基于信任计算的车载命名数据网络安全机制

计算机与现代化 ›› 2023, Vol. 0 ›› Issue (02): 96-103.

基于信任计算的车载命名数据网络安全机制

（长安大学信息工程学院，陕西西安 710064）

出版日期:2023-04-10 发布日期:2023-04-10
作者简介:樊娜（1978—），女，陕西渭南人，副教授，博士，研究方向：车联网安全技术，E-mail： fnsea@chd.edu.cn；邹小敏（1997—），女，硕士研究生，研究方向：命名数据网络安全，E-mail： 2020124138@chd.edu.cn；李思瑞（1998—），女，硕士研究生，研究方向：命名数据网络安全，E-mail： 2020124137@chd.edu.cn；杨晓朵（1999—），女，硕士研究生，研究方向：命名数据网络安全，E-mail： 2021224103@chd.edu.cn。
基金资助:
陕西省重点研发计划项目（2022GY-039）

A Trusted Computing Based Secure Scheme in Vehicular Named Data Networking

（School of Information Engineering， Chang’an University， Xi’an 710064， China）

Online:2023-04-10 Published:2023-04-10

摘要/Abstract

摘要： 命名数据网络是一种以内容为中心的网络，将命名数据网络应用于车联网形成车载命名数据网络能够有效解决车联网中传统TCP/IP通信带来的局限性。然而车载命名数据网络同样面临安全风险，尤其是兴趣包洪泛攻击和开关攻击严重影响了车载命名数据网络的信息共享和安全通信。本文针对上述攻击提出一种基于信任计算的车载命名数据网络安全机制（TSSRA），首先通过分析攻击行为对网络的影响，提取识别恶意行为的特征值，然后基于特征值设计一种信任计算方法，通过评估节点的信任值区分恶意行为和合法行为。仿真实验表明，本文提出的安全机制有效抑制能恶意节点的恶意行为，增强网络的安全性，确保网络安全高效的运行。

关键词: 车载命名数据网络, 安全机制, 兴趣包洪泛攻击, 开关攻击, 信任计算

Abstract: Named data networking is a content-centered network. Applying named data networking to the Internet of vehicles to form a vehicular named data networking can effectively solve the limitations brought by traditional TCP/IP communication in the Internet of vehicles. However， vehicular named data network also faces security risks， especially interest flooding attack and on-off attack， which seriously affect the information sharing and secure communication of vehicular named data networking. Aiming at the above attacks， this paper proposed a trusted computing based secure scheme in vehicular named data networking called TSSRA. Firstly， by analyzing the impact of attack behavior on the network， the characteristic values identifying malicious behavior are extracted， and then a trusted computing method based on characteristic values is designed to separate malicious behavior from legitimate behavior by evaluating the trust value of nodes. Simulation results show that the secure mechanism proposed in this paper can effectively suppress the malicious behavior of malicious nodes， enhance the security of the network and ensure the safe and efficient operation of the network.

Key words: vehicular named data networking, secure mechanism, interest flooding attack, on-off attack, trusted computing

樊娜, 邹小敏, 李思瑞, 杨晓朵. 基于信任计算的车载命名数据网络安全机制[J]. 计算机与现代化, 2023, 0(02): 96-103.

FAN Na, ZOU Xiao-min, LI Si-rui, YANG Xiao-duo. A Trusted Computing Based Secure Scheme in Vehicular Named Data Networking[J]. Computer and Modernization, 2023, 0(02): 96-103.

参考文献［28］

［1］	吴建波，朱文霞，剧亮，等. 边缘计算在智慧交通系统中的应用［J］. 计算机与现代化， 2021（12）:103-109.
［2］	SHAHID M A， JAEKEL A， EZEIFE C， et al. Review of potential security attacks in VANET［C］// 2018 Majan International Conference （MIC）. 2018:1-4.
［3］	TANG L， DUAN Z T， ZHU Y S. Data dissemination in service discovery for vehicular ad hoc networks: A Survey［J］. IET Intelligent Transport Systems，2018，12（10）：1189-1200.
［4］	YANG N， CHEN K， LIU Y. Towards efficient NDN framework for connected vehicle applications［J］. IEEE Access， 2020，8:60850-60866.
［5］	谢英英，石涧，黄硕康，等. 面向5G的命名数据网络物联网研究综述［J］. 计算机科学， 2020，47（4）:217-225.
［6］	黄胜，吴震，许江华，等. NDN中基于相交路径的多径数据传输策略［J］. 计算机工程与设计， 2016，37（3）:581-585.
［7］	WANG A W， CHEN T， CHEN H， et al. NDNVIC: Named data networking for vehicle infrastructure cooperation［J］. IEEE Access， 2019，7:62231-62239.
［8］	KUMAR S， MANN K S. Prevention of DoS attacks by detection of multiple malicious nodes in VANETs［C］// 2019 International Conference on Automation， Computational and Technology Management （ICACTM）. 2019:89-94.
［9］	AFANASYEV A， MAHADEVAN P， MOISEENKO I， et al. Interest flooding attack and countermeasures in named data networking［C］// 2013 IFIP Networking Conference. 2013:1-9.
［10］	COMPAGNO A， CONTI M， GASTI P， et al. Poseidon: Mitigating interest flooding DDoS attacks in named data networking［C］// 38th Annual IEEE Conference on Local Computer Networks. 2013:630-638.
［11］	HOU R， HAN M， CHEN J， et al. Theil-based countermeasure against interest flooding attacks for named data networks［J］. IEEE Network， 2019，33（3）:116-121.
［12］	ZHI T， LUO H B， LIU Y. A Gini impurity-based interest flooding attack defence mechanism in NDN［J］. IEEE Communications Letters， 2018，22（3）:538-541.
［13］	BENMOUSSA A， TAHARI A E K， LAGAA N， et al. A novel congestion-aware interest flooding attacks detection mechanism in named data networking［C］// 2019 28th International Conference on Computer Communication and Networks （ICCCN）. 2019:1-6.
［14］	SALAH H， STRUFE T. Evaluating and mitigating a collusive version of the interest flooding attack in NDN［C］// 2016 IEEE Symposium on Computers and Communication （ISCC）. 2016:938-945.
［15］	SHIGEYASU T， SONODA A. Detection and mitigation of collusive interest flooding attack on content centric networking［J］. International Journal of Grid and Utility Computing， 2020，11（1）:21-29.
［16］	XIN Y H， LI Y， WANG W， et al. Detection of collusive interest flooding attacks in named data networking using wavelet analysis［C］// 2017 IEEE Military Communications Conference . 2017:557-562.
［17］	WU Z J， FENG W Z， YUE M， et al. Mitigation measures of collusive interest flooding attacks in named data networking［J］. Computers & Security， 2020，97. DOI:10.1016/j.cose.2020.101971.
［18］	LIU L， FENG W Z， WU Z J， et al. The detection method of collusive interest flooding attacks based on prediction error in NDN［J］. IEEE Access， 2020，8:128005-128017.
［19］	TAHIR M U， REHMAN R A. CUIF: Control of useless interests flooding in vehicular named data networks［C］// 2018 International Conference on Frontiers of Information Technology （FIT）. 2018:303-308.
［20］	FAN N， LI C， ZHANG T Y， et al. BSMM: A broadcast storm mitigation model based on distributed data clusters and hybrid network architecture in vehicular named data network［J］. Journal of Physics Conference Series， 2020，1693（1）. DOI:10.1088/1742-6596/1693/1/012029.
［21］	SATTAR M U， REHMAN R A. Interest flooding attack mitigation in named data networking based VANETs［C］// 2019 International Conference on Frontiers of Information Technology （FIT）. 2019. DOI:10.1109/FIT47737.2019.00053.
［22］	RABARI J， KUMAR A R P. FIFA: Fighting against interest flooding attack in NDN-based VANET［C］// 2021 International Wireless Communications and Mobile Computing （IWCMC）. 2021:1539-1544.
［23］	ABDULLAH M， RAZA I， ZIA T， et al. Interest flooding attack mitigation in a vehicular named data network［J］. IET Intelligent Transport Systems， 2021，15（4）:525-537.
［24］	于亚芳，潘耘，王励成. 命名数据网络中的DoS/DDoS攻击研究综述［J］. 信息技术， 2017，41（6）:78-82.
［25］	WANG R M， XU Z Q， ZHAO X M， et al. A V2V-based method for the detection of road traffic congestion［J］. IET Intelligent Transport Systems， 2019，13（5）:880-885.
［26］	KHELIFI H， LUO S， NOUR B， et al. Named data networking in vehicular ad hoc networks: State-of-the-art and challenges［J］. IEEE Communications Surveys & Tutorials， 2020，22（1）:320-351.
［27］	TOURANI R， MISRA S， MICK T， et al. Security， privacy， and access control in information-centric networking: A Survey［J］. IEEE Communications surveys & Tutorials， 2018，20（1）:566-600.
［28］	章铭. 基于内容的未来网络命名与解析机制研究［D］. 北京:北京邮电大学， 2013.

[1]	黄梦玲;翟正军. Qubes安全操作系统的研究和改进[J]. 计算机与现代化, 2013, 1(4): 198-201,.
[2]	陈炬桦;涂东阳;软文江. PDF文档使用控制方法研究[J]. 计算机与现代化, 2012, 1(6): 169-171,.