簡易檢索 / 詳目顯示
| 研究生: |
曾國賢 Zeng, Guo-Hsien |
|---|---|
| 論文名稱: |
使用智慧型手機擷取封包及其在物聯網之應用 On packet capturing using the Smartphone and its application for IoT traffic |
| 指導教授: |
藍崑展
Lan, Kun-Chan |
| 學位類別: |
碩士 Master |
| 系所名稱: |
電機資訊學院 - 資訊工程學系 Department of Computer Science and Information Engineering |
| 論文出版年: | 2017 |
| 畢業學年度: | 105 |
| 語文別: | 英文 |
| 論文頁數: | 35 |
| 中文關鍵詞: | 擷取封包 、物聯網 、感測器 、擷取特定應用程式封包 、智慧型體溫計 |
| 外文關鍵詞: | Capture packet, Internet of Things (IoT), Sensor, Capture packet of specific app, Intelligent thermometer |
| 相關次數: | 點閱:126 下載:0 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
近年來因為智慧型手機的日益普及和雲端服務的急速增加,帶動了物聯網產品的快速成長。人們的日常生活上有許多應用和相關情境,需要藉著物聯網產品收集和分析資料來達到需求。物聯網產品會藉著不同的感測器接收不同的資料,例如:使用者的動作、心跳率、溫度,接著將資料透過智慧型手機傳送到雲端。若能藉著智慧型手機直接擷取這些傳送的數據,則可以使得人們大大的提升資料收集的便利。
一般情況下,使用智慧型手機擷取封包都需要有最高權限,但是啟動手機最高權限來擷取封包有相當大的風險,例如:對手機系統產生危害,洩漏隱私訊息風險…等,而且也無法擷取指定的物聯網產品收集到的資料。因此我們實作了一個手機應用程式 -"iCap",此應用程式不需要使用最高權限來擷取封包。"iCap"會呼叫一個名為VpnService的方法建立一個虛擬網路卡,接著修改路由表讓所有封包導向此虛擬網路卡,並藉此來擷取所有通過虛擬網路卡的網路封包。
"iCap"主要用來分析和過濾並擷取指定的網路封包。根據物聯網產品附加的應用程式,"iCap"分析應用程式的使用者識別碼,用來擷取指定的物聯網產品感測器收集到的資料封包。另外,"iCap"也透過讓使用者可以指定protcol,IP address,port number等條件,讓使用者可以針對特定的目標分析網路封包,協助相關通訊協定的研究與封包異常行為的偵測。
In recent years, whether the Smartphone is the most common device, or clouds service is developing rapidly, they help the growth fast of the Internet of Things (IoT). There are many applications and relevant major scenarios with the need to collect and analyze a lot of data by IoT. Most of IoT product collect the data from a wide variety of different sensors, such as user's movements, heart-rate, and temperature, then send it to the cloud via Smartphones. If we can capture these data directly by Smartphone, it can be more convenient for data collection.
Packet capturing by root the Smartphone is risky for system hazards, privacy leaks, etc., and then cannot capture the packet that receives from the IoT sensor. So we developed an application named "iCap" which uses no root feature to capture the packet. This app calls VpnService to create the virtual network interface and modifying routing table. After this, the total packet will pass through this virtual network interface, and then capture the total packet that passes through this virtual network interface.
"iCap" used to analyze, filter and capture the specific network packet. According to the addition IoT app, "iCap" will analyze the user id of the addition IoT app, it use user id to verify the packet and capture packet from that IoT app directly. "iCap" also captures the specified packet which user can filter packet by input the packet Protocol, IP address, or Port number. Using this condition can help users to analyze network packets for specific targets, research of related protocols and detect the abnormal behavior of packets in the Smartphone.
References
[1] L. Atzori, A. Iera, G. Morabito. "The Internet of Things: a survey." Computer Networks, 54 (2010), pp. 2787–2805.
[2]Ray, Partha Pratim. "Understanding the role of internet of things towards smart e-healthcare services." Biomedical Research (2017).
[3] J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of things (IoT): A vision, architectural elements, and future directions,” Future Gen. Comput. Syst., vol. 29, no. 7, pp. 1645–1660, 2013.
[4]"User ID: UID and GID," Accessed July 2015. Available: http://linux.vbird.org/linux_basic/0410accountmanager.php#account_id
[5] "Android security mechanism - uid, gid and pid. " Accessed October 2015. Available: http://blog.csdn.net/vshuang/article/details/43639211
[6] M. Ryan, "Bluetooth: With Low Energy Comes Low Security," in Proceedings of the 7th USENIX conference on Offensive Technologies, 2013.
[7] M. Ossmann, "Project ubertooth," Retrieved, vol. 18, p. 23, 2012.
[8] "Ubertooth One," Accessed 2011. Available: http://ubertooth.sourceforge.net/hardware/one/
[9] K. Lotfy, M. L. Hale. "Assessing Pairing and Data Exchange Mechanism Security in the Wearable Internet of Things." Mobile Services (MS), 2016 IEEE International Conference on.
[10] "Samsung SmartThings products," Accessed 2015. Available: https://www.smartthings.com/
[11] K. Yoshigoe, W. Dai, M.Abramson, A. Jacobs. "Overcoming invasion of privacy in smart home environment with synthetic packet injection." In Proceedings of the TRON Symposium (TRONSHOW), Tokyo, Japan, 9–10 December 2015; pp. 1–7.
[12] McCanne, Steven; Jacobson, Van (January 1993). "The BSD Packet Filter: A New Architecture for User-level Packet Capture". USENIX.
[13] Neha, Ms, et al. "ANDROID-MOBILE OPERATING SYSTEM."
[14] Feilner, Markus. "Chapter 1 - VPN—Virtual Private Network". OpenVPN: Building and Integrating Virtual Private Networks: Learn How to Build Secure VPNs Using this Powerful Open Source Application. Packt Publishing.
[15] "Pulse Secure APP, " Accessed July 2017. Available: https://play.google.com/store/apps/details?id=net.pulsesecure.pulsesecure&hl=zh_TW
[16] "Android VpnService API," Accessed October 2011. Available: https://developer.android.com/reference/android/net/VpnService.html
[17] "Tun/Tap interface tutorial," Accessed March 2010. Available: http://backreference.org/2010/03/26/tuntap-interface-tutorial/
[18] Postel, Jon. Transmission control protocol. No. RFC: 793 (1981).
[19] Postel, Jon. User datagram protocol. No. RFC 768. 1980.
[20] Timothy S. Ramteke: Networks, Second Edition, Prentice-Hall 2001, ISBN 0-13-901265-6
[21] "/proc/net/protocol system," Accessed November 2000. Available: http://www.linuxdevcenter.com/pub/a/linux/2000/11/16/LinuxAdmin.html
[22] "Android ApplicationInfo API," Accessed September 2008. Available: https://developer.android.com/reference/android/content/pm/ApplicationInfo.html#uid
校內:2020-07-04公開校外:不公開