端信息跳扩混合的主动网络防御技术研究

doi:10.11959/j.issn.1000-436x.2019071

通信学报 ›› 2019, Vol. 40 ›› Issue (5): 125-135.doi: 10.11959/j.issn.1000-436x.2019071

端信息跳扩混合的主动网络防御技术研究

石乐义,郭宏彬,温晓,李剑蓝,崔玉文,马猛飞,孙慧

中国石油大学（华东）计算机与通信工程学院，山东青岛 266580

修回日期:2019-01-21 出版日期:2019-05-25 发布日期:2019-05-30
作者简介:石乐义（1975– ），男，山东临朐人，博士，中国石油大学（华东）教授、硕士生导师，主要研究方向为网络安全、博弈理论和移动计算。|郭宏彬（1992– ），男，山东潍坊人，中国石油大学（华东）硕士生，主要研究方向为网络安全、网络对抗。|温晓（1992– ），女，山东聊城人，中国石油大学（华东）硕士生，主要研究方向为网络安全、网络对抗。|李剑蓝（1993– ），男，江西婺源人，中国石油大学（华东）硕士生，主要研究方向为网络安全、深度学习。|崔玉文（1992– ），男，山东济宁人，中国石油大学（华东）硕士生，主要研究方向为网络安全、隐蔽通信。|马猛飞（1993– ），男，河南禹州人，中国石油大学（华东）硕士生，主要研究方向为网络安全、网络对抗。|孙慧（1991– ），女，山东滕州人，中国石油大学（华东）硕士生，主要研究方向为网络安全、主动网络防御。
基金资助:
国家自然科学基金资助项目(61772551)

Research on end hopping and spreading for active cyber defense

Leyi SHI,Hongbin GUO,Xiao WEN,Jianlan LI,Yuwen CUI,Mengfei MA,Hui SUN

College of Computer and Communication Engineering,China University of Petroleum,Qingdao 266580,China

Revised:2019-01-21 Online:2019-05-25 Published:2019-05-30
Supported by:
The National Natural Science Foundation of China(61772551)

摘要/Abstract

摘要：

受扩频通信技术启发，提出了端信息扩展的概念，利用多项端信息组成的序列来表示一条信息，使通信端信息与所传递信息无关，实现了端信息高隐蔽传输。进一步提出了端信息跳扩混合主动网络防御技术，将端信息跳变策略与同步策略分离，通过端信息扩展机制实现跳变通信双方的同步认证，解决了高隐蔽性要求下的高速跳变同步问题。详细讨论了端信息跳扩混合主动网络防御技术中扩展序列的生成、传输、同步认证方式和数据迁移策略，并对所提模型的安全性能和同步性能进行理论分析与实验验证。理论分析与实验结果表明，端信息跳扩混合主动网络防御技术提升了高速跳变下网络服务的可用性和隐蔽性，对于高强度对抗要求的主动网络防护应用具有重要意义。

关键词: 端信息扩展, 端信息跳扩混合, 主动网络防御, 数据迁移, 高速跳变

Abstract:

Inspired by the spread spectrum technology for communications,the concept of end spreading was proposed to represent a piece of information of the data transmission with a sequence of multiple end information,of which each piece of end information was irrelevant to the information it conveys.Thus the covert data transmission can be performed.Further,an active cyber defense model of end information hopping and spreading was presented,in which the hopping strategy was separated from the synchronization strategy.The synchronization was accomplished by means of end information spreading for synchronous authentication of both parties,which can solve the high-speed hopping synchronization problem with high concealment requirements.The mode of generation,transmission and authentication of the spreading sequence,and the data migration strategy in the end hopping and spreading model were described in detail,and the security performance and synchronization performance were analyzed and verified experimentally.Theoretical analysis and experimental results show that the cyber defense model of end information hopping and spreading has improved the availability and confidentiality of network services under high-speed hopping and has good anti-attack performance,which is of great significance for the proactive defense application of high intensity confrontation.

Key words: end spreading, end hopping and spreading, active network defense, data migration, high-speed hopping

中图分类号:

TP393

石乐义,郭宏彬,温晓,李剑蓝,崔玉文,马猛飞,孙慧. 端信息跳扩混合的主动网络防御技术研究[J]. 通信学报, 2019, 40(5): 125-135.

Leyi SHI,Hongbin GUO,Xiao WEN,Jianlan LI,Yuwen CUI,Mengfei MA,Hui SUN. Research on end hopping and spreading for active cyber defense[J]. Journal on Communications, 2019, 40(5): 125-135.

图/表 9

图1

图2

图3

表1

图4

表2

图6

图5

表3

参考文献 23

[1]	石乐义, 贾春福, 吕述望 . 基于端信息跳变的主动网络防护研究[J]. 通信学报, 2008,29(2): 106-110.
	SHI L Y , JIA C F , LU S W . Research on end hopping for active network confrontation[J]. Journal on Communications, 2008,29(2): 106-110.
[2]	JAJODIA S , GHOSH A K , SWARUP V ,et al. Moving target defense:creating asymmetric uncertainty for cyber threats[M]. Springer Ebooks, 2011.
[3]	LAKSHMINARAYANA S , YAU D K Y . Cost-benefit analysis of moving-target defense in power grids[C]// Annual IEEE/IFIP International Conference on Dependable Systems and Networks. IEEE, 2018: 139-150.
[4]	VENKATESAN S , ALBANESE M , AMIN K ,et al. A moving target defense approach to mitigate DDoS attacks against proxy-based architectures[C]// Communications and Network Security. IEEE, 2017: 198-206.
[5]	ZEITZ K , CANTRELL M , MARCHANY R ,et al. Designing a micro-moving target IPV6 defense for the Internet of things[C]// IEEE/ACM Second International Conference on Internet-of-Things Design and Implementation. IEEE/ACM, 2017: 179-184.
[6]	HU H , WU J , WANG Z ,et al. Mimic defense:a designed-in cybersecurity defense framework[J]. IET Information Security, 2017,12(3): 226-237.
[7]	斯雪明, 王伟, 曾俊杰 ,等. 拟态防御基础理论研究综述[J]. 中国工程科学, 2016,18(6): 62-68.
	SI X M , WANG W , ZENG J J . A review of the basic theory of mimic defense[J]. Engineering Sciences, 2016,18(6): 62-68.
[8]	仝青, 张铮, 张为华 ,等. 拟态防御Web服务器设计与实现[J]. 软件学报, 2017,28(4): 883-897.
	TONG Q , ZHANG Z , ZHANG W H ,et al. Design and implementation of mimic defense web server[J]. Journal of Software, 2017,28(4): 883-897.
[9]	谢慧, 张志刚, 聂峰 . 跳端口在安全P2P即时通信系统中的应用[J]. 武汉理工大学学报(信息与管理工程版), 2011,33(1): 18-21.
	XIE H , ZHANG Z G , NIE F . Application and implementation of port hopping in secure P2P Msystem[J]. Journal of WUT(Information ＆Management Engineering), 2011,33(1): 18-21.
[10]	张连成, 魏强, 唐秀存 ,等. 基于路径与端址跳变的 SDN 网络主动防御技术[J]. 计算机研究与发展, 2017,54(12): 2748-2758.
	ZHANG L C , WEI Q , TANG X C . Path and port address hopping based sdn proactive defense technology[J]. Journal of Computer Research and Development, 2017,54(12): 2748-2758.
[11]	刘慧生, 王振兴, 郭毅 . 一种基于多穴跳变的 IPV6 主动防御模型[J]. 电子与信息学报, 2012,34(7): 1715-1720.
	LIU H S , WANG Z X , GUO Y . An IPV6 proactive network defense model based on multi-homing hopping[J]. Journal of Electronics ＆Information Technology, 2012,34(7): 1715-1720.
[12]	周余阳, 程光, 郭春生 ,等. 移动目标防御的攻击面动态转移技术研究综述[J]. 软件学报, 2018,29(9): 2799-2820.
	ZHOU Y Y , CHENG G , GUO C S ,et al. Survey on attack surface dynamic transfer technology based on moving target defense[J]. Journal on Software, 2018,29(9): 2799-2820.
[13]	LIN K , JIA C . Distributed timestamp synchronization for end hopping[J]. China Communications, 2011,8(4): 164-169.
[14]	林楷, 贾春福, 石乐义 . 分布式时间戳同步技术的改进[J]. 通信学报, 2012 33(10): 110-116.
	LIN K , JIA C F , SHI L Y . Improvement of distributed timestamp synchronization[J]. Journal on Communications, 2012,33(10): 110-116.
[15]	林楷, 贾春福 . 基于消息篡改的端信息跳变技术[J]. 通信学报, 2013,34(12): 142-148.
	LIN K , JIA C F . End hopping based on message tampering[J]. Journal on Communications, 2013,34(12): 142-148.
[16]	LUO Y , WANG B , WANG X ,et al. RPAH:random port and address hopping for thwarting internal and external adversaries[C]// IEEE Trustcom/Bigdatase/Ispa. IEEE, 2015.
[17]	LUO Y , WANG B , WANG X . A keyed-hashing based self-synchronization mechanism for port address hopping communication[J]. Frontiers of Information Technology ＆ Electronic Engineering, 2017,18(5): 719-728.
[18]	ZHAO Z , GONG D , LU B ,et al. SDN-based double hopping communication against sniffer attack[J]. Mathematical Problems in Engineering, 2016(2): 1-13.
[19]	孙慧 . 基于端信息跳变的网络音视频通信系统研究与设计[D]. 青岛:中国石油大学（华东）, 2018.
	SUN H . Research and design of network audio and video communication system based on end hopping[D]. Qingdao:China University of Petroleum (East China), 2018.
[20]	范晓诗, 李成海, 王昊 . 基于可变时隙与动态同步的端口跳变技术研究[J]. 计算机工程与设计, 2013,34(10): 3465-3469.
	FAN X S , LI C H , WANG H . Research port hopping technology on variable slot and dynamic time synchronization[J]. Computer Engineering and Design, 2013,34(10): 3465-3469.
[21]	刘江, 张红旗, 代向东 ,等. 基于端信息自适应跳变的主动网络防御模型[J]. 电子与信息学报, 2015,37(11): 2642-2649.
	LIU J , ZHANG H Q , DAI X D ,et al. A proactive network defense model based on selfadaptive end hopping[J]. Journal of Electronics ＆Information Technology, 2015,37(11): 2642-2649
[22]	赵春蕾 . 端信息跳变系统自适应策略研究[D]. 天津:南开大学, 2012.
	ZHAO C L . Research on adaptive strategies for end-hopping system[D]. Tianjin:Nankai University, 2012.
[23]	KUMAR D , DHYANI P , SHARMA A K . Migration of data from one cloud server to another cloud server using the TCP-IP protocol[J]. In ternational Journal of Computer Applications, 2017,157(4): 27-31.

主机	内存/GB	操作系统	内核版本	工作方式
客户机	4	Ubuntu14.04	Intel Core i5	端信息扩展客户端
服务器	8	Ubuntu16.04	Intel Core i7	跳扩混合服务器

拒绝服务攻击类型	服务完成时间/ms
SYN Flood	1.803
ACK Flood	1.750
NTP DoS	1.739

跳变速率/(hop·s^-1)	端信息跳变模型	端信息跳扩混合模型
1	95%	78%
2	78%	77%
10	16%	69%
100	0	75%
200	0	73%

端信息跳扩混合的主动网络防御技术研究

Research on end hopping and spreading for active cyber defense

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 9

参考文献 23

相关文章 2

Metrics

推荐阅读 0

[1]	胡九川, 范东睿, 程建聪, 严龙, 叶笑春, 李灵枝, 万良易, 钟海斌. 内存与片上渗透缓存之间数据迁移的理论分析[J]. 通信学报, 2021, 42(8): 217-225.
[2]	蒲勇霖,于炯,鲁亮,李梓杨,卞琛,廖彬. 基于Storm平台的数据迁移合并节能策略[J]. 通信学报, 2019, 40(12): 68-85.