基于概率的保持前缀地址随机化算法的安全评估

Probability Analysis Based Prefix Preserving IP Address Anonymization Scheme Security Evaluation

导出

摘要地址随机化算法通常用于在发布流量数据之前进行去隐私处理.保持前缀地址随机化算法就是其中一个常用算法.对于保持前缀地址随机化算法而言,由于引入了更多的限制,因此也面临更多的安全风险.分析了相关性攻击对保持前缀地址随机化算法的安全影响,并利用概率分析和仿真评估了不同攻击方法对其安全性能的影响. IP address anonymization scheme is often used to avoid privacy issues before traffic distribution. Prefix preserving IP address anonymization scheme is one of the most frequently used schemes. For prefix preserving IP address anonymization scheme, more security threats are introduced because of more correlations, In this paper the correlation based security attacks are evaluated and different attack methods are studied with the probability model and simulation.

作者张英琴张千里

机构地区内蒙古科技大学理学院公共数学部清华大学网络中心中央主楼

出处《数学的实践与认识》 CSCD 北大核心 2009年第1期154-159,共6页 Mathematics in Practice and Theory

基金国家863项目“新一代互联网技术综合实验环境”资助(2005AA112130)

关键词保持前缀地址随机化算法安全分析概率分析仿真评估攻击方法 Prefix preserving IP address anonymization Security analysis

分类号 TP301.6 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献11

1闫巧,吴建平,江勇.网络攻击源追踪技术的分类和展望[J].清华大学学报（自然科学版）,2005,45(4):497-500. 被引量：15
2McGregor T, Braun H, Brown J. The NLANR network analysis infrastructure [J]. IEEE Communications Magazine, 2000,38(5): 122-128.
3Patarin S, Makpangou M. Pandora: A flexible network monitoring platform[A], Proc 2000 USENIX Annual Technical Conference[C], San Diego, CA, June, 2000. 27-40.
4Peuhkuri M. A method to compress and anonyrnize packet traces[EB/OL], http://www. imconf.net/imw-2001/imw2001-papers/32. pdf, 2001.
5Pang R, Paxson V. A high-level programming environment for packet trace anonymization and transformation [EB/OL], http://www. acm. org/sigs/sigcomm/sigcomm2003/papers/p339-pang. pdf,2003.
6Krishnamurthy B, Wang J. On network-ware clustering of web clients[EB/OL], http://www, acm. org/sigs/ sigcomm/sigeomm2000/conf/paper/sigcomm2000-3-2.ps. gz,2000.
7Minshall G. TCPdpriv Command Manual[EB/OL], http://ita. ee. Ibl. gov/html/contrib/tcpdpriv.0.txt.
8Cho K, Mitsuya K, Kato A. Traffic data repository at the wide project [A], Proc USENIX 2000 Annual Technical Conference : FREENIX Track[C], San Diego, CA, June,2000,263-279.
9XU Jun, FAN Jinliang, Ammar M, et al. Prefix-preserving IP address anonymization: measurement based security evaluation and a new cryptography-based scheme[A], ICNP 2002 [C], IEEE Computer Society, 2002, 280-289.
10XU Jun, FAN Jinliang, Ammar M, et al. On the design and performance of prefix-preserving IP traffic trace anonymization[EB/OL], http://www. imconf. net/imw-2001/imw2001-papers/69. pdf,2001.

二级参考文献21

1Dean D, Franklin M, Stubblefield A. An algebraic approach to IP traceback[A]. Proceedings of 2001 Network and Distributed System Security Symposium [C]. California:ACM, 2001.
2Snoeren A C, Partridge C, Sanchez L A, et al. Hash based IP traceback [A]. Proceedings of 2001 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (ACM SIGCOMM) [C].California:ACM, 2001. 3-14.
3Sancbez L A, Milliken W C, Snoeren A C, et al. Hardware support for a hash-based IP traceback [A]. Proceedings ofthe 2nd DARPA Information Survivability Conference and Exposition (DISCEX-Ⅱ) [C]. Anaheim, CA, 2001. 146-152.
4Bellovin S M. ICMP Traceback Messages, Internet Draft[S]. March 2001.
5Mankin A, Massey D, Wu C, et al. On design and evaluation of intention-driven ICMP traceback[A].Proceedings of IEEE 10th International Conference on Computer Communications and Networks (IC3N'2001) [C].Scottsdale, Arizona USA, 2001.
6Staniford-Cben S, Heberlein L T. Holding intruders accountable on the internet [A]. Proceedings of IEEE Symposium on Security and Privacy [C]. Oakland, CA,1995.
7Zhang Y, Paxson V. Detecting stepping stones [A].Proceedings of 9th USENIX Security Symposium [C].Denver, CO, 2000.
8Yoda K, Etoh H. Finding a connection chain for tracing intruders [A]. Proceedings of the 6th European Symposium on Research in Computer Security (LNCS 1985) [C].Toulouse, France, 2000.
9Schnackenberg D, Djabandari K, Sterne D. Infrastructure for intrusion detection and response [A]. Proceedings of DARPA Information Survivability Conference & Exposition(DISCEX '00) [C]. Hilton Head, SC, USA: IEEE, 2000.
10Wang X, Reeves D, Wu S F, et al. Sleepy watermark tracing: An active network-based intrusion response framework [A]. Proceedings of 16th International Conference on Information Security (IFIP/Sec 01)[C].Paris, IKM, 2001.

共引文献14

1张千里,李星.保持前缀地址随机化的混合算法[J].清华大学学报（自然科学版）,2006,46(10):1723-1726.
2毛韶阳,李肯立.一种改进的DDoS攻击源端快速检测算法[J].湖南科技学院学报,2007,28(9):84-86. 被引量：1
3周建华,史伟奇,徐联华.一种用于网络取证分析的入侵源追踪方法[J].微计算机应用,2008,29(5):27-30. 被引量：1
4陈周国,祝世雄.计算机网络追踪溯源技术现状及其评估初探[J].信息安全与通信保密,2009(8):179-182. 被引量：5
5李坤.基于主机拥塞量化的DDoS攻击源端检测[J].科技信息,2010(25).
6戴世冬,段海新,李星.基于令牌桶阵列的DDoS流量过滤[J].清华大学学报（自然科学版）,2011,51(1):141-144. 被引量：1
7费洪晓,李文兴,覃思明,李钦秀.一种动-静态结合的概率包标记IP追踪方案[J].计算机工程与应用,2011,47(9):103-105. 被引量：3
8何旵阳.访问路径检测的网络防御新技术[J].计算机系统应用,2012,21(6):199-201.
9杨云江,高鸿峰,邓周灰,於斌,郑宗兴.基于数据包缓存的伪IP地址实时追踪技术的研究[J].贵州大学学报（自然科学版）,2013,30(4):66-69. 被引量：2
10张凤斌,孙刚,张斌.一种基于免疫入侵检测的攻击路径标志技术研究[J].计算机应用研究,2014,31(1):217-221. 被引量：3

1曹敏,沈鑫,周波,李萍,肖新华.智能变电站仿真评估实验平台设计与实现[J].通讯世界,2017,0(5):180-181. 被引量：1
2金百荣,李电,蔡重凯.35kV并抗操作过电压治理研究[J].高压电器,2013,49(10):64-71. 被引量：24
3张学军,俞鑫祺.电气主接线可靠性的数字计算机仿真评估[J].电力学报,1993,8(3):24-31.
4福建电力建成省内首个风光储充微电网实验室[J].农村电气化,2014(4):63-63.
5福建建成省内首个风光储充微电网实验室[J].大众用电,2014(4):53-53.
6殷桂梁,李相男,郭磊,李晓亮.混合储能系统在风光互补微电网中的应用[J].电力系统及其自动化学报,2015,27(1):49-53. 被引量：41
7袁瑞铭,丁恒春,陈颖,王婷,钱吉红.光伏逆变器实时能效分析[J].陕西电力,2015,43(10):30-35.
8一种新型的配电网消弧线圈调谐方式[J].电气技术,2013,14(10):70-70.
9朱重喜,张果宇.实现中尺度区域风能资源仿真的方法及应用[J].风能,2014,0(7):98-103.
10王淑慧,余锐,安莲淑,肖凤.基于PSCAD/EMTDC的电压跌落评估方法[J].四川电力技术,2007,30(2):25-28. 被引量：2

数学的实践与认识

2009年第1期

浏览历史

内容加载中请稍等...

基于概率的保持前缀地址随机化算法的安全评估

参考文献11

二级参考文献21

共引文献14

相关作者

相关机构

相关主题

浏览历史