ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2017, Vol. 54 ›› Issue (9): 2032-2043.doi: 10.7544/issn1000-1239.2017.20160636

• 网络技术 • 上一篇    下一篇

基于IEEE802.15.4e标准的工业物联网安全时间同步策略

杨伟1,2,何杰1,万亚东1,王沁1,李翀3   

  1. 1(北京科技大学计算机与通信工程学院 北京 100083);2(江西师范大学软件学院 南昌 330027);3(中国科学院计算机网络信息中心 北京 100190) (ustbyangwei@139.com)
  • 出版日期: 2017-09-01
  • 基金资助: 
    国家自然科学基金项目(61302065,61304257); 北京市自然科学基金项目(4152036); 中央高校基本科研业务费专项资金(FRF-TP-15-026A2)

Security Countermeasures for Time Synchronization in IEEE802.15.4e-Based Industrial IoT

Yang Wei1,2, He Jie1, Wan Yadong1, Wang Qin1, Li Chong3   

  1. 1(School of Computer and Communication Engineering, University of Science and Technology Beijing, Beijing 100083);2(School of Software, Jiangxi Normal University, Nanchang 330027);3(Computer Network Information Center, Chinese Academy of Sciences, Beijing 100190)
  • Online: 2017-09-01

摘要: IEEE802.15.4e是一个面向工业物联网应用的MAC层标准,其采用时间同步关键技术实现高可靠、低功耗的工业无线网络.网络空间中存在各式各样攻击,由于时间同步机制是工业无线网络中的核心支撑技术,其可能成为首选的攻击目标.假如攻击者对时间同步协议发起攻击,破坏节点之间的同步,将导致网络通信、节点定位以及数据融合等方面应用不能正常工作.针对基于IEEE802.15.4e标准的工业物联网中时间同步协议安全性不足问题,提出了一个安全时间同步策略.首先,提出了Sec_ASN算法保护单跳的ASN时间同步和TOF算法保护单跳的Device-to-Device时间同步;其次,提出了Rank-based入侵检测算法保护多跳时间同步;最后通过理论分析和实验测试证明,该安全时间同步策略具有时间同步精度高和开销低特点,并且能有效防御外部攻击和内部攻击.

关键词: IEEE802.15.4e, 安全, 时间同步, 工业物联网, 攻击

Abstract: IEEE802.15.4e is the latest MAC layer standards for the industrial Internet of things, which enables highly reliable and ultra-low power wireless networking through time synchronization technique. In cyberspace where an adversary may attack the networks through various ways, time synchronization becomes an attractive target due to its importance. If an adversary launches time synchronization attack, it will paralyze the whole network communication, the node localization and data fusion application. However, the time synchronization protocol is not insufficient to be protected in IEEE802.15.4e standard. So it is crucial to design a secure time synchronization protocol. First, we develop a secure single-hop ASN synchronization and a secure single-hop device-to-device synchronization using hardware-assisted encryption and authentication. And we also adopt the 2s+1 method and threshold filter algorithm. Second, we develop a secure multi-hop time synchronization mechanism which adopts a rank-based intrusion detection algorithm. Third, theoretical analysis and experiments show that the proposed countermeasures can successfully defend against external attacks and insider attacks, as well as high clock accurate and low power consumption.

Key words: IEEE802.15.4e, secure, time synchronization, industrial Internet of things, attack

中图分类号: