计算机科学

计算机科学 ›› 2022, Vol. 49 ›› Issue (4): 340-353.doi: 10.11896/jsjkx.210400112

• 信息安全 • 上一篇    下一篇

大数据时代下车联网安全加密认证技术研究综述

宋涛1,2,3, 李秀华1,2, 李辉1,2, 文俊浩1,2, 熊庆宇1,2, 陈杰4   

  1. 1 信息物理社会可信服务计算教育部重点实验室(重庆大学) 重庆 401331;
    2 重庆大学大数据与软件学院 重庆 401331;
    3 中国信息通信研究院 北京 100191;
    4 重庆市特种设备检测研究院 重庆 401121
  • 收稿日期:2021-04-11 修回日期:2021-07-25 发布日期:2022-04-01
  • 通讯作者: 李秀华(lixiuhua@cqu.edu.cn)
  • 作者简介:(m18716350296@163.com)
  • 基金资助:
    国家自然科学基金(61902044,61672117,62072060); 国家重点研发计划(2018YFB2100100,2018YFF0214700); 重庆市科技计划项目基础科学与前沿技术研究专项(cstc2019jcyj-msxmX0589); 重庆重点基金项目(CSTC2017jcyjBX0025,CSTC2019jscx-zdztzxX0031); 中央高校基本科研业务费(2020CDJQY-A022)

Overview of Research on Security Encryption Authentication Technology of IoV in Big Data Era

SONG Tao1,2,3, LI Xiu-hua1,2, LI Hui1,2, WEN Jun-hao1,2, XIONG Qing-yu1,2, CHEN Jie4   

  1. 1 Key Laboratory of Dependable Service Computing in Cyber Physical Society (Chongqing University) Ministry of Education, Chongqing 401331, China;
    2 School of Big Data & Software Engineering, Chongqing University, Chongqing 401331, China;
    3 China Academy of Information and Communications Technology, Beijing 100191, China;
    4 Special Equipment Inspection and Research Institute of Chongqing, Chongqing 401121, China
  • Received:2021-04-11 Revised:2021-07-25 Published:2022-04-01
  • About author:SONG Tao,born in 1992,Ph.D candidate,is a student member of China Computer Federation.His main research interests include IoV application,IoV security,cloud computing and deep learning.LI Xiu-hua,born in 1987,Ph.D,professor,Ph.D supervisor,is a member of China Computer Federation.His main research interests include mobile edge computing/caching,big data analysis and machine learning.
  • Supported by:
    This work was supported by the National Nature Science Foundation of China(61902044,61672117,62072060),National Key R&D Program of China(2018YFB2100100,2018YFF0214700),Chongqing Research Program of Basic Research and Frontier Technology(cstc2019jcyj-msxmX0589),Key Research Program of Chongqing Science&Technology Commission(CSTC2017jcyjBX0025,CSTC2019jscx-zdztzxX0031) and Fundamental Research Funds for the Central Universities(2020CDJQY-A022).

PDF (PC)

794

摘要: 针对车联网攻击风险的持续加剧,车载系统、车载终端、车载信息与服务应用及智能网联汽车运营服务平台等面临的网络安全威胁凸显,广义网络攻击中的信息篡改、病毒入侵等手段已经被证明可用于对智能网联汽车的攻击。传统车联网的弱口令认证和弱加密的特点,难以满足当前车联网领域多网络、多节点安全防护的要求,国内车联网安全加密认证机制的缺乏和加密认证体系不完善,导致车联网通信安全更难得到满足。为解决车联网安全加密认证问题,文中对大数据时代下的车联网安全加密认证技术架构进行了研究。首先介绍了大数据时代下车联网安全现状和车联网安全的相关概念;接着对比分析了当前车联网的安全架构,并提出了大数据时代下的车联网安全加密认证体系,系统地论述了车联网安全技术架构以及车联网通信模块的加密认证方式;然后将所提架构与车联网信息安全标准进行对比分析,详细阐述了车联网安全加密认证关键技术和技术创新性;最后总结并提出了当前车联网安全加密认证技术面临的问题和挑战。

关键词: 安全防护, 安全威胁, 车联网安全, 加密认证, 网络攻击

Abstract: With the increasing risks of Internet of vehicles (IoV) attack, the network security threats of vehicle-mounted systems, vehicle-mounted terminals, vehicle-mounted information and service applications, the operation and service platform of intelligent connected vehicles (ICVs) are prominent.Information tampering and virus intrusion in the generalized network attack have been proved to be suitable for the attack of ICVs.The characteristics of weak password authentication and weak encryption in traditional IoV are hard to satisfy the current requirements of multi-network and multi-node security protection in the field of IoV.In addition, the lack of domestic security encryption authentication mechanism and the imperfect encryption authentication system make it more difficult to satisfy the requirements of IoV security.To solve the problem of IoV security encryption authentication, the paper studies IoV security encryption authentication technology in the age of big data.Firstly, this paper introduces the current situation and relevant concepts of IoV security in the era of big data.Then it contrasts and analyzes the current IoV security architecture, and puts forward IoV security encryption authentication system in the era of big data, and elaborates systematically the IoV security technology architecture and the encryption authentication way of IoV communication module.Then the architecture proposed in this paper is compared with the information security standards of the IoV and elaborates key technology and innovations of the IoV security encryption authentication.Finally, the paper summarizes and proposes the problems and challenges faced by the current security encryption authentication technology of IoV.

Key words: Encryption authentication, Internet of vehicles security, Network attack, Security protection, Security threat

中图分类号: 

  • TP393
[1] WANG Y H.Research on the Authentication Technology andAlgorithm for Internet of Vehicles[D].Chongqing:Chongqing University of Posts and Telecommunications,2017.
[2] YE P,HAO T L,ZHAO D H,et al.Research on the Information Security Technology of Car Networking from the Perspective of Automobile Enterprise[J].Journal of Automobile Technology,2019(5):59-63.
[3] LIU X L.Research on OBU-based Multilevel Security Architecture and Communication Scheme for Internet of Vehicles[D].Zhenjiang:Jiangsu University,2018.
[4] China Institute of Communications.Internet of Vehicles Security Technology and Standards Development Frontier Report (2019)[EB/OL].https://www.docin.com/p-363483387.html.
[5] China Academy of Information and Communications Technology.White Paper on Internet of Vehicles Network Security(2018)[R/OL].
[2018-05-20].https://max.book118.com/html/2018/1224/6004040055001241.shtm.
[6] China Academy of Information and Communications Technology.White Paper on Internet of Vehicles Network Security(2017)[R/OL].
[2017-09-21].http://www.caict.ac.cn/kxyj/qwfb/bps/202001/t20200102_273007.htm.
[7] ZHAO X B.Research on Network Security and Standardization of Connected Vehicles[J].Network Security Technology and Application,2020,229(1):141-142.
[8] YANG N,KANG R B.Network of Vehicles Security ThreatAnalysis and Protection Ideas[J].Communications Technology,2015,48(12):1421-1426.
[9] WANG C Q.Network of Vehicles Security Threat Analysis and Protection Ideas[J].Computer Products & Circulation,2020(2):132-135.
[10] HUANG Y X.Research on Internet of Vehicles Network Secu-rity Technology[J].Electronic World,2018,553(19):51-52.
[11] YUAN K.Research on Routing Algorithm of Vehicle Network in Urban Environment [D].Chongqing:Chongqing University of Posts and Telecommunications,2019.
[12] National Technical Committee on Information Security of Stan-dardization Administration.Technical requirements and test eva-luation method of network intrusion detection system:GB/T20275-2013[S].Beijing:Standards Press of China,2013.
[13] XIE K L,LU Y.Discussion on Current Situation and Development Trend of Information Security of Vehicle Network System[C]//Proceedings of the 14th Henan Province Automotive Engineering Science and Techno-logy Symposium.2017.
[14] LI X L.Strategy Research of Private Equity Fund Participating in Private Placement [D].Wuhan:Hubei University of Techno-logy,2020.
[15] Channel industry.China’s information security market development pattern and the information security market development demand trend analysis (2019)[OL].
[2019-11-01].https://www.chyxx.com/industry/201911/800523.html.
[16] XIE K L,LU Y.Brief Discussion on the Current Situation and Development Trend of Information Security of Internet of Vehicles System[C]//Proceedings of the 14th Henan Provincial Symposium on Automotive Engineering Science and Technology.2017:7-8.
[17] GB/T 25066-2010B/T 25066-2010.Information Security Product Category andCode[S].Beijing:Standards Press of China,2010.
[18] WANG Q.Research on Safety Mechanism and Key Technology of Internet of Vehicles[D].Nanjing:Nanjing University of Science and Technology,2016.
[19] FENG T.Research on Information Security in Internet of Vehicles Technology[J].Information Security and Technology,2011(8):28-30.
[20] China Academy of Information and Communications Technology.White Paper on Internet of Vehicles Network Security(2018)[R/OL].
[2020-09-24].https://download.csdn.net/download/dipolar/14020028?utm_source=iteye_new.
[21] ZHU K Y,SONG J,YE L,et al.Research on Evaluation Index System of Vehicular Terminal Information Security[J].Industrial Technology Innovation,2018,29(6):11-17.
[22] WANG S L,JIANG F,GU Y Y.Research on Internet of Vehicles Test Based on TBOX Test[J].Automotive Electrical App-liance,2018,362(10):38-39.
[23] WANG L M,LI T T,CHEN L.Structure and Security of Internet of Vehicles Based on Vehicle Identity[J].Journal of Network and Information Security,2016,2(2):41-54.
[24] DU X J.Design of Integrated Circuit Based on CAN Bus for Automotive Electronic Control Unit (ECU) [D].Tianjin:Tianjin Polytechnic University,2007.
[25] LIAO F,HUANG J,LI J H.Discussion on the application of automobile OBD interface[J].Automobile and Driving Maintenance:Maintenance Edition,2017(12):143.
[26] ZENG F.Research and Implementation of Intrusion Detection System for Connected Vehicles [D].Chengdu:University of Electronic Science and Technology of China,2018.
[27] SEKAR R,GUPTA A,FRULLO J,et al.Specification-basedanomaly detection:a new approach for detecting network intrusions[C]//Proceedings of the 9th ACM Conference on Compu-ter and Communications Security.ACM,2002:265-274.
[28] SHUKLA A S,MAURYA R.Entropy-Based Anomaly Detec-tion in a Network[J].Wireless Personal Communications an Internaional Journal,2018(99):1487-1501.
[29] WANG D B.The Hierarchical Architecture and Cloud Re-source Management of IoV Cloud System [D].Guangzhou:Guangdong University of Technology,2015.
[30] YANG N,KANG R B.Network of Vehicles Security ThreatAnalysis and Protection Ideas[J].Communications Technology,2015(12):1421-1426.
[31] YANG Z Q,ZHENG Y F,XIU J P.Research on Internet of Vehicles Security System Based on Digital Signature[J/OL].Computer Engineering and Application.https://kns.cnki.net/kcms/detail/11.2127.TP.20210331.1554.034.html.
[32] HUANG H X.Research on Security Technology of Internet of Vehicles Based on Anonymous Authentication[J].Communication Technology,2020,338(2):233-236.
[33] WAN Z L,KUANG F.Research on Internet of Vehicles Security Architecture Based on Blockchain Technology[J].Jiangxi Communications Science and Technology,2019(1):41-44.
[34] WANG X C.Security of 5G Internet of Vehicles Based on V2X Security Chip[J].Information Security Research,2020(8):705-709.
[35] CHEN N.Design and Analysis of Safety Protection System for Internet of Vehicles[J].Computer Development and Application,2014,27(10):32-35.
[36] LI X H,ZHONG C,CHEN Y,et al.Review of Internet of Vehicles Security[J].Journal of Information Security,2019,4(3):17.
[37] GUI Z.Research on Cryptographic Application Technology for Secure Communication of Internet of Vehicles [D].Chengdu:University of Electronic Science and Technology of China,2017.
[38] HE W F.Common Threats and Control of Cloud Security[J].Information & Computer,2018(7):179-180.
[39] WU S Z.Research on Identity Authtification Method Based on Vehicle-borne CAN Bus Network [D].Changchun:Jilin University,2018.
[40] Vehicle Electrical System Security Committee.CybersecurityGuidebook for Cyber-Physical Vehicle Systems:SAE J3061_201601[S].Philadephia:SAE International,2016.
[41] PENG Y,RONG H,WANG W Y,et al.T-box password security protection scheme[J].Automotive Electrical Appliances,2017(5):64-66.
[42] QIN Q L,XIE L B.Network of Vehicles Data Security RiskAnalysis and Related Suggestions[J].Information Communication Technology and Policy,2020(8):37-40.
[43] LU Z,QU G,LIU Z.A Survey on Recent Advances in Vehicular Network Security,Trust,an Privacy[J].IEEE Transactios on Intelligent Transportation Systemsk,2018,20(2):760-776.
[44] KOO D,SHIN Y,YUN J,et al.An Online Data-oriented Authentication Based on Merkle Tree with Improved Reliability[C]//2017 IEEE International Conference on Web Services(ICWS).2017:840-843.
[45] YU T Q,HU J L,JIN J,et al.Mobile Edge Computing Based In-vehicle CAN Network Intrusion Detection Method[J].Compu-ter Science,2021,48(1):34-39.
[46] LIU Y,WU G X.Research on Connected Car Connectivity Mo-del Based on 802.11 p/WAVE and Its Application[J].Journal of Communications,2017,34(6):85-91.
[47] HE X.Distributed Database Security Architecture Based on Intrusion Tolerance[D].Changsha:Central South University,2010.
[48] RAWAT A,SHARMA S,SUSHIL R.VANET:Security At-tacks and Its Possible Solutions[J].Journal of Information and Operations Management,2012,3(1):301.
[49] GB/T 20271-2006B/T 20271-2006.Ministry of Industry and Information Technology,People’s Republic of China.Technical Requirements for Security Protection of Information Service Platform of Internet of Vehicles [S].Beijing:Standards Press of China,2020.
[50] SHAMIR A.Identity-Based Cryptosystems and SignatureSchemes[J].Lect.notes Comput.,1985,196(2):47-53.
[51] CHEN P,GAO T G.Multi-topic and Multi-correlation Automatic Negotiation and Its Application in Distributed Decision Environment [M].Harbin Engineering University Press,2013.
[52] CHEN W.Quantitative Analysis Method for High Availability System Design [D].Hangzhou:Zhejiang University,2006.
[53] TANG X D,LIANG H B,ZHE F P,et al.Computer Operating System[M].Xi’an:Xidian University Press,2007:1-20.
[54] KARAME G,CAPKUN S.Blockchain Security and Privacy[J].IEEE Security & Privacy,2018,16(4):11-12.
[1] 孙轩, 王焕骁.
政务大数据安全防护能力建设:基于技术和管理视角的探讨
Capability Building for Government Big Data Safety Protection:Discussions from Technologicaland Management Perspectives
计算机科学, 2022, 49(4): 67-73. https://doi.org/10.11896/jsjkx.211000010
[2] 唐亮, 李飞.
基于决策树的车联网安全态势预测模型研究
Research on Forecasting Model of Internet of Vehicles Security Situation Based on Decision Tree
计算机科学, 2021, 48(6A): 514-517. https://doi.org/10.11896/jsjkx.200700158
[3] 王金恒, 单志龙, 谭汉松, 王煜林.
基于遗传优化PNN神经网络的网络安全态势评估
Network Security Situation Assessment Based on Genetic Optimized PNN Neural Network
计算机科学, 2021, 48(6): 338-342. https://doi.org/10.11896/jsjkx.201200239
[4] 石琳姗, 马创, 杨云, 靳敏.
基于SSC-BP神经网络的异常检测算法
Anomaly Detection Algorithm Based on SSC-BP Neural Network
计算机科学, 2021, 48(12): 357-363. https://doi.org/10.11896/jsjkx.201000086
[5] 马琳, 王云霄, 赵丽娜, 韩兴旺, 倪金超, 张婕.
基于多模型判别的网络入侵检测系统
Network Intrusion Detection System Based on Multi-model Ensemble
计算机科学, 2021, 48(11A): 592-596. https://doi.org/10.11896/jsjkx.201100170
[6] 程庆丰, 李钰汀, 李兴华, 姜奇.
面向边缘计算环境的密码技术研究综述
Research on Application of Cryptography Technology for Edge Computing Environment
计算机科学, 2020, 47(11): 10-18. https://doi.org/10.11896/jsjkx.200500003
[7] 方皓, 吴礼发, 吴志勇.
基于符号执行的Return-to-dl-resolve利用代码自动生成方法
Automatic Return-to-dl-resolve Exploit Generation Method Based on Symbolic Execution
计算机科学, 2019, 46(2): 127-132. https://doi.org/10.11896/j.issn.1002-137X.2019.02.020
[8] 曹康华, 董伟伟, 汪锦量, 周林, 王勇.
基于虚拟蜜网的用电信息采集系统攻击检测方法
Attack Detection Method for Electricity Information Collection System Based on Virtual Honeynet
计算机科学, 2019, 46(11A): 455-459.
[9] 陈晋音,徐轩桁,苏蒙蒙.
基于自适应免疫计算的网络攻击检测研究
Research on Network Attack Detection Based on Self-adaptive Immune Computing
计算机科学, 2018, 45(6A): 364-370.
[10] 唐赞玉,刘宏.
多阶段大规模网络攻击下的网络安全态势评估方法研究
Study on Evaluation Method of Network Security Situation under Multi-stage Large-scale Network Attack
计算机科学, 2018, 45(1): 245-248. https://doi.org/10.11896/j.issn.1002-137X.2018.01.043
[11] 戚湧,郭诗炜,李千目.
电网融合泛在网信息平台设计及安全威胁分析
Design and Security Threats Analysis for Information Platform of Fusion Ubiquitous Network in Power Grid
计算机科学, 2017, 44(3): 150-152. https://doi.org/10.11896/j.issn.1002-137X.2017.03.033
[12] 王伟,王嘉郡,王明明,张文静,陈金广.
以网络性能为核心的移动自组网Flooding攻击防御技术
Defense Technology Based on Dynamic Space-Time Performance for Flooding Attacks in Mobile Ad Hoc Networks
计算机科学, 2017, 44(1): 159-166. https://doi.org/10.11896/j.issn.1002-137X.2017.01.031
[13] 申普兵,赵占东,宫强兵.
网络作战能力评估指标体系构建问题的研究
Research on Evaluation of Computer Network Operation Based on Capacity Factor
计算机科学, 2016, 43(Z6): 505-507. https://doi.org/10.11896/j.issn.1002-137X.2016.6A.119
[14] 李新国,李鹏伟,傅建明,丁笑一.
一种安全风险可控的弹性移动云计算通用框架
Risk-controllable Common Elastic Mobile Cloud Computing Framework
计算机科学, 2015, 42(Z11): 357-363.
[15] 周强,彭辉.
基于自回归滑动平均的网络数据流量预测模型
Research on Network Traffic Prediction Scheme Based on Autoregressive Moving Average
计算机科学, 2014, 41(4): 75-79.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发