Research On Key Issues Of Mobile Network Security

Mobile networks and mobile Internet are developing at an unprecedented speed. People access the mobile network with high speed and realize the convenience of the network information. Mobile network has penetrated into all aspects of people’s lives and production. However, the characteristics of open and wireless communication of the mobile network, the vulnerabilities of the mobile internet inherited from the traditional Internet, the complexity of the heterogeneous mobile networks and the trend of all-IP have made the mobile networks face mounting security threats. At the same time the increasing processing power of the memory chips of the mobile devices provides more living space for the mobile viruses and the increasing number of mobile users gives good platform for the mobile virus propagation. Ensured the security of the mobile networks and research on the security measures are important not only to the mobile users’personal privacy and property security, but also to the national information security, social stability and economic development.The research on the security measures for the mobile networks can be roughly divided into two aspects. One is the research of the security system and mechanism, including the analysis and design of the communication protocol, encryption algorithm and integrity protection algorithm. The second is based on the research of mobile terminal security. It is considered that the terminal is the source of all security issues. By providing special protection to mobile terminal, the mobile network can resist the virus attack. The main research focus on the terminal design based on trusted computing and control strategy design for mobile virus. In this paper, the security measures for mobile networks are studied in three major areas:the design and improvement of authentication and key agreement protocol, the modeling and restraining mobile virus propagation, and the analysis of the nonlinear feedback shift register. The main results are as follows:(1) A novel anonymous authentication scheme for roaming service in global mobility networks is proposed. The scheme enjoys many important security attributes including prevention of various attacks, user anonymity, no verification table, local password verification and so on. The performance and cost analysis also show the proposed scheme is more suitable for low-power and resource limited mobile devices and thus availability for real implementation.(2) A novel protocol called EEAP-AKA is proposed to provide authentication service for the3GPP LTE-WLAN heterogeneous mobile networks. EEAP-AKA provides a level of security equivalent to. the standard EAP-AKA protocol, but less network units are needed to participate in the authentication process and the transmissions of the authentication messages between different network units are avoided as much as possible. Therefore, the EEAP-AKA protocol can lead to network delay reduced to the maximum.(3) A novel dynamic ID based remote user authentication scheme for multi-server environments is proposed by using pairing and self-certified public keys. Security and performance analyses show the proposed scheme is secure against various attacks and has many excellent features.(4) A patch dissemination strategy based on semi autonomy-oriented computing is proposed to restrain the mobile virus. This strategy can quickly send security patches to as many phones as possible in the mobile network with limited bandwidth which is also large-scale, decentralized, dynamically, and of unknown network topology. Besides, it can control the number of patches disseminated at each time step and make adjustment according to the network conditions. The selected phones, which receive the patches, are always the most important ones at each time step for the virus propagation, and thus the virus propagation can be effectively restrained. The network congestion and the waste of the network resources can also be avoided because each phone receives the patch only once. The research results have guiding significance for the anti-virus software maker to update the virus library.(5) We propose and evaluate a multiple routes transmitted mobile virus spreading on multiplex network. By modeling the multiple routes transmitted mobile virus spreading on multiplex network, we develop equations which allow accurate calculations of virus threshold of the multiplex network and outbreak size of the virus. We also introduce two quantities for measuring the topological structure of multiplex network. One is the average similarity of neighbors (ASN) from different layers of nodes, the other one is the degree-degree correlation (DDC) of nodes. The influencese of ASN and DDC for the virus propagation are evaluated. The research results not only can be used to accurately judge the outbreak of a mobile virus and calculate the outbreak size of the virus, but also have guidance significance for restraining mobile virus. And the proposed research methods have wider implications since they also apply to the computer virus, the internet rumors, the epidemics, etc.(6) By using a novel mathematical tool, semi-tensor product of matrices, the dynamic equation of NLFSR is converted into an equivalent algebraic equation. Then we propose some generalized methods on the research of NLFSR and solve a series of hard problems. Firstly, a general method is proposed to calculate the number of fixed points and cycles with different lengths of the state sequences produced by a given NLFSR. We then show how to construct all22n-(l-n)/22n-l shortest nSR and at least22n-(l-n)/22n-l-1shortest nNLFSR which can output a given nonperiodic/periodic sequence with length l. Finally, an algorithm is presented to construct the nNLFSR which can output the sequence with maximum period. Through the above works, we provide complete solutions for an open problem, and present a general research tool and some methods for the NLFSR.