基于自适应流特征的半脆弱流指纹编码方案

针对流交换中网络抖动和流变换导致的流指纹不可用、不可信问题,提出了基于自适应流特征的半脆弱流指纹编码方案(ACSF)。首先,采用流特征参数作为生成哈希消息验证码(HMAC)密钥、确定HMAC置乱方式以及选择伪噪声(PN)码初始相位的依据,将密钥空间提高到O((k+1)·(S·O(K_EN))),增加了敌手穷举的计算复杂度;同时,增加流指纹自适应性,将解码计算复杂度降低到O(k²·l·n_f),提高了解码效率。其次,采用直接序列扩频(DSSS)技术,在多流互扰强度达到66.7%时,解码正确率可以达到90%以上,实现了过滤非恶意处理;而且,采用HMAC技术,使得篡改定位准确率为98.3%以上,使指纹具有半脆弱性。最后,对ACSF的安全性、篡改定位能力和抗干扰能力进行了理论分析和实验验证。

Semi-fragile net-flow fingerprint coding scheme based on adaptive net-flow characteristic

Aiming at unavailability and unreliability of net-flow fingerprint caused by net-flow transformation and network jitter, a semi-fragile net-flow fingerprint coding scheme based on adaptive net-flow characteristic (ACSF) was proposed. Firstly, ACSF generated Hash Message Authentication Code (HMAC) encryption key, determined HMAC scrambling method and chose the initial phase of the Pseudo-Noise (PN) code in accordance with net-flow characteristic parameters.The space of secret key was enlarged to O((k+1)·(S·O(K_EN))), so as to increase computational complexity of compromising. Besides, net-flow fingerprint was made to have the capability of self-adaption. It decreased the computational complexity of decoder to O(k²·l·n_f), which enhanced the efficiency of decoding. Secondly, in order to be semi-fragile net-flow fingerprint, Direct Sequence Spread Spectrum (DSSS) was used to filter non-malicious disposing. It can reach more than 90% correctness under the condition of 66.7% multi-flow disturbance rate. Besides, HMAC was used to locate malicious tamper, which could correctly locate malicious tamper at least 98.3%. Finally, the security, accuracy of tamper localization and resisting disturbance capability of ACSF were analyzed and verified by experiments.