基于隐马尔科夫随机场-置信能量场模型的信任邻域网络体系结构  被引量：1

作　　者：陈子涵 程光 唐舒烨[1,2] 蒋山青 周余阳 赵玉宇 CHEN Zi-Han;CHENG Guang;TANG Shu-Ye;JIANG Shan-Qing;ZHOU Yu-Yang;ZHAO Yu-Yu(School of Cyber Science and Engineering,Southeast University,Nanjing 211189;Key Laboratory of Computer Network and Information Integration of Ministry of Education(Southeast University),Nanjing 211189;International Governance Research Base of Cyberspace(Southeast University),Nanjing 211189;Purple Mountain Laboratories,Nanjing 211111)

机构地区：[1]东南大学网络空间安全学院,南京211189 [2]教育部计算机网络和信息集成重点实验室(东南大学),南京211189 [3]网络空间国际治理研究基地(东南大学),南京211189 [4]紫金山实验室,南京211111

出　　处：《计算机学报》2021年第12期2447-2463,共17页Chinese Journal of Computers

基　　金：国家重点研发计划项目课题(2018YFB1800602,2020YFB1804604)资助.

摘　　要：万物互联已成为未来网络发展的必然趋势,维护网络的整体性安全与鲁棒性在万物互联环境下相较于维护单一节点的安全更加重要与可行,而信任体系结构则是网络整体性安全的基础.信任链是一种链式拓扑的信任体系结构空间模型,通过定性化主动验证来构建网络内的持续信任关系,但链式拓扑的缺陷与定量信任度量的缺失使之无法适应万物互联网络环境.本文提出以信任分形网络拓扑和信任邻域扩散传递模型为基础的信任邻域网络体系结构,设计了隐马尔科夫随机场模型与置信能量场模型,结合门限控制模型,实现信任的定量度量与管理.数学分析与仿真实验表明,本文提出的体系结构能够定量度量与管理信任空间关系,打破攻击者无限攻击限期的100%整体网络攻击成功率,在10至1000个节点的14种不同节点规模下将整体网络攻击成功率最低降至39%;增加其平均理论攻击成本至2倍以上,保障网络系统的鲁棒性与整体安全性.Whether it is the traditional Internet or the emerging Internet of things,security has always been the top priority in the network environment.With the upgrading of communication technology and the development of the Internet and the Internet of Things(IoT),the Internet and the IoT will be integrated into the Internet of Everything(IoE).With the expanding scale of network,the security problem will be more serious in the IoE environment.Hence,maintaining the overall security and robustness of the network is more important than maintaining the security of a single node in the IoE environment,and trust architecture is the foundation of the overall security of the network.The current mainstream trust architecture is a trust chain model and it is a space model of trust architecture with chain topology as the transmission relation topology,which is widely applied in the Internet identity security authentication system,such as the PKI-CA system.It constructs the continuous trust relationship within the network through qualitative active verification.However,a large number of studies have shown that the defects of chain topology and the lack of quantitative trust measurement make it unable to adapt to the Internet of everything environment.In this paper,we propose a new generation trust architecture:trust neighborhood network,which is based on Hidden Markov Random Field Model-Confidence Energy Field(HMRFM-CEF)model.First of all,we innovatively introduce fractal network into the trust architecture,which is a special mesh topological structure which can guarantee the spatial robustness of overall network.Then,a trust neighborhood diffusion transfer concept in which trust nodes only have interaction with others in their own neighborhood is proposed.The concept can describe the transitive relation of trust in the fractal network spatial structure and construct it into trust neighborhood network.As a supplement of current trust architecture,a quantitative trust management model which contains credibility and trust layers are

关 键 词：万物互联 整体性安全 信任体系结构 信任邻域网络 隐马尔科夫随机场 置信能量场 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]