CN-122027348-A - Intrusion detection and security enhancement method for quantum key distribution system

Abstract

The invention relates to an intrusion detection and security enhancement method of a quantum key distribution system, which belongs to the technical field of quantum communication and comprises the steps of collecting operation parameters of a plurality of physical nodes in real time in the operation process of a QKD system to construct a multi-dimensional characteristic data set, inputting the multi-dimensional characteristic data set into a pre-trained hybrid neural network model for intrusion detection, wherein the hybrid neural network model comprises a convolutional neural network layer and a long-short-period memory network layer, generating intrusion alarm information and positioning intrusion types and node positions when intrusion behaviors are detected, and triggering a security enhancement strategy in response to the intrusion alarm information, wherein the security enhancement strategy comprises dynamic adjustment of quantum state coding parameters, switching to a local oscillator optical protocol mode and selecting a privacy amplification algorithm after starting. According to the invention, by combining intelligent intrusion detection with the self-adaptive security enhancement mechanism, the security, robustness and self-adaptive defensive capability of the quantum key distribution system in an actual deployment environment are obviously improved.

Inventors

• TANG RUNHUA
• DONG JIAN
• CHEN XIAONI
• PENG ZHIXUAN

Assignees

• 广东食品药品职业学院

Dates

Publication Date

20260512

Application Date

20260401

Claims (9)

1. 1. S1, collecting operation parameters of a plurality of physical nodes in real time in the operation process of the quantum key distribution system, and constructing a multidimensional characteristic data set; S2, inputting the multi-dimensional characteristic data set into a pre-trained hybrid neural network model for intrusion detection, wherein the hybrid neural network model comprises a convolutional neural network layer and a long-term and short-term memory network layer; Step S3, when an intrusion behavior is detected, intrusion alarm information is generated and the intrusion type and the node position are positioned; and S4, responding to the intrusion alarm information, triggering a security enhancement strategy, wherein the security enhancement strategy comprises the steps of dynamically adjusting quantum state coding parameters, switching to a local oscillation optical protocol mode and selecting a privacy amplification algorithm after starting.
2. 2. The method of claim 1, wherein the operating parameters of the plurality of physical nodes include at least a transmitting end light intensity, a receiving end light intensity, a quantum bit error rate, a detector count rate, a phase drift amount, an ambient temperature, and a vibration frequency.
3. 3. The method for intrusion detection and security enhancement of a quantum key distribution system according to claim 1, wherein the training process of the hybrid neural network model comprises: Constructing a training data set containing multiple attack types, wherein the multiple attack types at least comprise strong light blinding attack, wavelength attack, dead time attack and Trojan light attack, and each sample in the training data set contains multidimensional feature vectors of a plurality of continuous time sampling points in a preset time window and corresponding attack type labels; and performing supervised training on the hybrid neural network model by using the training data set, aiming at minimizing a cross entropy loss function and optimizing network weights.
4. 4. The method for intrusion detection and security enhancement of a quantum key distribution system according to claim 1, wherein dynamically adjusting the quantum state encoding parameters comprises adaptively adjusting the base vector selection probability of the intensity, polarization state or phase encoding of the light pulse according to the type of intrusion detected, so as to increase the difficulty of an attacker to obtain effective information.
5. 5. The method for intrusion detection and security enhancement of a quantum key distribution system according to claim 1, wherein the switching to the local oscillator optical protocol mode specifically includes controlling the receiving terminal to start a built-in local oscillator light source to replace local oscillator light transmitted from the channel, thereby eliminating an attack vector for the local oscillator light.
6. 6. The method for intrusion detection and security enhancement of a quantum key distribution system according to claim 1, wherein the selecting a privacy amplification algorithm after the starting specifically comprises dynamically selecting a hash function length of the privacy amplification algorithm according to a quantum bit error rate estimated in real time after the intrusion detection is triggered, so as to maximize compression amount of eavesdropper information on the premise of ensuring a security key rate.
7. 7. The intrusion detection and security enhancement device of the quantum key distribution system is characterized by comprising a data acquisition module, an intrusion detection module and a security enhancement module; the data acquisition module is used for acquiring the operation parameters of a plurality of physical nodes in real time and constructing a multidimensional characteristic data set; the intrusion detection module is used for inputting the multidimensional characteristic data set into a pre-trained hybrid neural network model to perform intrusion detection and generating intrusion alarm information; The security enhancement module is used for responding to the intrusion alarm information and triggering a security enhancement strategy, and the security enhancement strategy comprises the steps of dynamically adjusting quantum state coding parameters, switching to a local oscillation optical protocol mode and selecting a privacy amplification algorithm after starting.
8. 8. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any one of claims 1 to 6 when the program is executed by the processor.
9. 9. A computer readable storage medium, on which a computer program is stored, characterized in that the program, when being executed by a processor, implements the method according to any one of claims 1 to 6.

Description

Intrusion detection and security enhancement method for quantum key distribution system Technical Field The invention relates to the technical field of quantum communication, in particular to an intrusion detection and security enhancement method of a quantum key distribution system. Background Quantum key distribution (Quantum Key Distribution, QKD) is based on quantum mechanics rationales that can theoretically provide unconditionally secure key distribution. However, in actual physical implementations, QKD systems face a variety of side-channel attacks due to device imperfections (e.g., light sources, detectors, modulators, etc.). The existing attack means comprise strong light blind attack, wavelength attack, dead time attack, trojan light attack and the like, and the attacks use actual device loopholes to steal key information under the condition of not causing obvious error rate change, thereby seriously threatening the actual security of the QKD system. In the prior art, the security protection of QKD systems relies mainly on passive monitoring of the Quantum Bit Error Rate (QBER), when the error rate exceeds a threshold, it is determined that eavesdropping is present. However, this approach suffers from hysteresis and is difficult to identify complex concealment attacks that do not cause high bit error rates. Furthermore, existing systems lack adaptive security enhancement capabilities, often only interrupt communications upon detection of an anomaly, resulting in reduced system availability. Therefore, a security enhancement method capable of accurately detecting various intrusion behaviors in real time and dynamically adjusting the system configuration to resist attacks is needed. Disclosure of Invention The invention provides an intrusion detection and security enhancement method for a quantum key distribution system, which solves the problems of the prior art, and by combining intelligent intrusion detection with a self-adaptive security enhancement mechanism, the security, robustness and self-adaptive defensive capability of the quantum key distribution system in an actual deployment environment are remarkably improved. The invention solves the technical problems by adopting the scheme that the intrusion detection and security enhancement method of the quantum key distribution system comprises the following steps that S1, in the running process of the quantum key distribution system, running parameters of a plurality of physical nodes are collected in real time, and a multidimensional characteristic data set is constructed; S2, inputting the multi-dimensional characteristic data set into a pre-trained hybrid neural network model for intrusion detection, wherein the hybrid neural network model comprises a convolutional neural network layer and a long-term and short-term memory network layer; As an implementation mode, the convolutional neural network layer comprises 2 convolutional layers and 1 pooling layer, the convolutional kernel sizes are 3 multiplied by 3 and 5 multiplied by 5 respectively and are used for extracting spatial correlation characteristics among operation parameters under different scales, the long-term memory network layer comprises 2 LSTM units, each layer comprises 128 hidden units and is used for learning long-range dependency of multidimensional characteristic data in a time dimension, the time window length of model input is 10 continuous sampling points, and the output layer adopts a Softmax function to classify a normal state and a plurality of attack types; Step S3, when an intrusion behavior is detected, intrusion alarm information is generated and the intrusion type and the node position are positioned; Step S4, responding to the intrusion alarm information, triggering a security enhancement strategy, wherein the security enhancement strategy comprises dynamically adjusting quantum state coding parameters, switching to a local oscillation optical protocol mode and selecting a privacy amplification algorithm after starting; Specifically, an intrusion type-coding parameter mapping table is preset in the system, when an intrusion detection module outputs an attack type label, a control unit reads corresponding parameter configuration according to the mapping table, for example, when strong light blinding attack is detected, the average photon number of signal states is adjusted from 0.5 to 0.3, the proportion of decoy states is increased, and when Trojan light attack is detected, the basic vector selection probability is adjusted from uniform distribution to asymmetric distribution of Z base to X base=0.7 to 0.3, so that accurate estimation of quantum state preparation information by an attacker is destroyed. On the basis of the technical scheme, the invention can be improved as follows. Further, the operation parameters of the physical nodes at least comprise the light intensity of a transmitting end, the light intensity of a receiving end, the bit error rate of quant