摘要
当前域间路由系统安全防护面临的威胁愈加严重,隐蔽作为一种主动防御技术,能够有效改善攻防双方信息不对等的局面。借鉴移动目标防御思想,构建多自治系统联盟,在此基础上针对域间路由更新数据报的AS-Path属性实施混淆,进而达到欺骗联盟外潜在攻击者的目标。仿真实验结果显示:混淆过程具有较好的时间复杂度,且混淆后的AS-Path序列明显区别于原始序列,从而实现了联盟内多自治系统的隐蔽通信。
Nowadays the security protection of inter domain routing system is facing more and more serious threats.As a proactive defense technology,covert technology can effectively improve the situation of unequal information possession between attacking and defending parties.Inspired by the idea of moving target defense,through constructing a multiple autonomous system alliance,the AS-Path attribute of Update datagram can be confused so as to deceive potential attackers outside the alliance.The simulation results show that the confusion process has better time complexity performance,and the AS-Path sequence after confusion is obviously different from the original sequence,which can realize the covert communication among the autonomous systems inside the alliance.
作者
王禹
高继勋
王旭辉
葛琳
WANG Yu;GAO Jixun;WANG Xuhui;GE Lin(College of Computer,Henan University of Engineering,Zhengzhou 451191,China;Engineering Training Center,Henan University of Engineering,Zhengzhou 451191,China;School of Intelligent Engineering,Zhengzhou University of Aeronautics,Zhengzhou 450015,China)
出处
《河南工程学院学报(自然科学版)》
2020年第1期66-71,共6页
Journal of Henan University of Engineering:Natural Science Edition
基金
国家自然科学基金项目(61802115)
河南省高等学校重点科研项目(18A520004,19A520008)
河南省科技攻关计划项目(182102310940,192102310445)
中国民航信息技术科研基地开放基金(CAAC-ITRB-201707)。
关键词
域间路由系统
主动防御
AS-Path混淆
隐蔽通信
inter-domain routing system
proactive defense
AS-Path confusion
covert communication
