Journal of the Korea Institute of Information and Communication Engineering (한국정보통신학회논문지)

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지
DOI QR코드

DOI QR Code

MTD (Moving Target Detection) with Preposition Hash Table for Security of Drone Network

드론 네트워크 보안을 위한 해시표 대체 방식의 능동 방어 기법

  • Leem, Sungmin (Department. of Military Digital Convergence, Ajou University) ;
  • Lee, Minwoo (Department. of Military Digital Convergence, Ajou University) ;
  • Lim, Jaesung (Department. of Military Digital Convergence, Ajou University)
  • Received : 2019.03.15
  • Accepted : 2019.03.30
  • Published : 2019.04.30
Download PDF
⟨ Previous Next ⟩

Abstract

As the drones industry evolved, the security of the drone network has been important. In this paper, MTD (Moving Target Detection) technique is applied to the drone network for improving security. The existing MTD scheme has a risk that the hash value is exposed during the wireless communication process, and it is restricted to apply the one-to-many network. Therefore, we proposed PHT (Preposition Hash Table) scheme to prevent exposure of hash values during wireless communication. By reducing the risk of cryptographic key exposure, the use time of the cryptographic key can be extended and the security of the drone network will be improved. In addition, the cryptographic key exchange is not performed during flight, it is advantageous to apply PHT for a swarm drone network. Through simulation, we confirmed that the proposed scheme can contribute to the security of the drone network.

드론 산업의 발달로 인해 드론 네트워크의 보안이 중요해졌다. 특히, 드론 네트워크의 무선통신 감청과 이로 인한 불법 드론 공격, 서비스 거부 공격에 대한 방어가 필요하다. 본 논문에서는 드론 네트워크의 보안성 향상을 위해 능동 방어를 위한 네트워크 MTD (Moving Target Defense) 기법을 적용하는 방안을 제안한다. 기존의 네트워크 MTD 기법을 드론 네트워크에 적용하게 되면, 드론 식별을 위한 해시값이 무선통신 중 노출될 위험이 있고, 일대다 군집형 드론 네트워크로의 적용이 제한된다. 본 논문에서는 해시값 노출에 따른 보안 위험을 감소하기 위해 해시표 사전 배치(PHT, Preposition Hash Table) 방식을 사용하고, 해시값을 별도의 카운터로 대체한다. 드론 네트워크 상에 해시값을 직접 전송하지 않기 때문에 해시값 생성시 사용된 키 값의 노출 위험이 감소되고, 결과적으로 동일한 키의 사용 시간을 연장하게 됨으로써 드론 네트워크의 보안성 향상에 기여할 수 있다. 또한, 비행 중 드론의 키 교환을 하지 않기 때문에 일대다 군집형 드론 네트워크로의 적용이 가능하다. 모의실험을 통해 드론 네트워크 공격시 키 사용량과 패킷 전송 성공률을 확인하여 제안방식이 드론 네트워크의 보안성 향상에 기여할 수 있음을 확인하였다.

Keywords

HOJBC0_2019_v23n4_477_f0001.png 이미지

Fig. 1 Example of the packet dropping when a hopping is occurred since the transmission delay.

HOJBC0_2019_v23n4_477_f0002.png 이미지

Fig. 2 Compare to the transmission failure rate between with the number of using ports (C : attack strength, R : buffer space).

HOJBC0_2019_v23n4_477_f0003.png 이미지

Fig. 3 System model of PHT algorithm

HOJBC0_2019_v23n4_477_f0004.png 이미지

Fig. 4 Pseudo code of PHT algorithm. Algorithm 1: Protocol for a Drone. Algorithm 2: Protocol for GCS.

HOJBC0_2019_v23n4_477_f0005.png 이미지

Fig. 5 Comparison of key usage between the hash function and the PHT algorithm for a drone network.

HOJBC0_2019_v23n4_477_f0006.png 이미지

Fig. 6 Comparison of TX success probability for increasing the number of drones

Table. 1 Parameters and values for simulation

HOJBC0_2019_v23n4_477_t0001.png 이미지

Table. 2 Parameters and meaning for simulation

HOJBC0_2019_v23n4_477_t0002.png 이미지

References

  1. M. S. Hyun, K. H. Choi, and J. H. Kim, "Development of Simulation and Test-Bed for Searching Missing People Using Multi-Drone Simulator and LoRa Sensor Network," The Journal of Korean Institute of Communications and Information Sciences, vol. 43, no. 11, pp. 1941-1951, Nov. 2018. https://doi.org/10.7840/kics.2018.43.11.1941
  2. N. Jadeja, and V. Parmar, "Implementation and Mitigation of Various Tools for Pass the Hash Attack," Procedia Computer Science, vol. 79, pp. 755-764, Mar. 2016. https://doi.org/10.1016/j.procs.2016.03.099
  3. C. Gudla, S. Rana, and A. H. Sung, "Defense Techniques Against Cyber Attacks on Unmanned Aerial Vehicles," International Conference Embedded Systems, Cyber-Physical Systms & Applications. New York, Oct. 2018.
  4. K. Driscoll, "Lightweight crypto for lightweight unmanned arial systems," Integrated Communications, Navigation, Surveillance Conference (ICNS), 2018.
  5. G. C. Wang, B. S. Lee, K. J. Lim, and J. Y. Ahn, "Technical Trends on Security of Control and Non-Payload Communications Network for Unmanned Aircraft Systems," Electronics and Telecommunications Trends, ETRI, 2017.
  6. H. Okhravi, T. Hobson, D. Bigelow, and W. Streilein, "Finding focus in the blur of moving-target techniques," IEEE Security & Privacy, pp. 16-26, Nov. 2013.
  7. H. Lee, and V. Thing, "Port Hopping for Resilient Networks," 60th IEEE Vehicular Technology Conference, pp. 3291- 3295, Sept. 2004.
  8. M. Dunlop, S. Groat, W. Urbanski, R. Marchany, and J. Tront, "MT6D: A Moving Target IPv6 Defense," IEEE Military Communications Conference, pp. 1321-1326, Nov. 2011.
  9. Y. B. Luo, B. S. Wang, X. F. Wang, X. F. Hu, and G. L. Cai, "RPAH: Random port and address hopping for thwarting internal and external adversaries," Trustcom/Big-DataSE/ISPA, vol. 1, 2015.
  10. G. Badishi, A. Herzberg, and K. Idit, "Keeping Denial-of-Service Attackers in the Dark," IEEE Transactions on Dependable and Secure Computing, vol. 4, no. 3, pp. 191-204, Aug. 2007. https://doi.org/10.1109/TDSC.2007.70209
  11. K. Hartmann, and C. Steup, "The Vulnerability of UAVs to Cyber Attacks -An Approach to the Risk Assessment," 5th International Conference on Cyber Conflict, 2013.