期刊文献+

基于HTTP协议组合的隐蔽信道构建方法研究 被引量:7

Research on Covert Channel Construction Method Based on HTTP Protocol Combination
下载PDF
导出
摘要 针对现有的存储型隐蔽信道隐蔽性较低,时间型隐蔽信道误码率高且传输速率较低的问题,文章提出一种基于HTTP协议组合的隐蔽信道构建方法。该方法通过模拟浏览器应用发送HTTP请求,将HTTP请求动态分配在不同浏览器上,利用数学组合的方式嵌入隐蔽信息,且对访问对象、数据包时间间隔和数据包长度进行动态调整,提高了信道的隐蔽性。同时,信道基于TCP协议内部的可靠传输使其不受网络抖动的影响,从而保证信道的可靠性。实验结果表明,该方法能够抵御基于应用签名的检测法、协议指纹检测法及组合模型检测法,具有较强的隐蔽性;能够根据应用场景调整隐蔽性强度与信道容量的平衡。 Aiming at the problem that the existing covert storage channel has a low concealment,and the covert timing channel has a high bit error rate and a low transmission rate,a covert channel construction method combining HTTP protocol behaviors is proposed.In the method,HTTP requests are sent by simulating a browser application and allocated dynamically among different browsers,the concealed information is embedded by means of mathematical combination.The access object,the packet time interval and the packet length are also dynamically adjusted to improve the concealment of channel.At the same time,the channel is based on the reliable transmission of TCP protocol,so that it is not affected by the network jitter,thus ensuring the reliability of the channel.The experimental results show that the proposed method can resist the application signature based detection method,protocol fingerprint detection method and combined model detection method,and has strong concealment.It can adjust the concealment and channel capacity according to the application scenario.
作者 陈骋 罗森林 吴倩 杨鹏 CHEN Cheng;LUO Senlin;WU Qian;YANG Peng(Information System&Security and Countermeasures Experiments Center,Beijing Institute of Technology,Beijing 100081,China;National Computer Network Emergency Response Technical Team Coordination Center of China,Beijing 100094,China)
出处 《信息网络安全》 CSCD 北大核心 2020年第6期57-64,共8页 Netinfo Security
基金 国家242信息安全计划[2017A149]。
关键词 隐蔽信道 数学组合编码 HTTP协议 covert channel mathematical combination coding HTTP protocol
  • 相关文献

参考文献2

二级参考文献17

共引文献56

同被引文献51

引证文献7

二级引证文献3

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部