| With the development of mobile Internet and the popularization of mobile intelligent terminal,the security of mobile intelligent terminal is becoming more and more important.At present,the identity authentication of mobile intelligent terminal is still based on password,which has many shortcomings.The attacker can obtain any information in the moblie intelligent terminal by crack password.Moreover,since most applications in the terminal do not do more authentication after unlocking,the attacker can even obtain the user data stored in the cloud.In order to solve these problems,more and more researchers begin to pay attention to the research of user's terminal habits,such as gait,gesture,etc,implicit authentication technology came into being.First,in order to solve the problem that the user system behavior is difficult to describe in implicit authentication,a method of identity authentication based on behavior modeling is proposed.Secondly,a zero-trust network based authentication scheme is proposed to solve the problem of when to authenticate implicit authentication.The specific contents are as follows:Firstly,an identity authentication method based on behavior modeling is proposed.This method consists of four parts: data collection,data preprocessing,model building and model testing.In the part of data preprocessing,in order to solve the problem that user behavior is discrete and difficult to count,the continuous time is divided into five minute time blocks,and the behavioral data is integrated in the time block range.In view of the complexity of user behavior,the system behaviors generated by users are divided into four categories: Unlocking behavior,network behavior,application behavior and communication behavior.In view of the wide range of applications in the application behavior,BOW(Bag of Words)method is adopted to divide the application into 15 categories,including system tools,social chat,consulting and reading,etc.Each application is divided into corresponding types,and the number and time of each type of application in the time block are counted.Finally,the training and prediction of the data set are carried out with the ensemble learning algorithm,and the authentication method is evaluated according to the training results.Secondly,a authentication scheme based on zero trust network is proposed.This scheme mainly aims solve the problem of when to authenticate in the process of implicit authentication of mobile terminals,and designs the authentication scheme based on the ideas of "never trust" and "always verify" of zero-trust network.The scheme consists of three modules: intelligent terminalmodule,identity authentication module and access control module.The intelligent terminal module is responsible for collecting user behavior data and sending requests.The authentication module consists of the above behavior-based authentication method,which is responsible for verifying whether the current user behavior is legal.In the access control module,in view of the various types of resources of mobile terminals,which are difficult to be subdivided,the resources are divided into four categories: local common resources,local privacy resources,network common resources and network privacy resources;Different validation strategies are designed for different resources to solve the problem of when to authenticate.In order to improve the fault-tolerant ability and user experience of the scheme,the concept of trust value is adopted and a trust maintenance method is designed.In order to simplify the implementation and deployment of the scheme,software defined network(SDN)is used to implement the network.Finally,according to the design scheme,simulation experiments are carried out to verify the effectiveness of the scheme. |
PDF Full Text Request