基于拟态防御原理的分布式多接入边缘计算研究

doi:10.11959/j.issn.2096-3750.2019.00122

物联网学报 ›› 2019, Vol. 3 ›› Issue (3): 76-83.doi: 10.11959/j.issn.2096-3750.2019.00122

所属专题：边缘计算

基于拟态防御原理的分布式多接入边缘计算研究

朱泓艺(),陆肖元,李毅

上海宽带技术及应用工程研究中心，上海 200436

修回日期:2019-07-12 出版日期:2019-09-30 发布日期:2019-10-14
作者简介:朱泓艺（1990- ），男，上海人，博士，上海宽带技术及应用工程研究中心助理研究员，主要研究方向为下一代无线通信技术、边缘计算及信息安全技术。|陆肖元（1975- ），男，上海人，教授级高级工程师，上海宽带技术及应用工程技术研究中心副主任、上海浦东临港智慧城市发展中心主任，主要研究方向为宽带网络与智慧城市应用等相关领域。|李毅（1965- ），男，浙江绍兴人，博士，博士生导师，上海宽带技术及应用工程研究中心主任，主要研究方向为宽带网络与大数据技术及应用等相关领域。
基金资助:
国家重点研发计划项目(2017YFB0803205);上海市科学技术委员会科研计划项目(18DZ1100503)

Research on distributed multi-access edge computing based on mimic defense theory

Hongyi ZHU(),Xiaoyuan LU,Yi LI

Shanghai Engineering Research Center for Broadband Technologies and Applications,Shanghai 200436,China

Revised:2019-07-12 Online:2019-09-30 Published:2019-10-14
Supported by:
The Key Research and Development Program of China(2017YFB0803205);Science Research Program of Shanghai Scientific and Technology Committee(18DZ1100503)

摘要/Abstract

摘要：

多接入边缘计算在网络边缘提供高性能的网络资源，但由于其位置管理分散，所以对安全性能要求较高。基于拟态防御原理提出了分布式多接入边缘计算的拟态防御架构，通过分割数据与校验填充，转发至多个边缘节点处理，并根据校验分析实现了多模裁决与动态调度的拟态防御机制。仿真结果表明，在增加时延成本的情况下，该架构可有效降低数据被篡改和被泄露的概率。提出了基于置信度与时延成本的边缘节点调度策略，提升了系统的效率与安全性能。

关键词: 多接入边缘计算, 业务编排, 拟态安全防御, 动态异构冗余

Abstract:

The highly efficient network resources are provided by multi-access edge computing at the edge of the network,but high security capability is required also due to its distributed position and organization.Based on mimic defense theory,mimic defense structure for distributed multi-access edge computing was proposed.By segmenting data,padding check data and processing data at multiple edge node,dynamic scheduling and decision-making functions according to checksum were implemented.The simulation results show that with the increase of delay cost,the data manipulation and leak rates can be reduced effectively by the proposed structure.The edge node scheduling strategy based on trust and cost is proposed to improve the efficiency and security of the system.

Key words: multi-access edge computing, task orchestration, mimic security defense, dynamic heterogeneous redundancy

中图分类号:

TP393

朱泓艺,陆肖元,李毅. 基于拟态防御原理的分布式多接入边缘计算研究[J]. 物联网学报, 2019, 3(3): 76-83.

Hongyi ZHU,Xiaoyuan LU,Yi LI. Research on distributed multi-access edge computing based on mimic defense theory[J]. Chinese Journal on Internet of Things, 2019, 3(3): 76-83.

图/表 4

参考文献 11

[9]	CHANG X , ZHANG B W , ZHANG Y . Information security modeling method for CMD systems[J]. Communications Technology, 2018,51(1): 165-170.
[10]	李宁波, 赫凌俊, 谢彬 ,等. 基于主动防御的高安全分布式存储系统研究[J]. 信息技术与信息化, 2018(8): 185-188.
	LI N B , HAO L J , XIE B ,et al. Research on high security distributed storage system based on active defense[J]. Information Technology ＆Informatization, 2018(8): 185-188.
[11]	周清雷, 冯峰, 朱维军 . 基于功能切片的拟态防御体系结构及安全等级评估方法[J]. 通信学报, 2018,39(z2): 99-109.
[1]	KEKKI S , FEATHERSTONE W , FANG Y ,et al. MEC in 5G networks[S].2018. 2018:
[2]	NDIKUMANA A , TRAN N H , HO T M ,et al. Joint communication,computation,caching,and control in big data multi-access edge computing[J]. IEEE Transactions on Mobile Computing, 2019:1.
[3]	TALEB T , SAMDANIS K , MADA B ,et al. On multi-access edge computing:a survey of the emerging 5G network edge cloud architecture and orchestration[J]. IEEE Communications Surveys ＆Tutorials, 2017,19(3): 1657-1681.
[4]	SHI W , CAO J , ZHANG Q ,et al. Edge computing:vision and challenges[J]. IEEE Internet of Things Journal, 2016,3(5): 637-646.
[5]	CESELLI A , FIORE M , FURNO A ,et al. Prescriptive analytics for MEC orchestration[C]// 2018 IFIP Networking Conference (IFIP Networking) and Workshops. IEEE, 2019: 1-9.
[6]	邬江兴 . 网络空间拟态防御研究[J]. 信息安全学报, 2016,1(4): 1-10.
	WU J X . Research on cyber mimic defense[J]. Journal of Cyber Security, 2016,1(4): 1-10.
[7]	仝青, 张铮, 张为华 ,等. 拟态防御 Web 服务器设计与实现[J]. 软件学报, 2017,28(4): 883-897.
	TONG Q , ZHANG Z , ZHANG W H ,et al. Design and implementation of mimic defense Web server[J]. Journal of Software, 2017,28(4): 883-897.
[8]	庞建民, 张宇嘉, 张铮 ,等. 拟态防御技术结合软件多样化在软件安全产业中的应用[J]. 中国工程科学, 2016,18(6): 74-78.
	PANG J M , ZHANG Y J , ZHANG Z ,et al. Applying a combination of mimic defense and software diversity in the software security industry[J]. Engineering Science, 2016,18(6): 74-78.
[9]	常箫, 张保稳, 张莹 . 一种面向网络拟态防御系统的信息安全建模方法[J]. 通信技术, 2018,51(1): 165-170.
[11]	ZHOU Q L , FENG F , ZHU W J . Mimic defense organization structure based on functional slice and method of evaluating security level[J]. Journal on Communications, 2018,39(z2): 99-109.

基于拟态防御原理的分布式多接入边缘计算研究

Research on distributed multi-access edge computing based on mimic defense theory

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 4

参考文献 11

相关文章 2

Metrics

推荐阅读 0

[1]	张美楠, 张鸣琪, 丁飞, 庄衡衡, 马海蓉. 星地融合中继网络时延与能耗边缘优化卸载策略[J]. 物联网学报, 2022, 6(3): 124-132.
[2]	苏新, 王子怡, 王宇鹏, 周思源. 海洋观监测传感器网络多接入边缘计算卸载方法[J]. 物联网学报, 2021, 5(1): 36-52.