随机性检测方法在加密比特流识别中的应用研究

Research on Encrypted Bit Stream Identification by Randomness Test

下载PDF

导出

摘要为识别链路层加密比特流,以未加密与加密数据在随机统计特性上的差异为依据,对4种典型的随机性检测方法在比特流长度不同时的识别率进行了比较研究.针对块内最长游程检测过程中出现的比特流尾部比特位不能构成完整子块的问题,提出了2种可行的处理方案.通过对块内最长游程检测门限值函数的研究,基于参数优化的方法改进了块内最长游程的检测方案,在一定程度上提高了识别率.最后,以某无线网络链路层加密比特流为识别对象,对提出方案的有效性进行了验证. To identify the encrypted bit stream of data link layer,four typical randomness tests are compared based on the differences in statistical characteristics of unencrypted and encrypted bit streams.Two possible treatments are proposed to solve the problem that the tail bits cannot constitute a complete sub-block during the test for the longest run of ones in a block.The detection scheme of the test is improved for the longest run of ones in a block based on the method of parameter optimization and the recognition rate is to a certain extent improved.Finally,the proposed scheme is verified based on the encrypted bit stream of a wireless network.

作者邢萌王韬吴杨李进东

机构地区军械工程学院信息工程系

出处《军械工程学院学报》 2014年第3期53-59,共7页 Journal of Ordnance Engineering College

基金军队科研计划项目

关键词链路层加密比特流随机性检测块内最长游程检测 data link layer encrypted bit stream randomness test test for the longest run of ones in a block

分类号 TP309 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献10

1龙文,马坤,辛阳,杨义先.适用于协议特征提取的关联规则改进算法[J].电子科技大学学报,2010,39(2):302-305. 被引量：11
2WRIGHT V C, MONROSE F, MASSON M G. On infer- ring application protocol behaviors in encrypted network traffic[J]. Journal of Machine Learning Research, 2006, 7(12) :2745-2769.
3SUN G L,XUE Y B,DONG Y F,et al. A novel hybrid method for effectively classifying encrypted traffic:pro- ceedings of communications and systems security, 2010 [C]//Proceedings of Global Telecommunications Con- ference. Miami: IEEE, 2010 : 1-5.
4TABATABAEI S T, ADEL M, KARRAY F, et al. Ma- chine learning-based classification of encrypted internet traffic[C]//Machine Learning and Data Mining in Pat- tern Recognition. Berlin:Springer,2012:578-592.
5ZHANG M,ZHANG H L,ZHANG B. Encrypted traffic classification based on an improved clustering algorithm [C]//Trustworthy Computing and Services. Beijing: Springer, 2012 : 124-131.
6DU Y,ZHANG R H. Design of a method for encrypted P2P traffic identification using K-means algorithm [J]. Telecommunication Systems, 2013,53 ( 1 ) : 163-168.
7赵博,郭虹,刘勤让,邬江兴.基于加权累积和检验的加密流量盲识别算法[J].软件学报,2013,24(6):1334-1345. 被引量：41
8MENEZES AJ, VAN OORSCHOT PC, VANSTONE SA.应用密码学手册[M]．胡磊，王鹏，译．北京：电子工业出版社，2005．
9NIST FIPS PUB 140-2-2001, Security requirements for cryptographic modules[S].
10NIST SP800-22, A statistical test suite for random and pseudorandom number generators for cryptographic ap- plications revisionla[S].

二级参考文献27

1SEN S, SPATSCHECK O, WANG D. Accurate, scalable in-network identification of P2P traffic using application signatures[C]//WWW 2004: Proceedings of Thirteenth International World Wide Web Conference. New York: ACM Press, 2004: 512-521.
2HAMZA D, SANDRINE V, DAVID R. A markovian signature-based approach to IP traffic classification[C]// MineNet'07: Proceedings of the Third Annual ACM Workshop on Mining Network Data. San Diego: ACM Press, 2007: 29-34.
3HAFFNER P, SEN S, SPATSCHECK O, et al. ACAS: Automated construction of application signatures[C]// Proceedings of ACM SIGCOMM 2005 Workshops: Conference on Computer Communications. Philadelphia: ACM Press, 2005: 197-202.
4HAN Hong, LU Xian-liang. Data mining aided signature discovery in network-based intrusion detection system[J]. ACM SIGOPS Operating Systems Review, 2002, 36(4): 7-13.
5AGRAWAL R, IMIELINSKI T, WAMI A S. Mining association rules between sets of items in large databases[C]//Proceedings of the 1993 ACM SIGMOD International Conference on Management of Data. Washington: ACM Press, 1993:207-216.
6MOORE A, ZUEV W. Intemet traffic classification using Bayesian analysis techniques[C]//SIGMETRICS 2005: Proceedings of International Conference on Measurement and Modeling of Computer Systems. Banff, AB, Canada: ACM Press. 2005: 50-60.
7FANG W, PETERSON L. Inter-AS traffic patterns and their implications[C]//Conference Record of 1999 IEEE Global Telecommunications Conference. Rio de Janeiro: IEEE Press, 1999:1859-1868.
8PITKOW J. Summary of WWW characterizations[J]. World Wide Web, 1999, 2: 3-13.
9ZANDER S, NGUYENL T, ARMITAGEL G. Self-learning IP traffic classification based on statistical flow characteristics[C]//PAM 2005: Proceedings of 6th International Workshop on Passive and Active Network Measurement. Boston: Springer Verlag. 2005: 325-328.
10KRISHNANURTHY B, WANG J. Automated traffic classification for application specific peering[C]//IMW 2002: Proceeds ofACM SIGCOMM Intemet Measurement Workshop. Marseille: ACM Press, 2002:179-180.

共引文献82

1栗刚,孙中军,翟江涛,戴跃伟.一种基于条件变分自编码器的加密流量识别方法[J].计算机应用研究,2020,37(S01):301-303. 被引量：1
2李伟,方江涛,郝林.同余方程加密方案的研究[J].计算机应用,2006,26(9):2114-2115.
3曹建国,王丹,王威.基于RSA公钥密码安全性的研究[J].计算机技术与发展,2007,17(1):172-173. 被引量：22
4于学荣,戴紫彬,杨晓辉,马志远.基于EPIC技术的密码处理器体系结构研究与设计[J].电子技术应用,2007,33(2):135-138.
5李波,刘平,王张宜.SHA-256输出序列的随机性研究[J].计算机工程与应用,2007,43(9):142-144. 被引量：3
6张鹏,陈开颜,赵强.针对RSA快速实现算法的计时攻击[J].计算机工程,2007,33(12):191-192.
7杨军,周贤伟.基于完全式公钥的叛徒追踪方案的密码分析[J].计算机科学,2007,34(9):80-82.
8罗启彬.基于混沌序列的遥测PCM数据加密算法[J].无线电工程,2007,37(11):37-39. 被引量：5
9吴启武,周贤伟,尹志忠.基于GMPLS的智能光网络安全问题研究[J].光通信技术,2008,32(6):10-13. 被引量：6
10杨慧雅,张专成,冯立杰,雷贲.“签名的签名”之实现技术研究[J].计算机工程,2008,34(12):114-116.

1邢萌,王韬,吴杨,李进东.一种提高链路层加密比特流识别率的新方法[J].计算机应用研究,2015,32(11):3443-3447. 被引量：1
2陈孟东,刘鹏,徐亚君.一种基于硬件实现的游程检测算法[J].电子技术应用,2010,36(4):145-146. 被引量：1
3邢萌,吴杨,王韬,李进东.基于游程检测与快速傅里叶变换的加密比特流识别[J].计算机科学,2015,42(1):164-169. 被引量：1
4汪仪林.在恒虚警条件下滤波及非理想门限对游程检测性能的影响[J].探测与控制学报,2007,29(6):6-10. 被引量：1
5张发强,陈榕.基于构件技术的数字水印技术的实现[J].计算机安全,2010(1):60-62.
6吴杨,王韬,邢萌,李进东.基于小波分解的链路层加密数据识别方法[J].华中科技大学学报（自然科学版）,2015,43(8):52-57. 被引量：1
7王蓉.基于0-1游程频数检测的链路层加密数据识别[J].科技通报,2014,30(10):145-147. 被引量：1
8郑秀林,张美玲.两种随机性检测方法的比较[J].北京电子科技学院学报,2009,17(4):10-15. 被引量：1
9范丽敏,冯登国,陈华.基于熵的随机性检测相关性研究[J].软件学报,2009,20(7):1967-1976. 被引量：15
10吴杨,王韬,邢萌,李进东.基于密文随机性度量值分布特征的分组密码算法识别方案[J].通信学报,2015,36(4):146-155. 被引量：19

军械工程学院学报

2014年第3期

浏览历史

内容加载中请稍等...

随机性检测方法在加密比特流识别中的应用研究

参考文献10

二级参考文献27

共引文献82

相关作者

相关机构

相关主题

浏览历史