收稿日期: 2011-02-15
修回日期: 2011-10-13
网络出版日期: 2012-09-25
基金资助
国家“973”重点基础研究发展计划基金(No.2007CB307102);国家“863”高技术研究发展计划基金(No.2007AA01Z2A1)资助
A Novel Invisible and Private Flow Watermarking Scheme
Received date: 2011-02-15
Revised date: 2011-10-13
Online published: 2012-09-25
已有的流水印技术向数据流中引入的时延较大,导致攻击者很容易检测和移除其中嵌入的水印信息,甚至将水印消息复制到其他未标记数据流中误导追踪. 针对该问题,引入扩频编码,提出一种新的隐形流水印技术. 对于不同的数据流和不同的水印位使用不同的伪噪声码进行扩展,通过轻微调制随机选择的包间隔到达时延来嵌入水印信息. 理论分析和实验结果表明:该方法对于时序扰乱具有鲁棒性,可有效进行多流追踪,且对基于Kolmogrov-Smirnov 测试的时序分析攻击不可见.
关键词: 私有流水印; 包间隔时延; 扩频; Kolmogrov-Smirnov 测试
张连成, 王振兴, 徐静 . 一种新的隐形流水印技术[J]. 应用科学学报, 2012 , 30(5) : 524 -530 . DOI: 10.3969/j.issn.0255-8297.2012.05.014
Existing active flow watermarking techniques introduce significant delays to target flows, enabling attackers to detect and remove the inserted watermark from the flow, and even duplicate them to unmarked flows. We propose a novel invisible and private flow watermarking scheme that embeds watermarks in randomly chosen inter-packet delay positions. Different pseudo-noise codes are used across multiple network flows
by slightly manipulating the arrival times of the packets. Theoretical analysis and experimental results demonstrate that the proposed scheme is robust against timing perturbation, effective in detecting multiple network flows, and invisible to timing analysis attack based on the Kolmogrov-Smirnov test.
[1] Zhang Yin, Paxson V. Detecting stepping stones[C]//Proceedings of the 9th USENIX Security Symposium,Denver, Colorado, 2000: 171-184.
[2] Donoho D L, Flesia A G, Shankar U, Paxson V, Coit J, Stanford S. Multiscale steppingstone detection: detecting pairs of jittered interactive
streams by exploiting maximum tolerable delay[C]//Proceedings of the 5th International Symposium on Recent Advances in Intrusion Detection,
Zurich, Switzerland, 2002: 17-35.
[3] Blum A, Song D, Venkataraman S. Detection of interactive stepping stones: algorithms and confidence bounds [C]//Proceedings of the 7th International Symposium on Recent Advances in Intrusion Detection, Sophia Antipolis, France, 2004: 258-277.
[4] Wang Xinyuan, Reeves D S, Wu S F. Inter-packet delay based correlation for tracing encrypted connections through stepping stones [C]//Proceedings of the 7th European Symposium on Research in Computer Security, Zurich, Switzerland, 2002: 244-263.
[5] Peng Pai, Ning Peng, Reeves D S, Wang Xinyuan. Active timing-based correlation of perturbed traffic flows with chaff packets
[C]//Proceedings of the 25th IEEE International Conference on Distributed Computing Systems Workshops, Columbus, OH, USA, 2005: 107-113.
[6] He Ting, Tong Lang. Detecting encrypted steppingstone connections [J]. IEEE Transactions on Signal Processing, 2007, 55(4): 1612-1623.
[7] Chaum D. Untraceable electronic mail, return addresses, and digital pseudonyms [J]. Communication of the ACM, 1981, 24(1): 84-88.
[8] Dingledine R, Mathewson N, Syverson P. Tor: the second-generation onion router [C]//Proceedings of the 13th USENIX Security Symposium, San
Diego, CA, USA, 2004: 303-320.
[9] Reiter M K, Rubin A D. Anonymous web transactions with crowds [J]. Communications of the ACM, 1999, 42(2): 32-38.
[10] Freedman M J, Morris R. Tarzan: a peer-to-peer anonymizing network layer [C]//Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington, DC, USA, 2002: 303- 320.
[11] Yoda K, Etoh H. Finding a connection chain for tracing intruders [C]//Proceedings of the 6th European Symposium on Research in Computer Security, Toulouse, France, 2000: 191-205.
[12] Wang Xinyuan, Reeves D S. Robust correlation of encrypted attack traffic through stepping stones by manipulation of interpacket delays [C]//Proceedingsof the 10th ACM Conference on Computer and Communications Security, Washington, DC, USA, 2003:20-29.
[13] Pyun Y J, Park Y H, Wang Xinyuan, Reeves D S, Ning Peng. Tracing traffic through intermediate hosts that repacketize flows [C]//Proceedings
of the 26th IEEE International Conference on Computer Communications, Anchorage, AK, USA, 2007:634-642.
[14] Wang Xinyuan, Chen Shiping, Jajodia S. Network flow watermarking attack on low-latency anonymous communication systems [C]//Proceedings of 2007 IEEE Symposium on Security and Privacy, Oakland, CA, USA, 2007: 116-130.
[15] Yu Wei, Fu Xinwen, Graham S, Xuan Dong, Zhao Wei. DSSS-based flow marking technique for invisible traceback [C]//Proceedings of 2007 IEEE
Symposium on Security and Privacy, Oakland, CA, USA, 2007: 7-21.
[16] Kiyavash N, Houmansadr A, Borisov N. Multiflow attacks against network flow watermarking schemes [C]//Proceedings of 17th USENIX Security,
San Jose, CA, USA, 2008: 307-320.
[17] Jia Weijia, Tso F P, Ling Zhen, Fu Xinwen, Xuan Dong, Yu Wei. Blind detection of spread spectrum flow watermarks [C]//Proceedings of the
28th IEEE International Conference on Computer Communications, Rio de Janeiro, Brazil, 2009: 2195-2203.
[18] Peng Pai, Ning Peng, Reeves D S. On the secrecy of timing-based active watermarking trace-back techniques [C]//Proceedings of the 2006 IEEE Symposium on Security and Privacy, Berkeley, CA, USA, 2006: 334-349.
[19] Houmansadr A, Kiyavash N, Borisov N. RAINBOW: a robust and invisible non-blind watermark for network flows [C]//Proceedings of the 16th Annual Network & Distributed System Security Symposium,San Diego, CA, USA, 2009: 224-236.
/
| 〈 |
|
〉 |
