网络欺骗技术综述

doi:10.11959/j.issn.1000-436x.2017281

通信学报 ›› 2017, Vol. 38 ›› Issue (12): 128-143.doi: 10.11959/j.issn.1000-436x.2017281

网络欺骗技术综述

贾召鹏^1,²,方滨兴^1,^3,⁴,刘潮歌^2,⁵,刘奇旭^2,⁵,林建宝^1,²

¹ 北京邮电大学网络空间安全学院，北京 100876
² 中国科学院信息工程研究所，北京 100093
³ 广州大学网络空间先进技术研究院，广东广州 510006
⁴ 电子科技大学广东电子信息工程研究院，广东东莞 523808
⁵ 中国科学院大学网络空间安全学院，北京 100049

修回日期:2017-08-16 出版日期:2017-12-01 发布日期:2018-01-19
作者简介:贾召鹏（1988-），男，河北邢台人，北京邮电大学博士生，主要研究方向为网络安全、网络欺骗。|方滨兴（1960-），男，江西万年人，中国工程院院士，广州大学教授，主要研究方向为计算机体系结构、计算机网络与信息安全。|刘潮歌（1986-），男，吉林长春人，中国科学院信息工程研究所助理研究员、博士生，主要研究方向为Web安全、网络欺骗、追踪溯源。|刘奇旭（1984-），男，江苏徐州人，博士，中国科学院信息工程研究所副研究员，中国科学院大学副教授，主要研究方向为网络攻防技术、网络安全评测。|林建宝（1992-），男，山东威海人，北京邮电大学硕士生，主要研究方向为网络安全、网络欺骗。
基金资助:
国家重点研发计划基金资助项目(2016YFB0801604);东莞市引进创新科研团队计划基金资助项目(201636000100038);中国科学院网络测评技术重点实验室和网络安全防护技术北京市重点实验室基金资助项目

Survey on cyber deception

Zhao-peng JIA^1,²,Bin-xing FANG^1,^3,⁴,Chao-ge LIU^2,⁵,Qi-xu LIU^2,⁵,Jian-bao LIN^1,²

¹ School of Cyberspace Security，Beijing University of Posts and Telecommunications，Beijing 100876，China
² Institute of Information Engineering，Chinese Academy of Sciences，Beijing 100093，China
³ Cyberspace Institute of Advanced Technology，Guangdong University，Guangzhou 510006，China
⁴ Institute of Electronic and Information Engineering of UESTC in Guangdong，Dongguan 523808，China
⁵ School of Cyber Security，University of Chinese Academy of Sciences，Beijing 100049，China

Revised:2017-08-16 Online:2017-12-01 Published:2018-01-19
Supported by:
The National Key Research and Development Program of China(2016YFB0801604);Dongguan Innovative Research Team Program(201636000100038);Key Laboratory of Network Assessment Technology at Chinese Academy of Sciences and Beijing Key Laboratory of Network Security and Protection Technology

摘要/Abstract

摘要：

网络攻防不对称是当前网络安全面临的核心问题之一。基于欺骗的防御技术是防御方为改变这种不对称格局而引入的一种新思路，其核心思想是通过干扰攻击者的认知以促使攻击者采取有利于防御方的行动，从而记录攻击者的活动与方法、增加其实施攻击的代价、降低其攻击成功的概率。首先，对网络欺骗进行形式化定义并依据欺骗环境构建方法将其划分为4种。同时，将网络欺骗的发展历程概括为3个阶段，分析各个阶段特点。然后，提出网络欺骗的层次化模型并对已有研究成果进行介绍。最后，对网络欺骗对抗手段进行分析与总结并介绍网络欺骗技术发展趋势。

关键词: 网络欺骗, 认知, 攻击, 防御

Abstract:

The asymmetric situation of network attacks and defenses is one of the key issues of current network security.Cyber deception was a revolutionary technology introduced by defenders to alter the asymmetric situation.By thwarting an attacker's cognitive processes，defenders can mislead attackers，hence causing them to take specific actions that aid network security defenses.In this way，defenders can log attackers'behavior and method，increase cost for the attackers to launch a successful attack，as well as reduce the probability of an attacker's success.Cyber deception formally and classify cyber deception into four classes was defined.Then，the cyber deceptions’development was divided into three stages，and each stage’s character was decided.Next，a hierarchical model to describe the existing work was proposed.At last，the countermeasures in cyber deception and the development trends in this field was discussed.

Key words: cyber deception, cognitive process, attack, defense

中图分类号:

TP393

贾召鹏,方滨兴,刘潮歌,刘奇旭,林建宝. 网络欺骗技术综述[J]. 通信学报, 2017, 38(12): 128-143.

Zhao-peng JIA,Bin-xing FANG,Chao-ge LIU,Qi-xu LIU,Jian-bao LIN. Survey on cyber deception[J]. Journal on Communications, 2017, 38(12): 128-143.

图/表 11

图1

图2

图3

表1

图4

图5

表2

图6

图7

表3

表4

参考文献 79

[1]	蔡桂林, 王宝生, 王天佐 ,等. 移动目标防御技术研究进展[J]. 计算机研究与发展, 2016,53(5): 968-987.
	CAI G L , WANG B S , WANG T Z ,et al. Research and development of moving target defense technology[J]. Journal of Computer Research and Development, 2016,53(5): 375-378
[2]	ZHUANG R , ZHANG S , DELOACH S A ,et al. Simulation-based approaches to studying effectiveness of moving-target network defense[C]// National Symposium on Moving Target Research. 2012. 1-12
[3]	JAJODIA S , SUBRAHMANLAN V S , SWARUP V ,et al. Cyber deception[M]. Springer, 2016.
[4]	CANALI D , BALZAROTTI D . Behind the scenes of online attacks:an analysis of exploitation behaviors on the Web[C]// 20th Annual Network ＆ Distributed System Security Symposium (NDSS 2013). 2013.
[5]	JUELS A , RIVEST R L . Honeywords:making password-cracking detectable[C]// 2013 ACM SIGSAC conference on Computer ＆communications security. 2013: 145-160.
[6]	ARAUJO F , HAMLEN K W , BIEDERMANN S ,et al. From patches to honey-patches:Lightweight attacker misdirection,deception,and disinformation[C]// The 2014 ACM SIGSAC Conference on Computer and Communications Security. 2014: 942-953.
[7]	KAPRAVELOS A , GRIER C , CHACHRA N ,et al. Hulk:Eliciting malicious behavior in browser extensions[C]// The 23rd Usenix Security Symposium. 2014.
[8]	GUPTA P , SRINIVASAN B , BALASUBRAMANIYAN V ,et al. Phoneypot:data-driven understanding of telephony threats[C]// 2015 Network and Distributed System Security(NDSS)Symposium. 2015.
[9]	URIAS V E , STOUT W M , LIN H W . Gathering threat intelligence through computer network deception[C]// 2016 IEEE Symposium on Technologies for Homeland Security(HST). 2016: 1-6.
[10]	TAN K L G . Confronting cyberterrorism with cyber deception[D]. Monterey,California:Naval Postgraduate School, 2003.
[11]	JONES J H J , LASKEY K B . Using Bayesian attack detection models to drive cyber deception[C]// The Eleventh UAI Conference on Bayesian Modeling Applications Workshop. 2014: 60-69.
[12]	刘宝旭, 许榕生 . 主动型安全防护措施-陷阱网络的研究与设计[J]. 计算机工程, 2002,28(12): 9-11.
	LIU B X , XU R S . Study and design of the proactive security protecting measure-honeynet[J]. Computer Engineering, 2002,28(12): 9-11
[13]	刘宝旭, 曹爱娟, 许榕生 . 陷阱网络技术综述[J]. 网络安全技术与应用, 2003,(01): 65-69.
	LIU B X , CAO A J , XU R S . Summary of the honeynet technology[J]. Net Security Technologies And Application, 2003,(01): 65-69.
[14]	曹爱娟, 刘宝旭, 许榕生 . 网络陷阱与诱捕防御技术综述[J]. 计算机工程, 2004,(09): 1-3.
	CAO A J , LIU B X , XU R S . Summary of the honeynet and entrapment defense technology[J]. Computer Engineering, 2004,(09): 1-3.
[15]	程杰仁, 殷建平, 刘运 ,等. 蜜罐及蜜网技术研究进展[J]. 计算机研究与发展, 2008,45(S1): 375-378.
	CHENG J R , YIN J P , LIU Y ,et al. Advances in the honeypot and honeynet technologies[J]. Journal of Computer Research and Development, 2008,45(S1): 375-378
[16]	诸葛建伟, 唐勇, 韩心慧 ,等. 蜜罐技术研究与应用进展[J]. 软件学报, 2013,24(04): 825-842.
	ZHUGE J W , TANG Y , HAN X H ,et al. Honeypot technology research and application[J]. Journal of Software, 2013,24(4): 825-842.
[17]	WHALEY B . Toward a general theory of deception[J]. The Journal of Strategic Studies, 1982,5(1): 178-192.
[18]	韩枫 . 军事欺骗行为仿真研究[D]. 郑州:解放军信息工程大学, 2006.
	HAN F . Research on emulate of the military deception[D]. Zhengzhou:Information Engineering University, 2006
[19]	YUILL J J . Defensive computer-security deception operations:processes,principles and techniques[D]. North Carolina:North Carolina State University, 2006.
[20]	ALMESHEKAH M H , SPAFFORD E H . Cyber Security Deception[M]// Cyber Deception. 2016: 25-52.
[21]	ANTONATOS S , AKRITIDIS P , MARKATOS E P ,et al. Defending against hitlist worms using network address space randomization[J]. Computer Networks, 2007,51(12): 3471-3490.
[22]	AL-SHAER E . Toward network configuration randomization for moving target defense[M]// Moving Target Defense. 2011: 153-159.
[23]	ROWE N C , DUONG B T , CUSTY E J . Fake honeypots:a defensive tactic for cyberspace[C]// 2006 IEEE Information Assurance Workshop. 2006: 223-230.
[24]	MURPHY S , MCDONALD T , MILLS R . An application of deception in cyberspace:operating system obfuscation[C]// 5th International Conference on Information Warfare and Security. 2010.
[25]	SPITZNER L . The honeynet project:trapping the hackers[J]. IEEE Security＆Privacy, 2003,99(2): 15-23.
[26]	诸葛建伟, 韩心慧, 周勇林 ,等. HoneyBow:一个基于高交互式蜜罐技术的恶意代码自动捕获器[J]. 通信学报, 2007,(12): 8-13.
	ZHUGE J W , HAN X H , ZHOU Y L ,et al. HoneyBow:an automated malware collection tool based on the high-interaction honeypot principle[J]. Journal on Communications, 2007,28(12): 8-13
[27]	YUILL J , ZAPPE M , DENNING D ,et al. Honeyfiles:deceptive files for intrusion detection[C]// Information Assurance Workshop. 2004: 116-122.
[28]	COHEN F . A note on the role of deception in information protection[J]. Computers＆Security, 1998,17(6): 483-506.
[29]	STOLL C P . The cuckoo’s egg:tracing a spy through the maze of computer espionage[M]. Doubleday. 1989.
[30]	CHESWICK B , . An evening with Berferd in which a cracker is Lured,Endured,and Studied[C]// The Winter 1992 USENIX Conference. 1992: 163-174.
[31]	KIM G H , SPAFFORD E H . Experiences with tripwire:using integrity checkers for intrusion detection[R]. Purdue University,Department of Computer Sciences, 1994.
[32]	COHEN F . A mathematical structure of simple defensive network deceptions[J]. Computers＆Security, 2000,19(6): 520-528.
[33]	SPITZNER L . Honeypots:tracking hackers[M]. Addison-Wesley Reading, 2003.
[34]	DAGON D , QIN X , GU G ,et al. Honeystat:local worm detection using honeypots[C]// International Workshop on Recent Advances in Intrusion Detection. 2004: 39-58.
[35]	CRANDALL J R , WU S F , CHONG F T . Experiences using minos as a tool for capturing and analyzing novel worms for unknown vulnerabilities[C]// International Conference on Detection of Intrusions and Malware,and Vulnerability Assessment. 2005: 32-50.
[36]	KREIBICH C , CROWCROFT J . Honeycomb:creating intrusion detection signatures using honeypots[J]. ACM SIGCOMM computer communication review, 2004,34(1): 51-56.
[37]	SCHRYEN G , . An e-mail honeypot addressing spammers' behavior in collecting and applying addresses[C]// 6th Annual IEEE Systems,Man and Cypernetics Information Assurance Workshop. 2005: 37-41.
[38]	SCHRYEN G . The impact that placing email addresses on the Internet has on the receipt of spam:an empirical analysis[J]. Computers ＆Security, 2007,26(5): 361-372.
[39]	WANG Y M , BECK D , JIANG X ,et al. Automated Web patrol with strider honeymonkeys[C]// The 2006 Network and Distributed System Security Symposium. 2006: 35-49.
[40]	BAECHER P , KOETTER M , HOLZ T ,et al. The nepenthes platform:An efficient approach to collect malware[C]// 9th International Symposium on Recent Advances in Intrusion Detection. Hamburg,GERMANY, 2006. 165-184.
[41]	PORTOKALIDIS G , SLOWINSKA A , BOS H . Argos:an emulator for fingerprinting zero-day attacks for advertised honeypots with automatic signature generation[C]// The 2006 EuroSys Conference. 2006: 15-27.
[42]	NEWSOME J , SONG D . Dynamic taint analysis for automatic detection,analysis,and signaturegeneration of exploits on commodity software[C]// The 12th Annual Network and Distributed System Security Symposium. 2005.
[43]	HOLZ T , RAYNAL F . Detecting honeypots and other suspicious environments[C]// 6th Annual IEEE Systems,Man and Cypernetics Information Assurance Workshop. 2005: 29-36.
[44]	ROWE N C , CUSTY E J , DUONG B T . Defending cyberspace with fake honeypots[J]. Journal of Computers, 2007,2(2): 25-36.
[45]	ZHAO Z , LIU F , GONG D . An SDN-based fingerprint hopping method to prevent fingerprinting attacks[J]. Security and Communication Networks, 2017.
[46]	DISSO J P , JONES K , BAILEY S . A plausible solution to scada security honeypot systems[C]// 2013 Eighth International Conference on Broadband and Wireless Computing,Communication and Applications(BWCCA). 2013: 443-448.
[47]	PROVOS N , . Honeyd-a virtual honeypot daemon[C]// 10th DFN-CERT Workshop. 2003.
[48]	ARTAIL H , SAFA H , SRAJ M ,et al. A hybrid honeypot framework for improving intrusion detection systems in protecting organizational networks[J]. Computers＆Security, 2006,25(4): 274-288.
[49]	BORDERS K , FALK L , PRAKASH A . OpenFire:using deception to reduce network attacks[C]// 3rd International Conference o Security and Privacy in Communication Networks and Workshops. 2007: 224-233.
[50]	RRUSHI J L , . NIC displays to thwart malware attacks mounted from within the OS[C]// Computers＆Security. 2016: 6159-6171.
[51]	ROBERTSON S , ALEXANDER S , MICALLEF J ,et al. CINDAM:customized information networks for deception and attack mitigation[C]// IEEE 9th International Conference on Self-Adaptive and Self-Organizing Systems Workshops,Massachusetts Inst Technol. 2015: 114-119.
[52]	WANG K , CHEN X , ZHU Y . Random domain name and address mutation (RDAM) for thwarting reconnaissance attacks[J]. Plos One, 2017,12(5):e0177111.
[53]	BORDERS K , ZHAO X , PRAKASH A . Siren:catching evasive malware[C]// 2006 IEEE Symposium on Security and Privacy (S＆P'06). 2006.
[54]	WHITE J . Creating personally identifiable honeytokens[M]. Innovations and Advances in Computer Sciences and Engineering.Springer. 2010: 227-232.
[55]	WHITE J , PANDA B . Implementing PII honeytokens to mitigate against the threat of malicous insiders[C]// 2009 IEEE International Conference on Intelligence and Security Informatics. 2009:233.
[56]	CHAKRAVARTY S , PORTOKALIDIS G , POLYCHRONAKIS M ,et al. Detecting traffic snooping in Tor using decoys[C]// International Workshop on Recent Advances in Intrusion Detection. 2011: 222-241.
[57]	AKIYAMA M , YAGI T , HARIU T ,et al. HoneyCirculator:distributing credential honeytoken for introspection of web-based attack cycle[J]. International Journal of Information Security, 2017: 1-17.
[58]	ZHAO L , MANNAN M . Explicit authentication response considered harmful[C]// The 2013 New security paradigms workshop(NSPW'13). 2013: 77-86.
[59]	JOHN J P , YU F , XIE Y ,et al. Heat-seeking honeypots:design and experience[C]// The 20th International Conference on World Wide Web. 2011: 207-216.
[60]	MPHAGO B , BAGWASI O , PHOFUETSILE B ,et al. Deception in dynamic Web application honeypots:case of glastopf[C]// The International Conference on Security and Management (SAM). 2015:104.
[61]	ISHIKAWA T , SAKURAI K . Parameter manipulation attack prevention and detection by using web application deception proxy[C]// The 11th International Conference on Ubiquitous Information Management and Communication. 2017:74.
[62]	THOMPSON M , MENDOLLA M , MUGGLER M ,et al. Dynamic application rotation environment for moving target defense[C]// 2016 Resilience Week. 2016.
[63]	VALLI C , RABADIA P , WOODWARD A . Patterns and patter-an investigation into SSH activity using kippo honeypots[C]// The 11th Australian Digital Forensics Conference. 2013: 141-149.
[64]	HES R , KOMISARCZUK P , STEENSON R ,et al. The capture-HPC client architecture[R]. Technical report,Victoria University of Wellington, 2009.
[65]	NAZARIO J , . PhoneyC:a virtual client honeypot[C]// The 2nd USENIX Conference on Large-scale Exploits and Emergent Threats:Botnets,Spyware,Worms,and More. 2009: 1-8.
[66]	TAKATA Y , AKIYAMA M , YAGI T ,et al. MineSpider:extracting hidden URLs behind evasive drive-by download attacks[J]. Ieice Transactions on Information＆Systems, 2016,E99.D(4): 860-872.
[67]	HUTCHINS E M , CLOPPERT M J , AMIN R M . Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains[J]. Leading Issues in Information Warfare＆Security Research, 2011,180.
[68]	CHEN X , ANDERSEN J , MAO Z M ,et al. Towards an understanding of anti-virtualization and anti-debugging behavior in modern malware[C]// 2008 IEEE International Conference on Dependable Systems＆Networks With FTCS＆DCC. 2008: 177-186.
[69]	DORNSEIF M , HOLZ T , KLEIN C N . Nosebreak-attacking honeynets[C]// 5th Annual IEEE Information Assurance Workshop. 2004: 123-129.
[70]	FU X , YU W , CHENG D ,et al. On recognizing virtual honeypots and countermeasures[C]// 2nd IEEE International Symposium on Depenable,Autonomic and Secure Computing. 2006: 211-218.
[71]	DEFIBAUGH-CHAVEZ P , VEERAGHATTAM R , KANNAPPA M ,et al. Network based detection of virtual environments and low interaction honeypots[C]// 7th Annual IEEE Information Assurance Workshop. 2006: 283-289.
[72]	KRAWETZ N . Anti-honeypot technology[J]. IEEE Security＆Privacy, 2004,2(1): 76-79.
[73]	ZOU C C , CUNNINGHAM R . Honeypot-aware advanced botnet construction and maintenance[C]// International Conference on Dependable Systems and Networks(DSN'06). 2006: 199-208.
[74]	QUYNH N A , TAKEFUJI Y . Towards an invisible honeypot monitoring system[C]// 11th Australasian Conference on Information Security and Privacy. Melbourne,AUSTRALIA, 2006: 111-122.
[75]	JIANG X , WANG X . “Out-of-the-box”monitoring of VM-based high-interaction honeypots[C]// International Workshop on Recent Advances in Intrusion Detection. 2007: 198-218.
[76]	ANTONATOS S , ANAGNOSTAKIS K , MARKATOS E . Honey@home:a new approach to large-scale threat monitoring[C]// 5th ACM Workshop on Recurring Malcode. 2007: 38-45.
[77]	石乐义, 李婕, 刘昕 ,等. 基于动态阵列蜜罐的协同网络防御策略研究[J]. 通信学报, 2012,(11): 159-164.
	SHI L Y , LI J , LIU X ,et al. Research on dynamic array honeypot for collaborative network defense strategy[J]. Journal on Communications, 2012,33(11): 159-164.
[78]	郭军权, 诸葛建伟, 孙东红 ,等. Spampot:基于分布式蜜罐的垃圾邮件捕获系统[J]. 计算机研究与发展, 2014,51(5): 1071-1080.
	GUO J Q , ZHUGE J W , SUN D H ,et al. Spampot:a spam CAPTURE system based on distributed honeypot[J]. Journal of Computer Research＆Development, 2014,51(5): 1071-1080
[79]	WANG C Y , JHAO Y L , WANG C S ,et al. The bilateral communication-based dynamic extensible honeypot[C]// 49th Annual International Carnahan Conference on Security Technology (ICCST). 2015: 263-268.

欺骗类别	策略	定义
	掩盖	隐藏所有鲜明的特征，或将其与周围的特征相匹配
掩饰	重新包装	添加或削减特性而将其转换为其他对象
	目眩	创造全新的或不同的对象
	模仿	复制一个或多个特征来近似某一对象
模拟	编造	随机或部分模糊对象的特性
	诱骗	创造虚假的特性，来给定额外的模式

公司	国家	产品/方案	防御功能	融资情况
Illusive Networks	以色列	Deceptions Everywhere?	伪装欺骗	2015年6月获得500万美元融资
				2015年10月获得2 200万美元融资
Cymmetria	以色列	MazeRunner	伪装欺骗	2015年累计获得1 050万美元融资
TrapX	美国	DeceptionGrid Platform	伪装欺骗	2014年1月获得500万美元融资
				2015年7月获得900万美元融资
Attivo	美国	ThreatMatrix Platform	伪装欺骗	2015年4月获得800万美元融资
Allure	美国	Novo Platform	伪装欺骗	——
长亭科技	中国	谛听威胁感知系统	伪装欺骗	2015年9月获得600万元天使轮投资
黙安科技	中国	幻盾	伪装欺骗	2017年获得3 000万元投资

阶段	描述
侦查	选择与研究目标，寻找目标网络漏洞
武器化	研制网络武器，如病毒和蠕虫
投送	将网络武器投送到目标
漏洞利用	触发网络武器，在目标网络中利用漏洞
安装	网络武器安装可被入侵者使用的接入点
命令与控制	入侵者与目标网络保持访问
执行	入侵者采取行动达到攻击目标，如数据分割、摧毁等

欺骗类型	侦查和武器化	投送	漏洞利用和安装	命令控制与武器执行
应用欺骗	Glastopf、HIHAT、Kippo	HoneyMonkey、Capture-HPC、PhoneyC	uvauth、honey-patches	──
数据欺骗	Honeywords、Detecting traffic snooping in Tor using decoys	──	──	PII、honeyfile、Siren
网络结构欺骗	Honeyd、honeynet、混杂蜜罐、OpenFire	Network Address Space Randomization、MUTE（mutable networks）、CINDAM、RDAM		──
设备欺骗	DTK、HoneyBow、Argos、Operating System Obfuscation、FPH	──	fake honeypot	──

网络欺骗技术综述

Survey on cyber deception

在线阅读

PDF下载

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 11

参考文献 79

相关文章 15

Metrics

推荐阅读 0

[1]	马鑫迪, 李清华, 姜奇, 马卓, 高胜, 田有亮, 马建峰. 面向Non-IID数据的拜占庭鲁棒联邦学习[J]. 通信学报, 2023, 44(6): 138-153.
[2]	张佳乐, 朱诚诚, 孙小兵, 陈兵. 基于GAN的联邦学习成员推理攻击与防御方法[J]. 通信学报, 2023, 44(5): 193-205.
[3]	刘盈泽, 郭渊博, 方晨, 李勇飞, 陈庆礼. 基于有限理性的网络防御策略智能规划方法[J]. 通信学报, 2023, 44(5): 52-63.
[4]	余晟兴, 陈泽凯, 陈钟, 刘西蒙. DAGUARD：联邦学习下的分布式后门攻击防御方案[J]. 通信学报, 2023, 44(5): 110-122.
[5]	周大成, 陈鸿昶, 何威振, 程国振, 扈红超. 基于深度强化学习的微服务多维动态防御策略研究[J]. 通信学报, 2023, 44(4): 50-63.
[6]	杜少宇. 积分攻击改进——随机线性区分与密钥恢复攻击[J]. 通信学报, 2023, 44(4): 145-153.
[7]	陈晋音, 熊海洋, 马浩男, 郑雅羽. 基于对比学习的图神经网络后门攻击防御方法[J]. 通信学报, 2023, 44(4): 154-166.
[8]	罗智勇, 张玉, 王青, 宋伟伟. 基于贝叶斯攻击图的SDN入侵意图识别算法的研究[J]. 通信学报, 2023, 44(4): 216-225.
[9]	张进, 葛强, 徐伟海, 江逸茗, 马海龙, 于洪涛. 拟态路由器BGP代理的设计实现与形式化验证[J]. 通信学报, 2023, 44(3): 33-44.
[10]	徐明, 张保俊, 伍益明, 应晨铎, 郑宁. 面向网络攻击和隐私保护的多智能体系统分布式共识算法[J]. 通信学报, 2023, 44(3): 117-127.
[11]	黄华伟. 基于矩阵作用问题的公钥密码体制抗量子攻击安全性分析[J]. 通信学报, 2023, 44(3): 220-226.
[12]	王东滨, 吴东哲, 智慧, 郭昆, 张勖, 时金桥, 张宇, 陆月明. 软件定义网络抗拒绝服务攻击的流表溢出防护[J]. 通信学报, 2023, 44(2): 1-11.
[13]	康海燕, 龙墨澜. 基于吸收马尔可夫链攻击图的网络攻击分析方法研究[J]. 通信学报, 2023, 44(2): 122-135.
[14]	田有亮, 田茂清, 高鸿峰, 何淼, 熊金波. 面向群智感知应用的基于协作的位置认证方案[J]. 通信学报, 2022, 43(9): 121-133.
[15]	赵静, 李俊, 龙春, 万巍, 魏金侠, 陈凯. 基于多层次特征的RoQ隐蔽攻击无监督检测方法[J]. 通信学报, 2022, 43(9): 224-239.