假冒攻击

该方案通过对移动IP注册消息的认证，避免了针对注册过程的假冒攻击和重发攻击。

By using authentication , this solution avoids the counterfeit attack and replay attack directed against the Mobile IP register process .

该协议能够使虚拟域间在不受到假冒攻击的情况下共享授权数据。

It allows authorization data to be shared among virtual domains without the possibility of the impersonation attack .

新协议能够有效抵抗非授权访问、假冒攻击、重放攻击、DoS攻击等安全攻击，在提高安全性的同时，提高了认证协议的可用性。

The new protocol can counteract effectively series of the security attack as replay attacking , fake attacking , and DoS attacking and so on .

对此，本文提出了一种假冒攻击源检测方案。

Aimed at masquerader attacks in the sensor network , a novel masquerader detection scheme is proposed .

无线认证协议用于无线环境中各参与方之间相互确定对方的真实身份，防止假冒攻击。

Wireless authentication protocols are used to confirm identity of the participants involved in case of impersonation .

由通信双方共同生成动态因子，既可抵抗重放攻击和假冒攻击，也体现了认证的公平性，安全性较高；

And it is fair for the mutual parties because the dynamic factor is generated by both of them .

系统具有使用成本低，稳定性高，便于用户使用的特点，并能够主动有效地发现非法用户的假冒攻击行为。

The system has a low cost , high stability and it can actively and effectively detect attacks from illegal users .

经安全分析，协议能防止窃听攻击、重放攻击和假冒攻击等常见的各种攻击行为可能造成的安全威胁。

By security analysis , the protocol can prevent from usual attacks such as wiretapping , playback , counterfeit and so on .

本方案的特点是：提供了服务器和客户的双向认证，能够抵御假冒攻击；

This scheme bearing the following characteristics : it provides mutual authentication between the user and server which can resist the impersonation attack ;

此外，系统还提供了无线报警提示功能，可将用户的登录信息及时地发送给对应的合法用户，从而能够有效地防止非法用户的假冒攻击行为。

Besides , the system provides wireless alarm function , which makes valid registered users receive the login information and discover the masquerade behavior of invalid user in time .

该方案也提出了成功假冒攻击源测定算法，其中采用了汇聚节点监控排查恶意区域、普通节点认证转发报警消息机制。

In addition , the succeeded masquerader detection algorithm is proposed in this scheme . In this algorithm , the sink node monitors and examines the malicious region . And then normal nodes could identify and forward the alert messages .

该方案利用基于身份的签名技术，结合节点报警规则，构造了基于邻居节点相互认证的单个试图假冒攻击源测定算法，以此为基础，扩充为针对局部区域内的多个试图假冒攻击源测定算法。

By means of employments of the identity-based signature technology and node alarming rules , a single masquerader detection algorithm is constructed , which is based on the neighbor mutual authentication . Moreover , the algorithm to detect multiple masqueraders is acquired from this .

在该系统中，采用门限机制，只有认证服务器组中的成员才可以执行有效的认证过程，保证了接入认证过程的安全性，也避免了假冒攻击和单个服务器被攻陷。

Only the members within Authentication Server Group ( ASG ) can carry out the valid authentication process , our method can avoid the fraudulent attack and can prevent single authentication server from being captured , so , the validity and security of authentication process can be guaranteed . 5 .

假冒和窃听攻击是无线通信面临的主要威胁。

Impersonation and eavesdropping are the crucial threats in wireless communication systems .

进行客户端和服务器的双向认证，解决了假冒服务器端的攻击问题。

Resolve the problem of fake servers by authenticating mutually between client and server . 3 .