期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

针对HTTPS协议网站精细化指纹攻击方法

Refined Fingerprint Attack Method for HTTPS Protocol Website
原文传递
导出
摘要 当前网站采用HTTPS协议加密,对其实施监管与审查仅能识别站点,而不能进一步精细化识别子页面,针对这一问题,提出了一种针对HTTPS协议加密站点在使用内容分发网络(Content Distribute Network,CDN)分发资源情况下的精细化指纹攻击方法。首先利用CDN分发过程中将用户重定向到就近镜像服务器产生的域名系统(Domain Name System,DNS)查询序列作为页面指纹,然后使用支持向量机(Support Vector Machine,SVM)模型进行页面识别,最后采用在Internet中收集的数据集进行验证。结果表明:该方法获得了93%的站点子页面识别率,能有效精细化识别HTTPS加密站点的子页面。 Aiming at the problem that the current website uses HTTPS protocol encryption,its supervision and review can only identify the site,and cannot further identify subpages,a refined fingerprint attack method for HTTPS protocol encrypted site using Content Distribute Network(CDN) distribution is proposed. Firstly,the method uses the Domain Name System(DNS) query sequence generated during CDN distribution that users are redirected to the nearest CDN mirror server as page fingerprint. Then the Support Vector Machine(SVM) model is used for pages identification. Finally,dataset collected on the internet is used for verification. The result shows that the method gets a 93% subpage identification rate and can finely and effectively identify the subpages of the HTTPS encrypted site.
作者 王凯 陈立云 王增光 WANG Kai;CHEN Li-yun;WANG Zeng-guang(Equipment Simulation Training Center,Shijiazhuang Campus of Army Engineering University,Shijiazhuang 050003,China;Equipment Command and Administration Department,Shijiazhuang Campus of Army Engineering University,Shijiazhuang 050003,China)
机构地区 陆军工程大学石家庄校区装备模拟训练中心 陆军工程大学石家庄校区装备指挥与管理系
出处 《装甲兵工程学院学报》 2018年第4期99-104,共6页 Journal of Academy of Armored Force Engineering
关键词 网站指纹攻击 HTTPS协议 加密流量 流量分析 website fingerprint attack HTYPS protocol encrypted traffic traffic analysis
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献5

二级参考文献129

  • 1Akamai. The HD Web[EB/OL]. [2011-03-25]. http://www. thehdweb, com.
  • 2Akamai. Akamai[EB/OL]. [2011-03-26]. http://www. akamai.com.
  • 3SU A J, CHOFFNES D, KUZMANOVIC A, et al. Drafting behind Akamai: inferring network conditions based on CDN Redirections[J]. IEEE/ACM Transactions on Networking, 2009, 6(17): 1752-1765.
  • 4MOCKAPETRIS P. Domain names: Concepts and facilities[S]. RFC 1034. Mclean, VA, USA: lnternet Engineering Task Force, 1987.
  • 5MOCKAPETRIS P. Domain names: Implementation and specification[S]. RFC 1035. Mclean, VA, USA: lnternet Engineering Task Force, 1987.
  • 6MOCKAPETRIS P, DUNLOP K. Development of the domain name system[C]//Proceedings of ACM Special Interest Group on Data Communication. Vancouver, BC, Canada: The S1GCOMM Association, 1998.
  • 7MAO Z M, CRANOR C, DOUGL1C F, et al. A precise and efficient evaluation of the proximity between Web clients and their local DNS servers[C]//Proceedings of USENIX Annual Technical Conference. Monterey, CA, USA: The USENIX Association, 2002.
  • 8InfoQ. 8.8.8.8, A DNS number for faster browsing [EB/OL]. [2011-03-25]. http://www.infoq.com/ news/2009/12/Public- DNS-Google. Google.
  • 9Google public DNS[EB/OL]. [2011-03-25]. hap:// code.google.com/speed/public- dns.
  • 10Norton. Norton DNS[EB/OL]. [2011-03-25]. http:// nortondns.com. OpenDNS. OpenDNS[EB/OL]. [2011-03-26]. http://www. opendns.com.

共引文献98

装甲兵工程学院学报
2018年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部