基于信任关系的IP网络容错容侵机制

纪俊杰; 阳小龙; 王进; 吴雄飚; 林建人; 隆克平

doi:10.3724/SP.J.1146.2008.00615

基于信任关系的IP网络容错容侵机制

doi: 10.3724/SP.J.1146.2008.00615

基金项目:

国家973计划项目(2007CB310706)，国家杰出青年科学基金(60725104)和国家自然科学基金(60672045，60873263)资助课题

计量
- 文章访问数: 3173
- HTML全文浏览量: 89
- PDF下载量: 969
- 被引次数: 0
出版历程
- 收稿日期: 2008-05-15
- 修回日期: 2009-03-02
- 刊出日期: 2009-07-19

An Efficient Fault-Tolerant and Intrusion-Tolerant Scheme Based on Trust Relationship for IP Networks

摘要

摘要: 目前IP网络受自身故障和网络攻击等异常行为影响较过去更深广。因此如何增强IP网络的容错和容侵能力显得尤为重要。但是目前很多的研究仅关注其中一个方面，而很少两者兼有，从而不能很好地兼顾安全性和可生存性。该文提出了一种有效的基于信任关系的容错容侵机制。该机制借用了社会网络中的信任关系思想，定量地描述了信任关系值与网络行为的对应关系某节点的恶意行为会使得自己在其他节点处的信任值下降。然后，分析了该机制如何对3种网络异常，即自身故障、诋毁攻击和矛盾行为攻击的容忍能力。最后，仿真结果和分析表明该机制可以迅速而精确地检测到异常节点，并能有效地阻止这些异常对网络的攻击和破坏。
- IP网络;生存性;信任;容错;容侵
Abstract: Nowadays, IP networks are suffering many faults and malicious attacks which greatly threaten its security and survivability. So it is an important issue that how to make the IP networks to be more robust under faults and attacks, i.e., to improve their tolerance abilities for both fault and intrusion. However recently, most of the researches focus on only one of them, and decouple the survivability and security each other. According to the trust model in social networks, this paper proposes an efficient fault-tolerant and intrusion-tolerant scheme based on trust relationship for IP networks. This scheme not only borrows the trust rating from the social links, but also qualitatively describes the relationships between the trust rating and the network behavior. Then, this paper analyses the scheme how to tolerate three known malicious behaviors, viz., self-faults, bad mouth attacks and conflict behavior attacks. Finally, the numeric simulation results show that the scheme can detect the malicious nodes fast and accurately and efficiently prevent these malicious behaviors in IP networks.

HTML全文

参考文献(1)

Kodian A A. Advances in p-cycle network design. [Ph.D.dissertation]. Department of Electrical and ComputerEngineering, University of Alberta. Spring 2006.[2]Cholda P and Jajszczyk A. Reliability assessment of opticalp-cycles[J].IEEE/ACM Transactions on Networking.2007,15(6):1579-1592[3]Chen Hai-guang, Han Peng, and Yu Bo, et al.. A new kind ofsession keys based on message scheme for sensor networks.The Seventeenth Asia Pacific Microwave Conference (APMC2005), Suzhou, China, Dec. 4-7, 2005: 1-4.[4]Karlof C, Sastry N, and Wagner D. TinySec: A link layersecurity architecture for wireless sensor networks.Proceedings of the Second ACM Conference on EmbeddedNetworked Sensor Systems (SenSys 2004), Baltimore,Maryland, USA, 2004: 162-175.[5]Chen Hai-guang, Han Peng, and Zhou Xi, et al.. Lightweightanomaly intrusion detection in wireless sensor networks.PAISI, 2007, LNCS 4430: 106-116.[6]Resnick P and Zeckhauser R. Trust among strangers ininternet transactions: empirical analysis of Ebays reputationsystem. Advances in Applied Microeconomics: TheEconomics of the Internet and E-Commerce, (Michael R B.ed.) Amsterdam: Elsevier/JAI Press, 2002, 11: 127-157.[7]Buchegger S and Le Boudec J Y. Performance analysis of theCONFIDANT protocol (cooperation of nodes-fairness indynamic ad-hoc networks). Proceedings of MobiHoc 2002,Lausanne, CH, June 2002: 226-236.[8]Ganeriwal S and Srivastava M B. Reputation-basedframework for high integrity sensor networks. SASN04,Washington, D.C., USA, October 25, 2004: 66-77.[9]Srinivasan A.[J].Teitelbaum J, and Wu J. DRBTS: Distributedreputation-based beacon trust system. The 2nd IEEEInternational Symposium on Dependable, Autonomic andSecure Computing (DASC06), Indianapolis, USA.2006,:-[10]Chen Hai-guang, Wu Hua-feng, and Zhou Xi, et al.. Agentbasedtrust model in wireless sensor networks. DOI 10.1109/SNPD. 2007, 122: 119-124.[11]Newman M E J. The structure and function of complexnetworks[J].SIAM Review.2003, 45(2):167-256[12]Dellarocas C. Mechanisms for coping with unfair ratings anddiscriminatory behavior in online reputation reportingsystems. Proceedings of ICIS, Brisbane, Australia, 2000:520-525.

施引文献

资源附件(0)

访问统计