基于全信息理论的甚高频数据链安全态势评估关键技术研究

Under the current international situation, the security of air traffic is one of the important subjects related to national security. According to the reports, it is the VHF (Very high frequency) data link, which is used to transmit telegrams between the air and ground, that is vulnerable to attacks in the civil aviation communication system. However, the research about VHF data link security has not been developed because of the complexity of VHF communication. . The subject of project is about the security situation assessment of VHF data link. And it is expended to three aspects. .(1) Researching on the security models of VHF data link and attack routine. By analyzing these telegram of applications, specifications and protocols, we try to structure a communication model for data link.. Based on the communication models, we try to construct security models for applications by using FSM (finite state machine). The main parts of the security model are expressions of security states of data link, state transition condition and the initial state vector. The path to the abnormal state is set into the attack routine. The abnormal state deduces the security situation. .(2) Researching on the security situation assessment system. Fuzzing, one of vulnerability detecting methods, is inefficient for data link. Based on the security modes of data link, we try to find out the abnormal fuzz to reduce the number of test case. It is the design about the fast method of the vulnerability mining. . Based on the comprehensive information theory and data link security model, we class the data link security situation into six: information disclosure situation, data tampering situation, intrusion control situation, information fraud situation, data replaying situation. We try to propose the multi-dimensional security situation assessment system as properties-atomic situation-assessment index set-index quantization..(3) Presenting a kind of security communication solution for data link. Based on the security situation assessment for ACARS and ATN system, from the perspective of security technology, safety management and safety engineering, we present corresponding data link security communications solutions.. The project expected achievements are as follows: (1) Security models of data link and attack routine;(2) the security situation assessment system based on the comprehensive information;(3) Fast methods of the vulnerability mining based on fuzzing and data link security models;(4) The security communications solution for data link;(5)A simulation enviroment based on opnet to verify the security models and fast methods;(5) 10 papers indexed by SCI or EI;(6) One national invention patent ;(7) training 3 master graduate students..

当前国际形势下，民航交通安全是关系到国家安全的重要课题。由于甚高频通信模型具有独特性，计算机网络安全态势理论并不适用，相关研究有待发展。. 本课题主要研究民航通信中甚高频数据链的安全态势评估问题。从安全模型、漏洞挖掘、安全态势评估三个方面展开研究：（1）对甚高频数据链通信进行安全分析，构建通信模型和安全模型，生成安全隐患路线图；（2）设计甚高频数据链漏洞挖掘快速方法，基于全信息理论进行数据链安全态势评估体系研究；（3）提出甚高频数据链安全通信解决方案。 . 课题预期成果：（1）甚高频数据链通信模型和安全模型；（2）安全模型和Fuzzing融合的漏洞挖掘方法；（3）基于全信息的数据链应用安全态势评估体系；（4）甚高频数据链安全通信解决方案；（5）模拟仿真工具；（6）发表SCI、EI检索学术论文10篇，申请国家发明专利1项；（7）培养硕士研究生3名

当前国际形势下，民航交通安全是关系到国家安全的重要课题。由于甚高频通信模型具有独特性，计算机网络安全态势理论并不适用，相关研究有待发展。. 本课题主要研究民航通信中甚高频数据链的安全态势评估问题。从安全模型、漏洞挖掘、安全态势评估三个方面展开研究：（1）对甚高频数据链通信进行安全分析，构建通信模型和安全模型，生成安全隐患路线图；（2）设计甚高频数据链漏洞挖掘快速方法，基于全信息理论进行数据链安全态势评估体系研究；（3）提出甚高频数据链安全通信解决方案。. 在航空通信系统中，甚高频数据链消息常被用于传递航班状态、机场控制指令以及一些其它的敏感信息。无线电传输的信息能被截取或篡改，导致隐私数据的泄露、非法控制和劫持。本项目分析了三种攻击路线，包括监视、实体伪装以及中间人攻击。中间人攻击还能够在下一代航空通信网络（ATN）中工作。设计了两个可行的实验来测试数据链接消息攻击，包括信息泄露和实体伪装攻击。这些实验也可以被用作航空通信系统安全的Fuzzing用例。. 课题共发表SCI、EI检索学术论文20篇，申请国家发明专利7项。