Journal of Computer Applications ›› 2016, Vol. 36 ›› Issue (2): 495-498.DOI: 10.11772/j.issn.1001-9081.2016.02.0495

Previous Articles     Next Articles

Optimization design of preventing fault injection attack on distributed embedded systems

WEN Liang, JIANG Wei, PAN Xiong, ZHOU Keran, DONG Qi, WANG Junlong   

  1. School of Information and Software Engineering, University of Electronic Science and Technology of China, Chengdu Sichuan 610054, China
  • Received:2015-07-02 Revised:2015-09-09 Online:2016-02-10 Published:2016-02-03

分布式系统中抵御错误注入攻击的优化设计

文亮, 江维, 潘雄, 周可染, 董琪, 王峻龙   

  1. 电子科技大学 信息与软件工程学院, 成都 610054
  • 通讯作者: 文亮(1990-),男,四川绵阳人,硕士研究生,主要研究方向:分布式系统。
  • 作者简介:江维(1981-),男,四川乐山人,副教授,博士,主要研究方向:可信计算、分布式实时系统、无线网络;潘雄(1990-),男,湖北孝感人,硕士研究生,主要研究方向:可信嵌入式系统能耗优化;周可染(1991-),男,辽宁沈阳人,硕士研究生,主要研究方向:软件工程、信息管理系统、嵌入式系统;董琪(1992-),男,山东临沂人,硕士研究生,主要研究方向:混合关键系统、嵌入式系统;王峻龙(1993-),男,四川乐山人,硕士研究生,主要研究方向:可信计算、分布式计算、嵌入式系统。
  • 基金资助:
    核高基重大专项(2012ZX01033001-001);国家自然科学基金资助项目(61300092,61003032);中央高校基本科研业务费专项资金资助项目(ZYGX2013J068)。

Abstract: Security-critical distributed systems have faced with malicious snooping and fault injection attack challenges. Traditional researches mainly focus on preventing malicious snooping which disregard fault injection attack threat. Concerning the above problem, the fault detection for message' encryption/decryption was considered, to maximize the fault coverage and minimize the heterogeneous degree of the messages' fault coverage. Firstly, Advanced Encryption Standard (AES) was used to protect confidentiality. Secondly, five fault detection schemes were proposed, and their fault coverage rates and time overheads were derived and measured, respectively. Finally, an efficient heuristic algorithm based on Simulated Annealing (SA) under the real-time constraint was proposed, which can maximize the fault coverage and minimize the heterogeneity. The experimental results show that the objective function value achieved by the proposed algorithm is 18% higher than that of the greedy algorithm at least, verifying the efficiency and robustness of the proposed algorithm.

Key words: malicious snooping, fault injection attack, confidentiality service, fault coverage, Simulated Annealing(SA)

摘要: 安全关键分布式系统面临恶意窃听和错误注入攻击的挑战。以往研究主要针对防止恶意窃听,即考虑提供保密性服务,而忽略了错误注入的安全威胁。针对上述问题,考虑为消息的加解密过程进行错误检测,并最大化系统的错误覆盖率,最小化系统的异构度。首先选取AES对消息进行加解密;然后基于错误检测码确定了五种不同的错误检测方案,并求出了对应的错误覆盖率及时间开销;最后在保证实时性的约束下,提出了一种基于模拟退火(SA)的启发式算法,该算法能最大化系统的错误覆盖率和最小化系统的异构度。实验结果表明,所提算法与贪心算法相比,目标函数值提高了18%以上,该算法具有一定有效性和健壮性。

关键词: 恶意窃听, 错误注入攻击, 保密性服务, 错误覆盖率, 模拟退火

CLC Number: