜式無線網路個人行動運算設備和使用有線網路相比,無線網路不僅能節省基礎設施的人力和花費,在架設的便利性及機動性也較有線網路來得更加優勢。隨意行動網路(Mobile Ad-Hoc Network, MANET)是無線網路的其中一項分支。隨意行動網路具有能快速設置、動態拓樸的節點及缺少如轉接器、無線基地台(Access Point, AP)等基礎設施等特性,這些特性讓隨意行動網路能應用於特定的場景如軍事用途、搜救或緊急行動。基於路由協定,節點互相提供連結資訊並能共同建立完整傳輸路徑。但傳輸安全一直是隨意行動網路中的一項問題,起因於隨意行動網路的特性如連結公開的網路因此缺少安全防線、去中心化的設置及路由協定中缺乏安全考慮的設計都讓MANET比有線網路更難於管理和抵禦利用這些弱點所形成的攻擊。在本研究中針對隨意行動網路最常見的女巫攻擊(Sybil Attack)來做進一步的研究,女巫攻擊可能造成封包流量改向以及其他延伸影響。我們使用NS3模擬器來模擬一個基於共識機制的演算法拜占庭將軍問題協議(Byzantine Agreement Algorithm)來解決Sybil attack對於隨意行動網路的威脅。確保所有原來易遭受竄改的網路節點在傳輸過程中可以確保資料的完整性。我們在模擬的實驗中證明此了所提出的方法在網路及安全效能都能有較理想的表現。未來的目標在沒有網路基礎架構下,仍能保持通訊安全。In recent years, modern rapid development of Internet technology has enabled people to use the Internet to communicate with each other anywhere, anytime and anytime. Not only changing the way people live in modern life, but also bringing about a more convenient life. The various portable wireless network personal mobile computing devices and the use of wired networks, compared to the wireless network can not only save the manpower and costs of the infrastructure, but also in the construction of the convenience and mobility are more advantages than the cable network. In a mobile ad hoc network (MANET), MANET has nodes that can be quickly set up, dynamically topological, and lacks infrastructure such as adapters and wireless APs. These features allow MANETs to be used in specific scenarios such as Military use, search and rescue or emergency operations. Based on the routing protocol, nodes provide connection information to each other and can jointly establish a complete transmission path. But transmission security is a problem in MANET. MANET features such as open media, lack of security, non-centralized settings, and lack of security considerations in routing protocols make MANET more difficult to manage than wired networks. Resist attacks that exploit these weaknesses. In this study, we conducted further research on the most common Sybil Attack of MANET. The witch attack may cause packet flow redirection and other extended effects. We utilize the simulation environment NS3 to simulate a consensus-based algorithm, the Byzantine Agreement Algorithm, to address the Sybil attack's threat to casual Internet networks. Ensure that all the original network nodes that are vulnerable to tampering can ensure the integrity of the data during transmission. We must demonstrate in the simulation experiment that this method can have ideal performance in both network and security performance. How to use a network form without an infrastructure to practice the security of a network in the form of an infrastructure network is the focus of this paper.

Keywords


資訊安全; 隨意行動網路; 拜占庭將軍問題協議; 女巫攻擊; 網路模擬; Information Security; Mobile Ad Hoc Network; Byzantine Agreement Algorithm; Sybil Attack; Network Simulator

Citation Format:
Sheng Hong Cheng, Shih-Hao Chang, "在隨意行動網路通訊架構下利用拜占庭協議演算法來防禦及偵測女巫攻擊," Communications of the CCISA, vol. 24, no. 3 , pp. 55-70, Jul. 2018.

Full Text:

PDF

Refbacks

  • There are currently no refbacks.





Published by Chinese Cryptology and Information Security Association (CCISA), Taiwan, R.O.C
CCCISA Editorial Office, No.1, Sec. 1, Shennong Rd., Yilan City, Yilan County 260, Taiwan (R.O.C.)
E-mail: ccisa.editor@gmail.com