基于双重存证的跨域流转多副本发现机制

doi:10.11959/j.issn.1000-436x.2024023

通信学报 ›› 2024, Vol. 45 ›› Issue (2): 40-53.doi: 10.11959/j.issn.1000-436x.2024023

• 学术论文 • 上一篇

基于双重存证的跨域流转多副本发现机制

罗海洋¹^,²^,³, 邝彬¹^,²^,³, 郭守坤¹^,³, 张玲翠¹^,³, 牛犇¹^,³, 李凤华¹^,²^,³

¹ 中国科学院信息工程研究所，北京 100085
² 中国科学院大学网络空间安全学院，北京 100049
³ 网络空间安全防御重点实验室，北京 100085

修回日期:2023-12-13 出版日期:2024-02-01 发布日期:2024-02-01
作者简介:罗海洋（1997− ），男，湖南娄底人，中国科学院信息工程研究所博士生，主要研究方向为隐私计算、隐私保护
邝彬（2000− ），男，湖南永州人，中国科学院信息工程研究所博士生，主要研究方向为隐私计算、隐私保护
郭守坤（1994− ），男，河南周口人，中国科学院信息工程研究所工程师，主要研究方向为隐私计算、数据安全
张玲翠（1986− ），女，河北故城人，博士，中国科学院信息工程研究所高级工程师、硕士生导师，主要研究方向为网络与系统安全、数据安全
牛犇（1984− ），男，陕西西安人，博士，中国科学院信息工程研究所研究员、博士生导师，主要研究方向为数据安全、隐私计算
李凤华（1966− ），男，湖北浠水人，博士，中国科学院信息工程研究所研究员、博士生导师，主要研究方向为网络与系统安全、信息保护、隐私计算
基金资助:
国家重点研发计划基金资助项目(2021YFB3101301);国家自然科学基金资助项目(62332018);国家自然科学基金资助项目(61932015);国家社科基金重大项目(22＆ZD147)

Cross-domain multi-copy of flow discovery mechanism based on dual certificate storage

Haiyang LUO¹^,²^,³, Bin KUANG¹^,²^,³, Shoukun GUO¹^,³, Lingcui ZHANG¹^,³, Ben NIU¹^,³, Fenghua LI¹^,²^,³

¹ Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100085, China
² School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China
³ Key Laboratory of Cyberspace Security Defense, Beijing 100085, China

Revised:2023-12-13 Online:2024-02-01 Published:2024-02-01
Supported by:
The National Key Research and Development Program of China(2021YFB3101301);The National Natural Science Foundation of China(62332018);The National Natural Science Foundation of China(61932015);Major Programs of the National Social Science Foundation of China(22＆ZD147)

摘要/Abstract

摘要：

针对泛在共享环境下信息频繁跨节点、跨系统交换时有意或无意留存而导致的隐私信息泄露问题，提出了一种基于双重存证的跨域流转多副本发现机制，可实现对流转信息的传播路径、传播方式进行溯源，并构造信息的多副本传播图。根据存证时机和方式的不同，双重存证包括流转主动存证和操作被动存证，信息在被分享前，由信息分享者主动记录传播路径和传播方式，生成流转主动存证记录；信息在被操作前，由系统自动记录传播路径，生成操作被动存证记录；相比单一存证，双重存证能够提高构造的信息多副本传播图的完整性和真实性，能够发现存证行为异常的节点并进行处置；基于社会惩戒理论，证明了存证行为异常发现与处置的有效性。实验开发了针对OFD的双重存证多副本发现原型系统，验证了所提机制对信息传播图构造完整性的提升。

关键词: 多副本发现, 存证系统, 跨域流转, 社会惩戒, 传播图

Abstract:

To solve the problems of the privacy information leakage caused by the deliberate or inadvertent retention of information when information was frequently exchanged across nodes and systems in a ubiquitous sharing environment, a cross-domain multi-copy of flow discovery mechanism based on dual certificate storage was proposed, which could trace the propagation path and channel, and construct a multi-copy propagation graph of the information.Depending on the timing and method of certification, the dual certification was comprised active circulation certification and passive operation certification.Before the information was shared, the information sharer actively recorded the propagation path and method to generate active circulation certification records.Before the information was operated, the system automatically recorded the propagation path to generate passive operational certification records.Compared with single certificate storage, the dual certificate storage could improve the integrity and authenticity of the constructed multi-copy propagation graph of information, and could detect nodes with abnormal certificate storage behavior and provide disposals.Based on the theory of social punishment, the effectiveness of abnormal certificate storage behavior detection and handling was demonstrated.A prototype system for multi-copy discovery of OFD with dual certificate storage is developed, the improvement of information dissemination graph construction integrity by the proposed mechanism is verified.

Key words: multi-copy discovery, certificate storage system, cross-domain flow, social punishment, propagation graph

中图分类号:

TN92

罗海洋, 邝彬, 郭守坤, 张玲翠, 牛犇, 李凤华. 基于双重存证的跨域流转多副本发现机制[J]. 通信学报, 2024, 45(2): 40-53.

Haiyang LUO, Bin KUANG, Shoukun GUO, Lingcui ZHANG, Ben NIU, Fenghua LI. Cross-domain multi-copy of flow discovery mechanism based on dual certificate storage[J]. Journal on Communications, 2024, 45(2): 40-53.

图/表 18

图1

图2

图3

表1

系统参数"

参数	含义
X	信息
S	信息分享者
R	信息接收者
C	信息传播途径
A	流转主动存证记录
O	操作被动存证记录
$G_{Prop}$	基于存证系统构建的信息多副本传播图
$G_{Prop}^{'}$	完整的信息多副本传播图
$G_{Flow}$	基于流转主动存证构建的流转传播图
$G_{Trace}$	基于操作被动存证构建的溯源传播图
$G . V = {v_{1}, v_{2}, \dots, v_{n}}$	图G的节点集合G.V 及其节点v
$G . E = {e_{1}, e_{2}, \dots, e_{m}}$	图G的边集合G.E及其边e
$V^{'}$	异常节点集合
$E^{'}$	异常路径集合
$X_{ID} = GenerateID (X)$	信息标识符生成函数，生成X的信息标识X_ID
$(X_{ID}, S_{ID}) = Extract (X)$	元数据提取函数，提取 X 的信息标识X_ID和最近操作用户标识S_ID

表1

图4

图5

图6

图7

图8

图9

图10

图11

图12

表2

图13

表3

表4

表5

参考文献 21

[1]	李凤华, 李晖, 牛犇 . 隐私计算理论与技术[M]. 北京: 人民邮电出版社, 2021.
	LI F H , LI H , NIU B . Privacy computing theory and technology[M]. Beijing: Posts ＆ Telecom Press, 2021.
[2]	CURTMOLA R , KHAN O , BURNS R ,et al. MR-PDP:multiple-replica provable data possession[C]// Proceedings of 28th International Conference on Distributed Computing Systems. Piscataway:IEEE Press, 2008: 411-420.
[3]	熊金波, 沈薇薇, 黄阳群 ,等. 云环境下的数据多副本安全共享与关联删除方案[J]. 通信学报, 2015,36(S1): 136-140.
	XIONG J B , SHEN W W , HUANG Y Q ,et al. Security sharing and associated deleting scheme for multi-replica in cloud[J]. Journal on Communications, 2015,36(S1): 136-140.
[4]	DU L , ZHANG Z W , TAN S C ,et al. An associated deletion scheme for multi-copy in cloud storage[C]// International Conference on Algorithms and Architectures for Parallel Processing. Berlin:Springer, 2018: 511-526.
[5]	ZHANG Y Y , XIONG J B , LI X ,et al. A multi-replica associated deleting scheme in cloud[C]// Proceedings of 10th International Conference on Complex,Intelligent,and Software Intensive Systems (CISIS). Piscataway:IEEE Press, 2016: 444-448.
[6]	MIAO Y , HUANG Q , XIAO M Y ,et al. Blockchain assisted multi-copy provable data possession with faults localization in multi-cloud storage[J]. IEEE Transactions on Information Forensics and Security, 2022,17: 3663-3676.
[7]	PHAN Q T , BOATO G , CALDELLI R ,et al. Tracking multiple image sharing on social networks[C]// Proceedings of IEEE International Conference on Acoustics,Speech and Signal Processing (ICASSP). Piscataway:IEEE Press, 2019: 8266-8270.
[8]	YOU J X , LI Y M , LIANG R Q ,et al. Image sharing chain detection VIA sequence-to-sequence model[C]// Proceedings of IEEE International Conference on Acoustics,Speech and Signal Processing (ICASSP). Piscataway:IEEE Press, 2023: 1-5.
[9]	SIDDIQUI N , ANJUM A , SALEEM M ,et al. Social media origin based image tracing using deep CNN[C]// Proceedings of Fifth International Conference on Image Information Processing (ICIIP). Piscataway:IEEE Press, 2019: 97-101.
[10]	李凤华, 孙哲, 牛犇 ,等. 跨社交网络的隐私图片分享框架[J]. 通信学报, 2019,40(7): 1-13.
	LI F H , SUN Z , NIU B ,et al. Privacy-preserving photo sharing framework cross different social network[J]. Journal on Communications, 2019,40(7): 1-13.
[11]	ZHANG M , SUN Z , LI H ,et al. Go-sharing:a blockchain-based privacy-preserving framework for cross-social network photo sharing[J]. IEEE Transactions on Dependable and Secure Computing, 2023,20(5): 3572-3587.
[12]	TANG J T , WANG T , WANG J . Information flow detection and tracking on Web2.0 BLOGS based on social networks[C]// Proceedings of 9th International Conference for Young Computer Scientists. Piscataway:IEEE Press, 2008: 1664-1670.
[13]	PATSAKIS C , ZIGOMITROS A , PAPAGEORGIOU A ,et al. Distributing privacy policies over multimedia content across multiple online social networks[J]. Computer Networks, 2014,75: 531-543.
[14]	XIONG F , LIU Y , ZHANG Z J ,et al. An information diffusion model based on retweeting mechanism for online social media[J]. Physics Letters A, 2012,376(30/31): 2103-2108.
[15]	王超, 杨旭颖, 徐珂 ,等. 基于 SEIR 的社交网络信息传播模型[J]. 电子学报, 2014,42(11): 2325-2330.
	WANG C , YANG X Y , XU K ,et al. SEIR-based model for the information spreading over SNS[J]. Acta Electonica Sinica, 2014,42(11): 2325-2330.
[16]	GUILLE A , HACID H . A predictive model for the temporal dynamics of information diffusion in online social networks[C]// Proceedings of the 21st International Conference on World Wide Web. New York:ACM Press, 2012: 1145-1152.
[17]	DICKENS L , MOLLOY I , LOBO J ,et al. Learning stochastic models of information flow[C]// Proceedings of IEEE 28th International Conference on Data Engineering. Piscataway:IEEE Press, 2012: 570-581.
[18]	LIU C , ZHOU N , ZHAN X X ,et al. Markov-based solution for information diffusion on adaptive social networks[J]. Applied Mathematics and Computation, 2020,380:125286.
[19]	CHARIKAR M S . Similarity estimation techniques from rounding algorithms[C]// Proceedings of the Thiry-Fourth Annual ACM Symposium on Theory of Computing. New York:ACM Press, 2002: 380-388.
[20]	DATAR M , IMMORLICA N , INDYK P ,et al. Locality-sensitive hashing scheme based on p-stable distributions[C]// Proceedings of the Twentieth Annual Symposium on Computational Geometry. New York:ACM Press, 2004: 253-262.
[21]	IRIE G , LI Z G , WU X M ,et al. Locally linear hashing for extracting non-linear manifolds[C]// Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. Piscataway:IEEE Press, 2014: 2123-2130.

传播图类型	节点数量/个	边数量/条	节点完整性	边完整性
流转传播图	10	8	76.9%	66.7%
溯源传播图	8	7	61.5%	58.3%
多副本传播图	11	10	84.6%	83.3%
完整传播图	13	12	—	—

时间状态	操作被动存证记录数量/条	存证异常行为数量/条	存证异常率
初始状态	243	46	18.9%
第2天	302	52	17.2%
第4天	356	60	16.9%
第6天	429	66	15.4%

迭代次数	平均节点诚实度	流转传播图		溯源传播图		多副本传播图
迭代次数	平均节点诚实度	节点完整性	边完整性	节点完整性	边完整性	节点完整性	边完整性
1	0.3	28.21%	30.54%	34.27%	38.22%	38.02%	48.26%
2	0.5	37.63%	43.10%	34.93%	41.98%	41.60%	53.62%
3	0.7	50.25%	64.09%	36.80%	41.12%	54.10%	72.09%
4	0.8	71.57%	76.76%	33.61%	38.75%	76.36%	83.84%
5	0.9	86.83%	91.20%	36.36%	37.57%	92.29%	93.34%

节点数量/个	关系数量/条	主动存证异常数量/条	信息多副本发现平均响应时间/ms	存证异常行为发现响应时间/ms
30	150	4	5	899
300	1 500	27	22	1 376
3 000	15 000	310	70	1 632
30 000	150 000	3 700	800	5 843

基于双重存证的跨域流转多副本发现机制

Cross-domain multi-copy of flow discovery mechanism based on dual certificate storage

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 18

参考文献 21

相关文章 15

Metrics

推荐阅读 0

[1]	季薇, 杨许鑫, 李飞, 李汀, 梁彦, 宋云超. 无人机辅助MEC系统中基于最优SIC顺序的能耗优化方案[J]. 通信学报, 2024, 45(2): 18-30.
[2]	尹浩, 魏急波, 赵海涛, 张姣, 王海军, 任保全. 面向有人/无人协同的智能通信与组网关键技术：现状与趋势[J]. 通信学报, 2024, 45(1): 1-17.
[3]	孔凌劲, 梅锴, 刘潇然, 熊俊, 赵海涛, 魏急波. 在线学习辅助的智能接收机设计与实现[J]. 通信学报, 2024, 45(1): 18-30.
[4]	卢卓, 吴启晖, 周福辉. 有人机/无人机智能协同目标搜索和轨迹规划算法[J]. 通信学报, 2024, 45(1): 31-40.
[5]	朱雨超, 王少尉. 物联网数据收集中基于负载均衡的无人机-车联合轨迹规划[J]. 通信学报, 2024, 45(1): 41-53.
[6]	吴昊, 郝佳佳, 卢云龙. 物联网场景下基于蜜场的分布式网络入侵检测系统研究[J]. 通信学报, 2024, 45(1): 106-118.
[7]	邵凯, 鲁奔, 王光宇. 可重构智能表面辅助通信系统时变级联信道估计[J]. 通信学报, 2024, 45(1): 119-128.
[8]	王云涛, 苏洲, 许其超, 刘怡良, 彭海霞, 栾浩. 基于审计博弈的安全协作频谱感知方案[J]. 通信学报, 2023, 44(12): 1-14.
[9]	张雨童, 彭煜明, 邸博雅, 宋令阳. 天地算力网络中的异构资源协同博弈[J]. 通信学报, 2023, 44(12): 15-27.
[10]	牛阳阳, 尉志青, 冯志勇. 基于博弈论的空时频谱共享：动态接入与惩罚策略[J]. 通信学报, 2023, 44(12): 28-38.
[11]	王子宁, 林敏, 李菲, 韩略, 朱卫平. 卫星网络和高空平台网络频谱共存下的分布式鲁棒波束成形算法[J]. 通信学报, 2023, 44(12): 39-49.
[12]	赵柏, 林敏, 肖圣杰, 程铭, 冯一帆, 杨绿溪. 基于速率分割的可重构智能表面辅助星地融合网络鲁棒安全传输方案[J]. 通信学报, 2023, 44(12): 50-60.
[13]	王汝言, 叶显熠, 何鹏, 崔亚平, 吴大鹏, Alexander Fedotov. 面向非地面网络多QoS保障的低地球轨道卫星星座设计[J]. 通信学报, 2023, 44(12): 61-77.
[14]	辜方林, 彭进霖, 黄育侦, 曹圣群, 赵海涛, 魏急波. 新型直接序列扩频通信方法[J]. 通信学报, 2023, 44(12): 78-85.
[15]	张铖, 朱家烨, 刘泽宁, 黄永明. 基于多智能体强化学习的异构网络CRE偏置动态优化算法[J]. 通信学报, 2023, 44(12): 86-98.