進階搜尋


   電子論文尚未授權公開,紙本請查館藏目錄
(※如查詢不到或館藏狀況顯示「閉架不公開」,表示該本論文不在書庫,無法取用。)
系統識別號 U0026-2407201711050200
論文名稱(中文) 在物聯網中有效的蒐集標籤及防禦分散式阻斷服務攻擊之研究
論文名稱(英文) Efficient Tag Collection and Defense Against DDoS Attacks in the Internet of Things
校院名稱 成功大學
系所名稱(中) 電腦與通信工程研究所
系所名稱(英) Institute of Computer & Communication
學年度 105
學期 2
出版年 106
研究生(中文) 蔡舜智
研究生(英文) Shuen-Chih Tsai
學號 Q38961195
學位類別 博士
語文別 英文
論文頁數 62頁
口試委員 指導教授-李忠憲
口試委員-林輝堂
口試委員-楊竹星
口試委員-郭文中
召集委員-鄭伯炤
中文關鍵字 物聯網  無線射頻辨識  智慧趨勢尋訪  遺失標籤問題  雲端運算  虛擬交換器  分散式阻斷服務  軟體定義網路 
英文關鍵字 IoT  RFID  STT  Missing Tag Problem  Could Computing  Virtual Switch  DDoS  SDN 
學科別分類
中文摘要 近年來物聯網的興起,讓所有的裝置設備,包括電腦、智慧型裝置、標籤(Tag)等等,都可以連上網際網路,方便用戶隨時監看情況及調整設定。有些裝置設備本身具備有上網、定位等功能,直接將資料回傳到資料中心;有些實體物品不具有上網功能,透過標籤將該物品上網及追蹤位置。由於物聯網使用越來越普及,更多實體物品隨之連上物聯網,導致標籤數量也越來越龐大。原來標籤數量較少時,蒐集標籤需要的時間差異不大,當標籤數量變多時,不同的方法所需要的時間也因而不同。因此,本研究提出一基於大量的標籤環境下,加快蒐集標籤的方法,使實體物品可以更快追蹤到位置。
另一方面,當偵測到環境變化,裝置設備將資料回傳至資料中心儲存,甚至更進一步的進行大數據分析。由於雲端運算的盛行,物聯網與雲端運算的整合也越來越重要,相關的技術都也是熱門的研究議題。在資料在傳送期間,雲端運算的網路架構直接影響到傳輸效能。雲端運算網路使用虛擬交換器(Virtual Switch)佈建虛擬網路,在虛擬交換器上不同的設定因子有著不同的影響。本研究針對虛擬交換器的分析,找出影響傳輸效能的重要因子。除了傳輸效能的問題外,在網際網路上的雲端服務也容易有資安問題。可能遭受到的惡意攻擊有很多種,其中以分散式阻斷服務(Distributed Denial-of-Service Attack, DDoS)攻擊最難防制之一。並針對分散式阻斷服務攻擊,提出用軟體定義網路(Software-Defined Networking, SDN)的防禦方法,在完全癱瘓網路服務之前,有效阻止攻擊。
英文摘要 Recently, the Internet of Things (IoT) has been maturing. Many devices including personal computers, smart devices, electronic tags, etc. can now connect to the Internet. Users may conveniently monitor and control objects remotely. Some devices have location and network capabilities, and send information to a data center independently. Many physical objects without complex electronic equipment connect to the Internet and be traced by electronic tags. The more popular the IoT is, the more physical objects connect to it, resulting in an ever-increasing number of electronic tags. When the number of electronic tags is large, the time used for tag-collection is substantially different from algorithms. Therefore, this study proposes an efficient tag collection method for a large scale RFID system.
The objects will send information to data center, when the environmental parameters change. With popularity of cloud computing recently, IoT and cloud computing are becoming integrated and is attracting more attention. Related technologies are also hot research topics. Virtual switches are deployed in the cloud network. Some factors of virtual switches affect network throughput. This study analyzes the virtual network and finds the critical factors. In addition to transmission capability, a cloud computing service is susceptible to network attacks. There are many malicious internet attacks. Distributed Denial-of-Service Attack (DDoS) is one of the most difficult to defend. This study proposes defending by using Software-Defined Networking (SDN) which effectively prevents attacks before the network melts down.
論文目次 摘要 I
ABSTRACT III
誌謝 V
CONTENTS VI
LIST OF TABLES VIII
LIST OF FIGURES IX
CHAPTER 1 INTRODUCTION 1
1.1 BACKGROUND 1
1.2 OVERVIEW OF INTERNET OF THINGS 2
1.3 DISSERTATION CONTRIBUTIONS 2
1.4 ORGANIZATION OF THE DISSERTATION 3
CHAPTER 2 BACKGROUND & RELATED WORK 4
2.1 RADIO FREQUENCY IDENTIFICATION 4
2.2 VIRTUAL NETWORK IN CLOUD COMPUTING 9
2.3 DISTRIBUTED DENIAL-OF-SERVICE ATTACK 10
CHAPTER 3 EFFICIENT TAG COLLECTION PROTOCOL FOR LARGE-SCALE RFID SYSTEMS 12
3.1 OVERVIEW OF TAG COLLECTION PROTOCOL 12
3.2 PROTOCOL ASSUMPTIONS 12
3.3 ADVANCED SMART TREND TRAVERSAL 13
3.3.1 Fast Leaf Arrival 14
3.3.2 Query Construction Rules 19
3.4 SLOT-AWARENESS TAG ON A-STT 22
3.4.1 Slot-Awareness Tag Mechanism 22
3.5 THE ANALYTICAL MODEL OF A-STT 28
3.6 PERFORMANCE EVALUATION OF TAG COLLECTION PROTOCOLS 30
3.6.1 Evaluation Method 30
3.6.2 Simulation Results 34
3.7 SUMMARY 37
CHAPTER 4 CRITICAL FACTOR OF VIRTUAL SWITCH PERFORMANCE IN CLOUD COMPUTING 38
4.1 OVERVIEW OF VIRTUAL SWITCH 38
4.2 OVERVIEW OF SYSTEM DESIGN 39
4.2.1 System Environment 39
4.3 PERFORMANCE EVALUATION 40
4.3.1 Evaluation Method 40
4.3.2 Environment 42
4.3.3 Simulation Results 42
4.4 SUMMARY 47
CHAPTER 5 DEFENDING CLOUD COMPUTING ENVIRONMENT AGAINST DDOS ATTACKS 48
5.1 OVERVIEW OF SOFTWARE DEFINED NETWORK 48
5.2 SYSTEM ARCHITECTURE 48
5.2.1 System Design Overview 49
5.2.2 Scenario Description 49
5.3 DEFENDING SYSTEM 50
5.3.1 Detection component 50
5.3.2 Monitoring component 51
5.3.3 Defending component 52
5.4 EMULATION RESULTS 52
5.4.1 Environment 52
5.4.2 Experimental Result 53
5.5 SUMMARY 56
CHAPTER 6 CONCLUSION 57
REFERENCES 58
參考文獻 [1] M. Azambuja, C.A.M. Marcon, F.P. Hessel, Survey of Standardized ISO 18000-6 RFID Anti-collision Protocols, in: Sensor Technologies and Applications, 2008. SENSORCOMM '08. Second International Conference on, 2008, pp. 468-473.
[2] N. Bhandari, A. Sahoo, S. Iyer, Intelligent Query Tree (IQT) Protocol to Improve RFID Tag Read Efficiency, in: Information Technology, 2006. ICIT '06. 9th International Conference on, 2006, pp. 46-51.
[3] L. Bo, W. Junyu, Efficient Anti-Collision Algorithm Utilizing the Capture Effect for ISO 18000-6C RFID Protocol, Communications Letters, IEEE, 15 (2011) 352-354.
[4] Q. Chen, N. Hoilun, L. Yunhao, L.M. Ni, Cardinality Estimation for Large-Scale RFID Systems, Parallel and Distributed Systems, IEEE Transactions on, 22 (2011) 1441-1454.
[5] Q. Chen, L. Yunhuai, N. Hoilun, L.M. Ni, ASAP: Scalable Identification and Counting for Contactless RFID Systems, in: Distributed Computing Systems (ICDCS), 2010 IEEE 30th International Conference on, 2010, pp. 52-61.
[6] L. Ching, L. Kayi, S. Kai-Yeung, Efficient memoryless protocol for tag identification (extended abstract), in: Proceedings of the 4th international workshop on Discrete algorithms and methods for mobile computing and communications, ACM, Boston, Massachusetts, USA, 2000.
[7] Y. Ching-Nung, H. Jyun-Yan, An Effective 16-bit Random Number Aided Query Tree Algorithm for RFID Tag Anti-Collision, Communications Letters, IEEE, 15 (2011) 539-541.
[8] L. Chun-Fu, F.Y.S. Lin, Efficient Estimation and Collision-Group-Based Anticollision Algorithms for Dynamic Frame-Slotted ALOHA in RFID Networks, Automation Science and Engineering, IEEE Transactions on, 7 (2010) 840-848.
[9] C. Clark, K. Fraser, S. Hand, J. G. Hanseny, E. Jul, C. Limpach, I. Pratt, A. Warfield, 2005. Live Migration of Virtual Machines, Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation, 2, 273-286.
[10] DDoS Attack Against GitHub Continues After More Than Four Days, Retrieved 2015/06/02 from https://threatpost.com/ddos-attack-against-github-continues-after-more-than-four-days/111891.
[11] W. Deming, H. Jianguo, T. Hong-Zhou, A Highly Stable and Reliable 13.56-MHz RFID Tag IC for Contactless Payment, Industrial Electronics, IEEE Transactions on, 62 (2015) 545-554.
[12] R. P. Goldberg, 1974. Survey of virtual machine research, IEEE Computer Society, 7, 9, 34-45.
[13] Jafar Haadi Jafarian, Ehab Al-Shaer, and Qi Duan.: Open flow random host mutation: transparent moving target defense using software defened networking. Proceedings of the first ACM workshop on Hot topics in software defened networks, 2012, pp. 127-132.
[14] Hongxin Hu, Wonkyu Han, Gail-Joon Ahn and Ziming Zhao.: FLOWGUARD: building robust firewalls for software-defened networks. Proceedings of the third ACM workshop on Hot topics in software defened networking, 2014, pp. 97-102.
[15] K. Hyunho, Y. Sangki, K. Hyogon, Sidewalk: A RFID Tag Anti-Collision Algorithm Exploiting Sequential Arrangements of Tags, in: Communications, 2008. ICC '08. IEEE International Conference on, 2008, pp. 2597-2601.
[16] C. Ji Hwan, L. Dongwook, L. Hyuckjae, Query tree-based reservation for efficient RFID tag anti-collision, Communications Letters, IEEE, 11 (2007) 85-87.
[17] Intel, 2006. Intel Virtualization Technology and Intel Active Management Technology in Retail Infrastructure. http://www.intel.com/design/intarch/papers/316087.pdf
[18] M. Jihoon, L. Wonjun, J. Srivastava, Adaptive binary splitting for efficient RFID tag anti-collision, Communications Letters, IEEE, 10 (2006) 144-146.
[19] M. Jihoon, L. Wonjun, J. Srivastava, T.K. Shih, Tag-Splitting: Adaptive Collision Arbitration Protocols for RFID Tag Identification, Parallel and Distributed Systems, IEEE Transactions on, 18 (2007) 763-775.
[20] E. Jun-Bong, L. Tae-Jin, R. Rietman, A. Yener, An efficient framed-slotted ALOHA algorithm with pilot frame and binary selection for anti-collision of RFID tags, Communications Letters, IEEE, 12 (2008) 861-863.
[21] L. Jung-Shian, H. Yu-Min, An Efficient Time-Bound Collision Prevention Scheme for RFID Re-Entering Tags, Mobile Computing, IEEE Transactions on, 12 (2013) 1054-1064.
[22] D.K. Klair, C. Kwan-Wu, R. Raad, A Survey and Tutorial of RFID Anti-Collision Protocols, Communications Surveys & Tutorials, IEEE, 12 (2010) 400-421.
[23] T.F. La Porta, G. Maselli, C. Petrioli, Anticollision Protocols for Single-Reader RFID Systems: Temporal Analysis and Optimization, Mobile Computing, IEEE Transactions on, 10 (2011) 267-279.
[24] P. Lei, H. Wu, Smart Trend-Traversal Protocol for RFID Tag Arbitration, Wireless Communications, IEEE Transactions on, 10 (2011) 3565-3569.
[25] Z. Lei, T.P. Yum, Optimal Framed Aloha Based Anti-Collision Algorithms for RFID Systems, Communications, IEEE Transactions on, 58 (2010) 3583-3592.
[26] Z. Lei, T.S.P. Yum, The Optimal Reading Strategy for EPC Gen-2 RFID Anti-Collision Systems, Communications, IEEE Transactions on, 58 (2010) 2725-2733.
[27] T. Li, S. Chen, Y. Ling, Efficient Protocols for Identifying the Missing Tags in a Large RFID System, Networking, IEEE/ACM Transactions on, PP (2013) 1-1.
[28] Libvirt, http://libvirt.org/. Open vSwitch Manual Pages, http://openvswitch.org/ovs-vswitchd.conf.db.5.pdf
[29] J. Liu and Q. Hao, 2011. Research on optimizing KVM’s network performance, International Conference on Internet Technology and Applications (iTAP), 1-4.
[30] IBM X-Force Threat Intelligence Quarterly,1Q 2015, Retrieved 2015/06/02 from http://public.dhe.ibm.com/common/ssi/ecm/wg/en/wgl03073usen/WGL03073USEN.PDF
[31] Y. Maguire, R. Pappu, An Optimal Q-Algorithm for the ISO 18000-6C RFID Protocol, Automation Science and Engineering, IEEE Transactions on, 6 (2009) 16-24.
[32] Nick McKeown, Tom Anderson, Hari Balakrishnan, Guru Parulkar, Larry Peterson, Jennifer Rexford, Scott Shenker and Jonathan Turner.: OpenFlow: Enabling Innovation in Campus Networks. ACM SIGCOMM Computer Communication Review, vol. 38, no. 2, 2008, pp. 69-74.
[33] Y. Ming-Kuei, J. Jehn-Ruey, H. Shing-Tsaan, Parallel Response Query Tree Splitting for RFID Tag Anti-collision, in: Parallel Processing Workshops (ICPPW), 2011 40th International Conference on, 2011, pp. 6-15.
[34] W. Minli, T. Jie, L. Yaning, Design and implementation of enterprise asset management system based on IOT technology, in: Communication Software and Networks (ICCSN), 2015 IEEE International Conference on, 2015, pp. 384-388.
[35] Seyed Mohammad Mousavi and Marc St-Hilaire.: Early Detection of DDoS Attacks against SDN Controllers. IEEE International Conference on Computing, Networking and Communications (ICNC), 2015, pp. 77-81.
[36] J. Myung, L. Wonjun, T.K. Shih, An Adaptive Memoryless Protocol for RFID Tag Collision Arbitration, Multimedia, IEEE Transactions on, 8 (2006) 1096-1101.
[37] V. Namboodiri, G. Lixin, Energy-Aware Tag Anticollision Protocols for RFID Systems, Mobile Computing, IEEE Transactions on, 9 (2010) 44-59.
[38] NSFOCUS Mid-year 2014 DDoS Threat Report, Retrieved 2015/06/02 from http://www.nsfocus.com/SecurityReport/NSFOCUS%202014%20Mid-Year%20DDoS%20Threat%20Report.pdf.
[39] Open vSwitch, An Open Virtual Switch, http://openvswitch.org/
[40] Shunsuke Oshima, Takuo Nakashima, and Toshinori Sueyoshi.: Early DoS/DDOS detection method using short-term statistics. IEEE International Conference on Complex, Intelligent and Software Intensive Systems (CISIS), 2010, pp. 168-173.
[41] B. Pfaff, J. Pettit, T. Koponen, K. Amidon, M. Casado, S. Shenker, 2009. Extending networking into the virtualization layer, Proceedings of HotNets.
[42] J. Pettit, J. Bernabeu-Auban, D. Gannon, C. Poulain, 2010. Virtual Switching in an Era of Advanced Edges, Proceedings of 2nd Workshop on Data Center-Converged and Virtual Ethernet Switching, ITC 22.
[43] Qumranet, “KVM: Kernel-based Virtualization Drive”, 2006, from http://www.linuxinsight.com/files/kvm whitepaper.pdf.
[44] N. Regola, J. C. Ducom, 2010. Recommendations for Virtualization Technologies in High Performance Computing, IEEE International Conference on Cloud Computing Technology and Science, 409-416.
[45] P. Semiconductors, I-CODE Smart Label RFID Tags, in, Philips Semiconductors, 2004/Jan.
[46] M. Shahzad, A.X. Liu, Probabilistic optimal tree hopping for RFID identification, in: Proceedings of the ACM SIGMETRICS/international conference on Measurement and modeling of computer systems, ACM, Pittsburgh, PA, USA, 2013, pp. 293-304.
[47] Y. Song, Y. H. Sun and Weisong Shi, 2013. A Two-Tiered On-Demand Resource Allocation Mechanism for VM-Based Data Centers, IEEE Transaction on Services Computing, 6, 1, 116-129.
[48] I. Tafa,E. Beqiri, H. Paci, E. KAJO, A.Xhuvani, 2011. The evaluation of Transfer Time, CPU Consumption and Memory Utilization in XEN-PV, XEN-HVM, OpenVZ, KVM-FV and KVM-PV Hypervisor using FTP and HTTP approaches, International Conference of Intelligent Networking and Collaborative Systems (INCoS), 502-507.
[49] C.C. Tan, S. Bo, L. Qun, Efficient techniques for monitoring missing RFID tags, Wireless Communications, IEEE Transactions on, 9 (2010) 1882-1889.
[50] H. M. Tseng, H. L. Lee, J. W. Hu, T. L. Liu, J. G. Chang, W. C. Huang, 2011. Network Virtualization with Cloud Virtual Switch, IEEE 17th International Conference on Parallel and Distributed Systems (ICPADS), 998-1003.
[51] J. Vales-Alonso, V. Bueno-Delgado, E. Egea-Lopez, F.J. Gonzalez-Castano, J. Alcaraz, Multiframe Maximum-Likelihood Tag Estimation for RFID Anticollision Protocols, Industrial Informatics, IEEE Transactions on, 7 (2011) 487-496.
[52] H. Vogt, Efficient Object Identification with Passive RFID Tags, in: Proceedings of the First International Conference on Pervasive Computing, Springer-Verlag, 2002, pp. 98-113.
[53] C. Wen-Tzu, An Accurate Tag Estimate Method for Improving the Performance of an RFID Anticollision Algorithm Based on Dynamic Frame Length ALOHA, Automation Science and Engineering, IEEE Transactions on, 6 (2009) 9-15.
[54] Y. Xin-Qing, Z. Rui-Xia, L. Bin, Smart Trend-Traversal Protocol with Shortcutting for Memory-less RFID Tag Collision Resolution, in: Ubiquitous Intelligence & Computing and 9th International Conference on Autonomic & Trusted Computing (UIC/ATC), 2012 9th International Conference on, 2012, pp. 857-862.
[55] Tianyi Xing, Zhengyang Xiong, Dijiang Huang and Deep Medhi.: SDNIPS: Enabling Software-Defened Networking Based Intrusion Prevention System in Clouds. IEEE 10th International Conference on Network and Service Management (CNSM), 2014, pp. 308-311.
[56] L. Yuan-Cheng, L. Chih-Chung, Two Blocking Algorithms on Adaptive Binary Splitting: Single and Pair Resolutions for RFID Tag Identification, Networking, IEEE/ACM Transactions on, 17 (2009) 962-975.
[57] L. Yuan-Cheng, L. Chih-Chung, Two Couple-Resolution Blocking Protocols on Adaptive Query Splitting for RFID Tag Identification, Mobile Computing, IEEE Transactions on, 11 (2012) 1450-1463.
[58] L. Yuan-Cheng, H. Ling-Yen, General binary tree protocol for coping with the capture effect in RFID tag identification, Communications Letters, IEEE, 14 (2010) 208-210.
[59] Jie Zhang, Zheng Qin, Lu Ou, Pei Jiang, JianRong Liu and Alex X. Liu.: An Advanced Entropy-Based DDOS Detection Scheme. IEEE International Conference on Information, Networking and Automation (ICINA), 2010, pp. 67-71.
[60] R.Y. Zhong, Q. Dai, T. Qu, G. Hu, G.Q. Huang, RFID-enabled real-time manufacturing execution system for mass-customization production, Robotics and Computer-Integrated Manufacturing, 29 (2013) 283-292.
論文全文使用權限
  • 同意授權校內瀏覽/列印電子全文服務,於2022-07-01起公開。
  • 同意授權校外瀏覽/列印電子全文服務,於2022-07-01起公開。


  • 如您有疑問,請聯絡圖書館
    聯絡電話:(06)2757575#65773
    聯絡E-mail:etds@email.ncku.edu.tw