CN105827521A - SDN based e-mail denial source suppression system and suppression method thereof - Google Patents

SDN based e-mail denial source suppression system and suppression method thereof Download PDF

Info

Publication number
CN105827521A
CN105827521A CN201610392300.8A CN201610392300A CN105827521A CN 105827521 A CN105827521 A CN 105827521A CN 201610392300 A CN201610392300 A CN 201610392300A CN 105827521 A CN105827521 A CN 105827521A
Authority
CN
China
Prior art keywords
mail
module
denial
behavior
suppression
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610392300.8A
Other languages
Chinese (zh)
Other versions
CN105827521B (en
Inventor
韩志耕
冯霞
陈耿
王良民
熊琴琴
孙玉星
景波
刘林源
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NANJING AUDIT UNIVERSITY
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201610392300.8A priority Critical patent/CN105827521B/en
Publication of CN105827521A publication Critical patent/CN105827521A/en
Application granted granted Critical
Publication of CN105827521B publication Critical patent/CN105827521B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/42Mailbox-related aspects, e.g. synchronisation of mailboxes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Information Transfer Between Computers (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses an SDN based e-mail denial source suppression system and a suppression method thereof. The SDN based e-mail denial source suppression system includes a data plane, a forwarding plane and a control plane, wherein the data plane follows the traditional e-mail interactions of SMTP and POP3 in implementation and includes an SMTP client-side, an SMTP server-side, a POP3 client-side and a POP3 server-side; the control plane forms an e-mail denial control strategy based on previous e-mail interaction behaviors from the data plane and includes a behavior evidence obtaining module, a denial detection module, a denial evaluation module, a denial prediction module and a suppression strategy forming module; the forwarding plane forms a flow table according to a denial suppression strategy from the control plane, conducts forwarding control on the current e-mail interactions occurred on the data plane based on the flow table and includes a flow table calculation module and a forwarding processing module. The SDN based e-mail denial source suppression system achieves e-mail denial behavior source suppression in a closed-loop online control by decoupling an e-mail denial suppression logic and an e-mail interaction data logic and can improve the integrity and security of e-mail interactions.

Description

Source suppression system and suppressing method thereof are denied in e-mail based on SDN
Technical field
The present invention relates to network safety filed, be specifically related to a kind of e-mail based on SDN and deny source suppression system and suppressing method thereof.
Background technology
Email is one of network service that on the Internet, application surface is the widest.Although in past ten years, it is the most weakened as the base attribute of interpersonal intercourse platform, but the advantages such as the legal effect of the seriousness discussed of Email problem and log so that it is still remain bigger application surface.Showing according to Gartner magic power quadrant 2014 annual report, the seriousness of Email topic makes the work of current 80% mainly carry out by Email alternately.The legal effect of E-mail communication makes it have, in fields such as E-Government and the electronics administration of justice, the critical role that the instrument such as instant messaging and social networks cannot be reached.Even if in the mobile Internet epoch now, the Ping application that to the greatest extent, will i.e. obtain favorable comment after reaching the standard grade for 2013 of Email the most not row is exactly fabulous illustration.While it is true, the development of Email still to face many safety problems urgently to be resolved hurrily, e-mail denial is exactly one of them.
E-mail is denied and is referred to the previous mail fact alternately is disallowed or approved, sends including mail to deny and denies with mail reception.In con-ventional post system, the conventional means that suppression mail is denied is to provide vouchered postal material value-added service for vital document, and postal operator is by providing mail to according to proving that mailer was sending this mail sometime, proving that this mail is the most successfully submitted by recipient's signing by hand receipt.In CYBERSPACE, the major technique of suppression e-mail denial is to sign for e-mail, and this technology is by exchanging e-mail information and resisting denying evidence liberally to ensure reviewing of e-mail denial between mistrustful receiving-transmitting sides.But, it being limited by current Generation Internet, existing e-mail technology of signing for is only capable of denying e-mail implementing to find afterwards, it is impossible to give source suppression.Generally, the denial behavior afterwards found may prove effective, and honest user has been formed harm;For the interests of protection honesty e-mail user, deny source suppression technology source to be implemented in the denial behavior not yet proved effective and preventing in the urgent need to developing e-mail.But this cannot achieve a solution in current internet architectural framework, trace it to its cause and be, find need not e-mail be intervened the most online afterwards, but source suppression must be applied to line traffic control alternately to e-mail, but the forfeiture of current internet system manageability but cannot provide safeguard for this.
E-mail is denied source suppression and is that source suppression need to be implemented in line traffic control to e-mail interbehavior with the essential difference found afterwards, i.e. by the suppression strategy preact for this denial behavior in e-mail alternately, thus can need to avoid the generation of this denial behavior in time before e-mail denial behavior is not yet had an effect.Can this process effectively realize depending on whether network system possesses manageability, i.e. whether network system possesses the ability making denial suppression strategy (control strategy) change e-mail mutual.Network control logic and mathematical logic are carried out binding design by conventional internet system, and various decision logics intertexture produced nonlinear interaction mixed in together causes network uncontrollable.New technique as innovation the Internet, software defined network SDN is by peeling off with mathematical logic network control logic, achieving the management and control of network system, and derive a lot of successfully application, this is that the realization transferred by telegram and deny source suppression provides technical support.
Summary of the invention
Goal of the invention: it is an object of the invention to solve the deficiencies in the prior art, there is provided a kind of e-mail based on SDN to deny source suppression system and suppressing method thereof, realize the source suppression of e-mail denial behavior by e-mail interaction data logical AND e-mail denial suppression logic is carried out decoupling.
Technical scheme: source suppression system is denied in a kind of based on SDN e-mail of the present invention, including datum plane, Forwarding plane and control plane;The tradition e-mail that described datum plane implements to follow SMTP and POP3 agreement is mutual, including SMTP client, SMTP service end, POP3 client and POP3 service end;Control plane is formed according to the previous e-mail interbehavior from datum plane and transfers denial suppression strategy by telegram, including behavior evidence obtaining module, denial detection module, denies evaluation module, denial prediction module and suppression strategy formation module;Forwarding plane forms stream table according to from the denial suppression strategy controlling plane, and based on this stream table to occurring to carry out alternately forwarding control, including stream table computing module and forward process module in the current e-mail of datum plane;nullAlternately and POP3 client initiates e-mail alternately to POP3 service end in the e-mail that described SMTP client is initiated to SMTP service end,Forward process module interacts data delivery control according to current stream table alternately to both the above e-mail,And event of being submitted by related data is committed to behavior evidence obtaining module,Behavior evidence obtaining module carries out resisting denying binding to data delivery event,And by result with e-mail evidence form submit to deny detection module carry out deny detection,Deny evaluation module assessment deny the testing result of detection module and submit to deny prediction module with the form that malice is denied by assessment result,Suppression strategy formed module receive deny the predicting the outcome of prediction module after formed and deny suppression strategy and be committed to stream table computing module,E-mail data delivery stream table is adjusted by stream table computing module according to denying suppression strategy,And the new stream table after regulation is supplied to forward process module, and to be used for controlling the e-mail of next round mutual.
Further, described SMTP client and POP3 client are that the e-mail following smtp protocol under TCP/IP Generation Internet sends agency and follows the e-mail Receiving Agent (such as Foxmail and OutlookExpress etc.) of POP3 agreement respectively, and SMTP client and the user interface that POP3 client is e-mail system realize the e-mail of user side and edit, send, receive and the function such as content-browsing;Described SMTP service end and POP3 service end are to provide SMTP service and the software and hardware facilities general name of POP3 service under TCP/IP Generation Internet respectively, respectively to from the e-mail of SMTP client with go to the e-mail of POP3 client and carry out transfer.
Further, described stream table computing module calculates e-mail data delivery stream table according to from the denial suppression strategy controlling plane, and is submitted to forward process module;E-mail data from datum plane are submitted control according to stream table by described forward process module, thus reach e-mail is denied the purpose of source suppression, such as forbid coming that source suppression e-mail sends and deny or forbid coming that source suppression e-mail receives denial etc. by POP3 client and POP3 service end e-mail data are submitted by SMTP client and SMTP service end e-mail data are submitted.
Further, described behavior evidence obtaining module utilizes undeniable technology that the e-mail interbehavior perceived at forward process module carries out resisting denying binding, and submits to deny detection module with the form of e-mail evidence by binding result;Described denial detection module carries out denial according to the e-mail evidence from behavior evidence obtaining module to the e-mail entity behavior of signing for and detects, and submits to deny evaluation module with the form that e-mail is denied by testing result;Described denial evaluation module carries out risk assessment to denying from the e-mail denying detection module, and the denial behavior that will be provided with hazardness is submitted to deny prediction module with the form that malice is denied;Diffusion situation and evolution trend that malice is denied by described denial prediction module are predicted, and the form predicting the outcome to deny situation is submitted to suppression strategy formation module;Described suppression strategy forms module and makes denial Restrain measurement from e-mail system overall situation sincerity stabilisation angle, and with the form denying suppression strategy, its result is submitted to stream table computing module.
The invention also discloses above-mentioned e-mail based on SDN and deny the suppressing method of source suppression system, comprise the following steps successively:
(1) SMTP client is transferred by telegram mutual and POP3 client to SMTP service end initiation according to current stream table and is carried out data delivery alternately to the e-mail that POP3 service end is initiated and control to realize the suppression of the source to potential e-mail denial behavior by forward process module, if there is potential e-mail denial behavior, then submit failure, go to step (1);If there is not potential e-mail denial behavior, then submitting successfully, performing step (2);
(2) forward process module will occur in data delivery event thereon and submits to control the behavior evidence obtaining module of plane with the form of e-mail behavior;
(3), after behavior evidence obtaining module receives the data of forward process module, use undeniable technology that the e-mail behavior from Forwarding plane is implemented resisting denying binding, and submit to deny detection module with the form of e-mail evidence by binding result;
(4) deny detection module and carry out denying detection according to the e-mail evidence from behavior evidence obtaining module, and submit to deny evaluation module with the form that e-mail is denied by testing result;The method denying detection is that the behavior of signing for that the anti-true e-mail behavior derived from e-mail evidence and e-mail entity are declared is carried out comparison of coherence, if inconsistent, then there occurs that e-mail is denied;
(5) deny evaluation module and e-mail denial is carried out risk assessment, and submit to deny prediction module with the form that malice is denied by assessment result;Risk assessment is e-mail denial to be signed for reliability calculate, and weighs e-mail denial density of infection based on signing for reliability;E-mail big for hazardness is denied and is defined as maliciously denying;
(6) deny prediction module use link Predicting Technique the diffusion situation maliciously denied in e-mail connected space is predicted with evolution trend, and the form predicting the outcome to deny situation is submitted to suppression strategy formation module;Denial situation herein is by e-mail entity and to sign for the two-dimensional vector matrix that reliability is constituted;
(7) suppression strategy forms module and formulates denial Restrain measurement according to denying situation from e-mail system overall situation sincerity stabilisation angle, and with the form denying suppression strategy, scenario outcomes is submitted to stream table computing module;
(8) existing e-mail data delivery stream table is adjusted by stream table computing module according to denying suppression strategy, and new stream table is supplied to forward process module is used for controlling the e-mail data interaction of next round.When next round e-mail occurs alternately, go to step (1).
Further, the e-mail evidence in described step (3) is association e-mail behavior participant, interaction content and the anti-tamper cryptography evidence of interaction time.
Further, the behavior of signing in described (4) is e-mail entity externally declaring implemented e-mail behavior;Declare including honesty or disallow;Described e-mail is denied and is referred to that transferring entity by telegram is denied the e-mail behavior already implemented for private interests, generally include e-mail and send denial (as sender have sent e-mail to receiver, but sender denies once being transmitted across e-mail to recipient afterwards) and e-mail reception denial (as recipient receives the e-mail that sender sends, but recipient denies once receiving the e-mail from sender afterwards).
Further, the reliability of signing in described step (5) is the sincere degree of recognition that in e-mail system, e-mail entity is signed for behavior by the public;This is signed for reliability appraisal procedure and includes signing for estimating and sign for reliability revaluation at the beginning of reliability;Wherein, sign at the beginning of reliability, estimating the denial testing result only in accordance with current and carry out preliminary iotave evaluation;Signing for reliability revaluation is that current iotave evaluation is recalculated by comprehensive history evaluation.
Beneficial effect: compared with prior art, the invention have the advantages that
(1) present invention follows the SDN theory controlling to be separated with data, it is embedded into software definition e-mail control logic by e-mail being denied suppression logic, achieve the On-line Control to potential e-mail denial behavior, breach existing oriented Internet Architecture because of controllability disappearance caused e-mail deny be only capable of detecting afterwards and cannot source suppression technical bottleneck.
(2) present invention does not destroy traditional Email interaction models, this make the e-mail realized based on the present invention deny source suppression system can with the e-mail network infrastructure of current widespread deployment compatible with, enormously simplify cost and complexity that present system is disposed.
In sum, the present invention carries out decoupling by e-mail is denied suppression logical AND e-mail interaction data logic, realizes the source suppression to e-mail denial behavior, improve and transfer mutual sincerity and safety by telegram in the way of closed loop On-line Control.
Accompanying drawing explanation
Fig. 1 is the inventive method structure and process chart;
Fig. 2 is the network design figure of the embodiment of the present invention;
Fig. 3 is behavior of the signing for injection model schematic diagram of the embodiment of the present invention;
Fig. 4 is the 12 kinds of comparative result schematic diagrams signing for reliability assessment of the embodiment of the present invention;
Fig. 5 is that the collusion of the embodiment of the present invention affects height analysis to Approximation and compares schematic diagram;
Fig. 6 (a) is that the nothing collusion of the embodiment of the present invention is without e-mail denial source Inhibition test result schematic diagram under calumny scene;
Fig. 6 (b) is that having under calumny scene without collusion of the embodiment of the present invention transfers denial source Inhibition test result schematic diagram by telegram;
Fig. 6 (c) is that the collusion that has of the embodiment of the present invention denies source Inhibition test result schematic diagram without e-mail under calumny scene;
Fig. 6 (d) is that the collusion that has of the embodiment of the present invention has e-mail under calumny scene to deny source Inhibition test result schematic diagram;
Fig. 7 is that recall ratio, precision ratio and harmonic-mean schematic diagram are denied in the e-mail of the embodiment of the present invention;
Fig. 8 (a) is the source suppression denied e-mail without present system under collusion nothing calumny scene of the embodiment of the present invention and signs for transferring the Comparative result schematic diagram of Inhibition test afterwards denying e-mail by telegram;
Fig. 8 (b) is that the nothing collusion of the embodiment of the present invention has the source that under calumny scene, e-mail is denied by present system to suppress and signs for transferring the Comparative result schematic diagram of Inhibition test afterwards denying e-mail by telegram;
Fig. 8 (c) be the embodiment of the present invention have collusion without calumny scene under present system to e-mail deny source suppression with sign for transfer by telegram to e-mail deny the Comparative result schematic diagram of Inhibition test afterwards;
Fig. 8 (d) is that the collusion that has of the embodiment of the present invention has the source that under calumny scene, e-mail is denied by present system to suppress and signs for transferring the Comparative result schematic diagram of Inhibition test afterwards denying e-mail by telegram.
Detailed description of the invention
Below technical solution of the present invention is described in detail in conjunction with the accompanying drawings and embodiments.
As it is shown in figure 1, source suppression system is denied in a kind of based on SDN e-mail of the present invention, including datum plane, Forwarding plane and control plane;It is mutual, including SMTP client, SMTP service end, POP3 client and POP3 service end that described datum plane implements to follow the e-mail of SMTP and POP3 agreement tradition;Control plane is formed according to the previous e-mail interbehavior from datum plane and transfers denial suppression strategy by telegram, including behavior evidence obtaining module, denial detection module, denies evaluation module, denial prediction module and suppression strategy formation module;Forwarding plane forms stream table according to from the denial suppression strategy controlling plane, and based on this stream table to occurring to carry out alternately forwarding control, including stream table computing module and forward process module in the current e-mail of datum plane;nullAlternately and POP3 client initiates e-mail alternately to POP3 service end in the e-mail that described SMTP client is initiated to SMTP service end,Forward process module controls both the above e-mail is interacted data delivery control alternately,And event of being submitted by related data is committed to behavior evidence obtaining module,Deny the e-mail evidence that detection module carries out denying detection through behavior evidence obtaining module denial binding,Deny evaluation module assessment deny the testing result of detection module and submit to deny prediction module with the form that malice is denied by assessment result,Suppression strategy formed module receive deny the predicting the outcome of prediction module after formed and deny suppression strategy and be committed to stream table computing module,Existing e-mail data delivery stream table is adjusted by stream table computing module according to denying suppression strategy,And new stream table is supplied to forward process module, and to be used for controlling the e-mail of next round mutual.
The suppressing method of source suppression system is denied in above-mentioned e-mail based on SDN, comprises the following steps successively:
(1) SMTP client is transferred by telegram mutual and POP3 client to SMTP service end initiation according to current stream table and is carried out data delivery alternately to the e-mail that POP3 service end is initiated and control to realize the suppression of the source to potential e-mail denial behavior by forward process module, if there is potential e-mail denial behavior, then submit failure, go to step (1);If there is not potential e-mail denial behavior, then submitting successfully, performing step (2);
(2) forward process module will occur in data delivery event thereon and submits to control the behavior evidence obtaining module of plane with the form of e-mail behavior;
(3), after behavior evidence obtaining module receives the data of forward process module, use undeniable technology that the e-mail behavior from Forwarding plane is implemented resisting denying binding, and submit to deny detection module with the form of e-mail evidence by binding result;
(4) deny detection module and carry out denying detection according to the e-mail evidence from behavior evidence obtaining module, and submit to deny evaluation module with the form that e-mail is denied by testing result;The method denying detection is that with the behavior of signing for of e-mail entity, the true e-mail behavior of binding associated by e-mail evidence is carried out comparison of coherence, if inconsistent, then there occurs denial;
(5) deny evaluation module and e-mail denial is carried out risk assessment, and submit to deny prediction module with the form that malice is denied by assessment result;Risk assessment is e-mail denial to be signed for reliability calculate, and weighs e-mail denial density of infection based on signing for reliability;E-mail big for hazardness is denied and is defined as maliciously denying;
(6) deny prediction module use link Predicting Technique the diffusion situation maliciously denied in e-mail connected space is predicted with evolution trend, and the form predicting the outcome to deny situation is submitted to suppression strategy formation module;Denial situation herein is by e-mail entity and to sign for the two-dimensional vector matrix that reliability is constituted;
(7) suppression strategy forms module and formulates denial Restrain measurement according to denying situation from the e-mail system the most stable angle of overall situation sincerity, and with the form denying suppression strategy, scenario outcomes is submitted to stream table computing module;
(8) current e-mail data delivery stream table is adjusted by stream table computing module according to denying suppression strategy, is supplied to forward process module for controlling the e-mail data interaction of next round with the form of new stream table.When next round e-mail occurs alternately, go to step (1).
Core link in said process is that behavior is collected evidence, denial detects, denial is assessed, denial is predicted and suppression strategy formation, and specific works principle is as follows:
(1) behavior evidence obtaining, i.e. carries out two-way feature exchange of secret end to end while unidirectional end-to-end e-mail content is transmitted, and the behavior evidence binding mechanism used includes 3 agreements, is main agreement and two aided protocol of abort Yu resolve respectively.Related symbol is described as follows:
A, B, TTP, M: e-mail sender, intended recipient Bi set, trusted third party, e-mail content;
The Bi set of B ': successful execution main agreement step 2, for B subset;
B "=B-B ': the Bi being cancelled the power of reception by A gathers, for B subset;
B " _ cancelled: the Bi being cancelled the power of reception by TTP gathers, for B " subset;
" _ finished: resolve agreement of seeking help recovers the Bi set of the power that receives to B, for B subset;
SX(M): the entity X digital signature to M;
PX(M),EK(M): M carried out asymmetric encryption with entity X PKI, with key K, M is carried out symmetric cryptography;
PB(M)=PB1(M),PB2(M) ...=EK(M),PB1(K),PB2(K) ...: set B carries out group's encryption to M;
Z=PTTP(A,B,PB(M)): feature secret Z;
L=h (M): agreement wheel fresh tag, h is one-way Hash function.
In normal conditions: e-mail evidence binding only uses main agreement to complete, it is not necessary to TTP participates in.
Main agreement:
1.Z,L,SA(Z,L);
2.Bi→A:L,SBi(Z,L);
3.PB′(M),L.
Z exchanges abnormal: if A has performed not receive after main agreement walks 1 the feedback signature S of some set Bi ∈ (B "=B-B ')Bi(Z, L), it is mutual with abandon with these Bi that A performs abort agreement.
Abort agreement:
1′.A→TTP:PTTP(B″),Z,L,SA(cancel,B″,Z,L);
2′.TTP:for(allBi∈B″){
if(Bi∈B″_finished)thenretrievesSBi(Z,L);
elseappendsBiintoB″_cancelled.}
3′.TTP→A:allretrievedSBi(Z,L),B″_cancelled,STTP(B″_cancelled,Z,L),L.
M transmits abnormal: if Bi does not receives P after having performed main agreement step 2Bi(M) or M is tampered, Bi can perform resolve agreement to recover mutual.
Resolve agreement:
1″.Bi→TTP:Z,L,SBi(Z,L);
if(Bi∈B″_cancelled)then
2′.TTP→Bi:B″_cancelled,STTP(B″_cancelled,Z,L),L;
else{2′.TTP→Bi:PBi(M),L;
3′.TTP:appendsBiintoB″_finished,andstoresSBi(Z,L);}
After behavior has been collected evidence, A holds e-mail and receives evidence { SBi(Z,L),STTP(B " _ cancelled, Z, L) }, Bi holds e-mail and sends evidence { SA(Z,L),STTP(B″_cancelled,Z,L)}.
(2) detection is denied
By e-mail entity A as a example by colony B sends e-mail M, provide the embedded e-mail of " binding of behavior evidence " assembly and deny detection algorithm, be described as follows:
Sender denies and includes that two kinds of situation: A are not transmitted across M to Bi but declare to be transmitted across, and is transmitted across but declares not to be transmitted across.Owing to the former cannot provide binding evidence, the most only the latter is launched detection, refers to algorithm 1.
Algorithm 1.DER_sender//sender denies detection
Input: CESBA// sender declares that behavior, 0=do not send M, 1=and have sent M
SA(Z,L),STTP(B " _ cancelled, Z, L) // e-mail transmission evidence
Z,L,B,B″_cancelled,M,PBi(M),PB(M) // additional information
Output: SR//sender denies testing result, 0=denies, and 1=is honest
In like manner, the most only carry out denying detection to " Bi receives and declares not receive from crossing M ", refer to algorithm 2.
Algorithm 2.DER_receiver//recipient Bi denies detection
Input: CERBBi// recipient declares that behavior, 0=do not receive M, 1=and have received M
SBi(Z,L),STTP(B " _ cancelled, Z, L) // e-mail reception evidence
Z,L,B,B″_cancelled,M,PBi(M),PB(M) // additional information
Output: RR//recipient denies testing result, 0=denies, and 1=is honest
(3) assessment is denied
Present invention use is signed for reliability and is measured the hazardness that e-mail is denied.E-mail entity is signed for the assessment of reliability and is divided into two steps to complete, and is described below:
Sign for estimating at the beginning of reliability: be given based on e-mail denial testing result and initially sign for reliability (rawvalue), i.e. RCRt=f (SRt,RRt), wherein RCRtReliability, SR is initially signed for for t wheeltAnd RRtDenying testing result for t wheel e-mail, f (.) is for signing for estimating at the beginning of reliability model.
Sign for reliability revaluation: to initially signing for reliability RCRtDo approximation process, sign for the reliability approximation ratio with the behavior of signing for, i.e. CR to promotet=g (RCRt), wherein CRtSigning for reliability for t wheel revaluation, g (.) is for signing for reliability revaluation model.
Credibility evaluation model owing to may be directly applied to sign for estimating at the beginning of reliability has a lot, so place's emphasis is given and signs for reliability revaluation model, is described as follows:
CRt=α * RCRt+β*Ht+γ*Dt+δ*Dt*|SDt|,0<α<1,0<β<1,0<γ<1,0<δ<1(1)
This model utilizes 4 class data (initially to sign for reliability RCRt, history signs for reliability Ht, sign for reliability stability bandwidth Dt, sign for reliability fluctuation tendency SDt) come RCRtCarry out revaluation.Component H in formula 1t,Dt,SDtComputational methods are as shown in formula 8, formula 9 and formula 10:
H t = 1 L H * &Integral; t - L H t - 1 CR x d x &ap; &Sigma; k = t - L H t - 1 CR k * &rho; t - ( k + 1 ) / &Sigma; k = t - L H t - 1 &rho; t - ( i + 1 ) - - - ( 2 )
D t = &Sigma; k = t - L H t - 1 ( CR k - &Sigma; k = t - L H t - 1 CR i / L H ) 2 / L H &ap; RCR t - H t - - - ( 3 )
SD t = &Sigma; k = t - L D H t - 1 ( D k - &Sigma; i = t - L D H t - 1 D i / L D H ) 2 / L D H &ap; D t - &Sigma; k = t - L D H t - 1 D k * &theta; t - ( k + 1 ) / &Sigma; i = t - L D H t - 1 &theta; t - ( i + 1 ) - - - ( 4 )
In formula 2, ρ (0 < ρ≤1) and LH respectively history neighbour sign for the concern factor of reliability and pay close attention to number of time slots, in formula 4, θ (0 < θ≤1) and LDH respectively history neighbour sign for the concern factor of reliability stability bandwidth and pay close attention to number of time slots, and LH and LDH is usually arranged as transferring entity strategy by telegram and denies the vibration time slot size of behavior;In formula 1, α and β requires that on arranging beta/alpha is proportional to LH, and γ and δ intends formula of following 5 and formula 6 on arranging:
&gamma; = &gamma; 1 , D t &GreaterEqual; 0 &gamma; 2 , D t < 0 ; &gamma; 1 &le; &gamma; 2 - - - ( 5 )
&delta; = &delta; 1 , D t * SD t < 0 &delta; 2 , D t * SD t &GreaterEqual; 0 ; &delta; 1 &le; &delta; 2 - - - ( 6 )
It should be noted that, the intermediate object program of previous moment can be utilized to be iterated calculating owing to the current time of formula 2, formula 3 and formula 4 calculates, therefore sign for the amount of calculation of reliability renewal the most not quite, time complexity is less than O (n+11), and n transfers the number of recipient by telegram under being one-to-many communication topology herein.In view of signing for the part that reliability is the whole network view, therefore it is by SDN controller, i.e. is responsible for having and safeguarding by " Mail Gateway ".
(4) deny prediction and suppression strategy is formed
The formation denying suppression strategy in the present invention employs based on the comparative approach signing for reliability threshold values, sign for herein reliability threshold values refer in particular to transfer by telegram entity in e-mail behavior implementation process institute patient the other side's entity is minimum signs for reliability.
Concrete thought is as follows: signs for reliability in e-mail transmitting-receiving side and signs for reliability threshold values CRT not less than total systemt(global) on the premise of, if e-mail sender A's signs for reliability TVt(A) be less than e-mail recipient Bi signs for reliability threshold values CRTt(Bi), then forbid sending, otherwise then allow to send;If e-mail recipient Bi signs for reliability TVt(Bi) be less than e-mail sender A signs for reliability threshold values CRTt(A), then forbid receiving, otherwise then allow to receive.Its reasonability can make an explanation in e-mail entity signs for behavior space: as a example by the first situation, due to TVt(A) less than CRTt(Bi), i.e. A previously signs for the tolerance lowest limit that the comprehensive sincere performance in behavior can bear less than Bi, so can with high probability estimate A significantly improve in following Minimum-time sign for the probability of behavior expression can extremely low, can forbid that A sends to Bi for this and transfer by telegram;Other situations are similar to.
Algorithm 3 gives denial suppression strategy formation algorithm, wherein A and B={B1,B2,…,B|B|It is respectively e-mail sender and e-mail recipient, TVt(x) and CRTtX () is respectively e-mail entity x and signs for reliability what t took turns and sign for reliability threshold values.
Algorithm 3.ISF//suppression strategy formation algorithm
Input: TVt(A),CRTt(A),{TVt(Bi)},{CRTt(Bi)},CRTt(global)
Output: ris//denial suppression strategy, element (00)bitMutual for allowing, (01)bitReceive for allowing transmission to forbid,
(10)bitAllow to receive for forbidding sending, (11)bitMutual for forbidding
Embodiment 1:
Setting up a real e-mail in the present embodiment and deny source suppression system, building of this system employs Open-Source Tools OpenFlow, and uses the e-mail denial source suppressing method of the present invention to carry out denying suppression.
As shown in Figure 2, e-mail in the present embodiment is denied the structure of source suppression system and is related to 5 PC, wherein: PC0 (increase income POX by operation, system platform is Ubuntu12.04) as SDN controller, run e-mail denial suppression logic and deny suppression strategy to be formed, and Policy Result is distributed OpenFlow switch by OpenFlow agreement.PC1 and PC2 (operation increase income OpenFlow, system platform is Ubuntu12.04) is as OpenFlow switch, and the denial suppression strategy provided according to SDN controller forms e-mail content delivery stream table with regulation and control e-mail data interaction.PC3 (running customization software NRMail, system platform is Win7), as email client, on the one hand provides SMTP and the POP3 client functionality of tradition e-mail system;On the other hand carry out e-mail behavior extraction and evidence binding, realize for simplifying herein, the TTP function needed for evidence binding by the TTP process customized on behalf of realizing, evidence signature and authentication function by the sign process customized on behalf of realizing);PC4 (running WinmailMailServerV5.1.2, system platform is Win7) is as mail server, it is provided that SMTP and the POP3 service of tradition e-mail system.In Fig. 3, PC0, PC1 and the PC2 in 192.168.100.0 network collectively forms SDN control passage, and PC2, PC4 in PC3, PC1 and 192.168.122.0 network in 192.168.111.0 network collectively form SDN data channel.
Concrete experiment parameter is provided that
Transferring entity sum in A, system by telegram is 1025 (wherein malicious entities accounts for 20%);Entity the code of conduct is as follows: honest entity honesty all the time declares e-mail behavior, all the time without conspiring (i.e. will not drive up mutually and sign for reliability), all the time without calumny (the most do not slander other people and sign for reliability);Malicious entities can non-honesty declare e-mail behavior (its would generally between honesty is declared and is disallowed strategy fluctuation to play one's own game), each other can conspire denials, can calumniate honesty entity.
Transferring entity in B, system by telegram and sign for behavior injection model such as Fig. 3, the behavior expression value simultaneously arranging e-mail denial is 0.1, the behavior expression value of non-denial is 1;Strategy fluctuation time slot be 10 timeslices, i.e. period of waves be 20 timeslices.
C, when signing for estimating at the beginning of reliability labelling deny assessment evidence sample value be 0.1, labelling non-denial sample value be 1, select weighting simply to sue for peace classic algorithm when reliability adds up to.
D, setting are signed for reliability revaluation parameter and are respectively as follows: α=0.2, β=0.8, γ1=0.05 | γ2=0.2, δ1=0.05 | δ2=0.2, ρ=0.75 | 1, LH=10, θ=0.75 | 1, LDH=10.
E, CRT is sett(global)=0.4, arranging threshold coefficient is 0.8, i.e. CRTt(x)=TVt(x)*0.8。
E-mail is denied source suppression system service data 1 and is signed for reliability and approach test:
Sign for reliability and more approach the behavior of signing for, deny suppression strategy and more possess specific aim.But, reliability class assesses intrinsic time stickiness but can strengthen the deviation signing for reliability.Reliability Approximation is signed for for examine or check institute of the present invention extracting method, in Fig. 3, behavior model is input, and Fig. 4 gives with or without conspiring under situation when without calumny, having 12 kinds when calumny, ρ=1& θ=1, ρ=1& θ=0.75, ρ=0.75& θ=1 and ρ=0.75& θ=0.75 to sign for reliability assessment situation.It can be seen that (1) calumny can reduce (honest entity) signs for reliability Approximation;(2) although collusion lifting (malicious entities) can sign for reliability, but suitably reduce ρ (ρ=0.75<1) and lifting θ (θ=1>0.75) and all can improve and sign for reliability Approximation.
Amplitude is affected on sign for reliability Approximation for examination collusion, Fig. 5 is for ρ=1& θ=1, ρ=1& θ=0.75, ρ=0.75& θ=1 and this 4 set condition of ρ=0.75& θ=0.75, sign for reliability assessment situation than right 8 kinds (malicious entities) when having collusion to occur and occurring without collusion.There it can be seen that for relatively without collusion, when the behavior of signing for is transferred to denial by honesty, collusion can strengthen signs for reliability deviation property;Otherwise, when the behavior of signing for is transferred to honesty by denial, collusion can promote signs for reliability Approximation.It means that malice e-mail entity is self denial behavior the most hidden, collusion can be selected when attempting and denying e-mail behavior, otherwise, can select when attempting honesty and declaring e-mail behavior without collusion.
E-mail is denied suppression system service data 2 source, source inhibition and is detected:
Source inhibition is denied for detection e-mail, for without collusion without calumny, without collusion have calumny, have collusion without calumny, have collusion have calumny 4 kinds of scenes, Fig. 6 (a), figure) 6 (b), Fig. 6 (c) and Fig. 6 (d) give successively transfer by telegram when setting ρ=1& θ=0.75 (i.e. signing for the worst situation of reliability degree of approximation) e-mail curbed by source when mutual total amount progressively rises to 10000 send deny, e-mail receive deny, e-mail transmitting-receiving denies, and the mutual accounting data denying situation without denying this 4 class of e-mail.As shown in table 1, along with being on the increase of e-mail interaction times, the e-mail curbed by source sends the average accounting of denial and drops to 0.0197 from initial 0.2438, e-mail receives the average accounting of denial and drops to 0.0199 from initial 0.2152, e-mail transmitting-receiving is denied average accounting and is dropped to 0 from initial 0.0139, meanwhile, the e-mail average accounting of interaction success rises to 0.9574 from initial 0.6204.This shows, the e-mail that the present invention proposes is denied source suppressing method and the e-mail sincere e-mail without denying of entity execution can be promoted mutual.
Table 1 e-mail is denied source inhibition and is analyzed
E-mail is denied suppression system service data 3 source, source rejection ability and is assessed:
E-mail denial source rejection ability is assessed and intends using 3 kinds of conventional assessment grader modules: recall ratio (Recall), precision ratio (Precision) and harmonic-mean (F-measure).Specifically, if TP be correctly validated in advance for e-mail deny sample number, FN be mistaken in advance e-mail without deny sample number, FP be mistaken in advance e-mail deny sample number, then e-mail deny recall ratio R=TP/ (TP+FN), e-mail deny precision ratio P=TP/ (TP+FP), harmonic-mean F=2*P*R/ (P+R).
For without collusion without calumny, have calumny without collusion, have collusion without calumny, have collusion to have 4 kinds of scenes of calumny, Fig. 7 transfer by telegram when giving ρ=1& θ=0.75 mutual total amount from 1 rise to 10000 time e-mail deny recall ratio, precision ratio and harmonic-mean are denied in e-mail.As can be seen from Table 2, although the e-mail in the case of calumniating without collusion nothing, have calumny without collusion, have collusion nothing to calumniate and have collusion to have calumny these 4 kinds is denied recall ratio average and is only 0.3730, but precision ratio up to 0.9992, and also obtain 0.5264 preferable harmonic-mean, this shows that the present invention possesses certain e-mail and denies source rejection ability.
Table 2 e-mail is denied source rejection ability and is analyzed
E-mail denies source suppression system service data 4 and comparing of signing for e-mail
E-mail denial can only be provided to suppress function in view of existing e-mail technology of signing for, the present invention intends emphasis and compares the denial inhibition afterwards signing for e-mail technology and the denial source inhibition of method in the present invention afterwards.For guaranteeing the justice that both compare, to be compared e-mail system of signing for still uses the experiment porch built based on network design figure shown in Fig. 2 and aforesaid behavior evidence binding mechanism on construction platform and supporting protocol.Be particularly configured to: cut off PC0, amendment PC1 and PC2 upstream table with message between two-way permission PC3 and PC4, utilize PC3 on e-mail server construction on NRMail and PC4 to be compared sign for e-mail system.
For without collusion without calumny, without collusion have calumny, have collusion without calumny, have collusion have calumny 4 kinds of scenes, transfer by telegram when Fig. 8 (a), Fig. 8 (b), Fig. 8 (c) and Fig. 8 (d) give ρ=1& θ=0.75 successively mutual total amount from 1 rise to 10000 time, the present invention and sign for the e-mail of e-mail and deny suppression contrast situation.Can be seen that from table 3-1 and table 3-2, under homogeneous system configures, when transferring mutual total amount by telegram and reaching 10000, under 4 kinds of scenes, source suppression accounting is denied in the e-mail of context of methods and the e-mail denial signing for e-mail suppression accounting afterwards is more approached, respectively reach 94.85%, 99.53%, 99.09% and 99.10%, this shows that the present invention can effectively make up tradition and sign for e-mail technology deficiency in the suppression of denial source, greatly improves sincerity and the safety of e-mail system.
Table 3-1 benefit analysis of the present invention
Table 3-2 benefit analysis of the present invention (Continued)

Claims (8)

1. source suppression system is denied in an e-mail based on SDN, it is characterised in that: include datum plane, Forwarding plane and control plane;The tradition e-mail that described datum plane implements to follow SMTP and POP3 agreement is mutual, including SMTP client, SMTP service end, POP3 client and POP3 service end;Control plane is formed according to the previous e-mail interbehavior from datum plane and transfers denial suppression strategy by telegram, including behavior evidence obtaining module, denial detection module, denies evaluation module, denial prediction module and suppression strategy formation module;Forwarding plane forms stream table according to from the denial suppression strategy controlling plane, and based on this stream table to occurring to carry out alternately forwarding control, including stream table computing module and forward process module in the current e-mail of datum plane;
nullAlternately and POP3 client initiates e-mail alternately to POP3 service end in the e-mail that described SMTP client is initiated to SMTP service end,Forward process module interacts data delivery control according to current stream table alternately to both the above e-mail,And event of being submitted by related data is committed to behavior evidence obtaining module,Behavior evidence obtaining module carries out resisting denying binding to data delivery event,And by result with e-mail evidence form submit to deny detection module carry out deny detection,Deny evaluation module assessment deny the testing result of detection module and submit to deny prediction module with the form that malice is denied by assessment result,Suppression strategy formed module receive deny the predicting the outcome of prediction module after formed and deny suppression strategy and be committed to stream table computing module,E-mail data delivery stream table is adjusted by stream table computing module according to denying suppression strategy,And the new stream table after regulation is supplied to forward process module, and to be used for controlling the e-mail of next round mutual.
Source suppression system is denied in e-mail based on SDN the most according to claim 1, it is characterized in that: described SMTP client and POP3 client are that the e-mail following smtp protocol under TCP/IP Generation Internet sends agency and follows the e-mail Receiving Agent of POP3 agreement respectively, and SMTP client and the user interface that POP3 client is e-mail system realize the e-mail of user side and edit, send, receive and content-browsing function;Described SMTP service end and POP3 service end are to provide SMTP service and the software and hardware facilities general name of POP3 service under TCP/IP Generation Internet respectively, respectively to from the e-mail of SMTP client with go to the e-mail of POP3 client and carry out transfer.
Source suppression system is denied in e-mail based on SDN the most according to claim 1, it is characterised in that: described stream table computing module calculates e-mail data delivery stream table according to from the denial suppression strategy controlling plane, and is submitted to forward process module;E-mail data from datum plane are submitted control according to stream table by described forward process module.
Source suppression system is denied in e-mail based on SDN the most according to claim 1, it is characterized in that: described behavior evidence obtaining module utilizes undeniable technology that the e-mail interbehavior perceived at forward process module carries out resisting denying binding, and submits to deny detection module with the form of e-mail evidence by binding result;
Described denial detection module carries out denial according to the e-mail evidence from behavior evidence obtaining module to the e-mail entity behavior of signing for and detects, and submits to deny evaluation module with the form that e-mail is denied by testing result;
Described denial evaluation module carries out risk assessment to denying from the e-mail denying detection module, and the denial behavior that will be provided with hazardness is submitted to deny prediction module with the form that malice is denied;
Diffusion situation and evolution trend that malice is denied by described denial prediction module are predicted, and the form predicting the outcome to deny situation is submitted to suppression strategy formation module;
Described suppression strategy forms module and formulates denial Restrain measurement from e-mail system overall situation sincerity stabilisation angle, and with the form denying suppression strategy, its result is submitted to stream table computing module.
5. the suppressing method of e-mail denial source based on the SDN suppression system as described in Claims 1 to 4 any one, it is characterised in that: comprise the following steps successively:
(1) SMTP client is transferred by telegram mutual and POP3 client to SMTP service end initiation according to current stream table and is carried out data delivery alternately to the e-mail that POP3 service end is initiated and control to realize the suppression of the source to potential e-mail denial behavior by forward process module, if there is potential e-mail denial behavior, then submit failure, go to step (1);If there is not potential e-mail denial behavior, then submitting successfully, performing step (2);
(2) forward process module will occur in data delivery event thereon and submits to control the behavior evidence obtaining module of plane with the form of e-mail behavior;
(3), after behavior evidence obtaining module receives the data of forward process module, use undeniable technology that the e-mail behavior from Forwarding plane is implemented resisting denying binding, and submit to deny detection module with the form of e-mail evidence by binding result;
(4) deny detection module and carry out denying detection according to the e-mail evidence from behavior evidence obtaining module, and submit to deny evaluation module with the form that e-mail is denied by testing result;The method denying detection is that the behavior of signing for that the anti-true e-mail behavior derived from e-mail evidence and e-mail entity are declared is carried out comparison of coherence, if inconsistent, then there occurs that e-mail is denied;
(5) deny evaluation module and e-mail denial is carried out risk assessment, and submit to deny prediction module with the form that malice is denied by assessment result;Risk assessment is e-mail denial to be signed for reliability calculate, and weighs e-mail denial density of infection based on signing for reliability;E-mail big for hazardness is denied and is defined as maliciously denying;
(6) deny prediction module use link Predicting Technique the diffusion situation maliciously denied in e-mail connected space is predicted with evolution trend, and the form predicting the outcome to deny situation is submitted to suppression strategy formation module;Denial situation herein is by e-mail entity and to sign for the two-dimensional vector matrix that reliability is constituted;
(7) suppression strategy forms module and formulates denial Restrain measurement according to denying situation from e-mail system overall situation sincerity stabilisation angle, and with the form denying suppression strategy, scenario outcomes is submitted to stream table computing module;
(8) stream table computing module is according to denying suppression strategy regulation e-mail data delivery stream table, is supplied to forward process module for controlling the e-mail data interaction of next round with the form of new stream table.When next round e-mail occurs alternately, go to step (1).
The suppressing method of source suppression system is denied in e-mail based on SDN the most according to claim 5, it is characterised in that: the e-mail evidence in described step (3) is association e-mail behavior participant, interaction content and the anti-tamper cryptography evidence of interaction time.
The suppressing method of source suppression system is denied in e-mail based on SDN the most according to claim 5, it is characterised in that: the behavior of signing in described (4) is e-mail entity externally declaring implemented e-mail behavior;Declare including honesty or disallow;Described e-mail is denied and is referred to that the e-mail behavior already occurred is denied for private interests by e-mail entity, generally includes to transfer by telegram to send and denies and e-mail reception denial.
The suppressing method of source suppression system is denied in e-mail based on SDN the most according to claim 5, it is characterised in that: the reliability of signing in described step (5) is the sincere degree of recognition that in e-mail system, e-mail entity is signed for behavior by the public;This is signed for reliability appraisal procedure and includes signing for estimating and sign for reliability revaluation at the beginning of reliability;Wherein, sign at the beginning of reliability, estimating the denial testing result only in accordance with current and carry out preliminary iotave evaluation;Signing for reliability revaluation is that current iotave evaluation is recalculated by comprehensive history evaluation.
CN201610392300.8A 2016-06-02 2016-06-02 E-mail based on SDN denies source and inhibits system and its suppressing method Expired - Fee Related CN105827521B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610392300.8A CN105827521B (en) 2016-06-02 2016-06-02 E-mail based on SDN denies source and inhibits system and its suppressing method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610392300.8A CN105827521B (en) 2016-06-02 2016-06-02 E-mail based on SDN denies source and inhibits system and its suppressing method

Publications (2)

Publication Number Publication Date
CN105827521A true CN105827521A (en) 2016-08-03
CN105827521B CN105827521B (en) 2019-07-05

Family

ID=56532728

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610392300.8A Expired - Fee Related CN105827521B (en) 2016-06-02 2016-06-02 E-mail based on SDN denies source and inhibits system and its suppressing method

Country Status (1)

Country Link
CN (1) CN105827521B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102170407A (en) * 2011-04-18 2011-08-31 南京审计学院 Method for realizing electronic mail credibility management on the basis of anti-fraud control logic unit
CN105450502A (en) * 2014-09-19 2016-03-30 陈耿 Software-defined network oriented email denial suppression system and suppression method thereof

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102170407A (en) * 2011-04-18 2011-08-31 南京审计学院 Method for realizing electronic mail credibility management on the basis of anti-fraud control logic unit
CN105450502A (en) * 2014-09-19 2016-03-30 陈耿 Software-defined network oriented email denial suppression system and suppression method thereof

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
夏春和等: "电子邮件UA与MTA间抗抵赖协议的研究与实现", 《计算机研究与发展》 *
彭红艳: "电子邮件抗抵赖的研究与实现", 《中国优秀硕士学位论文全文数据库信息科技辑》 *

Also Published As

Publication number Publication date
CN105827521B (en) 2019-07-05

Similar Documents

Publication Publication Date Title
CN109871669B (en) Data sharing solution based on block chain technology
US11563557B2 (en) Document transfer processing for blockchains
Coffey et al. Non-repudiation with mandatory proof of receipt
Sattarova Feruza et al. IT security review: Privacy, protection, access control, assurance and system security
CN109726887A (en) The acquisition of mobile crowdsourcing Data Data and processing system and method based on block chain
US7818200B2 (en) Method and system for providing a trust-based reputation service for virtual organization formation
WO2015100969A1 (en) Software behavior monitoring and verification system
CN103731435A (en) Method and system for implementing social networking group member identity verification mechanism
CN107947928A (en) Intelligence community management method and system based on Internet of Things
CN114401091A (en) Device cross-domain authentication management method and device based on block chain
CN106209835A (en) Peer-to-peer network communication system and method
Wang et al. Staged data delivery protocol: A blockchain‐based two‐stage protocol for non‐repudiation data delivery
Guo et al. Antitampering scheme of evidence transfer information in judicial system based on blockchain
US11469905B2 (en) Device and method for processing public key of user in communication system that includes a plurality of nodes
CN105827521A (en) SDN based e-mail denial source suppression system and suppression method thereof
Liu et al. Incorporating accountability into internet email
Dutertre et al. Intrusion-tolerant group management in enclaves
CN104702559A (en) Improved ECC-based double-factor identity authentication protocol
Al-Ahmad et al. An extended security framework for e-government
CN105450502B (en) The Email that software-oriented defines network denies suppression system and its suppressing method
CN109816531A (en) Intelligent contract method of commerce based on double chain framework
Sornkhom et al. Security analysis of micali's fair contract signing protocol by using coloured petri nets
Namavari et al. Private Hierarchical Governance for Encrypted Messaging
JP4547233B2 (en) Communication system, communication method and program thereof
CN115186285B (en) Parameter aggregation method and device for federal learning

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20190604

Address after: 211899 No. 86 Yushan Road, Jiangpu Street, Pukou District, Nanjing City, Jiangsu Province

Applicant after: NANJING AUDIT University

Address before: 210017 607, room 3, Lake heart garden, 207 Shui Xi Men street, Jianye District, Nanjing, Jiangsu.

Applicant before: Han Zhigeng

GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20190705