검색 상세

Analysis of Fragmentation Security Threats and Secure Authentication Scheme in 6LoWPAN

초록/요약

Currently, providing 6LoWPAN fragmentation security is considered as one of the most critical issue since 6LoWPAN nodes are deployed in hostile environments and, therefore, are vulnerable to severe attacks. In this paper, we describe security threats to be observed in the 6LoWPAN fragments while fragments traverse across multiple hops towards the destination. Moreover, we explain the fundamental characteristics and security requirements of fragments in 6LoWPAN. Then, possible fragmentation security vulnerabilities and attacks in 6LoWPAN are identified. We also identified possible causes to fragmentation security threats in the 6LoWPAN. Finally, we propose a 3-tier secure end-to-end authentication (SEA) and message transmission protocol to overcome fragmentation vulnerabilities and prevent fragmentation attacks such as selective forwarding, sinkhole, wormhole, denial of service, sybil, replay, buffer overflow, node revocation and spoofed attacks in a large scale motionless 6LoWPAN. The proposed scheme assures 6LoWPAN node-to-stub node, stub node-to-edge router and edge router-to-edge router authentication along the way from source to destination.

more

목차

ACKNOWLEDGEMENTS iv
LIST OF PUBLICATIONS vi
TABLE OF CONTENTS viii
LIST OF FIGURES xi
LIST OF TABLE xii
ABSTRACT xiii
CHAPTER ONE 1
1. INTRODUCTION 1
1.1. Statement of the problem 2
1.2. Objective 3
1.3. Scope of the study 3
1.4. Organization of the paper 4
CHAPTER TWO 5
2. OVERVIEW OF SECURITY IN 6LoWPAN 5
2.1. 6LoWPAN FRAGMENTATION OVERVIEW 6
2.2. 6LoWPAN Fragmentation Header Format 8
2.3. FRAGMENTATION SECURITY REQUIREMENTS IN 6LoWPAN 10
2.3.1. Confidentiality 10
2.3.2. Availability 11
2.3.3. Integrity 11
2.3.4. Authenticity 12
2.3.5. Non-repudiation 12
2.4. REVIEW OF SECURITY CONSIDERATIONS IN 6LoWAPAN 12
2.4.1. IPSec (IP Security Protocol) 12
2.4.2. IEEE 802.15.4 Security 14
2.4.3. ZigBee Security 15
2.5. Related Works 15
CHAPTER THREE 16
3. 6LoWPAN FRAGMENTATION ATTACKS 16
3.1. Denial of Service (DoS) attack 16
3.2. Sybil attack 17
3.3. Spoofed attack 17
3.4. Replay attack 18
3.5. Buffer-overflow attack 19
3.6. 6LoWPAN Sinkhole Attack 19
3.7. Selective Forwarding Attack 22
3.8. Wormhole Attack 22
3.9. HELLO Flood attack 23
3.10. 6LoWPAN Node Revocation Attack 24
3.11. Possible Causes of 6LoWPAN Fragmentation Attacks 24
CHAPTER FOUR 26
4. SEA: Secure End-to-end Authentication Protocol 26
4.1. Design Objective, Attack Model and Assumptions 26
4.1.1. Design Objective 26
4.1.2. Attack Model 26
4.1.3. Assumptions 27
4.2. Notations and Terms 29
4.3. Overview of SEA Scheme 29
4.4. Message Forwarding Process of the SEA Scheme 37
4.5. SEA Scheme in Route-over and Mesh-under Routing 42
4.5.1. Mesh-under Routing 42
4.5.2. Route-over Routing 43
4.6. Security Analysis of SEA Scheme 44
CHAPTER FIVE 47
5. PERFORMANCE ANALYSIS 47
5.1. Communication and Computation Overhead 48
5.2. Energy Consumption 49
5.3. Delivery Ratio 49
5.4. Reliability 50
CHAPTER SIX 52
6. CONCLUSION AND FUTURE WORKS 52
REFERENCES 54



LIST OF FIGURES


Figure 1 : Typical 6LoWPAN Header Stack 2
Figure 2 : IPv6 over LoWPAN 7
Figure 3 : Dual protocol stack used by 6LoWPAN gateway 8
Figure 4 : First 6LoWPAN fragment header format 9
Figure 5 : Subsequent 6LoWPAN fragments header format 9
Figure 6 : 6LoWPAN fragmentation attack 19
Figure 7 : 6LoWPAN Sinkhole attack with powerful link 21
Figure 8 : 6LoWPAN wormhole attack 22
Figure 9 : 3-tier Secure Authentication in the 6LoWPAN 31
Figure 10: Message Exchange for key establishment 33
Figure 11: Secure Authentication in 6LoWPAN 34
Figure 12: Secure E-to-E Message Authentication Protocol in 6LoWPAN 35
Figure 13: Flowchart of the SEA Scheme Message Authentication 38
Figure 14: SEA Scheme with two LSNs in the 6LoWPAN 41
Figure 15: Confidentiality in SEA during LNs compromise 45
Figure 16: QualNet4.5 simulation snapshot 48
Figure 17: Delivery ratio with and without SEA 50
Figure 18: Packet success rate with different inter-packet delay 51

LIST OF TABLE




Table 1: Notation and Terms 29

more
반출 Meta View 목록