复杂网络系统安全保障技术教育部工程研究中心

发稿时间:2020-04-10浏览次数:27

复杂网络系统安全保障技术教育部工程研究中心于200710月经教育部批准建设,20187月通过建设验收,进入运行阶段。目前中心主任由计算机科学与工程学院姚羽教授担任。中心的总体建设目标为:通过产学研联合,研究开发网络与信息安全产品设备,加速形成我国具有国际竞争能力的网络与信息安全产业,扩大民族品牌的产品在国内外市场的占有率;通过对复杂网络系统安全保障技术领域的共性、关键性和前沿性问题进行系统研究,形成符合市场需求的技术创新体系,增强产业的可持续发展能力。中心将集中网络与信息安全研究方面的优势力量,充分发挥依托单位的技术和科研优势,实现多学科交叉、联合攻关的能力,在此基础上申请和承担更多的国家重大课题,使网络与信息安全技术的开发和应用在总体规模和水平上达到国内领先,并逐步与世界先进水平接轨。同时,在研发中培养一批高层次专业人才,以产业化带动整个民族行业的发展。

中心现有正高级职称的研究人员26人,副高级职称36人,博士学历的研究人员达到74.8%,专业领域涵盖了计算机科学与技术、通信工程、信息安全等相关专业。工程中心自成立以来,承担的各级各类科研项目总资金近亿元,如国家杰出青年科学基金、国家自然科学基金、国家973计划、国家863计划等。发表了100多篇学术论文,其中近20篇文章发表在顶级国际学术会议和期刊上,已申请国家发明专利20多项。目前已培养了博士研究生115名,硕士研究生617名。

安全的网络环境是实现一切网络服务及应用的基础。复杂网络系统安全环境的建立需要可靠而强大的安全保障技术支持。因此,中心的研究方向主要面向这一领域目前亟待解决的关键技术问题,主要包括:工业互联网安全保障关键技术;复杂网络系统安全保障关键技术;网络与信息安全保障关键技术;网络内容安全保障关键技术等。

1)工业互联网安全保障关键技术

开展在工业互联网安全领域包括针对设备安全、控制安全和网络安全相应的安全防护关键技术研究,实现对工业互联网的安全测评、态势感知和动态主动防御。在设备安全方面,研究工控设备探测与指纹识别技术,行为建模与资产画像技术和漏洞检测与安全测评技术,搭建面向特色行业的安全测评平台。在控制安全方面,应研究工业互联网自动化安全审计机制,并建立面向典型行业的工业互联网安全态势感知平台。在网络安全方面,应研究面向工业互联网的蜜网技术,建立工业互联网威胁情报平台和网络攻击分析溯源技术,并基于以上相关技术建立面向典型行业的工业互联网防御体系和支撑平台。

  2)复杂网络系统安全保障关键技术

开展信息安全框架下,复杂网络环境的安全机制,包括密钥管理机制、证书管理机制、数据的可信和保密存储机制、访问控制机制;复杂网络系统软硬件安全测试评估模型、测试方法以及测试自动化技术等方面的研究。

  3)网络与信息安全保障关键技术

开展无线网络安全技术研究包括固定移动融合网络环境下的垃圾语音过滤及防范技术,IP多媒体子系统安全防护技术等。建立支持IPv6的试验网络环境;构筑适合于IPv6互联网的以防火墙为主体的网络安全系统;提出具有QoS保障、支持组播的复杂网络系统安全路由机制模型,设计非NP类QoS组播路由算法,设计在线重路由机制。

4)网络内容安全保障关键技术

开展垃圾邮件综合举报关键技术研究;包括基于内容的网络有害图像识别与监控系统软件、相关图像数据库,图像分析识别技术,有害网站预警系统,基于角色的安全控制软件等。

近年来,本中心不断拓宽合作渠道,加强与国内外知名学术机构和企业的交流合作,努力扩大中心在国内外的学术影响力。目前,本中心人员结构和规模合理,管理体制和运行机制完善,国际交流与合作频繁,欢迎国内及国际研究人员交流合作。

中心网址链接:http://stcns.neu.edu.cn


Engineering Research Center of Security Technology of Complex Network System, Ministry of Education, China

The engineering research center of Security Technology of Complex Network System was approved by the Ministry of education in October 2007 and passed the acceptance in July 2018, entering the operation stage.At present, the director of the center is Professor Yao Yu ofthe College of Computer Science and Engineering. The overall construction goal of the center is to research and develop the network and information security products and equipment, accelerate the formation of China's internationally competitive network and information security industry, and expand the share of national brand products in domestic and foreign markets. Through the systematic research on the common, key and cutting-edge issues in the field of complex network system security technology, a technology innovation system is formed to meet the market demand, and the sustainable development ability of the industry is enhanced. The center will focus on the advantages of network and information security research, give full play to the technical and scientific research advantages of the supporting units, and realize the ability of interdisciplinary and joint research. On this basis, it will apply for and undertake more national major projects, so as to Make the development and application of network and information security technology reach the domestic leading position in overall scale and level, and gradually connect with the world's advanced level. At the same time, we should cultivate a group of high-level professionals in R & D, and promote the development of the whole national industry with industrialization.

At present, the center has 26 researchers with senior titles, 36 with deputy senior titles, and 74.8% with doctoral degree. The professional fields cover Computer Science and Technology, Communication Engineering, Information Security and other related majors. Since the establishment of the engineering center, the center has undertaken a total fund of nearly 100 million yuan for various scientific research projects at all levels, such as the National Science Fund for Distinguished Young Scholars, the National Natural Science Fund, the National 973 Plan, the National 863 plan, etc. More than 100 academic papers have been published, nearly 20 of which have been published in top international academic conferences and journals, and more than 20 national invention patents have been applied for. At present, 115 doctoral students and 617 master students have been trained.

A secure network environment is the foundation of all network services and applications. The establishment of complex network system security environment needs reliable and powerful security technology support. Therefore, the research directions of the center are mainly focused on the key technical problems to be solved in this field, mainly including key technology of industrial Internet security, key technology of complex network system security, key technology of network and information security, key technology of network content security, etc.

1) Key technologies of industrial Internet Security

In the field of industrial Internet security, research on Key Technologies of security protection, including equipment security, control security and network security, is carried out to realize the security assessment, situation awareness and dynamic active defense of industrial Internet. In terms of equipment security, we should study industrial control equipment detection and fingerprint identification technology, behavior modeling and asset portrait technology, vulnerability detection and security evaluation technology, and build a security evaluation platform for characteristic industries. In terms of control security, we should study the automatic security audit mechanism of industrial Internet and establish a security situation awareness platform for typical industries. In terms of network security, we should study honeynet technology for industrial Internet, establish threat intelligence platform and network attack analysis traceability technology for industrial Internet, and establish industrial Internet defense system and support platform for typical industries based on the above related technologies.

    2)The key technology of complex network system security

Under the framework of information security, the security mechanism of complex network environment is studied, including key management mechanism, certificate management mechanism, data trusted and confidential storage mechanism, access control mechanism, software and hardware security test evaluation model, test method and test automation technology of complex network system.

    3)Key technologies of network and information security

Research on wireless network security technology includes garbage voice filtering and prevention technology under fixed mobile convergence network environment, IP multimedia subsystem security protection technology, etc. Establish a test network environment supporting IPv6, build a firewall-based network security system suitable for IPv6 Internet, propose a complex network system security routing mechanism model with QoS guarantee and supporting multicast, design non NP QoS multicast routing algorithm and online rerouting mechanism.

4) Key technologies of network content security

Research on Key Technologies of spam comprehensive reporting, including content-based network harmful image recognition and monitoring system software, related image database, image analysis and recognition technology, harmful website early warning system, role-based security control software, etc.

In recent years, the center has been expanding cooperation channels, strengthening exchanges and cooperation with well-known academic institutions and enterprises at home and abroad, and striving to expand the academic influence. At present, the staff structure and scale of the center are reasonable, the management system and operation mechanism are perfect, and international exchanges and cooperation are frequent. Domestic and international researchers are welcome to exchange and cooperate.

Contact:

Address: Hunnan Campus, Northeastern University, No. 195, Chuangxin Road, Hunnan District, Shenyang, Liaoning, P R China

Name: Yao Yu
E-mail: yaoyu@mail.neu.edu.cn