Research On Key Safety Technologies For The Centralized Mobile Positioning System

With the advent of the "Internet Plus" era,more and more mobile products are equipped with GPS(Global Positioning System)terminals and other positioning terminal modules,so that users can enjoy more digital services based on LBS(Location Based Service)applications,and real-time positioning and control of mobile target products through the system services,so as to avoid such phenomena as vehicle violations,illegal parking of electric vehicles and flying in restricted areas of drones.As a common LBS application,mobile positioning system has been developed for many products in the business,such as smart car rental,logistics navigation and drone tracking,etc.These mobile positioning system applications are currently implemented with the centralized mobile positioning system architecture,known as the centralized mobile positioning system.In the centralized mobile positioning system,the central server,the client,and the positioning terminal complete data interaction through the GPS network and Internet.In recent years,with the frequent occurrence of security incidents such as system service paralysis,interactive data leakage and damaged data integrity in Internet systems,users have paid more attention to the stability of services provided by system and the security of data interaction,and the protection of data integrity.Most of the current centralized mobile positioning systems can provide users with real-time positioning,track tracking,remote control,permission control and other services,but there exist many problems concerning the stability of system services,the security of data interaction between system entities,and the integrity of the data provided by the system to third users for the current centralized mobile positioning system.In order to solve the above-mentioned security deficiencies,we do research on three key technologies for the current centralized mobile positioning system,which are the HTTP-Get Flood DDoS attack detection and defense technology,the secure interaction technology based on certificateless tripartite authenticated key agreement,and the data integrity protection technology applicable to the centralized mobile positioning system.The HTTP-Get Flood DDoS attack detection and defense technology can solve the problem that the system can not provide stable services when under HTTP-Get Flood DDoS attack,and this technology can effectively detect and defend the popular HTTP-Get Flood DDoS attack.The secure interactive technology based on certificateless tripartite authenticated key agreement can solve the problem of confidentiality of the interactive data between the three parties of the system,and this technology enables the three entities of the system to negotiate to generate a secure session key and ensure the confidentiality of the interactive data.The data integrity protection technology applicable to the centralized mobile positioning system can solve the problem of the integrity protection of the data provided by the system to third-party users,and this technology can enable third-party users to verify the integrity of the data provided by the system through a trusted third-party administrator to ensure the integrity of the data provided by the system.The main contributions of this thesis are as followed.Firstly,we design and implement the HTTP-Get Flood DDoS attack detection and defense technology.First of all,based on the nonparametric CUSUM algorithm,by introducing the exponential smoothing method,the multi-feature nonparametric CUSUM algorithm is proposed.This algorithm has a low misjudgment rate for random fluctuations in sequence points and is more suitable for anomaly detection of network traffic.Then combined with the multi-feature nonparametric CUSUM algorithm and the binomial logistic regression model,the HTTP-Get flood DDoS attack detection and defense technology is proposed,which can effectively detect the HTTP-Get flood DDoS attack and locate the attack source IP to defend against attacks.After that,we design and implement the scheme of HTTP-Get flood DDoS attack detection and defense technology.Finally,we test and analyze the HTTP-Get Flood DDoS attack detection and defense technology,including non-attack traffic false detection rate,attack traffic missing detection rate,and attack source location accuracy.The results of the experiments show that the non-attack traffic false detection rate is less than 14%,which is lower than the compared scheme.The attack traffic missing detection rate is less than 9%,which is basically the same as the compared scheme.The attack source location accuracy can reach more than 70%,with high accuracy.Secondly,we design and implement the secure interaction technology based on certificateless tripartite authenticated key agreement.First of all,based on the ECC algorithm,the certificateless tripartite authenticated key agreement algorithm is proposed.The algorithm proposed does not depend on the key generation center and the certificate authority.It can resist man-in-the-middle attacks and replay attacks,and has forward security.Then combined with the certificateless tripartite authenticated key agreement algorithm,SM4 algorithm and CBC mode,the secure interaction technology based on certificateless tripartite authenticated key agreement is proposed,which enables the three entities of system to generate a secure session key and guarantee the confidentiality of interactive data.After that,we design and implement the scheme of the secure interaction technology based on certificateless tripartite authenticated key agreement.Finally,we test and analyze the secure interaction technology based on certificateless tripartite authenticated key agreement,including tripartite key agreement success rate,tripartite data encryption success rate,tripartite data decryption success rate,and tripartite key agreement time efficiency.The results of the experiments show that the tripartite key agreement success rate can reach more than 99.75%,the tripartite data encryption success rate can reach more than 99.4%,the tripartite data decryption success rate can reach more than 99.8%,and the time overhead of the tripartite key agreement is less than 134 ms.Finally,we design and implement the data integrity protection technology applicable to the centralized mobile positioning system.First of all,the sampling-based integrity verification algorithm is proposed based on the idea of PDP model and ECC algorithm for integrity protection scenarios in the centralized mobile positioning system.Then,combined the sampling-based integrity verification algorithm and My SQL database technology,the data integrity protection technique for centralized mobile positioning systems is proposed,which enables third-party users to verify the integrity of the data provided by the system through a trusted third-party agency,which ensures the integrity of the data provided by the system.After that,we design and implement the scheme of the data integrity protection technique for centralized mobile positioning systems.Finally,we test and analyze the data integrity protection technology applicable to the centralized mobile positioning system,including the success rate of integrity verification,the time efficiency of the challenge verification process,and the time efficiency of the data block label generation process.The results of the experiments show that the success rate of integrity verification can reach more than 99.5%,the time overhead for challenge verification process is about 1/3 of the compared scheme,and the time overhead for data block tag generation process is about 1/7 of the compared scheme,with very little time overhead.