| 流量混淆技术及相应识别、追踪技术研究综述 |
| |
| 引用本文: | 姚忠将,葛敬国,张潇丹,郑宏波,邹壮,孙焜焜,许子豪.流量混淆技术及相应识别、追踪技术研究综述[J].软件学报,2018,29(10):3205-3222. |
| |
| 作者姓名: | 姚忠将 葛敬国 张潇丹 郑宏波 邹壮 孙焜焜 许子豪 |
| |
| 作者单位: | 中国科学院 信息工程研究所, 北京 100093;中国科学院大学 网络空间安全学院, 北京 100049,中国科学院 信息工程研究所, 北京 100093,中国科学院 信息工程研究所, 北京 100093,中国科学院 信息工程研究所, 北京 100093,中国科学院 信息工程研究所, 北京 100093;中国科学院大学 网络空间安全学院, 北京 100049,中国科学院 信息工程研究所, 北京 100093;中国科学院大学 网络空间安全学院, 北京 100049,中国科学院 信息工程研究所, 北京 100093;中国科学院大学 网络空间安全学院, 北京 100049 |
| |
| 基金项目: | 国家重点研发计划(2017YFB0801801);国家科技重大专项(2017ZX03001019-003) |
| |
| 摘 要: | 流量混淆技术是目前审查规避系统常用技术之一.为了提升网络流量识别精度和监管能力,针对混淆流量的识别和追踪技术也备受关注.通过深入分析随机化、拟态和隧道这3类主流的流量混淆技术,对比了其技术框架、隐蔽性、易用性和应用场景;分析了深度包检测、机器学习等两类识别技术,对比了其识别精度;分析对比了被动关联、主动关联两类流量追踪技术.最后给出了流量混淆、识别和追踪技术的发展趋势.
|
| 关 键 词: | 流量混淆 VPN Tor 流量识别 流量追踪 |
| 收稿时间: | 2018/1/23 0:00:00 |
| 修稿时间: | 2018/4/16 0:00:00 |
Research Review on Traffic Obfuscation and Its Corresponding Identification and Tracking Technologies |
| |
| YAO Zhong-Jiang,GE Jing-Guo,ZHANG Xiao-Dan,ZHENG Hong-Bo,ZOU Zhuang,SUN Kun-Kun and XU Zi-Hao.Research Review on Traffic Obfuscation and Its Corresponding Identification and Tracking Technologies[J].Journal of Software,2018,29(10):3205-3222. |
| |
| Authors: | YAO Zhong-Jiang GE Jing-Guo ZHANG Xiao-Dan ZHENG Hong-Bo ZOU Zhuang SUN Kun-Kun and XU Zi-Hao |
| |
| Affiliation: | Institute of Information Engineering, The Chinese Academy of Science, Beijing 100093, China;School of Cyber Security, University of Chinese Academy of Science, Beijing 100049, China,Institute of Information Engineering, The Chinese Academy of Science, Beijing 100093, China,Institute of Information Engineering, The Chinese Academy of Science, Beijing 100093, China,Institute of Information Engineering, The Chinese Academy of Science, Beijing 100093, China,Institute of Information Engineering, The Chinese Academy of Science, Beijing 100093, China;School of Cyber Security, University of Chinese Academy of Science, Beijing 100049, China,Institute of Information Engineering, The Chinese Academy of Science, Beijing 100093, China;School of Cyber Security, University of Chinese Academy of Science, Beijing 100049, China and Institute of Information Engineering, The Chinese Academy of Science, Beijing 100093, China;School of Cyber Security, University of Chinese Academy of Science, Beijing 100049, China |
| |
| Abstract: | Traffic obfuscation technology is one of the most commonly used techniques in censorship-circumvention systems. In order to improve the recognition accuracy and supervisory ability of network traffic, much attention has been paid to the recognition and tracking of obfuscated traffic. Through in-depth analysis of three main traffic confusion technologies, such as randomization, mimicry and tunneling, this paper compares the technical framework, concealment, ease of use and application scenarios of the traffic confusion technologies. In addition, the paper reviews two types of recognition technology:deep packet inspection and machine learning, and compares their recognition accuracy. Furthermore, it analyzes and compares two types of traffic tracing technology:passive and proactive correlation. Finally, it discusses the identification and trace technology development trends of obfuscation traffic. |
| |
| Keywords: | traffic confusion VPN Tor traffic identification traffic tracing |
|
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
|
