本文選題：WLAN安全 + 全頻道干擾機　； 參考：《天津大學(xué)》2014年博士論文

【摘要】：無線局域網(wǎng)由于無線信號的廣播本質(zhì)和其應(yīng)用的網(wǎng)絡(luò)協(xié)議及機制的設(shè)計缺陷，安全性問題日益突出。論文以無線局域網(wǎng)的安全性評估為目標(biāo)，并從無線局域網(wǎng)的網(wǎng)絡(luò)體系入手進(jìn)行了弱點發(fā)現(xiàn)和安全性分析。對安全強度要求較高的無線局域網(wǎng)的安全防護(hù)提供決策支持。研究成果包括以下幾個方面： 在物理和MAC層，針對傳統(tǒng)全頻道干擾需利用單一頻道干擾機進(jìn)行相對費時的多次頻道跳轉(zhuǎn)，設(shè)計了干擾半徑可變的全頻道IEEE802.11g干擾機(ARJ)，ARJ利用非交疊信道的鄰頻干擾作用，僅在一個固定頻道上便可實現(xiàn)對全頻道的干擾覆蓋。基于引入信道比特錯誤率的分布式協(xié)調(diào)功能的馬爾科夫鏈模型，證明了ARJ可使干擾半徑內(nèi)的節(jié)點有效吞吐率降低到零。通過模擬場景驗證了干擾半徑的可調(diào)性，驗證了干擾半徑與發(fā)射功率成正比，與信道距離成反比并給出相關(guān)定義。通過設(shè)計的大量真實實驗進(jìn)一步驗證ARJ的正確性并在實驗中分析了干擾頻度的設(shè)置以及其他因素對干擾半徑的影響。 在密鑰管理層，針對現(xiàn)有的基于單核CPU的WPA/WPA2-PSK暴力破解方法的缺點，提出了分布式多核CPU加GPU的并行破解方法——DMCG。DMCG利用多臺計算機的多核CPU和GPU形成多個計算核心并行破解。使用著色Petri網(wǎng)模型證明了WPA/WPA2握手協(xié)議存在可達(dá)的不安全狀態(tài)據(jù)此可發(fā)動暴力破解攻擊。提出改進(jìn)的阿姆達(dá)爾法則分析了暴力破解上限。針對DMCG的GPU云計算擴展，提出可應(yīng)用于不同類型超級計算中心的蒲公英計算模型。實驗結(jié)果表明，DMCG可使破解速度提高3到4個數(shù)量級。同時分析了顯卡參數(shù)對于破解速度的影響并基于層次分析法對DMCG方法中如何選擇顯卡提供決策支持。 在認(rèn)證層，針對IEEE802.1X的EAP認(rèn)證機制的各種攻擊如降質(zhì)攻擊，中間人攻擊等進(jìn)行了非形式化分析，并給出了改進(jìn)建議。針對Wi-Fi聯(lián)盟的WPS協(xié)議使用著色Petri網(wǎng)模型證明WPS協(xié)議存在可達(dá)的不安全狀態(tài)據(jù)此可發(fā)動暴力破解攻擊，當(dāng)有干擾機存在時，破解成功概率接近1，提出的改進(jìn)協(xié)議使破解成功概率下降到3/108。針對WAPI認(rèn)證機制，分析了已知的針對WAI協(xié)議的攻擊方法和相應(yīng)改進(jìn)協(xié)議WAI'。使用著色Petri網(wǎng)模型證明WAI'中單播密鑰協(xié)商子協(xié)議存在安全漏洞，，提出了改進(jìn)協(xié)議WAI'-E。使用CK模型證明WAI'-E協(xié)議是具有完美前向保密性的會話密鑰安全的協(xié)議，同時其安全性獨立于證書的認(rèn)證過程。
[Abstract]:Due to the broadcast nature of wireless signals and the design defects of network protocols and mechanisms used in wireless local area networks (WLAN), the security problems become increasingly prominent. This paper aims to evaluate the security of WLAN, and analyzes the security of WLAN from the point of view of WLAN network architecture. Provide decision support for the security protection of WLAN with high security intensity. The results of the study include the following: In the physical and MAC layers, aiming at the traditional full-channel interference which needs to use a single channel jammer to perform a relatively time-consuming multi-channel jump, a full-channel IEEE802.11g jammer with variable interference radius is designed to utilize the adjacent frequency interference effect of non-overlapping channel. Interference coverage of the entire channel can be achieved only on one fixed channel. Based on the Markov chain model of distributed coordination function with channel bit error rate, it is proved that ARJ can reduce the effective throughput of nodes in interference radius to zero. The tunability of the interference radius is verified by the simulation scene. It is verified that the interference radius is proportional to the transmit power and inversely proportional to the channel distance and the relevant definition is given. The correctness of ARJ is further verified by a large number of real experiments designed. In the experiment, the influence of interference frequency and other factors on the interference radius is analyzed. At key management level, aiming at the shortcomings of the existing WPA/WPA2-PSK brute force cracking method based on single core CPU, a distributed multi-core CPU and GPU parallel cracking method is proposed. DMCG.DMCG uses the multi-core CPU and GPU of multiple computers to form multiple computing cores parallel cracking. By using colored Petri net model, it is proved that the WPA/WPA2 handshake protocol has a reachable insecure state, which can be used to launch a brute force cracking attack. An improved Amdal law is proposed to analyze the upper limit of brute force cracking. This paper presents a dandelion computing model which can be applied to different supercomputing centers for DMCG's GPU cloud computing extension. The experimental results show that DMCG can improve the decoding speed by 3 to 4 orders of magnitude. At the same time, the influence of graphics card parameters on the decoding speed is analyzed, and the decision support of how to select graphics card in DMCG method is provided based on the analytic hierarchy process (AHP). In the authentication layer, various attacks of IEEE802.1X 's EAP authentication mechanism, such as degradation attacks and man-in-the-middle attacks, are analyzed in a non-formal way, and suggestions for improvement are given. The WPS protocol of Wi-Fi alliance uses colored Petri net model to prove the existence of reachable unsafe state of WPS protocol, according to which it can launch a brute force cracking attack, when there is a jamming machine, The probability of success is close to 1, and the proposed improved protocol reduces the probability of success to 3 / 108. Aiming at the authentication mechanism of WAPI, the known attack methods against WAI and the corresponding improved protocols are analyzed. Using colored Petri net model to prove the security vulnerability of unicast key agreement subprotocol in WAI', an improved protocol WAII-E is proposed. The CK model is used to prove that the WAI'-E protocol is a session key secure protocol with perfect forward confidentiality, and its security is independent of the certificate authentication process.
【學(xué)位授予單位】：天津大學(xué)
【學(xué)位級別】：博士
【學(xué)位授予年份】：2014
【分類號】：TN925.93

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 馬卓;馬建峰;楊超;楊力;;無線環(huán)境下的可信網(wǎng)絡(luò)連接協(xié)議[J];北京工業(yè)大學(xué)學(xué)報;2010年05期

2 劉永磊;;無線局域網(wǎng)認(rèn)證機制攻擊方法研究綜述[J];電腦知識與技術(shù);2012年04期

3 吳琨;白中英;;集對分析的可信網(wǎng)絡(luò)安全態(tài)勢評估與預(yù)測[J];哈爾濱工業(yè)大學(xué)學(xué)報;2012年03期

4 陳鋒;劉德輝;張怡;蘇金樹;;基于威脅傳播模型的層次化網(wǎng)絡(luò)安全評估方法[J];計算機研究與發(fā)展;2011年06期

5 ;A RISK ASSESSMENT METHOD OF THE WIRELESS NETWORK SECURITY[J];Journal of Electronics(China);2007年03期

6 黃柏寧;戎蒙恬;劉濤;杜新華;;CBTC無線信道規(guī)劃中信道間干擾因子的研究[J];計算機工程與應(yīng)用;2009年25期

7 吳柳飛;張玉清;王鳳嬌;;一種新的WAPI認(rèn)證和密鑰交換協(xié)議[J];計算機工程;2008年08期

8 劉永磊;金志剛;;WEP協(xié)議攻擊方法研究[J];計算機工程;2010年22期

9 陳U

本文編號：1811326