基于多维正交载体的可裂解流指纹方案

雷程; 张红旗; 孙奕; 杜学绘

doi:10.11959/j.issn.1000-436x.2015064

您当前的位置：

首页 >

文章列表页 >

基于多维正交载体的可裂解流指纹方案

学术通信 | 更新时间：2024-06-05

- 基于多维正交载体的可裂解流指纹方案
- Cracking-resistance net-flow fingerprint scheme based on multi-dimensional orthogonal carriers
- 通信学报 2015年36卷第3期页码：104-114
- 作者机构：
  
  1. 解放军信息工程大学三院，河南郑州 450001
  2. 河南省信息安全重点实验室，河南郑州 450001
- 作者简介：
  
  [ "雷程（1989-），男，北京人，解放军信息工程大学硕士生，主要研究方向为网络与信息安全、数据安全交换。" ]
  [ "张红旗（1962-），男，河北遵化人，解放军信息工程大学教授、博士生导师，主要研究方向为网络安全、等级保护。" ]
  [ "孙奕（1979-），女，河南郑州人，解放军信息工程大学博士生，主要研究方向为网络与信息安全、数据安全交换。" ]
  [ "杜学绘（1968-），女，河南新乡人，解放军信息工程大学教授、博士生导师，主要研究方向为网络与信息安全、计算机应用技术。" ]
- 基金信息：
  
  国家重点基础研究发展计划（“973计划）基金资助项目(2011CB311801);国家高技术研究发展计划（“863计划）基金资助项目(2012AA012704);郑州市科技领军人才基金资助项目(131PLKRC644)
- DOI：10.11959/j.issn.1000-436x.2015064
  中图分类号： TP393
- 网络出版日期：2015-03，
  
  纸质出版日期：2015-03-25
- 稿件说明：
移动端阅览
雷程, 张红旗, 孙奕, 等. 基于多维正交载体的可裂解流指纹方案[J]. 通信学报, 2015,36(3):104-114.

Cheng LEI, Hong-qi ZHANG, Yi SUN, et al. Cracking-resistance net-flow fingerprint scheme based on multi-dimensional orthogonal carriers[J]. Journal of communications, 2015, 36(3): 104-114.
雷程, 张红旗, 孙奕, 等. 基于多维正交载体的可裂解流指纹方案[J]. 通信学报, 2015,36(3):104-114. DOI： 10.11959/j.issn.1000-436x.2015064.

Cheng LEI, Hong-qi ZHANG, Yi SUN, et al. Cracking-resistance net-flow fingerprint scheme based on multi-dimensional orthogonal carriers[J]. Journal of communications, 2015, 36(3): 104-114. DOI： 10.11959/j.issn.1000-436x.2015064.

摘要

针对流交换中流源身份不可知、流交换范围不可控和流路径不可追踪问题，提出了基于多维正交载体的可裂解流指纹方案。利用2种相互正交的载体提高指纹信息的容量，并通过时间间隔重心载体特性和基于隐马尔科夫模型的解码技术实现可裂解性，提高方案的健壮性。分析了基于重心属性值随机选取载体的反制多流攻击能力，以及不同条件下指纹重心标记算法和基于隐马尔科夫模型解码技术的正确率。最后通过实验对算法的健壮性和隐蔽性进行了探讨。

Abstract

Aimed at problems of unknown source identity

uncontrollable net-flow exchange and untraceable flow- ex-changing paths

it proposes cracking-resistance net-flow fingerprint scheme based on multi-dimensional orthogonal carri-ers. It uses two mutually orthogonal carriers so as to improve the capacity of fingerprint information. It achieves crack-ing-resistance by interval centroid carrier characteristics and hidden Markov model based decoding technique. Ultimately

it improves the robustness of scheme. What's more

it analyzes the resistance of multi-flow attack ability by using cen-troid attribute value to select embedding carriers randomly. Besides

it analyzes accuracy of fingerprint centroid algorithm and quantization index modulation decoding technique based on HMM under different cases. Finally

its invisibility and robustness is evaluated by experiments.

关键词

Keywords

references

ZHU Z , LU G , CHEN Y , et al . Botnet research survey [A ] . Computer Software and Applications, 32nd Annual IEEE International [C ] . 2008 . 967 - 972 .

ZHANG Y Z , XIAO JUN , YUN X C , et al . DDoS attack detection and control methods [J ] . Journal of Software , 2012 , 23 ( 8 ): 2058 - 2072 .

SCHUBA C L , KRSUL I V , KUHN M G , et al . Analysis of a denial of service attack on TCP [A ] . 1997 IEEE Symposium on Security and Privacy [C ] . 1997 . 208 - 223 .

HOUMANSADR A , BORISOV N . The need for flow fingerprints to link correlated network Flows [A ] . Privacy Enhancing Technologies [C ] . Springer Berlin Heidelberg , 2013 . 205 - 224 .

PYUN Y J , PARK Y H , WANG X , et al . Tracing traffic through inter-mediate hosts that repacketize flows [A ] . 26th IEEE International Con-ference on Computer Communications [C ] . 2007 . 634 - 642 .

PYUN Y J , PARK Y , REEVES D S , et al . Interval-based flow water-marking for tracing interactive traffic [J ] . Computer Networks , 2012 , 56 ( 5 ): 1646 - 1665 .

WANG X , CHEN S , JAJODIA S . Network flow watermarking attack on low-latency anonymous communication systems [A ] IEEE Symposium on Security and Privacy [C ] 2007 . 116 - 130 .

KIYAVASH N , HOUMANSADR A , BORISOV N . Multiflow attacks against network flow watermarking schemes [A ] . Proceedings of 17th USENIX Security [C ] . San Jose , 2008 . 307 - 320 .

YU W , FU X , GRAHAM S , et al . DSSS-based flow marking tech-nique for invisible traceback [A ] . IEEE Symposium on Security and Privacy [C ] . 2007 . 18 - 32 .

JIA W , TSO F P , LING Z , et al . Blind detection of spread spectrum flow watermarks [J ] . Security and Communication Networks , 2013 , 6 ( 3 ): 257 - 274 .

HUANG J , PAN X , Fu X , et al . Long PN code based DSSS water-marking [A ] . 2011 INFOCOM, Proceedings IEEE [C ] . 2011 . 2426 - 2434 .

HOUMANSADR A , KIYAVASH N , BORISOV N . Multiflow attack resistant watermarks for network flows [A ] . Proceedings of IEEE International Conference on Acoustic, Speech, and Processing [C ] . 2009 . 1497 - 1500 .

王振兴，张连成，郭毅等．基于水印信息重排序的多流攻击反制方法 [J ] ．应用科学学报， 2013 , 31 ( 3 ): 278 - 284 .

WANG Z X , ZHANG L C , GUO Y , et al . Multi-flow attack resistance based on reordering of watermark bits [J ] . Journal of Applied Sciences , 2013 , 31 ( 3 ): 278 - 284 .

HOUMANSADR A , KIYAVASH N , BORISOV N . Rainbow: a robust and invisible non-blind watermark for network flows [A ] . Inndss [C ] . 2009 .

WANG X , REEVES D S . Robust correlation of encrypted attack traffic through stepping stones by manipulation of interpacket delays [A ] . Proceedings of the 10th ACM conference on Computer and Communications Security [C ] .ACM, 2003 . 20 - 29 .

CHEN B , WORNELL G W . Quantization index modulation: a class of provably good methods for digital watermarking and information em-bedding [J ] . IEEE Transactions on Information Theory , 2001 , 47 ( 4 ): 1423 - 1443 .

RABINER L R . A tutorial on hidden Markov models and selected applications in speech recognition [J ] . Proceedings of the IEEE , 1989 , 77 ( 2 ): 257 - 286 .

EDDY S R . Hidden markov models [J ] . Current opinion in structural biology , 1996 , 6 ( 3 ): 361 - 365 .

MINTZER F , BRAUDAWAY G W . If one watermark is good, are more better [A ] . IEEE International Conference on Acoustics, Speech, and Signal Processing [C ] . 1999 . 2067 - 2069 .

KIYAVASH N , HOUMANSADR A , BORISOV N . Multi-Flow attacks against network flow watermarks: analysis and countermeasures [J ] . arXiv preprint arXiv:1203.1390 , 2012 .

MATTHEW C , DAVEY , DAVID et al . Reliable communication over channels with insertions, deletions, and substitutions [J ] . IEEE Transactions on Information Theory , 2001 , 47 : 687 - 698 .

BAVIER A C , BOWMAN M , CHUN B N , et al . Operating systems support for planetary-scale network services [A ] . NSDI [C ] . 2004 . 19 - 19 .

ELTOFT T , KIM T , LEE T W , et al . On the multivariate Laplace distribution [J ] . Signal Processing Letters ,IEEE, 2006 , 13 ( 5 ): 300 - 303 .

HAZEWINKEL M . Normal distribution [J ] . Encyclopedia of Mathematics , 2001 , 13 ( 6 ): 337 - 342 .

GRIMALDI R P . Discrete and Combinatorial Mathematics: An Applied Introduction 5th ed [M ] . Massachusetts: Addison Wesley , 2003 .

DONOHO D L , FLESIA A G , SHANKAR U , et al . Multiscale step-ping-stone detection: detecting pairs of jittered interactive streams by exploiting maximum tolerable delay [A ] . Recent Advances in Intrusion Detection [C ] . Springer Berlin Heidelberg , 2002 . 17 - 35 .

MASSEY JR F J . The Kolmogorov-Smirnov test for goodness of fit [J ] . Journal of the American statistical Association , 1951 , 46 ( 253 ): 68 - 78 .

浏览量

313

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

暂无数据