摘要
提出基于空口负载特征学习的入侵检测体系与方法。基站通过分析海量机器类通信(mMTC)节点随机接入过程中的空口信号,可以智能化学习接入负载特征。在此基础上,结合常态流量负载统计信息,设计了入侵攻击检测的框架与实时检测方案。分析与仿真结果表明所提方法可以较准确地跟踪接入负载变化。与基准方案相比,可获得较高的检测概率和较短的检测时间。方案不依赖于高层安全协议,可基于底层信号实现快速入侵检测,为未来的物联网(IoT)安全防护提供了新型思路与参考方案。
In this paper, an air-interface traffic-load based intrusion detection approach is proposed. The base station can intelligently learn the traffic-load features by analyzing the air-interference signal in the massive machine type communications(mMTC) nodes' random access procedure. With the help of the statistic information under the normal case, the framework of intrusion and attack detection for massive machine type communications(MTC) networks is established and a real time detection scheme is designed. The performance analysis and simulation results demonstrate that our scheme can well track the arrival process with high accuracy,and outperform the baseline schemes in terms of the detection probability and the detection time. Our low layer signal based approach can make an agile intrusion detection and does not depend on security protocol applied on the high layer, which provides novel thinking and a reference scheme for the security enhancement in future Internet of things(IoT).
作者
卢楠
杜清河
任品毅
LU Nan DU Qinghe REN Pinyi(Xi ' an Jiaotong University, Xi ' an 710049, China)
出处
《中兴通讯技术》
2018年第2期30-37,共8页
ZTE Technology Journal
基金
国家自然科学基金(61431011
61671371)
陕西省重点研发计划重点项目(2017ZDXM-GY-012)
中央高校基本科研业务费专项资金
关键词
入侵检测
MTC网络
随机接入
最大似然检测
intrusion detection
MTC networks
random access
maximum likelihood detection