基于RBEC的副本动态存储方法

doi:10.11896/jsjkx.181102161

计算机科学 ›› 2020, Vol. 47 ›› Issue (2): 313-319.doi: 10.11896/jsjkx.181102161

• 信息安全 • 上一篇

基于RBEC的副本动态存储方法

洪海诚,陈丹伟

(南京邮电大学计算机学院、软件学院、网络空间安全学院南京210023)

收稿日期:2018-11-23 出版日期:2020-02-15 发布日期:2020-03-18
通讯作者: 陈丹伟(chendw@njupt.edu.cn)
基金资助:
国家自然科学基金(61602114);国家重点研发计划(2017YFB0801703)

Replica Dynamic Storage Based on RBEC

HONG Hai-cheng,CHEN Dan-wei

(School of Computer Science,Nanjing University of Posts and Telecommunications,Nanjing 210023,China)

Received:2018-11-23 Online:2020-02-15 Published:2020-03-18
About author:HONG Hai-cheng,born in 1994,master.His main research interests include network security and network dynamic defense technology;CHEN Dan-wei,born in 1970,Ph.D,professor.His main research interests include Virtualization and cloud technologyand Computer communication network and security.
Supported by:
This work was supported by the Key Program of the National Natural Science Foundation of China (61602114) and National Key R&D Program of China (2017YFB0801703).

摘要/Abstract

摘要： 随着云存储技术的飞速发展,现有的云存储架构和存储模式都以一种静态的方式呈现在用户和攻击者面前,使得数据面临着更多的安全威胁。针对这种数据静态存储模式的不足,文中提出了一种基于二元随机扩展码(RBEC)的副本动态存储方法。该方法利用一种网络编码将数据块存储在云节点上,通过基于二元随机扩展码进行节点数据变换,可随机时变地改变节点的数据信息,通过变换攻击面来增加攻击者实施攻击的复杂度和成本,降低系统的脆弱性曝光和被攻击的概率,提高系统的弹性。理论分析和仿真实验结果表明,该方法对变换时的编码计算时间开销在整个动态变换中的占比不高,主要的时间开销是在节点间数据编码块的传输上。此外,文中还将该方法与一般再生码拟态变换方案做了性能对比分析。REBC的特性,即重新生成的编码矩阵满足MDS性质的概率几乎为1,所以文中所提方法的编码过程的性能开销优于一般再生码可能多次变换的性能开销。

关键词: 存储编码, 二元随机扩展码, 副本存储, 攻击面, 移动目标防御

Abstract: With the rapid development of cloud storage technology,the existing cloud storage architectures and storage patterns are presented in a static way to users and attackers,making the data face more security threats.This paper proposed a duplicate dynamic storage scheme based on Random Binary Extension Code (RBEC).The scheme uses a network code to store the data blocks on the cloud nodes.The data information of the nodes can be changed randomly and time-varying by the node data transformation based on Binary Random Extension Code.By changing the attack surface,it can increase the complexity and cost of the attacker,reduce the vulnerability exposure and the probability of being attacked,and improve the flexibility of the system.The theoretical analysis and simulation results show that the coding computation time cost of this method is not high in the whole dynamic transformation,and its main time cost is the transmission of data encoding blocks between nodes.In addition,the performance of this method was compared with the general regenerative code mimetic transformation schemes.Because of the characteristics of REBC,that is,the probability of the regenerated encoding matrix satisfying the MDS property is almost 1,the performance overhead of this method is better than that of general regenerative code which may transform many times in the encoding process.

Key words: Attack surface, Moving target defense, Network coding, Random binary extensive code, Replica storage

中图分类号:

TP393

洪海诚,陈丹伟. 基于RBEC的副本动态存储方法[J]. 计算机科学, 2020, 47(2): 313-319. https://doi.org/10.11896/jsjkx.181102161

HONG Hai-cheng,CHEN Dan-wei. Replica Dynamic Storage Based on RBEC[J]. Computer Science, 2020, 47(2): 313-319. https://doi.org/10.11896/jsjkx.181102161

参考文献

[1]CHEN H C H,HU Y,LEE P P C,et al.NCCloud:A network-coding-based storage system in a cloud-of-clouds[J].IEEE Transactions on computers,2014,63(1):31-44.
[2]LEONTIADIS I,CURTMOLA R.Secure Storage with Replication and Transparent Deduplication[C]∥Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy.ACM,2018:13-23.
[3]SHAHABINEJAD M,ARDAKANI M,KHABBAZIAN M.An erasure code with reduced average locality for distributed sto-rage systems[C]∥2017 International Conference on Computing,Networking and Communications(ICNC).IEEE,2017:427-431.
[4]GLIGOROSKI D,KRALEVSKA K,JENSEN R E,et al.Repair Duality with Locally Repairable and Locally Regenerating Codes[C]∥2017 IEEE 15th Intl Dependable,Autonomic and Secure Computing,15th Intl Conf on Pervasive Intelligence & Computing,3rd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech).IEEE,2017:979-984.
[5]MAHAJAN J,BORKAR B S.Public Auditing for Regenerating Code Based Cloud Storage[C]∥International Conference on Science and Engineering for Sustainable Development.IEEE,2017:16-22.
[6]WARAMBHE P,GODE S,MULE S.Privacy-Preserving and Public Auditing for Regenerating-Code-Based Cloud Storage Using Finger Print Authentication[C]∥International Conference on Communication & Electronic Information Engineering.IEEE,2017:153-166.
[7]SURYAWANSHI M,KAMBLE A,HIREKHAN S,et al.Privacy-Preserving and Public Auditing for Regenerating-Code-Based Cloud Storage[C]∥International Conference on Communication &Electronic Information Engineering.IEEE,2018:763-769.
[8]GURUSWAMI V,WOOTTERS M.Repairing reed-solomon codes[J].IEEE Transactions on Information Theory,2017,63(9):5684-5698.
[9]JIANG S,MO F,LAU F C M,et al.Tree-Permutation-Matrix Based LDPC Codes[J].IEEE Transactions on Circuits and Sys-tems II:Express Briefs,2018,65(8):1019-1023.
[10]KUMAR S,ROSNES E,I AMAT A G.Secure repairable fountain codes[J].IEEE Communications Letters,2016,20(8):1491-1494.
[11]HAO J,LU Y B,LIU X J,et al.Survey for regenerating codes for distributed Storage[J].Journal of Chongqing University of Posts and Telecommunications(Natural Science Edition),2013,25(1):30-38.
[12]KADHE S,SPRINTSON A.Universally weakly secure coset coding schemes for minimum storage regenerating (MSR) codes[C]∥2017 55th Annual Allerton Conference on Communication,Control,and Computing (Allerton).IEEE,2017:25-30.
[13]DAU S H,SONG W,YUEN C.On block security of regenerating codes at the MBR point for distributed storage systems[C]∥2014 IEEE International Symposium on Information Theory (ISIT).IEEE,2014:1967-1971.
[14]EVANS D,NGUYEN-TUONG A,KNIGHT J.Effectiveness of moving target defenses[M]∥Moving Target Defense.New York:Springer,2011:29-48.
[15]LEI C,ZHANG H Q,TAN J L,et al.Moving Target Defense Techniques:A Survey[J].Security and Communication Networks,2018(2):14-27.
[16]CARVALHO M,FORD R.Moving-target defenses for computer networks[J].IEEE Security & Privacy,2014,12(2):73-76.
[17]WANG S,ZHANG L,TANG C.A new dynamic address solution for moving target defense[C]∥Information Technology,Networking,Electronic and Automation Control Conference.IEEE,2016:1149-1152.
[18]CHEN L,ZHANG J Z,TENG P G,et al.Random Binary Extensive Code:An Efficient Code for Distributed Storage System[J].Chinese Journal of Computers,2017,40(9):1980-1995.
[19]CHEN Y,WANG L J,YAN X C,et al.Mimic storage scheme based on regenerated code [J].Journal on Communications,2018,39(4):21-34.

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed

基于RBEC的副本动态存储方法

Replica Dynamic Storage Based on RBEC

PDF (PC)

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 2

Metrics

本文评价

推荐阅读 0

[1]	高春刚, 王永杰, 熊鑫立. MTDCD:一种对抗网络入侵的混合防御机制 MTDCD:A Hybrid Defense Mechanism Against Network Intrusion 计算机科学, 2022, 49(7): 324-331. https://doi.org/10.11896/jsjkx.210600193
[2]	张鑫,顾庆,陈道蓄. 面向对比评估的软件系统安全度量研究 Study of Security Metrics of Software System for Comparative Evaluation 计算机科学, 2009, 36(9): 122-126.