Please wait a minute...
浙江大学学报(工学版)
浙江大学学报(工学版)
计算机技术     
计算机网络协同防御系统信任启动模型
余洋,夏春和,原志超,李忠
北京航空航天大学 计算机学院, 网络技术北京市重点实验室,北京 100191
Trust bootstrapping model for computer network collaborative defense system
YU Yang,XIA Chun he,YUAN Zhi chao,LI Zhong
School of Computer Science and Engineering,Key Laboratory of Beijing Network Technology,
Beijing University of Aeronautics and Astronautics,Beijing 100191,China
 全文: PDF(2806 KB)   HTML
摘要:

为了解决计算机网络协同防御(CNCD)中的信任启动问题,研究信任启动过程,并给出基于信任类型的信任启动模型.基于防御代理(Agent)的行为模式划分信任类型,并使用博弈论分析防御任务的信任效用和防御成本之间的关系,据此给出执行防御测试任务的约束条件.通过执行防御测试任务,确认防御Agent的信任类型,并设计赋对应值和加权均值2种方法来计算新加入的防御Agent的初始信任值.模拟实验结果表明,相对于其他模型,基于信任类型的信任初始化模型具有更低的防御任务失败率,同时在防御任务的执行方面具有更好的适应性.
Abstract:

The process of trust bootstrapping was investigated, and the trust type based trust bootstrapping model was proposed in order to solve the problem of trust bootstrapping in computer network collaborative defence (CNCD). First, the division of trust type  based on the behavior model of defense Agent was discussed. Then, the relationship of trust utility and defense cost was analyzed according to the game theory. Based on the above analysis,the constraints of executing defense test task were proposed. The trust type of defense Agents was identified by executing defense test tasks.  The initial trustworthiness of defense Agents was assigned by two means, including assigning the corresponding values and weighted mean. The simulated experiment results show that, relative to other models, the  proposed model has lower failure rate of defense tasks, and better adaptability in the aspect of defense task execution.
出版日期: 2016-09-22
:  TP 393  
基金资助:

国家自然科学基金资助项目(61170295).
通讯作者: 夏春和,男,教授,博导.ORCID: 0000-0003-4424-8449.     E-mail: xch@buaa.edu.cn
作者简介: 余洋(1985-),男,博士生,从事网络安全、信任评估研究.ORCID: 0000-0003-3639-9271. E-mail: kiko441500@163.com
服务  
把本文推荐给朋友
加入引用管理器
E-mail Alert
RSS
作者相关文章  

引用本文:

余洋,夏春和,原志超,李忠. 计算机网络协同防御系统信任启动模型[J]. 浙江大学学报(工学版), 10.3785/j.issn.1008-973X.2016.09.07.

YU Yang,XIA Chun he,YUAN Zhi chao,LI Zhong. Trust bootstrapping model for computer network collaborative defense system. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 10.3785/j.issn.1008-973X.2016.09.07.

链接本文:

http://www.zjujournals.com/eng/CN/10.3785/j.issn.1008-973X.2016.09.07        http://www.zjujournals.com/eng/CN/Y2016/V50/I9/1684

[1] 臧天宁,云晓春,张永铮,等.网络设备协同联动模型[J].计算机学报,2011,34(2): 216-228.
ZANG Tianning,YUN Xiaochun,ZHANG Yongzheng,et al. A model of network device coordinative run [J].Chinese Journal of Computers,2011,34(2):216-228.
[2] 刘旭勇.基于协同的网络安全防御系统研究[J].计算技术与自动化,2012,31(2): 142-144.
LIU Xuyong. Network security defense system research based on the collaborative [J]. Computing Technology and Automation,2012,8(2):142-144.
[3] CZIRKOS Z,RENCZ M,HOSSZU′ G. A distributed hash table assisted intrusion prevention system [J]. International Journal On Advances in Security,2012, 5(3/4):134-143.
[4] BERGER A,CESAREO J,DALCONZO A.Collaborative network defense with minimum disclosure [C]∥ Proceedings of IEEE Conference on Global Telecommunications,Piscataway:IEEE, 2011:16.
[5] HUANG N F,WANG C,LIAO I J,et al. An OpenFlowbased collaborative intrusion prevention system for cloud networking [C]∥ Proceedings of the 7th IEEE International Conference on Communication Software and Networks (ICCSN), New Jersey: IEEE, 2015: 85-92.
[6] KOTENKO I,KONOVALOV A,SHOROV A. Agentbased simulation of cooperative defense against botnets [J].Concurrency Computation Practice and Experience,2012,24(6):573588.
[7] KOTENKO I,ULANOV A. Agentbased simulation of DDOS attacks and defense mechanisms [J]. International Journal of Computing,2014, 4(2): 113-123.
[8] FUNG C J,ZHANG J,AIB I,et al. Dirichletbased trust management for effective collaborative intrusion detection networks [J]. IEEE Transactions on Network and Service Management,2011,8(2): 79-91.
[9] PINYOL I,SABATERMIR J. Computational trust and reputation models for open multiagent systems: a review [J]. Artificial Intelligence Review,2013,40(1): 125.
[10] ALJAZZAF Z M,CAPRETZ M A M,Perry M.Trust bootstrapping services and service providers [C]∥Proceedings of the 9th IEEE International Conference on Privacy,Security and Trust. Piscataway: IEEE,2011: 7-15.
[11] 石志国,贺也平,张宏.一种对等计算安全性的时间自衰减信任管理算法[J].计算机研究与发展, 2007,44(1): 110.
SHI Zhiguo,HE Yeping, ZHANG Hong. A time selfdecay trust management algorithm for P2P computing security [J]. Computer Research and Development,2007,44(1): 110.
[12] RUOHOMAA S,KUTVONEN L. Trust management survey [C]∥ Proceedings of the 3rd International Conference on iTrust. Berlin: Springer,2005: 77-92.
[13] LIU J, ISSARNY V. Enhanced reputation mechanism for mobile ad hoc networks [M]. Berlin Heidelberg:Springer,2004: 48-62.
[14] 王刚,桂小林.社会网络中交易节点的选取及其信任关系计算方法[J].计算机学报,2013,36(2): 368-383.
WANG Gang, GUI Xiaolin. Selecting and trust computing for transaction nodes in online social networks [J]. Chinese Journal of Computers,2013,36(2): 368383.
[15] 彭冬生,林闯,刘卫东.一种直接评价节点诚信度的分布式信任机制[J].软件学报,2008,19(4): 946-955.
PENG Dongsheng, LIN Chuang, LIU Weidong. A distributed trust mechanism directly evaluating reputation of nodes [J]. Journal of Software,2008,19(4): 946-955.
[16] 金瑜,古志民,班志杰.一种新的P2P系统中基于双ratings的声誉管理机制[J].计算机研究与发展,2008,45(6): 942-950.
JIN Yu, GU Zhimin, BAN Zhijie. A new reputation management mechanism based on biratings in P2P systems [J]. Journal of Computer Research and Development,2008,45(6): 942-950.
[17] FELDMAN M,CHUANG J. The evolution of cooperation under cheap pseudonyms [C]∥Proceedings of 7th International Conference on ECommerce Technology,Piscataway: IEEE,2005: 284-291.
[18] 林剑柠,吴慧中.基于主观逻辑理论的网格信任模型分析[J].计算机研究与发展,2007,44(8): 1365-1370.
LIN Jianning,WU Huizhong. Research on a trust model based on the subjective logic theory [J]. Journal of Computer Research and Development,2007,44(8): 13651370.
[19] 窦文,王怀民,贾焰,等.构造基于推荐的PeertoPeer环境下的Trust模型[J].软件学报,2004,15(4): 571-583.
DOU Wen,WANG Huaiming,JIA Yan,et al. A recommendationbased peertopeer trust model [J]. Journal of Software,2004,15(4): 571-583.
[20] MALIK Z,BOUGUETTAYA A. Reputation Bootstrapping for trust establishment among web services [J]. Internet Computing IEEE,2009,13(1): 40-47.
[21] BURNETT C,NORMAN T J,SYCARA K. Bootstrapping trust evaluations through stereotypes \[C\]∥Proceedings of the 9th International Conference on Autonomous Agents and Multiagent Systems,New York:ACM,2010: 241-248.
[22] SENSOY M,YILMAZ B,NORMAN T J. Discovering frequent patterns to bootstrap trust [C]∥Proceedings of the 8th International Workshop ADMI,Berlin: Springer,2013: 93-104.
[23] 孙啸寅,吴国新,董永强等.一种基于推荐的信誉系统初始化定值策略[J].东南大学学报:自然科学版,2010,40(1):  41-46.
SUN Xiaoyan,WU Guoxin,DONG Yongqiang,et al. New initialization strategy of reputation system based on recommendation [J]. Journal of Southeast University: Natural Science Edition,2010,40(1): 41-46.
[24] MAXIMILIEN E M,SINGH M P. Reputation and endorsement for web services [J]. ACM SIGecom Exchanges,2001,3(1): 2431.
[25] NGUYEN H T,YANG J,ZHAO W. Bootstrapping trust and reputation for Web services [C] ∥Proceedings of the 14th IEEE I-nternational Conference on Commerce and Enterprise Computing, Piscataway:  IEEE,2012: 41-48.
[26] 王家昉,冯志勇,徐超,等.多Agent系统中基于认知的信任框架研究[J].计算机学报,2010,1(1): 139-151.
WANG Jiafang,FENG Zhiyong,XU Chao, et al. Research on trust framework in multiagent system from the cognitive view [J]. Chinese Journal of Computers,2010,1(1): 139-151.
[27] 田俊峰,杜瑞忠,刘玉玲. 基于结点行为特征的可信性度量模型[J].计算机研究与发展,2011,48(6): 934-944.
TIAN Junfeng, DU Ruizhong, LIU Yuling. Trust evaluation model based on node behavior character [J]. Journal of Computer Research and Development,2011,48(6): 934-944.
[28] JIANG X, LIN C, YIN H,et al. Gamebased trust establishment for mobile ad hoc networks [C]∥Proceedings of the WRI International Conference on Communications and Mobile Computing, Piscataway: IEEE,2009,3: 475-479.
[29] WU Q,ZHU Q,LI P. A neural network based reputation bootstrapping approach for service selection [J]. Enterprise Information Systems, 2015, 9(7): 768-784.
[30] 刘彬,张仁津.电子商务中Web服务社区的动态信任启动模型[J]. 计算机工程,2012,38(10): 269-272.
LIU Bing,ZHANG Renjin. Dynamic trust starting model of web service community in electronic commerce [J]. Computer Engineering,2012,38(10): 269-272.
[31] JIAO H,LIU J,LI J,et al. A framework for reputation bootstrapping based on reputation utility and game theories [C]∥Proceedings of the 10th International Conference on Trust, Security and Privacy in Computing and Communications,Piscataway: IEEE,2011: 344-351.
[32] SANCHEZARTIGAS M,HERRERA B. Activity stereotypes,or how to cope with disconnection during trust bootstrapping [J]. IEEE Transactions on Parallel and Distributed Systems, 2015, 26(1): 2-12.
[33] 曲大鹏,王兴伟,黄敏.移动对等网络中自私节点的检测和激励机制[J].软件学报,2013,24(4): 887-899.
QU Dapeng,WANG Xingwei,HUANG Min. Selfish Node Detection and Incentive Mechanism in Mobile P2P Networks [J]. Journal of Software,2013,24(4):887-899.
[34] MARTI S,GARCIAMOLINA H. Taxonomy of trust: Categorizing P2P reputation systems [J]. Computer Networks,2006,50(4): 472-484.
[35] LEE W,FAN W,MILLER M,et al.Toward costsensitive modeling for intrusion detection and response [J].Journal of Computer Security,2002,10(1): 522.
[36] 姜伟,方滨兴,田志宏,等. 基于攻防博弈模型的网络安全测评和最优主动防御[J].计算机学报,2009,32(4): 817-827.
JIANG Wei,FANG Binxing,TIAN Zhihong, et al. Evaluating network security and optimal active defense based on attackdefense game model [J]. Chinese Journal of Computers,2009,32(4): 817-827.
[37] WANG C Z,HUANG G Q. Network attack strategy digging based on object petri net [C]∥ Proceedings of the 3rd IEEE International Conference on Advanced Computer Theory and Engineering,Piscataway: IEEE,2010: 193-197.
[38] VARGA A,HORNIG R. An overview of the OMNeT++ simulation environment [C] ∥ Proceedings of the 1st International Conference on Simulation Tools and Techniques for Communications, Networks and Systems and Workshops,New York: ACM,2008,208(2): 183-202.
[39] KHOSRAVIFAR B,BENTAHAR J,GOMROKCHIET M, et al. CRM: an efficient trust and reputation model for agent computing [J]. Knowledge Based Systems,2012,30(2): 1-16.
[1] 李建丽, 丁丁, 李涛. 基于二次聚类的多目标混合云任务调度算法[J]. 浙江大学学报(工学版), 2017, 51(6): 1233-1241.
[2] 游录金, 卢兴见, 何高奇. 云环境亚健康研究[J]. 浙江大学学报(工学版), 2017, 51(6): 1181-1189.
[3] 张欣欣, 徐恪, 钟宜峰, 苏辉. 网络服务提供商合作行为的演化博弈分析[J]. 浙江大学学报(工学版), 2017, 51(6): 1214-1224.
[4] 王钰翔, 李晟洁, 王皓, 马钧轶, 王亚沙, 张大庆. 基于Wi-Fi的非接触式行为识别研究综述[J]. 浙江大学学报(工学版), 2017, 51(4): 648-654.
[5] 钱良芳, 张森林, 刘妹琴. 基于预约的数据队列水下无线传感器网络MAC协议[J]. 浙江大学学报(工学版), 2017, 51(4): 691-696.
[6] 李晓东, 祝跃飞, 刘胜利, 肖睿卿. 基于权限的Android应用程序安全审计方法[J]. 浙江大学学报(工学版), 2017, 51(3): 590-597.
[7] 黄焱, 王鹏, 谢高辉, 安俊秀. 智能电网下数据中心能耗费用优化综述[J]. 浙江大学学报(工学版), 2016, 50(12): 2386-2399.
[8] 齐平, 李龙澍, 李学俊. 具有失效恢复机制的云资源调度算法[J]. 浙江大学学报(工学版), 2015, 49(12): 2305-2315.
[9] 苏凯, 马良荔, 孙煜飞, 郭晓明. 面向Web服务QoS预测的非负矩阵分解模型[J]. 浙江大学学报(工学版), 2015, 49(7): 1358-1366.
[10] 高键鑫, 吴旭升, 高嵬, 张文兵. 面向移动自组网的信任数据自存储模型[J]. 浙江大学学报(工学版), 2015, 49(6): 1022-1030.
[11] 任午令, 赵翠文, 姜国新, David Maimon, Theodore Wilson, Bertrand Sobesto. 基于攻击行为预测的网络防御策略[J]. 浙江大学学报(工学版), 2014, 48(12): 2144-2151.
[12] 高梦州, 冯冬芹, 凌从礼, 褚健. 基于攻击图的工业控制系统脆弱性分析[J]. 浙江大学学报(工学版), 2014, 48(12): 2123-2131.
[13] 李德骏,汪港,杨灿军,金波,陈燕虎. 基于NTP和IEEE1588海底观测网时间同步系统[J]. J4, 2014, 48(1): 1-7.
[14] 郭童,林峰. 基于混合遗传鱼群算法的贝叶斯网络结构学习[J]. J4, 2014, 48(1): 130-135.
[15] 刘端阳 ,谢建平,曹衍龙.  基于能量模型的可分负荷调度算法的研究[J]. J4, 2013, 47(9): 1547-1553.