基于MT6D的物联网轻量级安全协议研究

doi:10.19678/j.issn.1000-3428.0055664

计算机工程 ›› 2020, Vol. 46 ›› Issue (9): 117-122. doi: 10.19678/j.issn.1000-3428.0055664

基于MT6D的物联网轻量级安全协议研究

黄廷辉, 丁勇, 李思骏

桂林电子科技大学计算机与信息安全学院, 广西桂林 541004

收稿日期:2019-08-05 修回日期:2019-09-12 发布日期:2019-09-20
作者简介:黄廷辉(1970-),男,副教授、硕士,主研方向为物联网安全、分布式计算;丁勇、李思骏,硕士研究生。
基金资助:
国家自然科学基金（61662016）；赛尔网络下一代互联网技术创新项目（NGII20160306）。

Research on MT6D-based Lightweight Security Protocol for Internet of Things

HUANG Tinghui, DING Yong, LI Sijun

College of Computer and Information Security, Guilin University of Electronic Technology, Guilin, Guangxi 541004, China

Received:2019-08-05 Revised:2019-09-12 Published:2019-09-20

摘要/Abstract

摘要： 随着物联网设备在开放互联网上的快速部署，物联网设备的隐私和通信安全问题得到广泛关注。由于物联网的嵌入式设备受到资源和计算性能的限制，传统的网络通信安全方法难以提供可靠的安全保障。为此，提出一种基于低功耗无线个域网6LoWPAN的轻量级IPv6地址跳变协议（L6HOP）。通过对移动目标IPv6网络防御（MT6D）协议进行改进，使用轻量级哈希算法降低CPU计算消耗，并引入滑动地址窗口解决不同设备时钟误差引起的丢包率较大的问题。实验结果表明，L6HOP协议可有效保护物联网不受设备追踪、DoS和窃听等攻击，与MT6D协议相比，可有效减少CPU的计算开销，并能够降低通信丢包率。

关键词: 物联网, 地址跳变, 安全协议, 移动目标IPv6网络防御协议, 通信效率

Abstract: With the rapid deployment of Internet of Things(IoT) devices on the open Internet,the privacy and communication security of IoT devices has attracted much attention.Because the embedded IoT devices are limited by resources and computing performance,traditional network communication security methods have been unable to provide reliable security guarantee.Therefore,this paper proposes a lightweight IPv6 address hopping protocol,L6HOP,in the low-power wireless personal area network,6LoWPAN.The protocol improves the Moving Target IPv6 Defense(MT6D) protocol,and uses a lightweight hash algorithm to reduce CPU computing consumption.Also,the sliding address window is introduced to solve the high packet loss rate caused by clock errors of different devices.Experimental results show that the L6HOP protocol can effectively protect the IoT from device tracking,DoS and eavesdropping attacks.Compared with MT6D protocol,it can significantly reduce the computing overhead of CPU and packet loss rate of communication.

Key words: Internet of Things(IoT), address hopping, security protocol, Moving Target IPv6 Defense(MT6D) protocol, communication efficiency

中图分类号:

TP309

黄廷辉, 丁勇, 李思骏. 基于MT6D的物联网轻量级安全协议研究[J]. 计算机工程, 2020, 46(9): 117-122.

HUANG Tinghui, DING Yong, LI Sijun. Research on MT6D-based Lightweight Security Protocol for Internet of Things[J]. Computer Engineering, 2020, 46(9): 117-122.

http://www.ecice06.com/CN/Y2020/V46/I9/117

图/表 5

20200915135309

20200915135312

20200915135316

20200915135319

20200915135324

参考文献

[1] PENG Anni,ZHOU Wei,JIA Yan,et al.Survey of the Internet of things operating system security[J].Journal on Communications,2018,39(3):22-34.(in Chinese)彭安妮,周威,贾岩,等.物联网操作系统安全研究综述[J].通信学报,2018,39(3):22-34.
[2] MUDGERIKAR A,SHARMA P,BERTINO E.E-spion:a system-level intrusion detection system for IoT devices[C]//Proceedings of the 2019 ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2019:493-500.
[3] ARSHAD J,AZAD M A,ABDELLATIFM M,et al.COLIDE:a collaborative intrusion detection framework for IoT[J].IET Networks,2018,8(1):3-14.
[4] AKBARZADEH A,BAYAT M,ZAHEDNEJAD B,et al.A lightweight hierarchical authentication scheme for Internet of things[J].Journal of Ambient Intelligence and Humanized Computing,2019,10(7):2607-2619.
[5] SHARMA G,KALRA S.A lightweight multi-factor secure smart card based remote user authentication scheme for cloud-IoT applications[J].Journal of Information Security and Applications,2018,42:95-106.
[6] MENG Qian,MA Jianfeng,CHEN Kefei,et al.Data comparable encryption scheme based on cloud computing in Internet of things[J].Journal on Communications,2018,39(4):167-175.(in Chinese)孟倩,马建峰,陈克非,等.基于云计算平台的物联网加密数据比较方案[J].通信学报,2018,39(4):167-175.
[7] RAJESH S,PAUL V,MENON V G,et al.A secure and efficient lightweight symmetric encryption scheme for transfer of text files between embedded IoT devices[J].Symmetry,2019,11(2):293.
[8] DUNLOP M,GROAT S,URBANSKI W,et al.Mt6d:a moving target IPv6 defense[C]//Proceedings of Military Communications Conference.Washington D.C.,USA:IEEE Press,2011:1321-1326.
[9] DUNLOP M,GROAT S,URBANSKI W,et al.The blind man's bluff approach to security using IPv6[J].IEEE Security and Privacy,2012,10(4):35-43.
[10] PREISS T,SHERBURNE M,MARCHANY R,et al.Implementing dynamic address changes in contikios[C]//Proceedings of IEEE International Conference on Information Society.Washington D.C.,USA:IEEE Press,2014:222-227.
[11] SHERBURNE M,MARCHANY R,TRONT J.Implementing moving target IPv6 defense to secure 6LowPan in the IoT and smart grid[C]//Proceedings of the 9th Annual Cyber and Information Security Research Conference.New York,USA:ACM Press,2014:37-40.
[12] ZZITE K,CANTRELL M,MARCHANY R,et al.Designing a micro-moving target IPv6 defense for the IoT[C]//Proceedings of the 2nd IEEE/ACM International Conference on Internet-of-Things Design and Implementation.Washington D.C.,USA:IEEE Press,2017:179-184.
[13] SHAH J L,PARVEZ J.Optimizing security and address configuration in IPv6 SLAAC[J].Procedia Computer Science,2015,54:177-185.
[14] CARPERTER B,JIANG S.Significance of IPv6 interface identifiers[J].Internet Engineering Task Force,2014,65:1-10
[15] DUNLOP M,GROAT S,MARCHANY R,et al.The good,the bad,the IPv6[C]//Proceedings of the 9th Annual Communication Networks and Services Research Conference.Washington D.C.,USA:IEEE Press,2011:77-84.
[16] GRANJAL J,MONTEIRO E,SILVA J S.Security for the Internet of things:a survey of existing protocols and open research issues[J].IEEE Communications Surveys and Tutorials,2015,17(3):1294-1312.
[17] NABEEL N,HABAEBI M,MUSTAPHA N C,et al.IoT light weight crypto functions[J].International Journal of Interactive Mobile Technologies,2019,13(4):117.
[18] ZEITZ K,CANTRELL M,MARCHANY R,et al.Changing the game:a micro moving target IPv6 defense for the IoT[J].IEEE Wireless Communications Letters,2018,7(4):578-581.
[19] BALASCH J,EGE B,EISENBARTH T,et al.Compact implementation and performance evaluation of hash functions in attiny devices[C]//Proceedings of International Conference on Smart Card Research and Advanced Applications.Berlin,Germany:Springer,2012:158-172.
[20] YÜ Ke,WANG Huifeng.Research and Improvement of RPL Routing Protoco[J].Computer Engineering,2018,44(3):103-108.(in Chinese)俞柯,王慧锋.RPL路由协议的研究与改进[J].计算机工程,2018,44(3):103-108.
[21] PAI V,SHENOY U K K.6LowPan-performance analysis on low power networks[C]//Proceedings of International Conference on Computer Networks and Communication Technologies.Berlin,Germany:Springer,2019:145-156.

选择文件类型/文献管理软件名称

选择包含的内容

基于MT6D的物联网轻量级安全协议研究

Research on MT6D-based Lightweight Security Protocol for Internet of Things

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 5

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

[1]	余长宏, 陆雅, 王海鑫, 高明. 基于滑动时间窗的物联网设备流量分类算法[J]. 计算机工程, 2023, 49(7): 259-268.
[2]	潘雪, 袁凌云, 黄敏敏. 基于区块链和域信任度的物联网跨域信任评估模型[J]. 计算机工程, 2023, 49(5): 181-190.
[3]	田秀霞, 杨明夷. 家庭物联网中基于智能合约的访问控制机制[J]. 计算机工程, 2023, 49(3): 18-28.
[4]	苏瑞国, 阳建, 秦继伟, 武晓雄, 贾振红. 基于物联网区块链的轻量级共识算法研究[J]. 计算机工程, 2023, 49(2): 175-180.
[5]	顾智敏, 王梓莹, 郭静, 郭雅娟, 冯景瑜. 雾化零信任组件的5G电力失陷终端威胁检测[J]. 计算机工程, 2023, 49(2): 161-168.
[6]	丁庆丰, 李晋国. 一种物联网环境下的分布式异常流量检测方案[J]. 计算机工程, 2022, 48(8): 152-159.
[7]	刘晶, 朱炳旭, 梁佳杭, 任女尔, 季海鹏. 基于主侧链合作的区块链访问控制策略[J]. 计算机工程, 2022, 48(3): 10-16,22.
[8]	黄志清, 解鲁阳, 张严心, 尹泽明. 基于区块链的物联网数据服务信誉评估模型[J]. 计算机工程, 2022, 48(1): 33-42.
[9]	李忠成, 解滨, 张文祥. 基于多元分层感知的移动物联网区域分割算法[J]. 计算机工程, 2021, 47(9): 51-58.
[10]	朱新兵, 李清宝, 张平, 陈志锋, 顾艳阳. 面向新攻击面的物联网终端固件安全威胁模型[J]. 计算机工程, 2021, 47(7): 126-134.
[11]	张建国, 胡晓辉. 基于以太坊的改进物联网设备访问控制机制研究[J]. 计算机工程, 2021, 47(4): 32-39,47.
[12]	张江徽, 崔波, 李茹, 史锦山. 基于智能合约的物联网访问控制系统[J]. 计算机工程, 2021, 47(4): 21-31.
[13]	闫华钰, 陈岚, 佟鑫, 李莹. 面向物联网应用的SoC安全检查架构设计[J]. 计算机工程, 2021, 47(2): 152-159.
[14]	杨锦翔, 熊焰, 黄文超. 基于强化学习的安全协议形式化验证优化研究[J]. 计算机工程, 2021, 47(12): 141-146.
[15]	任智, 吴本源, 周舟, 苏新. 基于CoAP协议的泛在电力物联网拥塞控制算法[J]. 计算机工程, 2021, 47(10): 166-173.

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

基于MT6D的物联网轻量级安全协议研究

Research on MT6D-based Lightweight Security Protocol for Internet of Things

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 5

参考文献

相关文章 15

编辑推荐

Metrics

本文评价