摘要
网络隐写检测是实现网络可管可控的重要技术支撑。与传统网络隐写相比基于模型拟合的时间式隐写具有更高的隐蔽性,使其成为研究热点。近年来研究者提出了一种拟合Skype应用时间特性的网络隐写方法。由于载体的广泛应用,该方法一经提出便受到极大关注,而目前尚无有效的检测方法。首先通过实验验证了该方法可抵抗基于信息熵的检测算法,进而提取网络数据流时间序列的Markov转移特性、信息熵、均值与方差、DCT(discrete cosine transform)系数以及ε-相似度五种典型特征,最后通过BP(back propagation)神经网络进行分类给出检测结果。实验表明,所提检测方法针对此种隐写算法检测率可达99%,虚警率低于3%,同时通过多样性实验验证了所提方法的鲁棒性。
Network steganalysis is an important technical to support network security. Compared with the traditional network steganography,the model-based steganography had higher concealment and it was the research hotspot in recent years,it brought great challenges to steganalysis. Recently,researchers had proposed a method of network steganography which based on time characteristic of Skype traffic. The method had received great attention since it was proposed,and there was no effective detection method now. First the experimental results showed this new method could resist the algorithm based on information entropy,then five typical characteristics of time series of network flow were extracted. The characteristics included Markov shift matrix,information entropy,mean-variance ratio,discrete cosine transform( DCT) coefficients and ε-similarity. Finally,the analysis results were given by back propagation( BP) neural network. The experimental results show that detection rate is99%,and false positives less than 3%. At the same time,the robustness of the proposed method is verified by experiments.
作者
李萌
翟江涛
戴跃伟
Li Meng;Zhai Jiangtao;Dai Yuewei(School of Electronics & Information,Jiangsu University of Science & Technology,Zhenjiang Jiangsu 212003,China)
出处
《计算机应用研究》
CSCD
北大核心
2018年第6期1803-1807,共5页
Application Research of Computers
基金
国家自然科学基金资助项目(61472188
61602247)
江苏省自然科学基金资助项目(BK20150472
BK20160840)
CCF-启明星辰"鸿雁"基金资助项目(2016011)
关键词
模型拟合
隐写检测
多特征
神经网络
model-based
steganalysis
muhi-feature
neural network
