作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2020, Vol. 46 ›› Issue (8): 139-145,152. doi: 10.19678/j.issn.1000-3428.0055059

• 网络空间安全 • 上一篇    下一篇

基于低复杂度随机分组检测的LTE核心网入侵识别

刘雅丽1, 石瑞峰1, 任晓亮2   

  1. 1. 内蒙古农业大学 计算机与信息工程学院, 呼和浩特 010018;
    2. 天津中医药大学 中药学院, 天津 301617
  • 收稿日期:2019-05-30 修回日期:2019-08-17 发布日期:2019-08-29
  • 作者简介:刘雅丽(1982-),女,讲师、硕士,主研方向为信息安全;石瑞峰,副教授、硕士;任晓亮,副教授、博士。
  • 基金资助:
    国家自然科学基金(81473543)。

Intrusion Recognition for LTE Core Network Based on Low-Complexity Random Packet Detection

LIU Yali1, SHI Ruifeng1, REN Xiaoliang2   

  1. 1. College of Computer and Information Engineering, Inner Mongolia Agricultural University, Hohhot 010018, China;
    2. School of Chinese Materia Medica, Tianjin University of Traditional Chinese Medicine, Tianjin 301617, China
  • Received:2019-05-30 Revised:2019-08-17 Published:2019-08-29

摘要: 在长期演进(LTE)核心网中,使用报文检测功能来检测通过策略和计费控制(PCC)系统分组数据网络网关的分组,可减少恶意用户带来的安全威胁。为此,提出一种基于低复杂度随机分组检测的LTE核心网入侵识别方法。给出第三代合作伙伴计划演进分组核心PCC系统的基本架构,在此基础上,设计一种随机分组检测方案解析模型构建方式,用于从入侵检测率方面评估检测性能。同时设计一种随机分组检测方案来优化执行深度分组检查的成本。实验结果表明,该模型提供了设置检测率的有效手段,能够达到检测率、检测成本和检测延迟之间的平衡。

关键词: 随机分组, 入侵检测, 长期演进, 核心网, 蜂窝数据

Abstract: In Long Term Evolution(LTE) core network,message detection is used in Policy Control and Charging(PCC) system to detect packets passing through the packet data network gateway, which reduces the security threat brought by malicious users.For this reason,this paper proposes an intrusion recognition method for LTE core network based on low-complexity random packet detection.The basic architecture of the PCC system of the 3rd Generation Partnership Project(3GPP) evolved packet core is given.On this basis,the construction method of an analytical model of the random packet detection scheme is proposed.This model is used to evaluate the detection performance from the aspect of intrusion detection rate.At the same time,a random packet detection scheme is designed in order to optimize the cost of Deep Packet Inspection(DPI) implementation.Experimental results show that the model provides an effective means to set the detection rate and achieves a balance among the detection rate,the detection cost and the detection delay.

Key words: random packet, intrusion detection, Long Term Evolution(LTE), core network, cellular data

中图分类号: