Monte Carlo 网络流量伪装

doi:10.3969/j.issn.0255-8297.2013.04.005

应用科学学报 ›› 2013, Vol. 31 ›› Issue (4): 361-367.doi: 10.3969/j.issn.0255-8297.2013.04.005

Monte Carlo 网络流量伪装

王禹，王振兴，苗甫，刘慧生，张连成

数学工程与先进计算国家重点实验室，郑州450002

收稿日期:2011-09-13 修回日期:2011-12-26 出版日期:2013-07-27 发布日期:2011-12-26
作者简介:王禹，博士生，研究方向：网络流量伪装、网络主动防御等，E-mail: stonchor@gmail.com；王振兴，教授，博导，研究方向：流量分析、网络与信息安全，E-mail: wzx05@sina.com
基金资助:
国家“973”重点基础研究发展计划基金(No. 2007CB307102)；国家“863”高技术研究发展计划基金(No. 2007AA01Z2A1)资助

Monte Carlo-Based Network Traffic Camouflage

WANG Yu, WANG Zhen-xing, MIAO Fu, LIU Hui-sheng, ZHANG Lian-cheng

Stake Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450002, China

Received:2011-09-13 Revised:2011-12-26 Online:2013-07-27 Published:2011-12-26

摘要/Abstract

摘要： 针对流量伪装成本高、伪装相似度低等问题，提出一种基于蒙特卡罗的流量伪装方法. 通过对所处网络环境的常规流量进行统计分析，获取多重动态特征并建立概率分布过程，利用随机数对已知概率分布抽样，产生动态特征序列并构造伪装流量. 理论分析表明，该方法无需部署额外的重路由节点且伪装过程不产生分散数据，可在保证伪装生成效率的前提下降低伪装成本，提高网络性能. 实验表明，该方法可降低流量检测的准确度及可信度，与现有包填充方法相比，伪装相似度也有较大改善.

关键词: 网络安全, 流量伪装, 蒙特卡罗, 伪装能力

Abstract: Heavy camouflage cost and low camouflage similarity are major problems in the traffic camouflage research. Network traffic camouflage based on the Monte Carlo method is proposed to deal with the problems. To acquire multiple dynamic characteristics and establish the probability distribution, the normal traffic is analyzed. The given probability distribution is then sampled with the generated random numbers to determine the dynamic characteristic sequences and construct the camouflage traffic flow. Theoretical analysis indicates that no extra rerouting nodes are deployed and no dispersion traffic generated. The network cost is reduced, the transport performance improved, and the efficiency guaranteed. Experiments show that the method can degrade the detection accuracy and reliability. Compared to the packet padding method, camouflage similarity is well improves.

Key words: network security, traffic camouflage, Monte Carlo, camouflage capability

中图分类号:

TP393

王禹，王振兴，苗甫，刘慧生，张连成. Monte Carlo 网络流量伪装[J]. 应用科学学报, 2013, 31(4): 361-367.

WANG Yu, WANG Zhen-xing, MIAO Fu, LIU Hui-sheng, ZHANG Lian-cheng. Monte Carlo-Based Network Traffic Camouflage[J]. Journal of Applied Sciences, 2013, 31(4): 361-367.

参考文献

[1] 张连成，王振兴，苗甫. 网络流量伪装技术研究 [J]. 计算机应用研究，2011, 28(7): 2418-2423.

ZHANG Liancheng, WANG Zhenxing, MIAO Fu. Survey on network traffic camouflaging [J]. Application Research of Computers, 2011, 28(7): 2418-2423. (in Chinese)

[2] GUAN Y. A study on countermeasures against traffic analysis attacks [D]. （Texas A&M University，德州农工大学） Texas A&M University, 2002.

[3] WANG X Y, CHEN S, JAJODIA S. Network flow watermarking attack on low-latency anonymous communication systems [C]//IEEE Symposium on Security and Privacy, Oakland, USA, 2007: 116-130.

[4] ZLATOKRILOV H, LEVY H. Session privacy enhancement by traffic dispersion[C]//IEEE International Conference on Computer Communications 2006, Barcelona, Catalunya, Spain, 2006:1-12.

[5] BOHACEK S, HESPANHA J P, OBRACZKA K, LEE J, LIM C. Enhancing security via stochastic routing [C]//11th International conference on computer communication and networks, Newark, DE, USA, 2002: 58-62.

[6] FU X W, GRAHAM B, BETTATI R, ZHAO W. On effectiveness of link padding for statistical traffic analysis attacks [C]// International Conference on Distributed Computing SystemS. 2003, Providence, USA, 2003: 45-52.

[7] GUAN Y, FU X W, XUAN D, BETTATI R, ZHAO W. Netcamo: camouflaging network traffic for qos-guaranteed mission critical applications [J]. IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans, 2001, 31(4): 253-265.

[8] LE MALECOT E. Mitibox: camouflage and deception for network scan mitigation [C]//The 4th USENIX Conference on Hot Topics in Security, Montreal, Canada, 2009: 4-9.

[9] LIU D X, CHI C H, LI M. Normalizing traffic pattern with anonymity for mission critical applications [C]//The 37th Annual Simulation Symposium, Arlington, VA, USA, 2004: 293-299.

[10] 胡文心. 网络流量规范化的流量伪装模型的研究 [D]. 上海：华东师范大学，2006.

HU Wenxin. The model and implementation of normalizing network traffic pattern with anonymity for mission critical applications [D]. East China Normal University, 2006. (in Chinese)

[11] DANEZIS G, CLAYTON R. Introducing traffic analysis: attacks, defences and public policy issues [M]. Digital Privacy: Theory, Technologies, and Practices. Auerbach Publications, 2007:95-117.

[12] BISSIAS G D, LIBERATORE M, JENSEN D, LEVINE B N. Privacy vulnerabilities in encrypted http streams [C]//PET 2005, Dubrovnik, Croatia, 2005: 1-11.

[13] CALLADO A, KAMIENSKI C, SZABÓ G, GERO B P, KELNER J, FERNANDES S, SADOK D. A survey on internet traffic identification [J]. IEEE Communications Surveys & Tutorials, 2009, 11(3): 37-52.

[14] ZHU Y, FU X W, GRAMHAM B, BETTATI R ZHAO W. Correlation-based traffic analysis attacks on anonymity networks [J]. IEEE Transactions on Parallel and Distributed Systems, 2010, 21(7): 54-967.

[15] 徐鹏，林森. 基于C4.5 决策树的流量分类方法[J]. 软件学报，2009, 20(10): 2692-2704.

XU Peng，LIN Sen. Internet traffic classification using C4.5 decision tree [J]. Journal of Software, 2009, 20(10): 2692-2704. (in Chinese)

[16] NEWMAN-WOLFE R. E, VENKATRAMAN B R. Performance analysis of a method for high level prevention of traffic analysis [C]//The 8th Annual Computer Security Applications Conference, San Antonio, USA, 1992: 123-130.

[17] 邵政斌. 流量伪装技术及其成本分析 [D]. 长沙：湖南大学, 2007.

SHAO Zhengbin. Traffic camouflaging technology and its cost analysis [D].Changsha: Hunan University. 2007. (in Chinese)

Monte Carlo 网络流量伪装

Monte Carlo-Based Network Traffic Camouflage

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 6

编辑推荐

Metrics

本文评价

[1]	孙中军, 翟江涛, 戴跃伟. 一种基于DPI和负载随机性的加密流量识别方法[J]. 应用科学学报, 2019, 37(5): 711-720.
[2]	陈志敏，薄煜明，吴盘龙，刘正凡. 拟蒙特卡罗粒子滤波改进算法及其在雷达目标跟踪中的应用[J]. 应用科学学报, 2012, 30(6): 607-612.
[3]	钟尚勤1;2，刘福强3，徐国胜1;2，杨榆1;2, 姚文斌1;2. 利用迭代矩阵寻找网络中的关键主机[J]. 应用科学学报, 2012, 30(4): 374-378.
[4]	陈凤腾;左洪福;倪现存. 基于广义更新过程的航空备件需求和应用[J]. 应用科学学报, 2007, 25(5): 526-526 .
[5]	王琦龙, 雷威, 张晓兵, 狄云松, 周雪东, 刘敏. 新型CNT-FED栅极结构表面二次电子发射研究[J]. 应用科学学报, 2005, 23(3): 265-268.
[6]	邵其鋆, 霍裕昆, 陈建新, 高兴华. 聚变堆第一壁材料溅射的计算机模拟[J]. 应用科学学报, 1993, 11(1): 44-50.