针对网络流量测量的完整性干扰攻击与防御方法

Integrity Interference Attack and Defense Methods for Network Traffic Measurement

近年来,网络测量在评估网络状态、提高网络自适应能力方面取得了较好的性能,被广泛运用于网络管理中。然而,目前的大规模网络中存在异常行为导致的网络流量数据污染问题。例如,自治系统中的恶意节点通过伪造恶意流量数据来故意操纵网络指标,影响网络测量,误导下游任务决策。基于此,首先提出完整性干扰攻击方法,通过修改流量矩阵的最小代价,利用多策略干扰生成器生成恶意扰动流量的攻击策略,实现干扰流量测量的目的。然后,通过一种混合对抗训练策略,设计在网络中抵御此类攻击的防御方法,实现流量测量模型的安全加固。实验中对攻击目标进行了相应的限定,验证了完整性干扰攻击在受限场景下的攻击有效性。并通过混合训练的方式进行对比实验,验证了常规模型的加固方法可以提升模型的鲁棒性。

In recent years,network measurement has achieved good performance in evaluating network status and improving network self-adaptability,and is widely used in network management.However,there is a problem of network traffic data pollution caused by abnormal behavior in the current large-scale network.For example,malicious nodes in autonomous systems intentionally manipulate network metrics by forging malicious traffic data,affecting network measurements and misleading downstream task decisions.Based on this,this paper first proposes an integrity jamming attack method.By modifying the minimum cost of the traffic matrix,a multi-strategy jamming generator is used to generate an attack strategy that maliciously disturbs traffic,so as to achieve the purpose of jamming traffic measurement.Then,by providing a hybrid adversarial training strategy,a defense method against such attacks in the network is designed to achieve security hardening of the traffic measurement model.In the experiment,the attack target is limited accordingly,and the effectiveness of the integrity interference attack in the restricted scenario is verified.And through the comparison of the mixed training method,the robustness of the reinforcement method of the conventional model is verified.