本文選題：身份認(rèn)證 + 內(nèi)部威脅�。� 參考：《華中科技大學(xué)》2016年碩士論文

【摘要】：近年來(lái),來(lái)自內(nèi)部人員的攻擊給企業(yè)和政府機(jī)構(gòu)帶來(lái)了極大的危害。身份偽冒攻擊是內(nèi)部人員最常用的攻擊手段之一,往往令人防不勝防。因此,對(duì)身份偽冒檢測(cè)技術(shù)的研究具有十分重要的現(xiàn)實(shí)意義。安全即時(shí)通信系統(tǒng)是本課題組承擔(dān)的重點(diǎn)項(xiàng)目之一,它是湖北省政府電子政務(wù)系統(tǒng)的一個(gè)子系統(tǒng),承擔(dān)著政府部門內(nèi)部員工接受、發(fā)送、審批重要文件等功能。信息安全問(wèn)題是安全即時(shí)通信系統(tǒng)的核心問(wèn)題之一。該系統(tǒng)現(xiàn)有的身份認(rèn)證技術(shù)主要是系統(tǒng)登錄時(shí)的USB Key以及靜態(tài)密碼的雙因子認(rèn)證,這種方式無(wú)法在系統(tǒng)登錄成功后進(jìn)行持續(xù)的身份認(rèn)證。而現(xiàn)有的持續(xù)身份認(rèn)證技術(shù)普遍存在認(rèn)證周期長(zhǎng)、數(shù)據(jù)量大、應(yīng)用程序受限等問(wèn)題,無(wú)法對(duì)安全即時(shí)通信系統(tǒng)進(jìn)行實(shí)時(shí)的身份認(rèn)證。為了提高安全即時(shí)通信系統(tǒng)的身份檢測(cè)技術(shù),針對(duì)現(xiàn)有的持續(xù)身份認(rèn)證技術(shù)難以進(jìn)行實(shí)時(shí)身份認(rèn)證的問(wèn)題,論文提出了使用介入式動(dòng)態(tài)場(chǎng)景身份認(rèn)證方法。在適當(dāng)?shù)臅r(shí)機(jī)(如用戶進(jìn)入關(guān)鍵位置,安全軟件檢測(cè)到異常等),主動(dòng)注入鼠標(biāo)光標(biāo)異常事件來(lái)進(jìn)行動(dòng)態(tài)場(chǎng)景身份認(rèn)證。結(jié)果表明,介入式動(dòng)態(tài)場(chǎng)景身份認(rèn)證方法大大的縮短了身份認(rèn)證的時(shí)間。針對(duì)動(dòng)態(tài)場(chǎng)景身份認(rèn)證在短時(shí)內(nèi)采集到的少量數(shù)據(jù)容易受到情緒、疲勞程度等因素影響的問(wèn)題,論文提出了基于記憶游戲的固定場(chǎng)景身份認(rèn)證方法,并與動(dòng)態(tài)場(chǎng)景身份認(rèn)證相結(jié)合,對(duì)用戶的身份進(jìn)行認(rèn)證。當(dāng)連續(xù)動(dòng)態(tài)場(chǎng)景身份認(rèn)證均出現(xiàn)異常時(shí),系統(tǒng)將引導(dǎo)用戶進(jìn)行由記憶游戲構(gòu)建的固定場(chǎng)景身份認(rèn)證,以提高認(rèn)證準(zhǔn)確率。對(duì)10位用戶進(jìn)行身份認(rèn)證實(shí)驗(yàn),結(jié)果顯示,動(dòng)態(tài)場(chǎng)景認(rèn)證得到了3.35%的FAR(拒真率)和2.87%的FRR(容假率),認(rèn)證時(shí)間是5.6s;固定場(chǎng)景認(rèn)證得到了3.0%的FAR和0.97%的FRR,認(rèn)證時(shí)間是13.8s。相比現(xiàn)有的持續(xù)身份認(rèn)證技術(shù),該方法不僅不會(huì)受到應(yīng)用程序的限制,而且大大的縮短了身份認(rèn)證的時(shí)間,同時(shí)保證了身份認(rèn)證的準(zhǔn)確率。
[Abstract]:In recent years, attacks from insiders have brought great harm to enterprises and government agencies. Identity counterfeiting attacks are one of the most commonly used methods of attack by insiders. Therefore, the study of identity counterfeiting detection technology has a very important practical significance. The secure instant messaging system is one of the key projects undertaken by the research group. It is a subsystem of the Hubei Provincial Government E-government system, which is responsible for the functions of receiving, sending and approving important documents within the government departments. Information security is one of the core problems of secure instant communication system. The existing authentication technology of the system is mainly the USB Key when the system logs on and the double-factor authentication of the static password, which can not be continuously authenticated after the successful login of the system. However, the existing continuous identity authentication technology has many problems, such as long authentication period, large amount of data, limited application program, and so on, which makes it impossible to authenticate the secure instant communication system in real time. In order to improve the identity detection technology of secure instant communication system, aiming at the problem that the existing continuous identity authentication technology is difficult to carry out real-time identity authentication, this paper proposes a method of identity authentication based on interventional dynamic scene. At the right time (such as the user enters the key position, the security software detects the anomaly and so on, the mouse cursor anomaly event is injected actively to authenticate the identity of the dynamic scene. The results show that the interventional dynamic scene identity authentication method greatly shortens the time of identity authentication. Aiming at the problem that a small amount of data collected by dynamic scene identity authentication in a short period of time is easily affected by emotion, fatigue and other factors, a fixed scene identity authentication method based on memory game is proposed in this paper. And combined with dynamic scene identity authentication, the identity of the user is authenticated. When the identity authentication of continuous dynamic scene is abnormal, the system will guide the user to authenticate the identity of the fixed scene constructed by the memory game, so as to improve the accuracy of authentication. The results show that 3.35% Farr and 2.87% FRR (false tolerance rate is 5.6s) and 3.0% FAR and 0.97% FAR are obtained by dynamic scene authentication, and the authentication time is 13.8s. Compared with the existing continuous identity authentication technology, this method is not only not limited by the application program, but also greatly reduces the time of identity authentication, while ensuring the accuracy of identity authentication.
【學(xué)位授予單位】：華中科技大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2016
【分類號(hào)】：TP309

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 孫憲波;;企業(yè)內(nèi)部網(wǎng)絡(luò)安全威脅與防范措施[J];電子技術(shù)與軟件工程;2015年24期

2 ;企業(yè)內(nèi)鬼:網(wǎng)絡(luò)安全的最大威脅[J];首席財(cái)務(wù)官;2016年01期

3 易彬;胡曉勤;;基于加權(quán)貝葉斯的擊鍵特征身份識(shí)別[J];現(xiàn)代計(jì)算機(jī)(專業(yè)版);2015年05期

4 王鑫;王夢(mèng)瑩;梁金;;基于鼠標(biāo)鍵盤行為的身份認(rèn)證[J];中國(guó)教育技術(shù)裝備;2014年22期

5 陳小軍;時(shí)金橋;徐菲;蒲以國(guó);郭莉;;面向內(nèi)部威脅的最優(yōu)安全策略算法研究[J];計(jì)算機(jī)研究與發(fā)展;2014年07期

6 李福祥;霍建秋;林慕清;唐晶;周福才;;一種面向擊鍵動(dòng)態(tài)身份認(rèn)證的多模板選擇算法[J];計(jì)算機(jī)工程與科學(xué);2014年01期

7 陳小軍;方濱興;譚慶豐;張浩亮;;基于概率攻擊圖的內(nèi)部攻擊意圖推斷算法研究[J];計(jì)算機(jī)學(xué)報(bào);2014年01期

8 王淼;蔡忠閩;沈超;華濤;;行為截獲技術(shù)對(duì)鼠標(biāo)動(dòng)力學(xué)身份認(rèn)證的影響[J];微電子學(xué)與計(jì)算機(jī);2013年04期

9 沈超;蔡忠閩;管曉宏;房超;杜友田;;基于鼠標(biāo)行為特征的用戶身份認(rèn)證與監(jiān)控[J];通信學(xué)報(bào);2010年07期

10 房超;蔡忠閩;沈超;牛非;管曉宏;;基于鼠標(biāo)動(dòng)力學(xué)模型的用戶身份認(rèn)證與監(jiān)控[J];西安交通大學(xué)學(xué)報(bào);2008年10期

相關(guān)碩士學(xué)位論文 前4條

1 龍永明;基于用戶擊鍵行為的身份識(shí)別技術(shù)研究[D];中南大學(xué);2014年

2 魏梓丞;面向身份偽冒的主機(jī)異常行為檢測(cè)[D];北京郵電大學(xué);2014年

3 李勉;基于手機(jī)的動(dòng)態(tài)口令認(rèn)證在電子政務(wù)網(wǎng)中的應(yīng)用研究[D];華中科技大學(xué);2013年

4 崔鵬;基于操作網(wǎng)的內(nèi)部威脅檢測(cè)模型研究[D];國(guó)防科學(xué)技術(shù)大學(xué);2009年

，

本文編號(hào)：1813375