当前位置:
X-MOL 学术
›
Secur. Commun. Netw.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Mimic Encryption Box for Network Multimedia Data Security
Security and Communication Networks Pub Date : 2020-10-29 , DOI: 10.1155/2020/8868672 Xiabing Zhou 1 , Bin Li 2 , Yanrong Qi 2 , Wanying Dong 2
Security and Communication Networks Pub Date : 2020-10-29 , DOI: 10.1155/2020/8868672 Xiabing Zhou 1 , Bin Li 2 , Yanrong Qi 2 , Wanying Dong 2
Affiliation
With the rapid development of the Internet, the security of network multimedia data has attracted increasingly more attention. The moving target defense (MTD) and cyber mimic defense (CMD) approaches provide a new way to solve this problem. To enhance the security of network multimedia data, this paper proposes a mimic encryption box for network multimedia data security. The mimic encryption box can directly access the network where the multimedia device is located, automatically complete the negotiation, provide safe and convenient encryption services, and effectively prevent network attacks. According to the principles of dynamization, diversification, and randomization, the mimic encryption box uses a reconfigurable encryption algorithm to encrypt network data and uses IP address hopping, port number hopping, protocol camouflage, and network channel change to increase the attack threshold. Second, the mimic encryption box has a built-in pseudorandom number generator and key management system, which can generate an initial random key and update the key with the hash value of the data packet to achieve “one packet, one key.” Finally, through the cooperation of the ARM and the FPGA, an access control list can be used to filter illegal data and monitor the working status of the system in real time. If an abnormality is found, the feedback reconstruction mechanism is used to “clean” the FPGA to make it work normally again. The experimental results and analysis show that the mimic encryption box designed in this paper has high network encryption performance and can effectively prevent data leakage. At the same time, it provides a mimic security defense mechanism at multiple levels, which can effectively resist a variety of network attacks and has high security.
中文翻译:
用于网络多媒体数据安全的模拟加密盒
随着Internet的快速发展,网络多媒体数据的安全性越来越引起人们的关注。移动目标防御(MTD)和网络模拟防御(CMD)方法提供了解决此问题的新方法。为了提高网络多媒体数据的安全性,本文提出了一种用于网络多媒体数据安全的模拟加密盒。模拟加密盒可以直接访问多媒体设备所在的网络,自动完成协商,提供安全便捷的加密服务,有效防止网络攻击。根据动态化,多样化和随机化的原理,模拟加密盒使用可重新配置的加密算法对网络数据进行加密,并使用IP地址跳变,端口号跳变,协议伪装,和网络通道更改以增加攻击阈值。其次,模拟加密盒具有内置的伪随机数生成器和密钥管理系统,可以生成初始随机密钥,并使用数据包的哈希值更新密钥,以实现“一个数据包,一个密钥”。最后,通过ARM和FPGA的合作,可以使用访问控制列表来过滤非法数据并实时监视系统的工作状态。如果发现异常,则使用反馈重建机制来“清理” FPGA以使其再次正常工作。实验结果与分析表明,本文设计的模拟加密盒具有较高的网络加密性能,可以有效防止数据泄露。同时,
更新日期:2020-10-30
中文翻译:
用于网络多媒体数据安全的模拟加密盒
随着Internet的快速发展,网络多媒体数据的安全性越来越引起人们的关注。移动目标防御(MTD)和网络模拟防御(CMD)方法提供了解决此问题的新方法。为了提高网络多媒体数据的安全性,本文提出了一种用于网络多媒体数据安全的模拟加密盒。模拟加密盒可以直接访问多媒体设备所在的网络,自动完成协商,提供安全便捷的加密服务,有效防止网络攻击。根据动态化,多样化和随机化的原理,模拟加密盒使用可重新配置的加密算法对网络数据进行加密,并使用IP地址跳变,端口号跳变,协议伪装,和网络通道更改以增加攻击阈值。其次,模拟加密盒具有内置的伪随机数生成器和密钥管理系统,可以生成初始随机密钥,并使用数据包的哈希值更新密钥,以实现“一个数据包,一个密钥”。最后,通过ARM和FPGA的合作,可以使用访问控制列表来过滤非法数据并实时监视系统的工作状态。如果发现异常,则使用反馈重建机制来“清理” FPGA以使其再次正常工作。实验结果与分析表明,本文设计的模拟加密盒具有较高的网络加密性能,可以有效防止数据泄露。同时,
京公网安备 11010802027423号