TruSMS: A trustworthy SMS spam control system based on trust management

The fast growth of mobile networks has greatly enriched our life by disseminating information and providing communications at any time and anywhere. However, at the same time, when people gather and exchange useful information, they also receive unwanted data and contents, such as spam and unsolicited commercial advertisements. SMS (Short Message Service) spam is one typical example of unwanted contents, which has caused a serious problem to mobile users by intruding their devices, occupying device memories and irritating the users. More critically, some of these fraudulent messages deceive users and cause them incalculable loss. SMS spam control has become a crucial issue that impacts the further success of mobile networks. A number of researches have been conducted to control unwanted contents or traffic, some are based on trust and reputation mechanisms. But the literature still lacks an effective solution for SMS spam control. In this paper, we present the design and implementation of an SMS spam control system named TruSMS based on trust management. It can control SMS spam from its source to destinations according to trust evaluation by analyzing spam detection behaviors and SMS traffic data. We evaluate TruSMS performance under a variety of intrusions and attacks with a prototype system implementation. The result shows that TruSMS is effective with regard to accuracy, efficiency and robustness, which imply its trustworthiness.     

物联网节点动态行为信任度评估方法仿真

在物联网中节点恶意行为会促使节点的信任度大幅降低,如何确保高信任度并加强网络安全性已经成为首要问题,提出一种物联网节点动态行为信任度评估方法。首先依据多实体贝叶斯建立信任模型,可以控制恶意节点对物联网的攻击和入侵;采用贡献资源数值权重来抑制自私节点,并对其初始化处理;通过对信任的传递与合成计算出推荐信任值,能够减少运算复杂度;并利用综合信任度调高可信任的阈值,最后根据节点间直接的交互记录,来完成信任度的评估。仿真结果表明,所提方法可以较好地识别恶意节点和抑制恶意推荐行为,能够保证信任评估的有效性、可靠性以及安全性。     

基于用户及其行为社会属性的信任测度模型

信任测度是信任机制的核心和基础,现有的信任机制面临着恶意用户操纵信誉的安全威胁。基于用户及其行为社会属性的信任测度模型对传统的信任机制进行了扩充,引入用户及其行为所映射的本质特性即社会属性来描述和分析恶意用户及其行为的特征,在信任测度过程中增加信誉评审过程来修正对信任测度的攻击,从而保证了分布式环境中的信任测度的可信性。模拟实验表明,该信任测度模型能有效地应对恶意用户对信誉的操纵攻击。     

网格域间信任评估模型的研究

在网格域划分的基础上,提出一种域间信任关系评估模型,具有同时兼顾服务的上下文和信任的时衰性的特点,并针对网格环境中的恶意节点和恶意推荐行为,给出相应的应对机制。实验表明,该模型能够有效地解决网格环境中的恶意行为,对恶意节点进行惩罚。     

网格域间信任评估模型的研究

在网格域划分的基础上,提出一种域间信任关系评估模型,具有同时兼顾服务的上下文和信任的时衰性的特点．并针对网格环境中的恶意节点和恶意推荐行为,给出相应的应对机制。实验表明,该模型能够有效地解决网格环境中的恶意行为,对恶意节点进行惩罚。     

基于反馈相关性的P2P网络信任模型

用户对P2P网络安全性的需求刺激了信任模型的发展。在分析现有信任模型的基础上,提出了基于反馈相关性的动态信任模型—CoDyTrust。其在时间帧的基础上,采用虚假信任过滤机制和信任聚合机制,并在信任值计算中引入信任相关系数、信任遗忘因子、滥用信任值和推荐信任度等,通过反馈控制机制动态调节这些模型因子,在准确评价节点对不同资源信任的同时,实现网络中恶意行为检测。比较分析结果表明,CoDyTrust能够更好地反映网络中节点行为,准确检测恶意节点,有效抵御振荡、撒谎和合谋等攻击。     

一种基于D-S证据理论的Ad-Hoc网络信任评估模型

Ad-Hoc网络拓扑的变化或无线冲突的发生,用于信任评估的证据抽样空间可能会不完全或不可靠,从而影响信任评估有效性。本文利用Dempster-Shafer（D-S）证据理论构造信任评估模型,可以在不需要先验分布的情况下同时处理信任评估中的随机性和主观不确定性。该模型同时具有推荐信任过滤机制,能够实时监测推荐节点行为,及时发现并隔离恶意推荐节点和共谋攻击节点。理论分析和仿真结果表明所建模型为信任不确定性的表达和处理提供有效的方法,同时可以有效抵御攻击,减少恶意推荐和共谋攻击对信任评估的影响。     

Mobile edge-enabled trust evaluation for the Internet of Things

The Internet of Things (IoT), including wireless sensors, is one of the highly anticipated contributors to big data; therefore, avoiding misleading or forged data gathering in cases of sensitive and critical data through secure communication is vital. However, due to the relatively long distance between remote cloud and end nodes, cloud computing cannot provide effective and direct management for end nodes, which leads to security vulnerabilities. In this paper, we propose a novel trust evaluation model based on the trust transitivity on a chain assisted by mobile edge nodes, which is used to ensure the reliability of nodes in the Internet of Things and prevent malicious attacks. The mobile edge nodes offer a new solution to solve the above problems with relatively strong computing and storage abilities. Firstly, we design calculation approaches to different trust chains to measure their trust degrees. Secondly, we propose an improved Dijkstra’s algorithm for collecting trust information of sensor nodes by mobile edge nodes. Finally, the experimental results show that our trust model based on mobile edge nodes can evaluate sensor nodes more precisely and enhance the security on the Internet of Things.     

面向网络流量入侵检测系统的黑盒攻击

基于机器学习的网络流量检测系统是网络安全领域现阶段比较热门的研究方向,但同时网络流量检测系统又受到了巨大挑战,因为攻击样本的生成,使该检测系统对恶意流量的检测性能降低.使用生成对抗网络生成对抗样本,通过在原始恶意流量中加入噪声干扰,即在攻击特征中加入不影响原始流量特性的非定向扰动,来实现扰乱检测模型的判断,从而躲过特征...     

IEEE802.15.4e 标准的安全多跳时间同步协议设计

IEEE802.15.4e是工业物联网中最新的MAC层标准,其采用时间同步技术实现高可靠、低功耗的无线网络。由于时间同步机制是工业无线网络中的核心支撑技术,因此其往往成为攻击者的首选攻击目标。针对IEEE802.15.4e标准的多跳时间同步协议存在安全性不足的问题,提出了一个多跳时间同步安全策略 SMTSF。SMTSF 安全策略主要采用基于异常的入侵检测算法、基于信任模型的多路径时间同步方法和加密与认证等关键技术,有效保障了节点之间安全地进行多跳时间同步。在基于入侵检测的算法中,边界路由器对节点的 Rank 值进行规则验证,可以有效检测出时间同步树攻击;同时设计了轻量级防火墙来抵御来自互联网的恶意主机攻击。在基于信任模型的多路径时间同步方法中,通过建立节点之间的信任模型来保障网络中节点可以找到一条安全多跳同步路径。仿真结果表明,SMTSF 能有效检测时间同步树攻击并抵御捕获攻击。     

基于资源评价的信任管理模型

针对P2P网络中交易的安全性问题,提出了一种基于资源评价的信任管理模型。首先给出评价节点行为信任的好评度的概念,用模糊综合评判的方法计算节点对交易的单次好评度,每次交易后的交易记录表由提供资源的节点的母节点进行管理和存储;当节点选择提供资源的节点时,不仅考虑对目标节点的直接信任度,还考虑此次交易资源的总好评度,在计算直接信任度时考虑了时效性和交易资源的重要程度两个因素,交易资源的总好评度的计算数据来源于该资源的评价节点给出的以往评价;最后引入了基于虚拟货币的激励机制,以有效地提高节点参与的积极性。仿真实验表明,该模型能有效抵制恶意节点的攻击,提高网络交易的成功率。     

基于多事件并发的无线传感网数据一致性信任评价

目前无线传感器网络的信任评价模型主要研究节点通信方面的信任,很少研究节点发送数据一致性方面的 信任。数据一致性信任评价要求一段时间以内传感区域只发生一个事件,否则不但不能准确区分多个事件,还会把合 法节点与恶意节点混淆,针对这一局限,提出一种适用于多事件并发的数据一致性信任评价方法。仿真结果表明,在 传感区域多事件并发的时候,该方法能准确区分多个事件,也能发现并排除恶意节点,降低误判率。     

P2P中一种改进的可信模型

对基于贝叶斯网络的可信模型中的资源搜索算法和可信度计算方法进行重新设计,本文提出一种改进的P2P可信模型。改进后的资源搜索算法使节点接收到的冗余包数量减少 ,并提高了系统的可靠性。在此基础上,针对P2P网络的匿名性,提出了一种新的运用服务次数和对评价值取对数方式进行可信度计算和更新的方法。此方法可以有效地阻止 恶意节点对正常节点和可信节点的攻击,同时还可防止恶意节点间通过小集团合作方式来提高各自节点的可信度。实验结果表明,本模型较现有模型在抑制P2P网络中恶意节点的活动方面具有更好的效果,且增加了系统服务可靠性．     

内核级网络流量监测系统

针对互联网面临的僵尸网络、渗透等恶意威胁,如何确保网络设备的高可靠性、数据的安全性和完整性,是急需解决的问题.本文设计实现了内核级网络流量监测系统,本系统包括流量采集、流量检测、流量统计、防护模块和Web控制台五大模块,实现了流量的捕获和监测均在内核完成,减少了性能开销.使用本系统能够减少服务器遭受恶意流量攻击,为众多...     

METrust: A mutual evaluation-based trust model for P2P networks

It is necessary to construct an effective trust model to build trust relationship between peers in peer-to-peer (P2P) network and enhance the security and reliability of P2P systems. The current trust models only focus on the consumers evaluation to a transaction, which may be abused by malicious peers to exaggerate or slander the provider deliberately. In this paper, we propose a novel trust model based on mutual evaluation, called METrust, to suppress the peers malicious behavior, such as dishonest evaluation and strategic attack. METrust considers the factors including mutual evaluation, similarity risk, time window, incentive, and punishment mechanism. The trust value is composed of the direct trust value and the recommendation trust value. In order to inhibit dishonest evaluation, both participants should give evaluation information based on peers own experiences about the transaction while computing the direct trust value. In view of this, the mutual evaluation consistency factor and its time decay function are proposed. Besides, to reduce the risk of computing the recommendation trust based on the recommendations of friend peers, the similarity risk is introduced to measure the uncertainty of the similarity computing, while similarity is used to measure credibility. The experimental results show that METrust is effective, and it has advantages in the inhibition of the various malicious behaviors.     

僵尸网络命令与控制信道的特征提取模型研究

僵尸网络发起的分布式拒绝服务攻击、垃圾邮件发送以及敏感信息窃取等恶意活动已经成为网络安全面临的重要威胁。命令与控制信道正是僵尸网络操纵这些恶意活动的唯一途径。利用命令与控制信道中攻击命令具有相对固定的格式和命令字的特点,基于现有的特征提取技术,针对边缘网络的可疑流量,提出了一个新型的特征提取模型。实验结果表明,该模型能够准确地提取出具有命令格式的特征,而且由这些特征转化的入侵检测规则能够有效识别感染的僵尸主机。     

Management and applications of trust in Wireless Sensor Networks: A survey

Wireless Sensors Networks (WSNs) are susceptible to many security threats, and because of communication, computation and delay constraints of WSNs, traditional security mechanisms cannot be used. Trust management models have been recently suggested as an effective security mechanism for WSNs. Considerable research has been done on modeling and managing trust. In this paper, we present a detailed survey on various trust models that are geared towards WSNs. Then, we analyze various applications of trust models. They are malicious attack detection, secure routing, secure data aggregation, secure localization and secure node selection. In addition, we categorize various types of malicious attacks against trust models and analyze whether the existing trust models can resist these attacks or not. Finally, based on all the analysis and comparisons, we list several trust best practices that are essential for developing a robust trust model for WSNs.     

A study on attack information collection using virtualization technology

Internet is used in all sectors of society by rapid changes in computing technology and expanded internet prevalence. But due to opposite effect of this, malicious code and damage of hacking is growing rapidly and the technique is becoming various. Attacker’s attack patterns and information should be collected in order to reduce the damage and cope more aggressively to attack. In this paper, we propose a system which build honeypot farm using created virtual machine dynamically by utilizing honeypot to collect attack information and virtualization technology. The created virtual machines are managed by VMSC and protocol-based intrusion detection system which shows stable performance in mass traffic to attacker’s intrusion detection is applied. Measurement of attack attempt and attack detection rate was measured to confirm the performance of the proposed system in this paper and the result of good performance through experiment was confirmed.     

基于动态线性相关的访问控制模型研究

访问控制是网络资源共享领域的重要研究内容。为了提高访问控制中对未知节点的预测能力,提出了一种基于动态线性相关的访问控制模型。首先,提出了一种包含服务请求者、服务推荐节点和服务提供者的访问控制结构。其次,提出了一种动态的信任值线性计算方法,该方法将节点的全局信任值表示为直接信任值和推荐信任值的线性组合,并根据节点间的历史记录动态地调整直接信任值和推荐信任值的权重。最后通过仿真实验表明, 提出的访问控制模型与其他相关的访问控制模型相比,不仅具有更高的预测成功率,而且能更好地抵御节点的恶意攻击。