基于密钥共享的复杂网络围界入侵点检测研究  被引量：5

作　　者：潘卿[1] 窦立君[1] PAN Qing;DOU Li-jun(Nanjing Forestry University Cyber Security and Informatization Office,Nanjing Jiangsu 210037,China)

机构地区：[1]南京林业大学网络安全和信息化办公室,江苏南京210037

出　　处：《计算机仿真》2022年第9期431-434,450,共5页Computer Simulation

基　　金：国家自然科学基金项目(61871444);2020年教育部产学合作协同育人项目(202002125002);江苏省教育信息化课题(20180008);江苏省现代教育技术研究所智慧校园项目(2019-R-75631;2020-R-84350)。

摘　　要：针对复杂网络应用的广泛性与必要性,以及管理维护人员安全意识的薄弱性,攻击者对复杂网络围界的攻击逐渐泛滥,为了增强复杂网络环境的安全性,提出基于密钥共享的复杂网络围界入侵点检测方法。根据构建复杂网络的感知层、网络层和应用层结构,通过外部流量的监听来判断入侵点检测系统是否被攻击,分别采用CNN和LSTM对网络特征进行提取,为了解决数据分布不平衡问题,提出动态权重损失函数。从单跳入网络和多跳入网络两方面对复杂网络节点进行认证,通过对信任中心与节点的分析,保证了复杂网络入网节点的合法性与安全性。为进一步保证复杂网络安全性,在网络节点入网后,对信任中心与节点间共享的密钥进行周期性更新处理,并采用单向散列链模式更新报文和增加校验信息,只有报文是正确且安全的,才会对报文进行解密。最后从安全性、性能、效率和容忍性等方面对算法进行分析,验证所提方法具有一定的有效性与合法性。In view of the universality and necessity of complex network applications and the weak security awareness of management and maintenance personnel, attackers’ attacks on complex network boundaries are gradually rampant. In order to enhance the security of a complex network environment, a complex network perimeter intrusion point detection method based on key sharing is proposed. According to the structure of the perception layer, network layer and application layer of a complex network, it is judged whether the intrusion point detection system is attacked by monitoring external traffic, and network features are extracted by CNN and LSTM respectively. In order to solve the problem of unbalanced data distribution, a dynamic weight loss function is proposed. The complex network nodes are authenticated from two aspects: single hop network and multi-hop network. Through the analysis of the trust center and nodes, the legitimacy and security of complex network nodes are guaranteed. In order to further ensure the security of the complex network, after the network node enters the network, the key shared between the trust center and the node is updated periodically. The one-way hash chain mode is used to update the message and add verification information. The message will be decrypted only if the message is correct and safe. Finally, the algorithm is analyzed from the aspects of security, performance, efficiency and tolerance to verify the effectiveness and legitimacy of this method.

关 键 词：密钥共享 围界入侵点征 特征信息 动态权重损失函数 单向散列链 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]