信息网络安全 ›› 2018, Vol. 18 ›› Issue (4): 15-22.doi: 10.3969/j.issn.1671-1122.2018.04.003

• • 上一篇    下一篇

动态虚拟MSISDN的拟态自动机模型与安全性验证方法

朱维军(), 樊永文, 班绍桓   

  1. 郑州大学信息工程学院,河南郑州 450001
  • 收稿日期:2018-01-30 出版日期:2018-04-15 发布日期:2020-05-11
  • 作者简介:

    作者简介:朱维军(1976—),男,河南,副教授,博士,主要研究方向为信息安全、形式化方法;樊永文(1993—),男,河南,硕士研究生,主要研究方向为形式化方法;班绍桓(1996—),男,河南,硕士研究生,主要研究方向为形式化方法。

  • 基金资助:
    国家自然科学基金联合基金[U1204608];国家重点研发计划[2016YFB0800100]

A Mimic-automaton-based Model for the MSISDN Virtualization and Its Method for Verifying the Security

Weijun ZHU(), Yongwen FAN, Shaohuan BAN   

  1. School of Information Engineering, Zhengzhou University, Zhengzhou Henan 450001, China
  • Received:2018-01-30 Online:2018-04-15 Published:2020-05-11

摘要:

移动通信MSISDN号码对外公开,导致用户数据信息泄露或被恶意窃取。动态虚拟MSISDN号码通过引入拟态防御机制,可实现用户信息防泄露和防窃取。然而,对于该技术在全状态空间的安全性,目前尚缺乏有效的分析方法。文章首先使用有穷状态自动机描述动态虚拟MSISDN的状态迁移;使用细胞自动机描述动态虚拟MSISDN的变化结构;使用层次自动机描述动态虚拟MSISDN的不同计算粒度。其次,将各种自动机按照一定的逻辑关系组织起来,即可获得描述动态虚拟MSISDN内在行为的拟态自动机模型。然后,使用特定的线性时序逻辑公式描述动态虚拟MSISDN安全性。最后,将动态虚拟MSISDN安全性问题按如下方式规约为拟态自动机模型检测问题:若模型检测结果指出拟态自动机满足给定的线性时序逻辑公式,则动态虚拟MSISDN满足安全性;若模型检测结果指出拟态自动机不满足给定的线性时序逻辑公式,则动态虚拟MSISDN不满足安全性。由此便可在全状态空间上自动验证动态虚拟MSISDN的安全性。仿真实验证实了文中方法的高效性。

关键词: 拟态自动机, 模型检测, MSISDN虚拟化, 拟态防御

Abstract:

MSISDN (Mobile Station International ISDN) numbers are used as communication identifiers and they are open to the public, causing users’ information is stolen. MSISDN virtualization can protect user data by introducing the mimic defense mechanism. However, the security of this technique cannot be analysis in the whole state space due to the lack of method. First, one can use a finite state automaton to describe the state transitions of the MSISDN virtualization. A cellular automaton is employed to describe the dynamic structure of the MSISDN virtualization. A hierarchical automaton is employed to express the different granularities of the MSISDN virtualization. Second, a mimic automaton is obtained by combining the various types of automata mentioned above in the certain logical relationship. And this mimic automaton can describe the behaviors of MSISDN virtualization. Third, a given formula in linear temporal logic (LTL) can express the security property of MSISDN virtualization. Final, the security problem of the MSISDN virtualization is reduced to the following LTL model checking problem. The MSISDN virtualization satisfies the security requirement, if the model checking result shows that the mimic automaton satisfies this given LTL formula. The MSISDN virtualization does not satisfy the security requirement, if the model checking result shows that the mimic automaton does not satisfy the given LTL formula. On the basis of it, one can automatically verify the security property of the MSISDN virtualization in the whole state space. And the simulations demonstrate the efficiency of the new method.

Key words: mimic automaton, model checking, MSISDN virtualization, mimic defense

中图分类号: