计算机科学 ›› 2022, Vol. 49 ›› Issue (4): 340-353.doi: 10.11896/jsjkx.210400112
宋涛1,2,3, 李秀华1,2, 李辉1,2, 文俊浩1,2, 熊庆宇1,2, 陈杰4
SONG Tao1,2,3, LI Xiu-hua1,2, LI Hui1,2, WEN Jun-hao1,2, XIONG Qing-yu1,2, CHEN Jie4
摘要: 针对车联网攻击风险的持续加剧,车载系统、车载终端、车载信息与服务应用及智能网联汽车运营服务平台等面临的网络安全威胁凸显,广义网络攻击中的信息篡改、病毒入侵等手段已经被证明可用于对智能网联汽车的攻击。传统车联网的弱口令认证和弱加密的特点,难以满足当前车联网领域多网络、多节点安全防护的要求,国内车联网安全加密认证机制的缺乏和加密认证体系不完善,导致车联网通信安全更难得到满足。为解决车联网安全加密认证问题,文中对大数据时代下的车联网安全加密认证技术架构进行了研究。首先介绍了大数据时代下车联网安全现状和车联网安全的相关概念;接着对比分析了当前车联网的安全架构,并提出了大数据时代下的车联网安全加密认证体系,系统地论述了车联网安全技术架构以及车联网通信模块的加密认证方式;然后将所提架构与车联网信息安全标准进行对比分析,详细阐述了车联网安全加密认证关键技术和技术创新性;最后总结并提出了当前车联网安全加密认证技术面临的问题和挑战。
中图分类号:
[1] WANG Y H.Research on the Authentication Technology andAlgorithm for Internet of Vehicles[D].Chongqing:Chongqing University of Posts and Telecommunications,2017. [2] YE P,HAO T L,ZHAO D H,et al.Research on the Information Security Technology of Car Networking from the Perspective of Automobile Enterprise[J].Journal of Automobile Technology,2019(5):59-63. [3] LIU X L.Research on OBU-based Multilevel Security Architecture and Communication Scheme for Internet of Vehicles[D].Zhenjiang:Jiangsu University,2018. [4] China Institute of Communications.Internet of Vehicles Security Technology and Standards Development Frontier Report (2019)[EB/OL].https://www.docin.com/p-363483387.html. [5] China Academy of Information and Communications Technology.White Paper on Internet of Vehicles Network Security(2018)[R/OL]. [2018-05-20].https://max.book118.com/html/2018/1224/6004040055001241.shtm. [6] China Academy of Information and Communications Technology.White Paper on Internet of Vehicles Network Security(2017)[R/OL]. [2017-09-21].http://www.caict.ac.cn/kxyj/qwfb/bps/202001/t20200102_273007.htm. [7] ZHAO X B.Research on Network Security and Standardization of Connected Vehicles[J].Network Security Technology and Application,2020,229(1):141-142. [8] YANG N,KANG R B.Network of Vehicles Security ThreatAnalysis and Protection Ideas[J].Communications Technology,2015,48(12):1421-1426. [9] WANG C Q.Network of Vehicles Security Threat Analysis and Protection Ideas[J].Computer Products & Circulation,2020(2):132-135. [10] HUANG Y X.Research on Internet of Vehicles Network Secu-rity Technology[J].Electronic World,2018,553(19):51-52. [11] YUAN K.Research on Routing Algorithm of Vehicle Network in Urban Environment [D].Chongqing:Chongqing University of Posts and Telecommunications,2019. [12] National Technical Committee on Information Security of Stan-dardization Administration.Technical requirements and test eva-luation method of network intrusion detection system:GB/T20275-2013[S].Beijing:Standards Press of China,2013. [13] XIE K L,LU Y.Discussion on Current Situation and Development Trend of Information Security of Vehicle Network System[C]//Proceedings of the 14th Henan Province Automotive Engineering Science and Techno-logy Symposium.2017. [14] LI X L.Strategy Research of Private Equity Fund Participating in Private Placement [D].Wuhan:Hubei University of Techno-logy,2020. [15] Channel industry.China’s information security market development pattern and the information security market development demand trend analysis (2019)[OL]. [2019-11-01].https://www.chyxx.com/industry/201911/800523.html. [16] XIE K L,LU Y.Brief Discussion on the Current Situation and Development Trend of Information Security of Internet of Vehicles System[C]//Proceedings of the 14th Henan Provincial Symposium on Automotive Engineering Science and Technology.2017:7-8. [17] GB/T 25066-2010B/T 25066-2010.Information Security Product Category andCode[S].Beijing:Standards Press of China,2010. [18] WANG Q.Research on Safety Mechanism and Key Technology of Internet of Vehicles[D].Nanjing:Nanjing University of Science and Technology,2016. [19] FENG T.Research on Information Security in Internet of Vehicles Technology[J].Information Security and Technology,2011(8):28-30. [20] China Academy of Information and Communications Technology.White Paper on Internet of Vehicles Network Security(2018)[R/OL]. [2020-09-24].https://download.csdn.net/download/dipolar/14020028?utm_source=iteye_new. [21] ZHU K Y,SONG J,YE L,et al.Research on Evaluation Index System of Vehicular Terminal Information Security[J].Industrial Technology Innovation,2018,29(6):11-17. [22] WANG S L,JIANG F,GU Y Y.Research on Internet of Vehicles Test Based on TBOX Test[J].Automotive Electrical App-liance,2018,362(10):38-39. [23] WANG L M,LI T T,CHEN L.Structure and Security of Internet of Vehicles Based on Vehicle Identity[J].Journal of Network and Information Security,2016,2(2):41-54. [24] DU X J.Design of Integrated Circuit Based on CAN Bus for Automotive Electronic Control Unit (ECU) [D].Tianjin:Tianjin Polytechnic University,2007. [25] LIAO F,HUANG J,LI J H.Discussion on the application of automobile OBD interface[J].Automobile and Driving Maintenance:Maintenance Edition,2017(12):143. [26] ZENG F.Research and Implementation of Intrusion Detection System for Connected Vehicles [D].Chengdu:University of Electronic Science and Technology of China,2018. [27] SEKAR R,GUPTA A,FRULLO J,et al.Specification-basedanomaly detection:a new approach for detecting network intrusions[C]//Proceedings of the 9th ACM Conference on Compu-ter and Communications Security.ACM,2002:265-274. [28] SHUKLA A S,MAURYA R.Entropy-Based Anomaly Detec-tion in a Network[J].Wireless Personal Communications an Internaional Journal,2018(99):1487-1501. [29] WANG D B.The Hierarchical Architecture and Cloud Re-source Management of IoV Cloud System [D].Guangzhou:Guangdong University of Technology,2015. [30] YANG N,KANG R B.Network of Vehicles Security ThreatAnalysis and Protection Ideas[J].Communications Technology,2015(12):1421-1426. [31] YANG Z Q,ZHENG Y F,XIU J P.Research on Internet of Vehicles Security System Based on Digital Signature[J/OL].Computer Engineering and Application.https://kns.cnki.net/kcms/detail/11.2127.TP.20210331.1554.034.html. [32] HUANG H X.Research on Security Technology of Internet of Vehicles Based on Anonymous Authentication[J].Communication Technology,2020,338(2):233-236. [33] WAN Z L,KUANG F.Research on Internet of Vehicles Security Architecture Based on Blockchain Technology[J].Jiangxi Communications Science and Technology,2019(1):41-44. [34] WANG X C.Security of 5G Internet of Vehicles Based on V2X Security Chip[J].Information Security Research,2020(8):705-709. [35] CHEN N.Design and Analysis of Safety Protection System for Internet of Vehicles[J].Computer Development and Application,2014,27(10):32-35. [36] LI X H,ZHONG C,CHEN Y,et al.Review of Internet of Vehicles Security[J].Journal of Information Security,2019,4(3):17. [37] GUI Z.Research on Cryptographic Application Technology for Secure Communication of Internet of Vehicles [D].Chengdu:University of Electronic Science and Technology of China,2017. [38] HE W F.Common Threats and Control of Cloud Security[J].Information & Computer,2018(7):179-180. [39] WU S Z.Research on Identity Authtification Method Based on Vehicle-borne CAN Bus Network [D].Changchun:Jilin University,2018. [40] Vehicle Electrical System Security Committee.CybersecurityGuidebook for Cyber-Physical Vehicle Systems:SAE J3061_201601[S].Philadephia:SAE International,2016. [41] PENG Y,RONG H,WANG W Y,et al.T-box password security protection scheme[J].Automotive Electrical Appliances,2017(5):64-66. [42] QIN Q L,XIE L B.Network of Vehicles Data Security RiskAnalysis and Related Suggestions[J].Information Communication Technology and Policy,2020(8):37-40. [43] LU Z,QU G,LIU Z.A Survey on Recent Advances in Vehicular Network Security,Trust,an Privacy[J].IEEE Transactios on Intelligent Transportation Systemsk,2018,20(2):760-776. [44] KOO D,SHIN Y,YUN J,et al.An Online Data-oriented Authentication Based on Merkle Tree with Improved Reliability[C]//2017 IEEE International Conference on Web Services(ICWS).2017:840-843. [45] YU T Q,HU J L,JIN J,et al.Mobile Edge Computing Based In-vehicle CAN Network Intrusion Detection Method[J].Compu-ter Science,2021,48(1):34-39. [46] LIU Y,WU G X.Research on Connected Car Connectivity Mo-del Based on 802.11 p/WAVE and Its Application[J].Journal of Communications,2017,34(6):85-91. [47] HE X.Distributed Database Security Architecture Based on Intrusion Tolerance[D].Changsha:Central South University,2010. [48] RAWAT A,SHARMA S,SUSHIL R.VANET:Security At-tacks and Its Possible Solutions[J].Journal of Information and Operations Management,2012,3(1):301. [49] GB/T 20271-2006B/T 20271-2006.Ministry of Industry and Information Technology,People’s Republic of China.Technical Requirements for Security Protection of Information Service Platform of Internet of Vehicles [S].Beijing:Standards Press of China,2020. [50] SHAMIR A.Identity-Based Cryptosystems and SignatureSchemes[J].Lect.notes Comput.,1985,196(2):47-53. [51] CHEN P,GAO T G.Multi-topic and Multi-correlation Automatic Negotiation and Its Application in Distributed Decision Environment [M].Harbin Engineering University Press,2013. [52] CHEN W.Quantitative Analysis Method for High Availability System Design [D].Hangzhou:Zhejiang University,2006. [53] TANG X D,LIANG H B,ZHE F P,et al.Computer Operating System[M].Xi’an:Xidian University Press,2007:1-20. [54] KARAME G,CAPKUN S.Blockchain Security and Privacy[J].IEEE Security & Privacy,2018,16(4):11-12. |
[1] | 孙轩, 王焕骁. 政务大数据安全防护能力建设:基于技术和管理视角的探讨 Capability Building for Government Big Data Safety Protection:Discussions from Technologicaland Management Perspectives 计算机科学, 2022, 49(4): 67-73. https://doi.org/10.11896/jsjkx.211000010 |
[2] | 唐亮, 李飞. 基于决策树的车联网安全态势预测模型研究 Research on Forecasting Model of Internet of Vehicles Security Situation Based on Decision Tree 计算机科学, 2021, 48(6A): 514-517. https://doi.org/10.11896/jsjkx.200700158 |
[3] | 王金恒, 单志龙, 谭汉松, 王煜林. 基于遗传优化PNN神经网络的网络安全态势评估 Network Security Situation Assessment Based on Genetic Optimized PNN Neural Network 计算机科学, 2021, 48(6): 338-342. https://doi.org/10.11896/jsjkx.201200239 |
[4] | 石琳姗, 马创, 杨云, 靳敏. 基于SSC-BP神经网络的异常检测算法 Anomaly Detection Algorithm Based on SSC-BP Neural Network 计算机科学, 2021, 48(12): 357-363. https://doi.org/10.11896/jsjkx.201000086 |
[5] | 马琳, 王云霄, 赵丽娜, 韩兴旺, 倪金超, 张婕. 基于多模型判别的网络入侵检测系统 Network Intrusion Detection System Based on Multi-model Ensemble 计算机科学, 2021, 48(11A): 592-596. https://doi.org/10.11896/jsjkx.201100170 |
[6] | 程庆丰, 李钰汀, 李兴华, 姜奇. 面向边缘计算环境的密码技术研究综述 Research on Application of Cryptography Technology for Edge Computing Environment 计算机科学, 2020, 47(11): 10-18. https://doi.org/10.11896/jsjkx.200500003 |
[7] | 方皓, 吴礼发, 吴志勇. 基于符号执行的Return-to-dl-resolve利用代码自动生成方法 Automatic Return-to-dl-resolve Exploit Generation Method Based on Symbolic Execution 计算机科学, 2019, 46(2): 127-132. https://doi.org/10.11896/j.issn.1002-137X.2019.02.020 |
[8] | 曹康华, 董伟伟, 汪锦量, 周林, 王勇. 基于虚拟蜜网的用电信息采集系统攻击检测方法 Attack Detection Method for Electricity Information Collection System Based on Virtual Honeynet 计算机科学, 2019, 46(11A): 455-459. |
[9] | 陈晋音,徐轩桁,苏蒙蒙. 基于自适应免疫计算的网络攻击检测研究 Research on Network Attack Detection Based on Self-adaptive Immune Computing 计算机科学, 2018, 45(6A): 364-370. |
[10] | 唐赞玉,刘宏. 多阶段大规模网络攻击下的网络安全态势评估方法研究 Study on Evaluation Method of Network Security Situation under Multi-stage Large-scale Network Attack 计算机科学, 2018, 45(1): 245-248. https://doi.org/10.11896/j.issn.1002-137X.2018.01.043 |
[11] | 戚湧,郭诗炜,李千目. 电网融合泛在网信息平台设计及安全威胁分析 Design and Security Threats Analysis for Information Platform of Fusion Ubiquitous Network in Power Grid 计算机科学, 2017, 44(3): 150-152. https://doi.org/10.11896/j.issn.1002-137X.2017.03.033 |
[12] | 王伟,王嘉郡,王明明,张文静,陈金广. 以网络性能为核心的移动自组网Flooding攻击防御技术 Defense Technology Based on Dynamic Space-Time Performance for Flooding Attacks in Mobile Ad Hoc Networks 计算机科学, 2017, 44(1): 159-166. https://doi.org/10.11896/j.issn.1002-137X.2017.01.031 |
[13] | 申普兵,赵占东,宫强兵. 网络作战能力评估指标体系构建问题的研究 Research on Evaluation of Computer Network Operation Based on Capacity Factor 计算机科学, 2016, 43(Z6): 505-507. https://doi.org/10.11896/j.issn.1002-137X.2016.6A.119 |
[14] | 李新国,李鹏伟,傅建明,丁笑一. 一种安全风险可控的弹性移动云计算通用框架 Risk-controllable Common Elastic Mobile Cloud Computing Framework 计算机科学, 2015, 42(Z11): 357-363. |
[15] | 周强,彭辉. 基于自回归滑动平均的网络数据流量预测模型 Research on Network Traffic Prediction Scheme Based on Autoregressive Moving Average 计算机科学, 2014, 41(4): 75-79. |
|