| The edge computing network refers to a new paradigm of edge-side big data computing networks which integrates networks,computing,storage and business core capabilities.It is close to users or lot data source side.The edge computing network is generated by the common development of cloud computing and the Internet of Things.The core is the massive uplink monitoring collection and downlink decision-making control big data generated by intelligent sensing devices,solving the problem of low data computing efficiency and performance under the centralized cloud computing model.Compared with traditional cloud computing networks,the edge computing network has more abundant terminal types,more frequent data real-time interaction,more complex transmission network technology system and more intelligent and interconnected business systems.However,the ubiquitous and open features of edge computing networks transmit network security risks to all parts of the system,facing severe security protection challenges.The high real-time and high-continuity requirements of the edge computing network have made more and more attention to its active defense problem,which has become a hot research topic.Faced with the dual constraints of the hybrid feature of edge computing networks and the uncertainty of new network attack features,implementing active defense measures such as detection,evasion,trap and control is of great significance for the security protection of edge computing networks with high real-time and continuity requirements.This paper focuses on the security challenges faced by edge computing networks in the four domains of terminal domain,data domain,network domain and system domain.By describing the nature of attack-defense game model of edge computing networks,this paper studies the advanced detection defense and optimal revenue disposal of attack behaviors.The paper breaks through the theoretical and technical limitations of traditional passive information system security models,methods and techniques which can not meet the high real-time and continuity requirements of edge computing networks.The paper mainly researches the following aspects:(1)In order to improve the active defense capability of the edge computing terminal,the paper studies the mimicry defense technology of edge computing terminal based on dynamic heterogeneous redundancy structure,and describes the mimetic defense system in a formal way.Aiming at the defensive ability evaluation of the proposed mimicry defense model,the paper proposes comprehensive dynamic,heterogeneous and redundant characteristics.The probabilistic analysis method is used to analyze the defense ability of the mimicry defense model of the edge computing terminal.The model can conduct solution computation of the security of the mimetic defense model according to the related factor parameters such as attack ability,heterogeneity degree and dynamic transformation.On this basis,the thesis designs the trust degree evaluation method of the edge computing terminal access sensor nodes,which is calculated on the basis of familiar trust degree,similar trust degree and behavioral trust degree.The change of the trust degree of the perceived node is used as the decision basis,and the transformation cycle of the mimetic defense components is reasonably predicted and adjusted.Finally,the model is validated by simulation experiments simulating the attacker and the mimetic defense system.The research results show that the proposed model is of certain guiding significance for helping designers to construct mimicry defense systems.(2)Aiming at the high-speed and reliable transmission requirements of data in the uncontrollable environment of edge computing networks,and maximizing the defense revenue,this paper proposes an active defense method for data interaction attacks in edge computing networks based on network topology mimic correlation.Increase the attack cost of the attackers by building a dynamic communication path alliance.On this basis,considering the decline of transmission reliability and defense revenue caused by the dynamic adjustment of communication path,a real-time network anomaly detection algorithm based on non-extensive entropy and Renyi cross entropy is proposed,and a predictive algorithm of network safety reliability based on HMM hidden Markov prediction model is proposed.A network topology mimetic association diagram and a communication path alliance mimetic transformation method based on dynamic threshold are proposed to ensure the data transmission service quality of the active defense technology of edge computing networks.The active defense model of the edge data network interaction process against the new attack and with the optimal defense cost is constructed,which provides a powerful guarantee for the active defense before the attack.(3)The essence of safe active defense is to make the defense gain greater than the attack loss.In order to fight with the new attack with uncertain features introduced by the ubiquitous transmission network in the edge computing network,the paper studies the attack nature and the attack-defense game mechanism in the transmission network domain of the edge computing network.The paper draws conclusions of the target opposition,strategic dependence and non-cooperative relationship between the offensive and defensive sides.Based on the idea of dynamic intrusion detection,this paper combines with the attack-defense game theory and proposes a mimicry intrusion detection game model based on edge computing network.The game income of participants and utility computing methods under different deployment strategies are analyzed in detail.According to the proof analysis of the Nash equilibrium condition in the model,the contradictory dynamic game relationship is described.Therefore,the optimal deployment strategy of the multi-redundancy edge computing terminal intrusion detection service in the edge computing network is obtained by solving the game balance point.The detection probability of the edge computing network for network attacks is improved,and the cost of intrusion detection of the edge computing network is reduced.(4)After the system within the edge computing network sinks with the computing power,the interconnected features of whole time domain and space domain systems are presented.In order to solve the linkage disposal and minimum cost response of complex attacks such as advanced persistent threats in the system domain,this paper proposes an attack linkage disposal decision-making method for edge computing network systems based on attribute attack graphs.A simplified attribute attack graph is constructed through network security alarm association and false alarm determination,and formal correlation analysis is performed on the causal relationship of the alarm information.On this basis,the linkage defense strategy decision computing is transformed into the minimum dominance set solution of the attribute attack graph.Finally,a linkage disposal strategy execution point decision algorithm based on greedy algorithm is designed,which constructs a set of attack linkage disposal decision-making technologies with optimal defense cost.It provides a powerful guarantee for timely and effective active defense.The paper conducts a comprehensive and in-depth security analysis of the edge computing network.Aiming at the stereo security defense requirements of the terminal domain,data domain,network domain and system domain of the edge computing network,a set of full-scale and lightweight attack active defense methods are proposed.Compared with the existing research work,the proposed terminal mimicry defense and intrusion detection,network mimic security transmission and intrusion detection,and intrusion linkage response decision-making method have higher defense benefits,which is of great significance for realizing active defense of edge computing networks. |
PDF Full Text Request