IEEE802.15.4e时间同步协议的安全策略研究

发布时间：2018-07-07 10:44

本文选题：工业物联网 + IEEE802.15.4e　；参考：《北京科技大学》2017年博士论文

【摘要】：由于工业无线应用对可靠性、低功耗和实时性有着严格要求,以前IEEE802.15.4-2006标准的MAC(Medium Access Control)层协议暴露出许多不足。IEEE802.15.4e是一个面向工业物联网应用新的MAC层标准,采用时间同步信道跳频(Time-Synchronized Channel Hopping,TSCH)技术,实现了一个高可靠、低功耗的工业无线网络。由于时间同步是IEEE802.15.4e网络的核心支撑技术,一旦遭受攻击,将导致网络通信、节点定位以及数据融合等方面应用无法正常工作。因此,时间同步协议的安全是基于IEEE802.15.4e工业物联网中值得研究的一个关键问题。木文将IEEE802.15.4e时间同步协议划分为单跳Pair-Wise、簇内和多跳三个层次,分别分析了由TSCH技术本身和高精度同步要求所带来的安全漏洞,并定义了其主要面临的攻击,然后提出了相应的安全策略。本文主要研究内容和贡献如下：(1)提出了一种单跳Pair-Wise时间同步协议的安全策略。IEEE802.15.4e单跳Pair-Wise时间同步协议由ASN(Absolute Slot Number)和Device-to-Device时间同步组成。首先,分析了单跳Pair-Wise时间同步协议中存在的安全漏洞,并定义了ASN攻击和时隙模板攻击。然后,提出了一种安全策略,该策略包括抵御ASN攻击的Sec_ASN算法和抵御时隙模板攻击的TOF(Time Offset Filter)算法两部分。Sec_ASN算法通过消息完整性认证和2s+1的方法,解决了新入网节点获取正确的ASN值问题。TOF算法基于节点时钟模型设计了一个过滤器,过滤掉来自攻击节点的时间同步包。最后,通过实验验证了该安全策略的有效性和能耗与成本约束下的可实现性。(2)提出了一种簇内时间同步协议的安全策略。在IEEE802.15.4e簇状网络中,采用广播的方式可以高效地实现簇内节点的时间同步。IEEE802.15.4e簇内时间同步协议主要面临伪造广播同步包和捕获两种攻击。针对伪造广播包攻击,本文采用了基于包的密钥链机制的μTESLA广播认证算法。该算法解决了原始μTESLA广播认证在密钥公布延迟和密钥链长度之间存在冲突问题,使得其更适用于簇内时间同步。针对捕获攻击,本文采用了基于簇内时间同步模型的容错算法。该算法能够在捕获节点数量小于簇内节点的总数目的1/3时,保证任何两个合法节点之间的同步误差存在上限。最后,通过理论和实验验证了上述安全策略的有效性和可行性。(3)提出了一种多跳时间同步协议的安全策略。首先,指出了IEEE802.15.4e多跳时间同步协议主要面临时间同步树攻击和误差累积攻击。然后,提出了一种安全策略,该策略包括基于Rank异常的入侵检测算法和基于信任模型的多路径时间同步方法等关键技术。基于Rank异常的入侵检测算法通过对网络中节点发送DIO包的Rank值进行规则验证,及时检测出时间同步树攻击。基于信任模型的多路径时间同步方法通过建立节点与节点之间信任模型,使得节点在构建多跳同步路径时绕过那些不受信任节点,从而抵御误差累积攻击。最后，通过仿真实验验证了该安全策略的有效性,并采用了16个OpenMoteSTM硬件节点和OpenWSN软件搭建了一个多跳时间同步的实验测试平台,验证了该安全策略的抗攻击性和可实现性。
[Abstract]:As industrial wireless applications have strict requirements for reliability, low power consumption and real-time performance, the MAC (Medium Access Control) layer protocol of previous IEEE802.15.4-2006 standards exposes many deficiencies.IEEE802.15.4e is a new MAC layer standard for the application of the industrial Internet of things, using time synchronization channel frequency hopping (Time-Synchronized Channel Hopping,) TSCH) technology, an industrial wireless network with high reliability and low power consumption is realized. Because time synchronization is the core support technology of IEEE802.15.4e network, once attacked, it will lead to network communication, node location and data fusion. Therefore, the security of time synchronization protocol is based on the IEEE802.15.4e industry. The key problem worth studying in the Internet of things is that the IEEE802.15.4e time synchronization protocol is divided into single hop Pair-Wise, intra cluster and multi hop three levels. The security vulnerabilities brought by TSCH technology and high precision synchronization are analyzed respectively, and the main attacks are defined, and the corresponding security strategy is put forward. The main research contents and contributions are as follows: (1) a security strategy for single hop Pair-Wise time synchronization protocol is proposed,.IEEE802.15.4e single hop Pair-Wise time synchronization protocol is composed of ASN (Absolute Slot Number) and Device-to-Device time synchronization. Firstly, the security vulnerabilities in single hop Pair-Wise time synchronization protocol are analyzed, and it is fixed. ASN attacks and slot template attacks are defined. Then, a security strategy is proposed, which includes the Sec_ASN algorithm against ASN attacks and the TOF (Time Offset Filter) algorithm against time slot template attacks. The two part.Sec_ASN algorithm, through the method of message integrity authentication and 2s+1, solves the problem of getting the correct ASN value problem.TOF. The algorithm designs a filter based on the node clock model and filters out the time synchronization packet from the attack node. Finally, the effectiveness of the security policy and the implementation of the energy consumption and cost constraints are verified by experiments. (2) a security strategy for intra cluster time synchronization protocol is proposed. It is widely used in the IEEE802.15.4e cluster network. The time synchronization protocol of.IEEE802.15.4e cluster within cluster nodes can be efficiently implemented in the mode of sowing, which mainly face forged broadcast synchronization packets and two attacks. In this paper, we use a packet based key chain mechanism based on the TESLA broadcast authentication algorithm. This algorithm solves the original TESLA broadcast authentication. There is a conflict between key publication delay and key chain length, which makes it more suitable for intra cluster time synchronization. In this paper, a fault tolerant algorithm based on intra cluster time synchronization model is adopted in this paper. This algorithm can guarantee the same number of two legitimate nodes when the number of nodes is less than 1 /3 of the total number of nodes in the cluster. There is an upper limit of step error. Finally, the validity and feasibility of the above security strategy are verified by theory and experiment. (3) a security strategy for multi hop time synchronization protocol is proposed. First, it is pointed out that the IEEE802.15.4e multi hop time synchronization protocol is mainly faced with time synchronization tree attack and error cumulative attack. Then, a security policy is proposed. The strategy includes the Rank anomaly based intrusion detection algorithm and the multi path time synchronization method based on the trust model. The intrusion detection algorithm based on the Rank anomaly is used to verify the rules of the Rank value of the DIO packets sent to the nodes in the network, and detect the time and the same step tree attack. The synchronization method establishes a trust model between nodes and nodes, which makes the node bypass those untrusted nodes when constructing multi hop synchronization path, thus resisting cumulative error attacks. Finally, the effectiveness of the security strategy is verified by simulation experiments, and a more than 16 OpenMoteSTM hardware nodes and OpenWSN software are used. Jumping time synchronization test platform validates the security policy's anti attack and feasibility.
【学位授予单位】：北京科技大学
【学位级别】：博士
【学位授予年份】：2017
【分类号】：TP393.08

【参考文献】