本文選題：無線傳感器網(wǎng)絡(luò) + 網(wǎng)絡(luò)安全�。� 參考：《西安電子科技大學(xué)》2014年博士論文

【摘要】：傳感器網(wǎng)絡(luò)綜合了傳感器技術(shù)、嵌入式計算技術(shù)、分布式信息處理技術(shù)和通信技術(shù),能夠協(xié)作地實時監(jiān)測、感知和采集網(wǎng)絡(luò)分布區(qū)域內(nèi)的各種環(huán)境或監(jiān)測對象的信息,并將這些信息處理后傳送給用戶。由于傳感器節(jié)點資源嚴格受限以及傳感器網(wǎng)絡(luò)自身的無線特性,其安全面臨巨大挑戰(zhàn)。本文研究傳感器網(wǎng)絡(luò)中的關(guān)鍵安全技術(shù),內(nèi)容包括：傳感器網(wǎng)絡(luò)密鑰管理與節(jié)點鑒別機制、傳感器網(wǎng)絡(luò)廣播鑒別機制以及傳感器網(wǎng)絡(luò)訪問控制機制。主要研究成果有： 1.對傳感器網(wǎng)絡(luò)密鑰管理與節(jié)點鑒別機制進行了研究,提出一套完整的傳感器網(wǎng)絡(luò)密鑰管理機制,包括成對密鑰、組密鑰的分發(fā)和協(xié)商等,在利用這些密鑰提供保密通信的同時,能夠支持節(jié)點間端到端的身份鑒別�；趆ash算法,提出基于預(yù)共享密鑰的輕量級節(jié)點鑒別機制,增強了傳感器網(wǎng)絡(luò)節(jié)點抵抗捕獲攻擊的能力,能夠防止節(jié)點被復(fù)制和偽造,且具有較低的資源開銷和很好的擴展性。 3.對傳感器網(wǎng)絡(luò)廣播鑒別機制進行了研究,分別提出基于一次性簽名和基于消息驗證碼的傳感器網(wǎng)絡(luò)廣播鑒別機制,其中基于一次性簽名的多廣播節(jié)點傳感器網(wǎng)絡(luò)廣播鑒別協(xié)議具有存儲、通信和計算開銷低,能夠抵抗窮舉、選擇明文、DoS等攻擊,適用于大規(guī)模多廣播節(jié)點傳感器網(wǎng)絡(luò)的特性；基于消息鑒別碼的傳感器網(wǎng)絡(luò)廣播鑒別機制能夠抵抗針對μTESLA參數(shù)分發(fā)過程的DoS攻擊,較Tree-Based μTESLA協(xié)議計算、通信和存儲開銷小,且能夠立即撤銷被俘節(jié)點的鑒別能力。 4.對傳感器網(wǎng)絡(luò)訪問控制機制進行了研究,針對存在移動用戶的傳感器網(wǎng)絡(luò),設(shè)計兩跳覆蓋THC(Two-Hop Cover)算法,通過周期性地信息擴散,使傳感器節(jié)點能夠在用戶移動過程中及時得到用戶的鑒別信息,保證了用戶移動過程中鑒別信息在傳感器網(wǎng)絡(luò)節(jié)點間的同步性�；赥HC算法,引入Merkle哈希樹和單向鏈等安全機制,采用分布式的訪問控制模式,提出了適用于隨機移動用戶的傳感器網(wǎng)絡(luò)訪問控制機制。實驗和分析表明,本機制既適用移動用戶,也適用靜止用戶,計算、通信、存儲開銷低,能夠抵制節(jié)點捕獲、重放、DoS等攻擊。
[Abstract]:Sensor network integrates sensor technology, embedded computing technology, distributed information processing technology and communication technology. It can monitor, perceive and collect the information of various environments or monitoring objects in the distributed area of the network in collaboration in real time. The information is processed and transmitted to the user. Due to the limited resource of sensor nodes and the wireless characteristics of sensor networks, the security of sensor networks faces great challenges. The key security technologies in sensor networks are studied in this paper, including key management and node authentication in sensor networks, broadcast authentication in sensor networks and access control mechanisms in sensor networks. The main research results are as follows: 1. This paper studies the key management and node authentication mechanism of sensor networks, and proposes a complete key management mechanism for sensor networks, including pairwise keys, distribution and negotiation of group keys, etc., which are used to provide secure communication at the same time. Can support end-to-end authentication between nodes. Based on hash algorithm, a lightweight node authentication mechanism based on pre-shared key is proposed, which enhances the ability of sensor network nodes to resist capture attacks, and can prevent nodes from being copied and forged. And has the lower resource overhead and the very good extensibility. 3. In this paper, the broadcast authentication mechanism of sensor network is studied, and the broadcast authentication mechanism based on one-off signature and message verification code is proposed respectively. Multi-broadcast node sensor network broadcast authentication protocol based on one-off signature has the characteristics of storage, low communication and computing overhead, resistance to exhaustive attack, selection of clear text dos and so on, which is suitable for large-scale multi-broadcast node sensor network. The broadcast authentication mechanism based on message authentication code can resist the dos attack against 渭 Tesla parameter distribution process, which is less than Tree-Based 渭 Tesla protocol calculation, communication and storage overhead, and can revoke the authentication ability of captured nodes immediately. 4. In this paper, the access control mechanism of sensor networks is studied. For sensor networks with mobile users, a two-hop overlay THC Two-Hop coverage algorithm is designed, which diffuses information periodically. The sensor node can get the user identification information in time during the process of the user moving, which ensures the synchronization of the identification information between the nodes of the sensor network. Based on the THC algorithm, Merkle hash tree and one-way chain are introduced, and the distributed access control mode is used to propose an access control mechanism for random mobile users in sensor networks. Experiments and analyses show that the proposed scheme is suitable for both mobile and static users, and can resist attacks such as node capture and replay of dos with low computing, communication and storage overhead.
【學(xué)位授予單位】：西安電子科技大學(xué)
【學(xué)位級別】：博士
【學(xué)位授予年份】：2014
【分類號】：TP212.9;TN915.08

【參考文獻】

相關(guān)期刊論文 前7條

1 王良民;馬建峰;王超;;無線傳感器網(wǎng)絡(luò)拓撲的容錯度與容侵度[J];電子學(xué)報;2006年08期

2 劉志宏;馬建峰;黃啟萍;;基于區(qū)域的無線傳感器網(wǎng)絡(luò)密鑰管理[J];計算機學(xué)報;2006年09期

3 沈玉龍;裴慶祺;馬建峰;;MMμTESLA:多基站傳感器網(wǎng)絡(luò)廣播認證協(xié)議[J];計算機學(xué)報;2007年04期

4 馬祖長,孫怡寧,梅濤;無線傳感器網(wǎng)絡(luò)綜述[J];通信學(xué)報;2004年04期

5 黃海平;王汝傳;孫力娟;陳志;;基于密鑰聯(lián)系表的無線傳感器網(wǎng)絡(luò)密鑰管理方案[J];通信學(xué)報;2006年10期

6 裴慶祺;沈玉龍;馬建峰;;無線傳感器網(wǎng)絡(luò)安全技術(shù)綜述[J];通信學(xué)報;2007年08期

7 孫紀敏;沈玉龍;裴慶祺;馬建峰;;傳感器網(wǎng)絡(luò)異常時間同步數(shù)據(jù)過濾算法[J];西安電子科技大學(xué)學(xué)報;2008年05期

，

本文編號：2049980