Research And Implementation Of Network Bionic Autonomic Nervous System Model

With the widespread application of 5G technology and the arrival of the 6G era,network scale and traffic have shown explosive growth,and the security of data affects all aspects of social development.The detection speed of traditional network security technologies,including firewalls,intrusion detection systems and virus protection technologies,is gradually unable to meet the real needs,and its characteristics based on traditional network architecture also make it a bottleneck for network security.The traditional protection architecture isolates the security performance from the system function,and provides a fortress defense that sets a barrier between the internal network and the external network,which lacks a linkage mechanism between components.The deficiencies of today’s defense methods can be summarized as isolation,static,and passivity.Therefore,how to solve the defects of the external security architecture,take security as an inherent attribute of the network system,and realize the components’ endogenous security and joint defense have become the new goals of network security development.In order to maintain the relative stability of the internal and external environment,the human nervous system is characterized by each internal component playing its own role and collaborating to complete the control function.Inspired by the human nervous system,this paper proposes a network Bionic Autonomic Nervous Systems(BANS)model,which includes the following research contents:(1)According to the shortcomings of existing security technologies,this paper analogizes the network system to a neural system and divides the workflow of the network system into several tasks.The state and action of the tasks are used as the behavioral features of the application,and the real-time features are inserted into the network packets in the form of security labels.With the flow of packets between network components,each component completes its own security function through the security label,thus realizing the cooperative defense of the network system.The normal state and action transition of tasks are stored in the form of a finite state machine,and the real-time information in the security label is compared with the normal information,so that the abnormal behavior of the network can be judged.The results of the study show that the BANS model can successfully respond to deviations in network task states and actions,effectively defending against the simulated attacks.(2)For the design of the structure and function of the network system components in BANS,based on the function of the components of the human nervous system,this paper proposes a functional architecture model of the terminal process,transponder and security center in the network system.The terminal process is divided into two forms: sensing process and effecting process,which are mainly responsible for sensing data information of processes and executing security policies issued by the upper layer.The transponder is mainly responsible for data forwarding and part of the security decision,and performs corresponding operations on network packets according to the matching of packet information and rules in the rule library,including discarding,forwarding or sending security labels to the security center.The security center mainly makes security judgments for packets that cannot be decided by transponder as well as rules and policies issued,which are mainly divided into two parts: identity authentication and abnormal behavior detection.Identity authentication is used to verify whether the packet originates from a legitimate terminal process,and abnormal behavior detection is used to determine whether the packet originates from the abnormal behavior of the terminal process.The security of the functional system model is verified through the analysis of the mathematical model.(3)For the implementation of safety functions in BANS,according to the upstream and downstream pathways for the human nervous system,this paper proposes a safety mechanism model consisting of upstream transmission of security information and downstream transmission of control information,and designs and implements the model algorithm.The uplink path refers to the process of inserting the security label into the data packet by the terminal process,and extracting the security label in the transponder and transmitting it to the security center.The downlink path refers to the process in which the transponder or the security center makes a security decision on the network data packet and sends the policies to other components to maintain the security of the network system.According to the above-described uplink and downlink paths,corresponding algorithms are designed and implemented,including the security label generation algorithm in the process,the security label extraction algorithm in the transponder,and the anomaly detection algorithm in the security center,to complete the task-oriented network anomaly detection process in the network system.(4)According to the functional system and security mechanism of the network BANS model,this paper constructs a small local area network to implement BANS to demonstrate the usability and security of the model.The overall function of the model can be divided into control layer and data layer,so the implementation of the SDN architecture can be referred to implement the model.This paper uses the Open Flow switch to simulate the transponder,and adapts the existing functions of OVS accordingly.The controller is used to simulate the security center,and the Ryu controller implemented in Python is selected.The APP can be designed in the user layer of the controller to realize the function of security center required by the model.The processes of FTP client and server are used as the basic terminal processes in the data layer.After the application function and security function of the model are implemented,simulated attacks are carried out,which include two different kinds of DDOS attacks and a backdoor attack.The proposed model detects and responds to all the attacks,and the security of the model is verified by analyzing the experimental results.