Journal of Jilin University(Engineering and Technology Edition) ›› 2024, Vol. 54 ›› Issue (12): 3620-3625.doi: 10.13229/j.cnki.jdxbgxb.20230985

Previous Articles     Next Articles

Dynamic access control algorithms for multi domain interoperability under advanced persistent threat attacks

Yao HU(),Bi-bo TU   

  1. School of Cyberspace Security,University of Chinese Academy of Sciences,Beijing 100085,China
  • Received:2023-08-04 Online:2024-12-01 Published:2025-01-24

RICH HTML

 3   

PDF (PC)

171

Abstract:

In order to reduce the losses caused by APT attacks on the network and improve the security of network operation, it is necessary to control access in the network. A dynamic access control algorithm for multi domain interoperability under APT attacks is proposed. Firstly, an APT attack model is constructed based on Petri nets; Secondly, by calculating the trust experience, knowledge, and recommendations of each domain in the network under APT attacks, the trust values of each domain are obtained; Finally, the domain trust level is calculated based on the domain trust value, and the access permissions assigned to the corresponding roles in the domain according to the level are used to complete dynamic access control for multi domain interoperability. The experimental results show that the algorithm has high control efficiency and good control performance.

Key words: APT attack, multi domain interoperability, trust evaluation, role based access control, dynamic access

CLC Number: 

  • TP391

Fig.1

Security assessment"

Fig.2

Changes in trust values"

Table 1

Response time of access requests"

访问域数量/个本文算法文献[3]算法文献[4]算法
20.61.11.5
40.91.51.9
61.11.72.5
81.22.03.0
101.42.33.2
121.62.43.7
141.72.74.3
162.03.14.8
182.13.35.2
202.33.75.7
1 梁若舟,高跃,赵曦滨.基于序列特征提取的溯源图上APT攻击检测方法[J].中国科学: 信息科学,2022, 52(8): 1463-1480.
Liang Ruo-zhou, Gao Yue, Zhao Xi-bin. Sequence feature extraction-based APT attack detection method with provenance graphs [J]. Scientia Sinica(Informationis), 2022, 5(8): 1463-1480.
2 胡斌,赵晓芳,宋永浩,等.基于合约的Web服务个性化访问控制方法[J].高技术通讯,2021,31(9):901-909.
Hu Bin, Zhao Xiao-fang, Song Yong-hao, et al. A smart contract based personalized access control method towards Web service [J]. Chinese High Technology Letters, 2021,31 (9): 901-909.
3 徐俊伟,袁景凌,向广利.可更新属性的链上数据访问控制方法[J].小型微型计算机系统,2023,44(2):429-434.
Xu Jun-wei, Yuan Jing-ling, Xiang Guang-li. Data access control based on updatable attributes encryption[J]. Journal of Chinese Computer Systems, 2023,44(2): 429-434.
4 葛丽娜,胡雨谷,张桂芬,等.云计算环境基于客体属性匹配的逆向混合访问控制方案[J].计算机应用,2021,41(6):1604-1610.
Ge Li-na, Hu Yu-gu, Zhang Gui-fen, et al. Reverse hybrid access control scheme based on object attribute matching in cloud computing environment [J]. Journal of Computer Applications, 2021,41(6): 1604-1610.
5 王思源,邹仕洪.多域物联网中基于区块链和权能的访问控制机制[J].应用科学学报, 2021, 39(1): 55-69.
Wang Si-yuan, Zou Shi-hong. Blockchain and capability based access control mechanism in multi-domain IoT [J]. Journal of Applied Sciences, 2021,39(1): 55-69.
6 吕杨琦,王张宜,杨秀璋,等.基于特征功能函数的APT样本分类方法[J].郑州大学学报: 理学版,2023, 55(2): 10-17, 24.
Lv Yang-qi, Wang Zhang-yi, Yang Xiu-zhang, et al. A novel APT malware classification method based on feature function code[J]. Journal of Zhengzhou University(Natural Science Edition), 2023,55(2): 10-17, 24
7 李宏仲,郭相辰.基于Petri网的配电网信息物理系统可靠性评估[J].电网技术,2023,47(1):347-359.
Li Hong-zhong, Guo Xiang-chen. Reliability evaluation of cyber-physical system of distribution network based on petri net[J]. Power System Technology, 2023,47(1): 347-359.
8 建威,付保川,吴征天,等.基于区块链的多域微电网电力市场动态博弈[J].控制工程,2022,29(8):1505-1513.
Jian Wei, Fu Bao-chuan, Wu Zheng-tian, et al. Dynamic game of multi-domain microgrid power market based on blockchain[J]. Control Engineering of China, 2022,29(8): 1505-1513.
9 李纲,张铎,完颜亚茹,等.基于信任度的农资营销社会网络中关键农民选取及应用[J].管理评论,2021,33(9): 155-168.
Li Gang, Zhang Duo, Ya-ru Wanyan.A study on key farmers' selection and application based on trust in agricultural materials products marketing[J].Management Review,2021,33(9):155-168.
10 张槟淇,任丽芳,王文剑.融合信任隐性影响和信任度的推荐模型[J].模式识别与人工智能,2022,35(4):374-385.
Zhang Bing-qi, Ren Li-fang, Wang Wen-jian. Recommendation model combining implicit influence of trust with trust degree[J]. Pattern Recognition and Artificial Intelligence, 2022,35 (4): 374-385.
11 徐选华,刘尚龙.社会网络环境下基于“信任—知识”模型的风险性大群体应急决策方法[J].运筹与管理,2021,30(2):31-38.
Xu Xuan-hua, Liu Shang-long. Large group risky emergency decision-making method based on trust-knowledge model in social network environment [J]. Operations Research and Management Science, 2021,30(2): 31-38.
12 徐上上,孙福振,王绍卿,等.基于图神经网络的异构信任推荐算法[J].计算机工程,2022,48(9):89-95, 104.
Xu Shang-shang, Sun Fu-zhen, Wang Shao-qing, et al. Heterogeneous trust recommendation algorithm based on graph neural networks[J]. Computer Engineering, 2022,48(9): 89-95, 104.
13 戴波,赖旬阳,胡凯,等.基于多角色节点的区块链可扩展方案研究与设计[J].浙江工业大学学报,2021,49(5):487-493.
Dai Bo, Lai Xun-yang, Hu Kai, et al. Research and design of scalable blockchain scheme based on multi-role nodes[J]. Journal of Zhejiang University of Technology, 2021,49(5): 487-493.
14 刘敖迪,杜学绘,王娜,等.基于访问控制日志的访问控制策略生成方法[J].电子与信息学报,2022,44(1):324-331.
Liu Ao-di, Du Xue-hui, Wang Na, et al. Access control policy generation method based on access control logs [J]. Journal of Electronics & Information Technology, 2022,44(1): 324-331.
15 刘炜,盛朝阳,佘维,等.基于智能合约的分类分级属性访问控制方法[J].计算机应用研究,2022,39(5):1313-1318.
Liu Wei, Sheng Chao-yang, She Wei, et al. Classified and hierarchical attribute access control method based on smart contract[J]. Application Research of Computers, 2022, 39(5): 1313-1318.
[1] Xiao-yu YI,Mian-zhu YI. Network book resource recommendation based on deep fusion of interest information [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(12): 3614-3619.
[2] Xin CHENG,Sheng-xian LIU,Jing-mei ZHOU,Zhou ZHOU,Xiang-mo ZHAO. 3D object detection algorithm fusing dense connectivity and Gaussian distance [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(12): 3589-3600.
[3] Dondrub LHAKPA,Duoji ZHAXI,Jie ZHU. Tibetan text normalization method [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(12): 3577-3588.
[4] Jun-jie LIU,Jia-yi Dong,Yong YANG,Dan LIU,Fu-heng QU,Yan-chang LYU. Analysis of factors associated with online learning performance of students based on HM-OLS stepwise regression model [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(12): 3755-3762.
[5] Yu-ting SU,Meng-yao JING,Pei-guang JING,Xian-yi LIU. Deep photometric stereo learning framework for battery defect detection [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(12): 3653-3659.
[6] Fa-sheng WANG,Bing HE,Fu-ming SUN,Hui ZHOU. Adaptive content aware spatially-regularized correlation filter for object tracking [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(10): 3037-3049.
[7] Feng-feng ZHOU,Tao YU,Yu-si FAN. Generative adversarial autoencoder integrated voting algorithm based on mass spectral data [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(10): 2969-2977.
[8] Lu Li,Jun-qi Song,Ming Zhu,He-qun Tan,Yu-fan Zhou,Chao-qi Sun,Cheng-yu Zhou. Object extraction of yellow catfish based on RGHS image enhancement and improved YOLOv5 network [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(9): 2638-2645.
[9] Hong-wei ZHAO,Hong WU,Ke MA,Hai LI. Image classification framework based on knowledge distillation [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(8): 2307-2312.
[10] Dan-hui LAI,Wei-feng LUO,Xu-dong YUAN,Zi-liang QIU. Key point feature extraction algorithms for multimodal gesture in complex environments [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(8): 2288-2294.
[11] Chao-lu TEMUR,Ya-ping ZHANG. Link anomaly detection algorithm for wireless sensor networks based on convolutional neural networks [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(8): 2295-2300.
[12] Sheng-jie ZHU,Xuan WANG,Fang XU,Jia-qi PENG,Yuan-chao WANG. Multi-scale normalized detection method for airborne wide-area remote sensing images [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(8): 2329-2337.
[13] Liang-li ZHANG,Xiao-feng MA. New energy vehicle charging station location method based on improved particle swarm optimization algorithm [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(8): 2275-2281.
[14] Xin-gang GUO,Chao CHENG,Zi-qi SHEN. Face expression recognition based on attention mechanism of convolution network [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(8): 2319-2328.
[15] Hua CAI,Ting-ting KOU,Yi-ning YANG,Zhi-yong MA,Wei-gang WANG,Jun-xi SUN. Three-dimensional vehicle multi-target tracking based on trajectory optimization [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(8): 2338-2347.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
[1] LI Shoutao, LI Yuanchun. Autonomous Mobile Robot Control Algorithm Based on Hierarchical Fuzzy Behaviors in Unknown Environments[J]. 吉林大学学报(工学版), 2005, 35(04): 391 -397 .
[2] Liu Qing-min,Wang Long-shan,Chen Xiang-wei,Li Guo-fa. Ball nut detection by machine vision[J]. 吉林大学学报(工学版), 2006, 36(04): 534 -538 .
[3] Li Hong-ying; Shi Wei-guang;Gan Shu-cai. Electromagnetic properties and microwave absorbing property
of Z type hexaferrite Ba3-xLaxCo2Fe24O41[J]. 吉林大学学报(工学版), 2006, 36(06): 856 -0860 .
[4] Zhang Quan-fa,Li Ming-zhe,Sun Gang,Ge Xin . Comparison between flexible and rigid blank-holding in multi-point forming[J]. 吉林大学学报(工学版), 2007, 37(01): 25 -30 .
[5] Yang Shu-kai, Song Chuan-xue, An Xiao-juan, Cai Zhang-lin . Analyzing effects of suspension bushing elasticity
on vehicle yaw response character with virtual prototype method[J]. 吉林大学学报(工学版), 2007, 37(05): 994 -0999 .
[6] . [J]. 吉林大学学报(工学版), 2007, 37(06): 1284 -1287 .
[7] Che Xiang-jiu,Liu Da-you,Wang Zheng-xuan . Construction of joining surface with G1 continuity for two NURBS surfaces[J]. 吉林大学学报(工学版), 2007, 37(04): 838 -841 .
[8] Liu Han-bing, Jiao Yu-ling, Liang Chun-yu,Qin Wei-jun . Effect of shape function on computing precision in meshless methods[J]. 吉林大学学报(工学版), 2007, 37(03): 715 -0720 .
[9] . [J]. 吉林大学学报(工学版), 2007, 37(04): 0 .
[10] Li Yue-ying,Liu Yong-bing,Chen Hua . Surface hardening and tribological properties of a cam materials[J]. 吉林大学学报(工学版), 2007, 37(05): 1064 -1068 .
Copyright © Journal of Jilin University(Engineering and Technology Edition), All Rights Reserved.
Tel: +86-431-85095297 Fax: +86-431-85094074 E-mail: xbgxb@jlu.edu.cn
Powered by Beijing Magtech Co. Ltd