本文選題：無(wú)線傳感器網(wǎng)絡(luò) + 網(wǎng)絡(luò)安全　； 參考：《西安電子科技大學(xué)》2014年博士論文

【摘要】：傳感器網(wǎng)絡(luò)綜合了傳感器技術(shù)、嵌入式計(jì)算技術(shù)、分布式信息處理技術(shù)和通信技術(shù),能夠協(xié)作地實(shí)時(shí)監(jiān)測(cè)、感知和采集網(wǎng)絡(luò)分布區(qū)域內(nèi)的各種環(huán)境或監(jiān)測(cè)對(duì)象的信息,并將這些信息處理后傳送給用戶(hù)。由于傳感器節(jié)點(diǎn)資源嚴(yán)格受限以及傳感器網(wǎng)絡(luò)自身的無(wú)線特性,其安全面臨巨大挑戰(zhàn)。本文研究傳感器網(wǎng)絡(luò)中的關(guān)鍵安全技術(shù),內(nèi)容包括：傳感器網(wǎng)絡(luò)密鑰管理與節(jié)點(diǎn)鑒別機(jī)制、傳感器網(wǎng)絡(luò)廣播鑒別機(jī)制以及傳感器網(wǎng)絡(luò)訪問(wèn)控制機(jī)制。主要研究成果有： 1.對(duì)傳感器網(wǎng)絡(luò)密鑰管理與節(jié)點(diǎn)鑒別機(jī)制進(jìn)行了研究,提出一套完整的傳感器網(wǎng)絡(luò)密鑰管理機(jī)制,包括成對(duì)密鑰、組密鑰的分發(fā)和協(xié)商等,在利用這些密鑰提供保密通信的同時(shí),能夠支持節(jié)點(diǎn)間端到端的身份鑒別�；趆ash算法,提出基于預(yù)共享密鑰的輕量級(jí)節(jié)點(diǎn)鑒別機(jī)制,增強(qiáng)了傳感器網(wǎng)絡(luò)節(jié)點(diǎn)抵抗捕獲攻擊的能力,能夠防止節(jié)點(diǎn)被復(fù)制和偽造,且具有較低的資源開(kāi)銷(xiāo)和很好的擴(kuò)展性。 3.對(duì)傳感器網(wǎng)絡(luò)廣播鑒別機(jī)制進(jìn)行了研究,分別提出基于一次性簽名和基于消息驗(yàn)證碼的傳感器網(wǎng)絡(luò)廣播鑒別機(jī)制,其中基于一次性簽名的多廣播節(jié)點(diǎn)傳感器網(wǎng)絡(luò)廣播鑒別協(xié)議具有存儲(chǔ)、通信和計(jì)算開(kāi)銷(xiāo)低,能夠抵抗窮舉、選擇明文、DoS等攻擊,適用于大規(guī)模多廣播節(jié)點(diǎn)傳感器網(wǎng)絡(luò)的特性；基于消息鑒別碼的傳感器網(wǎng)絡(luò)廣播鑒別機(jī)制能夠抵抗針對(duì)μTESLA參數(shù)分發(fā)過(guò)程的DoS攻擊,較Tree-Based μTESLA協(xié)議計(jì)算、通信和存儲(chǔ)開(kāi)銷(xiāo)小,且能夠立即撤銷(xiāo)被俘節(jié)點(diǎn)的鑒別能力。 4.對(duì)傳感器網(wǎng)絡(luò)訪問(wèn)控制機(jī)制進(jìn)行了研究,針對(duì)存在移動(dòng)用戶(hù)的傳感器網(wǎng)絡(luò),設(shè)計(jì)兩跳覆蓋THC(Two-Hop Cover)算法,通過(guò)周期性地信息擴(kuò)散,使傳感器節(jié)點(diǎn)能夠在用戶(hù)移動(dòng)過(guò)程中及時(shí)得到用戶(hù)的鑒別信息,保證了用戶(hù)移動(dòng)過(guò)程中鑒別信息在傳感器網(wǎng)絡(luò)節(jié)點(diǎn)間的同步性�；赥HC算法,引入Merkle哈希樹(shù)和單向鏈等安全機(jī)制,采用分布式的訪問(wèn)控制模式,提出了適用于隨機(jī)移動(dòng)用戶(hù)的傳感器網(wǎng)絡(luò)訪問(wèn)控制機(jī)制。實(shí)驗(yàn)和分析表明,本機(jī)制既適用移動(dòng)用戶(hù),也適用靜止用戶(hù),計(jì)算、通信、存儲(chǔ)開(kāi)銷(xiāo)低,能夠抵制節(jié)點(diǎn)捕獲、重放、DoS等攻擊。
[Abstract]:Sensor network integrates sensor technology, embedded computing technology, distributed information processing technology and communication technology. It can monitor, perceive and collect the information of various environments or monitoring objects in the distributed area of the network in collaboration in real time. The information is processed and transmitted to the user. Due to the limited resource of sensor nodes and the wireless characteristics of sensor networks, the security of sensor networks faces great challenges. The key security technologies in sensor networks are studied in this paper, including key management and node authentication in sensor networks, broadcast authentication in sensor networks and access control mechanisms in sensor networks. The main research results are as follows: 1. This paper studies the key management and node authentication mechanism of sensor networks, and proposes a complete key management mechanism for sensor networks, including pairwise keys, distribution and negotiation of group keys, etc., which are used to provide secure communication at the same time. Can support end-to-end authentication between nodes. Based on hash algorithm, a lightweight node authentication mechanism based on pre-shared key is proposed, which enhances the ability of sensor network nodes to resist capture attacks, and can prevent nodes from being copied and forged. And has the lower resource overhead and the very good extensibility. 3. In this paper, the broadcast authentication mechanism of sensor network is studied, and the broadcast authentication mechanism based on one-off signature and message verification code is proposed respectively. Multi-broadcast node sensor network broadcast authentication protocol based on one-off signature has the characteristics of storage, low communication and computing overhead, resistance to exhaustive attack, selection of clear text dos and so on, which is suitable for large-scale multi-broadcast node sensor network. The broadcast authentication mechanism based on message authentication code can resist the dos attack against 渭 Tesla parameter distribution process, which is less than Tree-Based 渭 Tesla protocol calculation, communication and storage overhead, and can revoke the authentication ability of captured nodes immediately. 4. In this paper, the access control mechanism of sensor networks is studied. For sensor networks with mobile users, a two-hop overlay THC Two-Hop coverage algorithm is designed, which diffuses information periodically. The sensor node can get the user identification information in time during the process of the user moving, which ensures the synchronization of the identification information between the nodes of the sensor network. Based on the THC algorithm, Merkle hash tree and one-way chain are introduced, and the distributed access control mode is used to propose an access control mechanism for random mobile users in sensor networks. Experiments and analyses show that the proposed scheme is suitable for both mobile and static users, and can resist attacks such as node capture and replay of dos with low computing, communication and storage overhead.
【學(xué)位授予單位】：西安電子科技大學(xué)
【學(xué)位級(jí)別】：博士
【學(xué)位授予年份】：2014
【分類(lèi)號(hào)】：TP212.9;TN915.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前7條

1 王良民;馬建峰;王超;;無(wú)線傳感器網(wǎng)絡(luò)拓?fù)涞娜蒎e(cuò)度與容侵度[J];電子學(xué)報(bào);2006年08期

2 劉志宏;馬建峰;黃啟萍;;基于區(qū)域的無(wú)線傳感器網(wǎng)絡(luò)密鑰管理[J];計(jì)算機(jī)學(xué)報(bào);2006年09期

3 沈玉龍;裴慶祺;馬建峰;;MMμTESLA:多基站傳感器網(wǎng)絡(luò)廣播認(rèn)證協(xié)議[J];計(jì)算機(jī)學(xué)報(bào);2007年04期

4 馬祖長(zhǎng),孫怡寧,梅濤;無(wú)線傳感器網(wǎng)絡(luò)綜述[J];通信學(xué)報(bào);2004年04期

5 黃海平;王汝傳;孫力娟;陳志;;基于密鑰聯(lián)系表的無(wú)線傳感器網(wǎng)絡(luò)密鑰管理方案[J];通信學(xué)報(bào);2006年10期

6 裴慶祺;沈玉龍;馬建峰;;無(wú)線傳感器網(wǎng)絡(luò)安全技術(shù)綜述[J];通信學(xué)報(bào);2007年08期

7 孫紀(jì)敏;沈玉龍;裴慶祺;馬建峰;;傳感器網(wǎng)絡(luò)異常時(shí)間同步數(shù)據(jù)過(guò)濾算法[J];西安電子科技大學(xué)學(xué)報(bào);2008年05期

，

本文編號(hào)：2049980