无线传感器网络重编程协议Rateless Deluge安全性研究与改进

发布时间：2018-03-04 23:19

本文选题：无线传感器网络　切入点：网络重编程协议　出处：《南京航空航天大学》2014年硕士论文　论文类型：学位论文

【摘要】：近年来,无线传感器网络(WSNs)在环境监测、国防军事等多领域得到广泛应用,网络重编程技术作为WSNs的一个必要和关键的服务也在不断发展,但同时也面临多种安全威胁。针对WSNs重编程面临的安全问题,学术界做了大量的分析与研究。研究成果主要基于重编程协议Deluge提供安全方法。然而,新一代的重编程协议Rateless Deluge采用网络编码的方式处理原始数据包,传输方式的改变使已有的安全方法无法直接应用于Rateless Deluge协议。本文以军事领域为潜在应用场景,围绕Rateless Deluge存在的安全问题展开研究并提出解决方法,主要工作如下:首先,探讨Rateless Deluge的执行流程,剖析Rateless Deluge存在的安全问题,并从抗窃听和抗污染两个角度给出解决思路。其次,从原始数据包与编码包关系的角度,改进一种安全网络编码方法得到CHASH方案。CHASH为每个原始数据包增加一个冗余位,利用优化的同态散列函数验证原始数据包散列值与编码包散列值的关系,进而验证编码包的真实性。再次,将CHASH引入到Rateless Deluge,为协议增加编码包的验证模块,从而得到SRateless Deluge方法。该方法与现有的SReluge方法相比,可以在译码前验证编码包的真实性,保障协议的安全性,并且避免产生译码后再进行验证带来的开销。然后,从编码包本身的角度将页面摘要机制引入Rateless Deluge,改进原协议得到KRateless Deluge安全重编程方法。方法计算收到的编码包摘要值,并与节点预存的页面摘要数组做对比,从而实现对编码包的验证。该方法与SRateless Deluge相比减轻接收方的验证压力,且页面摘要的真实性和散列函数的抗碰撞性可用于保障验证的可靠性。最后,对两种安全重编程方法进行性能仿真。仿真结果表明,两种方法不会增加系统的译码次数,在引入少量通信开销的情况下,可以验证编码包并检测污染节点,有效解决Rateless Deluge的安全问题。
[Abstract]:In recent years, Wireless Sensor Network (WSNs) has been widely used in many fields, such as environmental monitoring, national defense and military affairs. As a necessary and key service of WSNs, network reprogramming technology has been developing. But at the same time, it also faces a variety of security threats. In view of the security problems faced by WSNs reprogramming, the academic circles have done a lot of analysis and research. The research results are mainly based on reprogramming protocol Deluge to provide security methods. However, The new generation of reprogramming protocol Rateless Deluge uses network encoding to process raw data packets. The change of transmission mode makes the existing security methods can not be directly applied to Rateless Deluge protocol. This paper takes the military field as the potential application scenario. The main work of this paper is as follows: firstly, the implementation process of Rateless Deluge is discussed, and the security problems existing in Rateless Deluge are analyzed. Then, from the view of anti-eavesdropping and anti-pollution, the solution is given. Secondly, from the point of view of the relation between the original packet and the coded packet, a secure network coding method is improved to get the CHASH scheme .CHASH adds a redundant bit for each original packet. The optimized homomorphic hash function is used to verify the relationship between the original packet hash value and the encoding packet hash value, and then verify the authenticity of the encoding packet. Thirdly, the CHASH is introduced into the Rateless hash function to add the verification module of the encoding packet to the protocol. Compared with the existing SReluge method, this method can verify the authenticity of the coding packet before decoding, ensure the security of the protocol, and avoid the cost of verification after decoding. From the point of view of the encoding package itself, the page digest mechanism is introduced into Rateless Deluge.To improve the original protocol, the secure reprogramming method of KRateless Deluge is obtained. Compared with SRateless Deluge, the method reduces the verification pressure of the receiver, and the authenticity of the page summary and the anti-collision ability of the hash function can be used to ensure the reliability of the verification. The simulation results show that the two methods can not increase the decoding times of the system, and can be used to verify the coding packets and detect the contaminated nodes when a small amount of communication overhead is introduced. Solve the security problem of Rateless Deluge effectively.
【学位授予单位】：南京航空航天大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP212.9;TN929.5

【参考文献】