期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

网络环境自适应的流量特征拟态技术 被引量:2

A SELF-ADAPTIVE TRAFFIC FEATURE MIMICRY METHOD IN NETWORK ENVIRONMENT
下载PDF
导出
摘要 流量拟态技术将传输数据伪装成特定白名单协议以突破网络流量审查,实现隐蔽数据传输。随着检测对抗的愈加激烈,基于静态规则的混淆隐蔽传输技术局限性愈加突显,在混淆固有特征时容易形成新的网桥协议指纹。设计并实现基于当前网络环境特征的自适应流量拟态协议网桥,通过对环境中正常HTTP流量的特征提取分析,预测生成拟态网桥采用的混淆特征。实验证明该自适应网桥能够动态生成拟态规则,生成流量与真实流量具有较高相似度,拟态所需的冗余数据在可接受范围内。同时论证了当前基于特征的流量协议检测技术在面临高复杂度的流量拟态时所存在的局限性。 Traffic mimicry technique aims to disguise data traffic as common-used protocols to bypass censorship and implement hidden data transmission.With the anomaly detection getting more strict,traditional traffic obfuscation methods based on static rules are limited due to their own bridge feature generated in obfuscation.A new network bridge with self-adaptive traffic mimicry method is designed and implemented in this paper.This network bridge would extract and analyze features in real HTTP traffic,predict the normal traffic features in current environment and generate the mimicry traffic.The traffic generated by this bridge was proved to have a high similarity as normal traffic within acceptable data redundancy in the experiment.This work also indicated that current detection models require deeper inspection in traffic audit to explore the hidden abnormal communication.
作者 施帆 王轶骏 薛质 姜开达 Shi Fan;Wang Yijun;Xue Zhi;Jiang Kaida(School of Cyber Science and Engineering,Shanghai Jiao Tong University,Shanghai 200240,China)
机构地区 上海交通大学网络空间安全学院
出处 《计算机应用与软件》 北大核心 2021年第3期94-104,共11页 Computer Applications and Software
基金 国家重点研发计划项目(2019QY0703)。
关键词 流量拟态 隐蔽传输 Tor网桥 流量识别 Traffic mimicry Hidden transmission Tor bridge Traffic identification
分类号 TP3 [自动化与计算机技术—计算机科学与技术]
  • 相关文献

参考文献4

二级参考文献29

  • 1Bamford J. The NSA is building the country's biggest spy center (watch what you say) [OL]. [2015-05-23]. http:// www. wired, com/2012/03/ff_nsadatacenter.
  • 2Moghaddam H, Li B, Derakhshani M, et al. SkypeMorph: Protocol obfuscation for tor bridges [C] //Proc of the 19th ACM Conf on Computer and Communications Security. New York: ACM, 2012:97-108.
  • 3Weinberg Z, Wang J, Yegneswaran V, et al. StegoTorus: A camouflage proxy for the Tor anonymity system [C]//Proc of the 19th ACM Conf on Computer and Communications Security. New York: ACM, 2012:109-120.
  • 4Wang Q, Gong X, Nguyen G T K, et al. CensorSpoofer: Asymmetric communication using IP spoofing for censorship- resistant Web browsing [C] //Proc of the 19th ACM Conf on Computer and Communications Security. New York: ACM, 2012:121-132.
  • 5Houmansadr A, Riedl T J, Borisov N, et al. I want my voice to be heard: IP over Voice-over-IP for unobservable censorship circumvention [C] //Proc of the 20th Annual Network and Distributed System Security Symp. Reston, VA: The Internet Society, 2013:1-17.
  • 6Chaum D L. Untraceable electronic mail, return addresses, and digital pseudonyms[J]. Communications of the ACM, 1981, 24(2): 84-90.
  • 7Dingledine R, Mathewson N, Syverson P. Tor: The second- generation onion router [C] // Proc of the 13th Conf on USENIX Security Symp. Berkeley, CA: USENIX Association, 2004:303-320.
  • 8Department of Business Informatics, University of Regensburg. JAP: The JAP anonymity b- privacy homepage [OL]. [2015-05-23]. http://anon, inf. tu-dresden, de.
  • 9Pfitzmann A, Hansen M. A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management [OL]. [2015-05-23]. http://dud, inf. tu-dresden. de/literatur/Anon_Terminology_v0.34, pdf.
  • 10Houmansadr A, Brubaker C, Shmatikov V. The parrot is dead: Observing unobservable network communications [C] //Proc of the 34th IEEE Symp on Security and Privacy. Piscataway, NJ : IEEE, 2013 : 65-79.

共引文献48

同被引文献32

引证文献2

二级引证文献1

计算机应用与软件
2021年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部