Analysis of Fragmentation Security Threats and Secure Authentication Scheme in 6LoWPAN
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Hassen Redwan Hussen | - |
dc.date.accessioned | 2018-11-08T07:41:15Z | - |
dc.date.available | 2018-11-08T07:41:15Z | - |
dc.date.issued | 2010-02 | - |
dc.identifier.other | 10309 | - |
dc.identifier.uri | https://dspace.ajou.ac.kr/handle/2018.oak/7089 | - |
dc.description | 학위논문(석사)--아주대학교 일반대학원 :컴퓨터공학과,2010. 2 | - |
dc.description.tableofcontents | ACKNOWLEDGEMENTS iv LIST OF PUBLICATIONS vi TABLE OF CONTENTS viii LIST OF FIGURES xi LIST OF TABLE xii ABSTRACT xiii CHAPTER ONE 1 1. INTRODUCTION 1 1.1. Statement of the problem 2 1.2. Objective 3 1.3. Scope of the study 3 1.4. Organization of the paper 4 CHAPTER TWO 5 2. OVERVIEW OF SECURITY IN 6LoWPAN 5 2.1. 6LoWPAN FRAGMENTATION OVERVIEW 6 2.2. 6LoWPAN Fragmentation Header Format 8 2.3. FRAGMENTATION SECURITY REQUIREMENTS IN 6LoWPAN 10 2.3.1. Confidentiality 10 2.3.2. Availability 11 2.3.3. Integrity 11 2.3.4. Authenticity 12 2.3.5. Non-repudiation 12 2.4. REVIEW OF SECURITY CONSIDERATIONS IN 6LoWAPAN 12 2.4.1. IPSec (IP Security Protocol) 12 2.4.2. IEEE 802.15.4 Security 14 2.4.3. ZigBee Security 15 2.5. Related Works 15 CHAPTER THREE 16 3. 6LoWPAN FRAGMENTATION ATTACKS 16 3.1. Denial of Service (DoS) attack 16 3.2. Sybil attack 17 3.3. Spoofed attack 17 3.4. Replay attack 18 3.5. Buffer-overflow attack 19 3.6. 6LoWPAN Sinkhole Attack 19 3.7. Selective Forwarding Attack 22 3.8. Wormhole Attack 22 3.9. HELLO Flood attack 23 3.10. 6LoWPAN Node Revocation Attack 24 3.11. Possible Causes of 6LoWPAN Fragmentation Attacks 24 CHAPTER FOUR 26 4. SEA: Secure End-to-end Authentication Protocol 26 4.1. Design Objective, Attack Model and Assumptions 26 4.1.1. Design Objective 26 4.1.2. Attack Model 26 4.1.3. Assumptions 27 4.2. Notations and Terms 29 4.3. Overview of SEA Scheme 29 4.4. Message Forwarding Process of the SEA Scheme 37 4.5. SEA Scheme in Route-over and Mesh-under Routing 42 4.5.1. Mesh-under Routing 42 4.5.2. Route-over Routing 43 4.6. Security Analysis of SEA Scheme 44 CHAPTER FIVE 47 5. PERFORMANCE ANALYSIS 47 5.1. Communication and Computation Overhead 48 5.2. Energy Consumption 49 5.3. Delivery Ratio 49 5.4. Reliability 50 CHAPTER SIX 52 6. CONCLUSION AND FUTURE WORKS 52 REFERENCES 54   LIST OF FIGURES Figure 1 : Typical 6LoWPAN Header Stack 2 Figure 2 : IPv6 over LoWPAN 7 Figure 3 : Dual protocol stack used by 6LoWPAN gateway 8 Figure 4 : First 6LoWPAN fragment header format 9 Figure 5 : Subsequent 6LoWPAN fragments header format 9 Figure 6 : 6LoWPAN fragmentation attack 19 Figure 7 : 6LoWPAN Sinkhole attack with powerful link 21 Figure 8 : 6LoWPAN wormhole attack 22 Figure 9 : 3-tier Secure Authentication in the 6LoWPAN 31 Figure 10: Message Exchange for key establishment 33 Figure 11: Secure Authentication in 6LoWPAN 34 Figure 12: Secure E-to-E Message Authentication Protocol in 6LoWPAN 35 Figure 13: Flowchart of the SEA Scheme Message Authentication 38 Figure 14: SEA Scheme with two LSNs in the 6LoWPAN 41 Figure 15: Confidentiality in SEA during LNs compromise 45 Figure 16: QualNet4.5 simulation snapshot 48 Figure 17: Delivery ratio with and without SEA 50 Figure 18: Packet success rate with different inter-packet delay 51   LIST OF TABLE Table 1: Notation and Terms 29 | - |
dc.language.iso | eng | - |
dc.publisher | The Graduate School, Ajou University | - |
dc.rights | 아주대학교 논문은 저작권에 의해 보호받습니다. | - |
dc.title | Analysis of Fragmentation Security Threats and Secure Authentication Scheme in 6LoWPAN | - |
dc.type | Thesis | - |
dc.contributor.affiliation | 아주대학교 일반대학원 | - |
dc.contributor.department | 일반대학원 컴퓨터공학과 | - |
dc.date.awarded | 2010. 2 | - |
dc.description.degree | Master | - |
dc.identifier.localId | 568428 | - |
dc.identifier.url | http://dcoll.ajou.ac.kr:9080/dcollection/jsp/common/DcLoOrgPer.jsp?sItemId=000000010309 | - |
dc.subject.keyword | 6LoWPAN | - |
dc.subject.keyword | Fragmentation Security | - |
dc.subject.keyword | Fragmentaton Attack | - |
dc.subject.keyword | WSN Security | - |
dc.subject.keyword | 6LoWPAN Authentication | - |
dc.description.alternativeAbstract | Currently, providing 6LoWPAN fragmentation security is considered as one of the most critical issue since 6LoWPAN nodes are deployed in hostile environments and, therefore, are vulnerable to severe attacks. In this paper, we describe security threats to be observed in the 6LoWPAN fragments while fragments traverse across multiple hops towards the destination. Moreover, we explain the fundamental characteristics and security requirements of fragments in 6LoWPAN. Then, possible fragmentation security vulnerabilities and attacks in 6LoWPAN are identified. We also identified possible causes to fragmentation security threats in the 6LoWPAN. Finally, we propose a 3-tier secure end-to-end authentication (SEA) and message transmission protocol to overcome fragmentation vulnerabilities and prevent fragmentation attacks such as selective forwarding, sinkhole, wormhole, denial of service, sybil, replay, buffer overflow, node revocation and spoofed attacks in a large scale motionless 6LoWPAN. The proposed scheme assures 6LoWPAN node-to-stub node, stub node-to-edge router and edge router-to-edge router authentication along the way from source to destination. | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.