计算机应用 ›› 2020, Vol. 40 ›› Issue (11): 3229-3235.DOI: 10.11772/j.issn.1001-9081.2020020179

• 网络空间安全 • 上一篇    下一篇

边缘计算中基于深度Q网络的物理层假冒攻击检测方法

杨建喜1, 张媛利2, 蒋华1, 朱晓辰2   

  1. 1. 北京电子科技学院 通信工程系, 北京 100070;
    2. 西安电子科技大学 通信工程学院, 西安 710071
  • 收稿日期:2020-02-24 修回日期:2020-05-25 出版日期:2020-11-10 发布日期:2020-06-05
  • 通讯作者: 张媛利(1995-),女,陕西咸阳人,硕士研究生,主要研究方向:深度学习、物联网安全;13772186903@163.com
  • 作者简介:杨建喜(1973-),男,山西原平人,副教授,博士,主要研究方向:无线网络安全、通信网络信号抗干扰处理;蒋华(1962-),男,山西大同人,教授,硕士,主要研究方向:通信与信息安全;朱晓辰(1996-),女,河南平顶山人,硕士研究生,主要研究方向:物联网安全
  • 基金资助:
    中央高校基本科研业务费资助项目(328201912);中国科学院网络测评技术重点实验室开放课题基金资助项目(KFKT2019-006)。

Detection method of physical-layer impersonation attack based on deep Q-network in edge computing

YANG Jianxi1, ZHANG Yuanli2, JIANG Hua1, ZHU Xiaochen2   

  1. 1. Department of Communication Engineering, Beijing Electronic Science and Technology Institute, Beijing 100070, China;
    2. College of Communication Engineering, Xidian University, Xi'an Shaanxi 710071, China
  • Received:2020-02-24 Revised:2020-05-25 Online:2020-11-10 Published:2020-06-05
  • Supported by:
    This work is partially supported by the Fundamental Research Funds for the Central Universities (328201912), the Open Project Fund of Key Laboratory of Network Assessment Technology of Chinese Academy of Sciences (KFKT2019-006).

摘要: 针对边缘计算中边缘计算节点与终端设备之间的通信容易受到假冒攻击的安全问题,提出了一种基于深度Q网络(DQN)的物理层假冒攻击检测算法。首先,构建边缘计算网络中的假冒攻击模型,接收端基于物理层信道状态信息(CSI)建立假设检验,并将当前测量得到的CSI和上次记录的CSI之间的欧氏距离作为检验统计量;其次,利用DQN算法以接收端回报最大化为目标自适应地为边缘计算动态网络环境筛选出当前最优检测阈值;最后,通过对比检验统计量与检测阈值来判断当前发送端是否为假冒攻击者。仿真结果表明,信干噪比(SINR)和信道增益比对检测算法性能有一定的影响,但在信道增益相对变化不超过0.2时,误报率、漏检率和平均错误率低于5%,因此该检测算法能够自适应边缘计算动态变化的网络环境。

关键词: 边缘计算, 假冒攻击, 物理层安全, 深度Q网络, 假设检验

Abstract: In the edge computing, the communication between edge computing nodes and terminal devices is vulnerable to impersonation attacks, therefore a physical-layer impersonation attack detection algorithm based on Deep Q-Network (DQN) was proposed. Firstly, an impersonation attack model was built in the edge computing network, a hypothesis test based on the physical-layer Channel State Information (CSI) was established by the receiver, and the Euclidean distance between the currently measured CSI and the last recorded CSI was taken as the test statistics. Secondly, for the dynamic environment of edge computing, the DQN algorithm was used to adaptively select the optimal test threshold with the goal of maximizing the gain of the receiver. Finally, whether the current sender was an impersonation attacker was determined by comparing the statistics with the test threshold. The simulation results show that the Signal-to-Interference plus Noise Ratio (SINR) and channel gain ratio have certain effect on the performance of the detection algorithm, but when the relative change of channel gain is lower than 0.2, the false alarm rate, miss rate and average error rate of the algorithm are less than 5%. Therefore, the detection algorithm is adaptive to the dynamical environment of edge computing.

Key words: edge computing, impersonation attack, physical layer security, Deep Q-Network (DQN), hypothesis test

中图分类号: