Computer Science ›› 2016, Vol. 43 ›› Issue (9): 175-179.doi: 10.11896/j.issn.1002-137X.2016.09.034

Previous Articles     Next Articles

Cooperative Address Knocking Based Covert Authentication

CAO Xu, ZHU Yue-fei and FEI Jin-long   

  • Online:2018-12-01 Published:2018-12-01

Abstract: With the development of cloud computing,it is inevitable that many security problems arise.Unauthorized service access is one of the most important threats.Based on the new features of IPv6 address,we proposed a new network security technique called cooperative address knocking,which can be seen as an undetectable authentication.It is a form of host-to-host communication which relies on deliberate communication attempts from some cooperative nodes.These connection attempts are monitored by a daemon which interprets the interface identifier of destination IP addresses as information.The theoretical and empirical analysis demonstrate that CAKCA scheme can effectively conduct undetectable authentication and prevent the exposure of existence of the important host.The theoretical analysis and simulation results show that the proposed scheme can effectively improve the level of network security.

Key words: Cloud computing,IPv6,Address knocking,Communication authentication

[1] Yu Neng-hai,Hao Zhuo,Xu Jia-jia,et al.Review of Cloud Computing Security[J].Acta Electronica Sinica,2013,41(2):371-381(in Chinese) 俞能海,郝卓,徐甲甲,等.云安全研究进展综述[J].电子学报,2013,41(2):371-381
[2] Reeja S L.Role Based Access Control mechanism in cloud computing using cooperative secondary antuorization recucling methd[J].International Journal of Emerging Technology and Advanced Engineering,2012,2(10):444-450
[3] Rodas O,Morales G,Alvarez J.A reliable and scalable classification-based hybrid IPS[C]∥IEEE 29th International Conference on Advanced Information Networking and Applications Workshops (WAINA).Gwangiu:IEEE,2015:599-604
[4] Barham P,Hand S,Isaacs R,et al.Techniques for lightweight concealment and authentication in IP networks:Technical Report IRB-TR-02-009[R].Berkeley:Intel Research,2002
[5] Ali F H M,Yunos R,Alias M A M.Simple port knocking method:against TCP replay attack and port scanning[C]∥International Conference on Cyber Security,Cyber Warfare and Digital Forensic (CyberSec).Kuala Lumpur:IEEE,2012:247-252
[6] Mehran P,Reza E A,Laleh B.SPKT:Secure port knock-tunneling,an enhanced port security authentication mechanism[C]∥IEEE Symposium on Computers & Informatics (ISCI).Malaysia:IEEE,2012:145-149
[7] Srivastava V,Keshri A K,Roy A D,et al.Advanced port knocking authentication scheme with QRC using AES[C]∥Proceeding of Trends in Networks and Communications.Chennai:Springer,2011:159-163
[8] Sahu P,Singh M,Kulhare D.Implementation of modified hybrid port knocking (MHPK) with strong authentication[J].Journal of Commerce and Management Thought,2013,4(2):490-504
[9] Hadi A H,Al-Bahadili H.A Hybrid Port-knocking technique for host authentication[M]∥Simulation in Computer Network Design and Modeling:Use and Analysis.2012:336
[10] Liew J H,Lee S,Ong I,et al.One-time knocking frameworkusing SPA and IPsec[C]∥Proceeding of 2nd International Conference on Education Technology and Computer.2010:v5-209-v5-213
[11] Singh K,Zhong J,Mirchandani V,et al.Securing data privacy on mobile devices in emergency health situations[M]∥Security and Privacy in Mobile Information and Communication Systems.Springer Berlin Heidelberg,2012:119-130
[12] Dunlop M,Groat S,Urbanski W,et al.MT6D:a moving target IPv6 defense[C]∥Proceeding of the 2011 Military Communication Conference-Track3-Cyber Security and Network Operations.Baltimore,MD:IEEE,2011:1321-1326

No related articles found!
Full text



No Suggested Reading articles found!