面向搭线窃听与自私行为的安全网络编码研究

发布时间：2018-04-18 20:37

本文选题：网络编码 + 弱安全　；参考：《上海交通大学》2014年博士论文

【摘要】：网络编码是近年来通信领域国际研究的热点方向之一,在网络传输领域有较好的应用前景。在网络编码发展的同时,相应的安全问题也不容忽视,这些安全问题一定程度上也影响了网络编码方法的实际应用,阻碍了它在实际中的应用和推广。现有的网络编码安全问题主要包括污染和窃听,另外,也有过编码、欠编码、自私行为等一些网络编码特有面临的安全问题。然而,到目前为止,网络安全编码方面的研究成果相对还较少,有待于进一步展开研究。对于网络编码所面临的一类典型安全问题---搭线窃听,现有的防搭线窃听的安全网络编码方法主要是从编码角度出发,以编码的复杂度换取传输的安全性,虽然近年有一定研究成果考虑了网络拓扑对安全传输的重要性并给出相应的解决方案,但是这方面研究成果不但少,而且也存在适用范围小等问题。在此背景下,本文着重研究面向搭线窃听的网络安全编码方法。此外,针对网络编码面临的一类特殊安全问题----用户自私行为,考虑到传统自私行为解决方案并不适合在网络编码环境下使用,本文也对网络编码环境下的自私行为进行了探讨研究。本文首先从路由选择角度出发,研究防搭线窃听攻击安全网络编码问题,提出了基于路由选择的防搭线窃听攻击安全网络编码方法。基于网络拓扑结构,首先对单播网络进行研究,在已知被窃听链路位置(不可信链路位置)的情况下,对被窃听链路的传送消息进行分析。在保证网络最大流不变的前提下,尽量移除较少被窃听链路或者正常链路,以保证窃听者无法得到完整的网络源信息,而信宿节点能够正常的接收到所有的信息。根据得到的安全网络拓扑构造新的系统传输矩阵,从而获得安全网络编码,达到抵御搭线窃听攻击的目的;随后将该方法由单播情形扩展到多播情形。更进一步,又在该方法的基础上给出了一种改进的基于路由选择的多播安全网络编码方法。仿真实验表明了上述方法的有效性。然后本文又从网络分割角度出发,针对被窃听节点位置已知和被窃听节点位置未知两种情况下的单播网络搭线窃听攻击问题,提出了基于网络分割的防搭线窃听攻击的网络编码安全方法。针对被窃听节点位置已知情况下的网络窃听攻击,安全编码方法的核心在于:在网络最大流没有发生变化的前提下,找出合适的网络分割方法,使网络至多分割成三个子网络,并保证子网络中最少有一个没有被窃听者窃听过,从而达到网络的弱安全目标。针对被窃听节点位置未知情况下的网络搭线窃听攻击,安全编码方法的核心为:在保证n?2m?l(n为被窃听的中间节点数量,m为被分割的子网络数量,l为子网络最大流为1的数量)的前提下,便能找到合适的网络分割安全编码方法使网络达到弱安全,仿真实验证实该二方法的有效性。最后本文也对如何防范网络编码面临的节点自私行为进行了研究,针对单播网络传输中存在一定比例自私节点的情况,提出了一种防网络节点自私行为的安全网络编码方法。该方法通过计算网络存在一定数量自私节点时可能出现的传输失败的概率,根据所得到的结果求解出网络最大流的期望值,最后再由期望值对网络进行重新编码。在允许的误差范围下,找到最适合的编码方法进行编码,以此达到抵抗因节点自私行为而导致的网络传输失败的目的。仿真实验证实了该方法的有效性。
[Abstract]:Network encoding is one of the hot topics of international research in the field of communications in recent years, there are better application prospects in the field of network transmission. In the network encoding development at the same time, the corresponding security issues can not be ignored, these security problems to a certain extent also affect the practical application of network encoding method, hinders its application and promotion in practice. The safety problem of the existing network. Encoding includes pollution and eavesdropping, in addition, there have been less encoding, encoding, selfish behavior and some network security problems facing the special encoding. However, so far, the research results of network security encoding also relatively less, need to be further studied for a typical class. Network security issues faced by wiretapping - encoding, anti wiretapping network security existing encoding method is mainly starting from the perspective of complexity for encoding, the encoding The safety of transmission, although in recent years, some research results, considering the importance of network topology on transmission security and gives the corresponding solutions, but the results are not only small, but there are also problems such as small application scope. Under this background, this paper focuses on the research of network security to wiretap encoding method. In addition, according to the a special kind of network security problems facing the selfish behavior of users - encoding, taking into account the solutions are not suitable for use in the network environment the traditional encoding of selfish behavior, the article also discussed the research on the network encoding environment selfish behavior. This paper from the Perspective of the routing problem, wiretapping attack network security protection encoding research, put forward the routing of the anti wiretapping attack security network encoding method based on network topology based on the first study of unicast network, Eavesdropping link at a known location (unreliable link position) under the condition of transmitted message interception were analyzed. The link under the premise of ensuring the maximum flow of network at the same time, try to remove less eavesdropping or normal link link, to ensure that the eavesdropper cannot get network complete source information, and the destination node can be normal receive all the information. According to the topological structure of the network security system transfer matrix are new, so as to obtain safe network encoding, to resist the wiretapping attack; then the method is extended to multicast unicast case. Further more, and on the basis of this method is presented based on an improved routing of multicast security network encoding method. Simulation results show the effectiveness of the proposed method. Then this paper from the perspective of network segmentation, the node location is known and eavesdropping Unicast network wiretapping attack eavesdropping node location unknown under two kinds of situations are problems, put forward the network security encoding method of anti wiretapping attack network based image segmentation. Aiming at the eavesdropping node position under a known network eavesdropping attacks, security encoding method core lies in: the premise of no change in the maximum flow of network and find the appropriate network segmentation method, enables the network to split into three sub networks, and to ensure that the network has at least one eavesdropper has not been bugged, so as to achieve the goal of weak security network. Aiming at the eavesdropping node location under unknown network wiretapping attack, core security encoding method is: in the guarantee n? 2m? L (n is the number of intermediate nodes for M sub network eavesdropping number, divided l into 1 sub network maximum flow quantity) of the premise, can find a suitable network segmentation The safety encoding method enables the network to achieve weak security, simulation experiments confirmed the validity of the two methods. Finally, this paper also makes a study on how to prevent the network node encoding face selfish behavior, according to a certain proportion of selfish nodes exist in unicast network transmission, put forward a kind of anti network nodes selfish behavior safety network encoding method. The method by calculating the probability of transmission network may appear a certain number of selfish nodes when the failure of the expected value of the maximum flow of network is calculated according to the obtained results, finally the expected value of re encoding of the network. In the allowed range of error, to find the most suitable method for encoding encoding, in order to achieve resistance network the transmission caused by the selfish behavior of nodes failure. Simulation results demonstrate the effectiveness of the proposed method.

【学位授予单位】：上海交通大学
【学位级别】：博士
【学位授予年份】：2014
【分类号】：TN915.08

【参考文献】