隐私敏感的深包检测技术研究

Research on Privacy Aware Deep Packet Inspection

下载PDF

导出

摘要传统深包检测技术需要检测网络包的完整有效载荷,从而给用户隐私安全带来隐患。隐私敏感的深包检测技术在实现较高协议识别率情况下能够有效保护用户隐私。对深包检测技术中涉及的用户隐私进行了研究,根据有效载荷深度对隐私级别进行了划分。设计了根据隐私级别对网络包有效载荷进行截断预处理的方法。针对12种常用协议,使用隐私敏感的深包检测技术进行协议识别,结果表明,隐私敏感的深包检测技术可以获得80%以上的准确率,并严格地限制了用户隐私的泄露。 The conventional deep packet inspection technologies usually need to inspect complete payloads of the network packets, and this will bring hidden dangers to the users＇ privacy. Privacy aware deep packet inspection （PaDPI） can protect users＇ privacy while getting higher accuracy of identification. Firstly, this paper studies several privacy levels that deep packet inspection involves, and classifies the privacy of packet payload into different levels according to the depth in payloads. Secondly, this paper proposes several schemes to truncate the payloads of network packets according to the privacy levels. Thirdly, this paper evaluates 12 widely used application protocols with those truncated payloads through PaDPI for application protocol identification. The results show that privacy aware deep packet inspection can gain above 80% accuracy on truncated payloads, and can limit the leakage of users＇ privacy strictly.

作者骆世瑛嵩天史湘君郑宏

机构地区北京理工大学计算机学院中国人民解放军

出处《计算机科学与探索》 CSCD 北大核心 2015年第2期210-220,共11页 Journal of Frontiers of Computer Science and Technology

基金国家自然科学基金~~

关键词深包检测技术隐私应用层协议识别 deep packet inspection privacy application protocol identification

分类号 TP393 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献25

1Callado A, Kamienski C, Szab G, et al. A survey on Intemet traffic identification[J]. IEEE Communications Surveys & Tutorials, 2009, 11(3): 37-52.
2Valenti S, Rossi D, Dainotti A, et al. Reviewing traffic clas- sification[M]//Data Traffic Monitoring and Analysis. Berlin, Heidelberg: Springer, 2013: 123-147.
3Karagiannis T, Papagiannaki K, Faloutsos M, et al. BLINC: multilevel traffic classification in the dark[J]. Computer Communication Review, 2005, 35(4): 229-240.
4Cisco IOS NetFlow. Introduction to Cisco IOS NetFlow C a technical overview[EB/OL]. (2012-05)[2014-04-30]. http:// www.cisco.com/c/en/us/products/collateral/ios-nx-os-soft- ware/iosnetflow.
5Xu Kuai, Zhang Zhili, Bhattacharyya S. Profiling Intemet backbone traffic: behavior models and applications[J]. ACM SIGCOMM Computer Communication Review, 2005, 35(4): 169-180.
6Nguyen T T T, Armitage G. A survey of techniques for Inter- net traffic classification using machine learning[J]. IEEE Com- munications Surveys & Tutorials, 2008, 10(4): 56-76.
7Nguyen T T T, Armitage G, Branch P, et al. Timely and con- tinuous machine-learning-based classification for interac- tive IP traffic[J]. IEEE/ACM Transactions on Networking, 2012, 20(6): 1880-1894.
8Kumar S, Dharmapurikar S, Yu F, et al. Algorithms to accele- rate multiple regular expressions matching for deep packet inspection[J]. ACM SIGCOMM Computer Communication Review, 2006, 36(4): 339-350.
9Mayer C P. Security and privacy challenges in the Intemet of things[J]. Electronic Communications of the EASST, 2009, 17: 1-12.
10Dreger H, Feldmarm A, Mai M, et al. Dynamic application- layer protocol analysis for network intrusion detection[C]// Proceedings of the 15th Conference on USENIX Security Symposium 00SENIX-SS '06). Berkeley, CA, USA: USENIX Association, 2006: 257-272.

1陈亮,龚俭,徐选.应用层协议识别算法综述[J].计算机科学,2007,34(7):73-75. 被引量：33
2陈亮,龚俭,徐选.基于特征串的应用层协议识别[J].计算机工程与应用,2006,42(24):16-19. 被引量：43
3王鹏,成艳真.应用层协议识别技术在网络安全监控中的应用[J].数字技术与应用,2012,30(5):169-169. 被引量：1
4朱宇,袁帅.立体化网络应用层协议识别的研究与实现[J].电子技术应用,2014,40(1):60-63. 被引量：2
5王珊,陈健,黄志根.基于状态机的应用层协议识别和内容分析[J].电子测量技术,2011,34(12):109-112. 被引量：2
6胥清化,黄金锋,赵国鸿.基于译码表的字符预处理技术及其在协议识别中的应用[J].计算机工程与科学,2009,31(1):25-27.
7彭文峰,杜中军.应用层协议识别技术研究[J].现代计算机（中旬刊）,2015(3):68-70. 被引量：2
8王杰,石成辉.基于正则表达式的动态应用层协议识别方案[J].计算机工程与应用,2010,46(18):103-106. 被引量：8
9王庆龙,王振兴,张连成,王禹.基于GMM的ESP流量应用层协议识别[J].计算机工程,2011,37(24):91-93. 被引量：2
10范慧萍,宣蕾,陈曙晖,黄高平.基于正则表达式的应用层协议识别加速[J].计算机研究与发展,2008,45(z1):438-443. 被引量：9

计算机科学与探索

2015年第2期

浏览历史

内容加载中请稍等...

隐私敏感的深包检测技术研究

参考文献25

相关作者

相关机构

相关主题

浏览历史