西安电子科技大学学报 ›› 2023, Vol. 50 ›› Issue (4): 76-88.doi: 10.19665/j.issn1001-2400.2023.04.008
冯景瑜1(),李嘉伦1(),张宝军2(),韩刚1(),张文波1()
收稿日期:
2023-01-12
出版日期:
2023-08-20
发布日期:
2023-10-17
作者简介:
冯景瑜(1984—),男,副教授,E-mail:基金资助:
FENG Jingyu1(),LI Jialun1(),ZHANG Baojun2(),HAN Gang1(),ZHANG Wenbo1()
Received:
2023-01-12
Online:
2023-08-20
Published:
2023-10-17
摘要:
新一代信息技术与工业系统的全方位深度融合,诱发高级持续性威胁(APT)窃密成为工业互联网环境下泄露敏感数据的杀手级内部威胁。工业互联网环境下的关键基础设施产生和维护着大量具有“所有权”特征的敏感数据,一旦泄露会给企业带来不可估量的经济损失。针对当前工业互联网中敏感数据保护的滞后性,提出了一种抗APT窃密的主动式零信任模型。引入长短期记忆神经网络,利用其在处理时序性数据的优势构建特征提取器,从行为数据中训练得到抽象序列特征,提取出规则化信任因素。分别对工业互联网终端进行区块生成,设计前向按序冗余区块消除算法,演化出伸缩式区块链(ZTE_chain),实现防篡改和低负载的信任因素安全存储。为及时反映失陷终端的行为变化,引入卷积神经网络预测突变因子,用于动态调节信任值,给出快速识别失陷终端的认证算法,从而主动阻断失陷终端的APT窃密威胁。实验结果表明,提出的模型具有较好的失陷终端识别效果,有助于抗击工业互联网环境下失陷终端产生的APT窃密威胁。
中图分类号:
冯景瑜,李嘉伦,张宝军,韩刚,张文波. 工业互联网中抗APT窃密的主动式零信任模型[J]. 西安电子科技大学学报, 2023, 50(4): 76-88.
FENG Jingyu,LI Jialun,ZHANG Baojun,HAN Gang,ZHANG Wenbo. Active zero trust model against APT theft in the industrial internet[J]. Journal of Xidian University, 2023, 50(4): 76-88.
[1] | LI J Q, YU F R, DENG G, et al. Industrial Internet:A Survey on the Enabling Technologies,Applications,and Challenges[J]. IEEE Communications Surveys & Tutorials, 2017, 19(3):1504-1526. |
[2] | 刘奇旭, 陈艳辉, 尼杰硕, 等. 基于机器学习的工业互联网入侵检测综述[J]. 计算机研究与发展, 2022, 59(5):994-1014. |
LIU Qixu, CHEN Yanhui, NI Jieshuo, et al. Survey of Machine Learning-Based Intrusion Detection in Industrial Internet[J]. Journal of Computer Research and Development, 2022, 59(5):994-1014. | |
[3] |
杨秀璋, 彭国军, 李子川, 等. 基于Bert和BiLSTM-CRF的APT攻击实体识别及对齐研究[J]. 通信学报, 2022, 43(6):58-70.
doi: 10.11959/j.issn.1000-436x.2022116 |
YANG Xiuzhang, PENG Guojun, LI Zichuan, et al. APT Attack Entity Recognition and Alignment Research Based on Bert and BiLSTM-CRF[J]. Journal of Communications, 2022, 43(6):58-70.
doi: 10.11959/j.issn.1000-436x.2022116 |
|
[4] |
SHANG L, GUO D, JI Y, et al. Discovering Unknown Advanced Persistent Threat Using Shared Features Mined by Neural Networks[J]. Computer Networks, 2021, 189:107937.
doi: 10.1016/j.comnet.2021.107937 |
[5] |
CHO D X, MAI D H. A Novel Approach for APT Attack Detection Based on Combined Deep Learning Model[J]. Neural Computing and Applications, 2021, 33(20):13251-13264.
doi: 10.1007/s00521-021-05952-5 |
[6] |
ABDULLAYEVA F J. Advanced Persistent Threat Attack Detection Method in Cloud Computing Based on Autoencoder and Softmax Regression Algorithm[J]. Array, 2021, 10:100067.
doi: 10.1016/j.array.2021.100067 |
[7] | GILMAN E, BARTH D. Zero Trust Networks:Building Security System in Untrusted Network[M]. Beijing: Posts and Telecommunications Press, 2019:1-2. |
[8] | NIST Special Publication 800-207. Zero Trust Architecture(2020)[R/OL].[2020-08-16].https://doi.org/10.6028/NIST.SP.800-207. |
[9] |
CHEN B, QIAO S, ZHAO J, et al. A Security Awareness and Protection System for 5G Smart Healthcare Based on Zero-Trust Architecture[J]. IEEE Internet of Things Journal, 2020, 8(13):10248-10263.
doi: 10.1109/JIOT.2020.3041042 |
[10] | ZHANG X, CHEN L, FAN J, et al. Power IoT Security Protection Architecture Based on Zero Trust Framework[C]// 2021 IEEE 5th International Conference on Cryptography,Security and Privacy (CSP).Piscataway:IEEE, 2021:166-170. |
[11] |
MALIHA S, AFRIDA H, FABIHA L, et al. Towards Developing a Secure Medical Image Sharing System Based on Zero Trust Principles and Blockchain Technology[J]. BMC Medical Informatics and Decision Making, 2020, 20(1):1-10.
doi: 10.1186/s12911-019-1002-x |
[12] |
滕金保, 孔韦韦, 田乔鑫, 等. 基于CNN和LSTM的多通道注意力机制文本分类模型[J]. 计算机工程与应用, 2021, 57(23):154-162.
doi: 10.3778/j.issn.1002-8331.2104-0212 |
TENG Jinbao, KONG Weiwei, TIAN Qiaoxin, et al. Multi-Channel Attention Mechanism Text Classification Model Based on CNN and LSTM[J]. Computer Engineering and Applications, 2021, 57(23):154-162.
doi: 10.3778/j.issn.1002-8331.2104-0212 |
|
[13] |
XIE J, YU F R, HUANG T, et al. A Survey on the Scalability of Blockchain Systems[J]. IEEE Network, 2019, 33(5):166-173.
doi: 10.1109/MNET.001.1800290 |
[14] |
MENG T, ZHAO Y, WOLTER K, et al. On Consortium Blockchain Consistency:A Queueing Network Model Approach[J]. IEEE Transactions on Parallel and Distributed Systems, 2021, 32(6):1369-1382.
doi: 10.1109/TPDS.71 |
[15] | NAKAMOTO S. Bitcoin:A Peer-to-Peer Electronic Cash System[J]. Decentralized Business Review, 2008:21260. |
[16] |
何国锋. 零信任安全架构在5G云网中应用防护的研究[J]. 电信科学, 2020, 36(12):123-132.
doi: 10.11959/j.issn.1000-0801.2020325 |
HE Guofeng. Research on Application Protection of Zero Trust Security Architecture in 5G Cloud Network[J]. Telecommunication Science, 2020, 36(12):123-132.
doi: 10.11959/j.issn.1000-0801.2020325 |
|
[17] | 于洁潇, 于丽莹, 杨挺. 基于区块链的电力物联终端信任共识方法[J]. 电力系统自动化, 2021, 45(17):1-10. |
YU Jiexiao, YU Liying, YANG Ting. Blockchain-Based Terminal Trust Consensus Method for Power Things[J]. Automation of Electric Power Systems, 2021, 45(17):1-10. | |
[18] | JOSANG A, ISMAIL R. The beta reputation system[C]// Proceedings of the 15th Bled electronic commerce conference. Bled: Bled electronic commerce conference, 2002:2502-2511. |
[19] | 亓法欣, 童向荣, 于雷. 基于强化学习DQN的智能体信任增强[J]. 计算机研究与发展, 2020, 57(6):1227-1238. |
QI Faxin, TONG Xiangrong, YU Lei. Agent Trust Enhancement Based on Reinforcement learning DQN[J]. Journal of Computer Research and Development, 2020, 57(6):1227-1238. | |
[20] | 谢丽霞, 魏瑞炘. 一种面向物联网节点的综合信任度评估模型[J]. 西安电子科技大学学报, 2019, 46(4):58-65. |
XIE Lixia, WEI Ruixin. Comprehensive Trust Evaluation Model for Internet of Things Nodes[J]. Journal of Xidian University, 2019, 46(4):58-65. | |
[21] | GLASSER J, LINDAUER B. Bridging the Gap:A Pragmatic Approach to Generating Insider Threat Data[C]// 2013 IEEE Security and Privacy Workshops.Piscataway:IEEE, 2013:98-104. |
[22] | 杨宏宇, 曾仁韵. 一种深度学习的网络安全态势评估方法[J]. 西安电子科技大学学报, 2021, 48(1):83-190. |
YANG Hongyu, ZENG Renyun. Network Security Situation Assessment Method Based on Deep Learning[J]. Journal of Xidian University, 2021, 48(1):83-190. |
[1] | 刘景美,闫义博. 人工鱼群特征选择的网络入侵检测系统[J]. 西安电子科技大学学报, 2023, 50(4): 132-138. |
[2] | 霍跃华,吴文昊,赵法起,王强. 结合协同训练的多视图加密恶意流量检测方法[J]. 西安电子科技大学学报, 2023, 50(4): 139-147. |
[3] | 付安民,毛安,黄涛,胡超,刘莹,张晓明,王占丰. 基于主动交互式学习的工控协议逆向分析[J]. 西安电子科技大学学报, 2023, 50(4): 22-33. |
[4] | 张越,陈庆旺,刘宝旭,于存威,谭儒,张方娇. 面向云原生的API攻击诱捕技术研究[J]. 西安电子科技大学学报, 2023, 50(4): 237-248. |
[5] | 张浩, 覃涛, 徐凌桦, 王霄, 杨靖. 改进多目标蚁狮算法的WSNs节点部署策略[J]. 西安电子科技大学学报, 2022, 49(5): 47-59. |
[6] | 陈金涛,梁俊,郭子桢,肖楠,刘波. 软件定义卫星网络多控制器部署策略[J]. 西安电子科技大学学报, 2022, 49(3): 59-67. |
[7] | 孙泽宇,兰岚,曾操,廖桂生. 一种面向最小能耗自适应汇聚路由判定算法[J]. 西安电子科技大学学报, 2022, 49(2): 11-20. |
[8] | 顾兆军,刘婷婷,隋翯. 一种ICS异常检测的优化GAN模型[J]. 西安电子科技大学学报, 2022, 49(2): 173-181. |
[9] | 潘森杉,徐腊梅. DorChain:利用休眠币提高交易验证效率[J]. 西安电子科技大学学报, 2022, 49(2): 182-189. |
[10] | 乔文欣,卢昱,刘益岑,李志伟,李玺. 空天地协同的边缘云服务功能链动态编排方法[J]. 西安电子科技大学学报, 2022, 49(2): 79-88. |
[11] | 李明,胡江平,曹晓莉. 异构传感网成本优化的节点部署策略[J]. 西安电子科技大学学报, 2021, 48(4): 11-19. |
[12] | 马悦,张玉梅. 面向多接入边缘计算的VNFM分布式部署方案[J]. 西安电子科技大学学报, 2021, 48(4): 20-26. |
[13] | 沈利香,慕德俊,曹国,谢光前,束方勇. 针对硬件木马的形式化验证模型构造方法[J]. 西安电子科技大学学报, 2021, 48(3): 146-153. |
[14] | 曾勇,吴正远,董丽华,刘志宏,马建峰,李赞. 加密流量中的恶意流量识别技术[J]. 西安电子科技大学学报, 2021, 48(3): 170-187. |
[15] | 柴艳娜,李坤伦,宋焕生. 智能汽车的入侵检测系统安全研究[J]. 西安电子科技大学学报, 2021, 48(3): 31-39. |
|