期刊文献+

基于行为指纹的网络设备识别方法 被引量:2

A behavior fingerprint-based identification method for network devices
下载PDF
导出
摘要 根据其静态特征进行网络设备识别忽视了固件版本对设备安全性的影响,为此本文提出一种采用行为指纹的设备识别方法。首先通过高精度授时方案采集网络设备转发数据包时的处理时延,然后借助遗传算法提取时延分布特征,进而生成设备的标准行为指纹,据此进行设备识别。实验结果表明,相比于静态指纹,行为指纹可反映设备的动态特征,能检测出设备固件版本的变化,提高了设备指纹的安全性。 Methods for identifying network devices based on their static characteristics ignore the influence of firmware version on device security. Therefore, this paper proposes to recognize network devices by means of behavior fingerprint. Firstly, a high-precision time stamping scheme is used to collect the processing delay of packets forwarded by network devices, and genetic algorithm is used to extract the distribution characteristics of delay data. Then the standard behavior fingerprints of devices are generated for device identification. Experimental results show that, compared with static fingerprints, behavior fingerprints can reflect the dynamic characteristics of network devices and detect the variation of firmware version, which improves the security of device fingerprints.
作者 刘芹 史桢港 崔竞松 Liu Qin;Shi Zhengang;Cui Jingsong(Key Laboratory of Aerospace Information Security and Trusted Computing of Ministry of Education,Wuhan University,Wuhan 430079,China;School of Cyber Science and Engineering,Wuhan University,Wuhan 430079,China)
出处 《武汉科技大学学报》 CAS 北大核心 2023年第1期64-74,共11页 Journal of Wuhan University of Science and Technology
基金 “十三五”国家重点研发计划项目(2016YFB0501801).
关键词 网络设备识别 行为指纹 处理时延 特征提取 固件版本 network device identification behavior fingerprint processing delay feature extraction firmware version
  • 相关文献

参考文献3

二级参考文献5

共引文献8

同被引文献15

引证文献2

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部