网络入侵节点的盲取证技术研究与仿真
|
摘要
为了提高网络入侵的检测能力和盲取证能力,进行网络入侵节点的盲取证技术研究,提出基于分组链路转发协议融合的网络入侵节点的盲取证技术。构建入侵网络节点的分组链路转发模型,采用融合滤波控制方法进行网络入侵节点的差异性特征提取,根据提取入侵节点的差异性谱特征量进行盲源定位,采用自相关检测器进行网络入侵节点的可靠性分离,结合模糊决策方法构建入侵节点盲取证的判决统计量,采用门限阈值判断方法,结合分组链路转发协议实现路由融合,从而完成入侵节点的准确定位和盲取证。仿真结果表明,采用该方法进行网络入侵节点的盲取证,对入侵节点的定位性能较好,提高了网络入侵的检测能力,确保网络安全。
In order to improve the abilities of network intrusion detection and blind forensics, the blind forensics technology of network intrusion node is studied,and the blind forensics technology of network intrusion node is proposed on the basis of packet link forwarding protocol fusion. The packet link forwarding model of the network intrusion node is constructed.The fusion filtering control method is used to extract the difference feature of the network intrusion node. The blind source location is carried out according to the extracted difference spectrum characteristic quantity of the intrusion node. The self-correlation detector is adopted to perform the reliability separation of the network intrusion nodes,and combined with the fuzzy decision method to construct the decision statistics of blind forensics of the intrusion nodes. The threshold judgment method is adopted and combined with the packet link forwarding protocol to realize the routing fusion,and complete the accurate location and blind forensics of intrusion node. The simulation results show that the proposed method used for blind forensics of network intrusion node has higher localization performance,and can improve the detection ability of network intrusion,and ensure the network security.
In order to improve the abilities of network intrusion detection and blind forensics, the blind forensics technology of network intrusion node is studied,and the blind forensics technology of network intrusion node is proposed on the basis of packet link forwarding protocol fusion. The packet link forwarding model of the network intrusion node is constructed.The fusion filtering control method is used to extract the difference feature of the network intrusion node. The blind source location is carried out according to the extracted difference spectrum characteristic quantity of the intrusion node. The self-correlation detector is adopted to perform the reliability separation of the network intrusion nodes,and combined with the fuzzy decision method to construct the decision statistics of blind forensics of the intrusion nodes. The threshold judgment method is adopted and combined with the packet link forwarding protocol to realize the routing fusion,and complete the accurate location and blind forensics of intrusion node. The simulation results show that the proposed method used for blind forensics of network intrusion node has higher localization performance,and can improve the detection ability of network intrusion,and ensure the network security.
引文
[1]章武媚,陈庆章.引入偏移量递阶控制的网络入侵HHT检测算法[J].计算机科学,2014,41(12):107-111.ZHANG Wumei,CHEN Qingzhang.Network intrusion detection algorithm based on HHT with shift hierarchical control[J].Computer science,2014,41(12):107-111.
[2]MARIMON M C,TANGONAN G,LIBATIQUE N J,et al.Development and evaluation of wave sensor nodes for ocean wave monitoring[J].IEEE systems journal,2015,9(1):292-302.
[3]JEON W S,HAN J A,DONG G J.A novel MAC scheme for multichannel cognitive radio Ad Hoc networks[J].IEEE transactions on mobile computing,2012,11(6):922-934.
[4]AHSEN M,HASSAN S A.A Poisson point process model for coverage analysis of multi-hop cooperative networks[C]//Proceedings of the 2015 International Wireless Communications and Mobile Computing Conference.Dubrovnik:IEEE,2015:442-447.
[5]GENNARELLI G,SOLDOVIERI F.Multipath ghosts in radar imaging:physical insight and mitigation strategies[J].IEEEjournal of selected topics in applied earth observations and remote sensing,2014,8(3):1078-1086.
[6]XIU C,BA F.Target tracking based on the improved Camshift method[C]//Proceedings of the 2016 Chinese Control and Decision Conference.Yinchuan,China:IEEE,2016:3600-3604.
[7]李梓杨,于炯,卞琛,等.基于负载感知的数据流动态负载均衡策略[J].计算机应用,2017,37(10):2760-2766.LI Ziyang,YU Jiong,BIAN Chen,et al.Dynamic data stream load balancing strategy based on load awareness[J].Journal of computer applications,2017,37(10):2760-2766.
[8]SHI Zhan,XIN Yu,SUN Yu’e,et al.Task allocation mechanism for crowdsourcing system based on reliability of users[J].Journal of computer applications,2017,37(9):2449-2453.
[9]CHEUNG M H,SOUTHWELL R,HOU F,et al.Distributed time-sensitive task selection in mobile crowdsensing[C]//Proceedings of the 16th ACM International Symposium on Mobile Ad Hoc Networking and Computing.New York:ACM,2015:157-166.
[10]秦宁宁,余颖华,吴德恩.移动混合传感网中节点自主部署算法[J].电子与信息学报,2016,38(7):1838-1842.QIN Ningning,YU Yinghua,WU De’en.Autonomous deployment algorithm in mobile heterogeneous networks[J].Journal of electronic and information technology,2016,38(7):1838-1842.
[11]MAHBOUBI H,MOEZZI K,AGHDAM A G,et al.Distributed deployment algorithms for improved coverage in a network of wireless mobile sensors[J].IEEE transactions on industrial informatics,2014,10(1):163-174.
[12]MAHBOUBI H.Distributed deployment algorithms for efficient coverage in a network of mobile sensors with nonidentical sensing capabilities[J].IEEE transactions on vehicular technology,2014,63(8):3998-4016.
[13]陈凯,许海铭,徐震,等.适用于移动云计算的抗中间人攻击的SSP方案[J].电子学报,2016,44(8):1806-1813.CHEN Kai,XU Haiming,XU Zhen,et al.Hash-based secure simple pairing for preventing man-in-the-middle attacks in mobile cloud computing[J].Acta electronica Sinica,2016,44(8):1806-1813.
[14]AREFI M M,ZAREI J,KARIMI H R.Adaptive output feedback neural network control of uncertain non-affine systems with unknown control direction[J].Journal of the Franklin Institute,2014,351(8):4302-4316.
[2]MARIMON M C,TANGONAN G,LIBATIQUE N J,et al.Development and evaluation of wave sensor nodes for ocean wave monitoring[J].IEEE systems journal,2015,9(1):292-302.
[3]JEON W S,HAN J A,DONG G J.A novel MAC scheme for multichannel cognitive radio Ad Hoc networks[J].IEEE transactions on mobile computing,2012,11(6):922-934.
[4]AHSEN M,HASSAN S A.A Poisson point process model for coverage analysis of multi-hop cooperative networks[C]//Proceedings of the 2015 International Wireless Communications and Mobile Computing Conference.Dubrovnik:IEEE,2015:442-447.
[5]GENNARELLI G,SOLDOVIERI F.Multipath ghosts in radar imaging:physical insight and mitigation strategies[J].IEEEjournal of selected topics in applied earth observations and remote sensing,2014,8(3):1078-1086.
[6]XIU C,BA F.Target tracking based on the improved Camshift method[C]//Proceedings of the 2016 Chinese Control and Decision Conference.Yinchuan,China:IEEE,2016:3600-3604.
[7]李梓杨,于炯,卞琛,等.基于负载感知的数据流动态负载均衡策略[J].计算机应用,2017,37(10):2760-2766.LI Ziyang,YU Jiong,BIAN Chen,et al.Dynamic data stream load balancing strategy based on load awareness[J].Journal of computer applications,2017,37(10):2760-2766.
[8]SHI Zhan,XIN Yu,SUN Yu’e,et al.Task allocation mechanism for crowdsourcing system based on reliability of users[J].Journal of computer applications,2017,37(9):2449-2453.
[9]CHEUNG M H,SOUTHWELL R,HOU F,et al.Distributed time-sensitive task selection in mobile crowdsensing[C]//Proceedings of the 16th ACM International Symposium on Mobile Ad Hoc Networking and Computing.New York:ACM,2015:157-166.
[10]秦宁宁,余颖华,吴德恩.移动混合传感网中节点自主部署算法[J].电子与信息学报,2016,38(7):1838-1842.QIN Ningning,YU Yinghua,WU De’en.Autonomous deployment algorithm in mobile heterogeneous networks[J].Journal of electronic and information technology,2016,38(7):1838-1842.
[11]MAHBOUBI H,MOEZZI K,AGHDAM A G,et al.Distributed deployment algorithms for improved coverage in a network of wireless mobile sensors[J].IEEE transactions on industrial informatics,2014,10(1):163-174.
[12]MAHBOUBI H.Distributed deployment algorithms for efficient coverage in a network of mobile sensors with nonidentical sensing capabilities[J].IEEE transactions on vehicular technology,2014,63(8):3998-4016.
[13]陈凯,许海铭,徐震,等.适用于移动云计算的抗中间人攻击的SSP方案[J].电子学报,2016,44(8):1806-1813.CHEN Kai,XU Haiming,XU Zhen,et al.Hash-based secure simple pairing for preventing man-in-the-middle attacks in mobile cloud computing[J].Acta electronica Sinica,2016,44(8):1806-1813.
[14]AREFI M M,ZAREI J,KARIMI H R.Adaptive output feedback neural network control of uncertain non-affine systems with unknown control direction[J].Journal of the Franklin Institute,2014,351(8):4302-4316.