检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:姚忠将 葛敬国[1] 张潇丹 郑宏波[1] 邹壮 孙焜焜 许子豪 YAO Zhong-Jiang;GE Jing-Guol;ZHANG Xiao-Dan;ZHENG Hong-Bo;ZOU Zhuang;SUN Kun-Kun;XU Zi-Hao(Institute of Information Engineering,The Chinese Academy of Science,Beijing 100093,China;School of Cyber Security,University of Chinese Academy of Science,Beijing 100049,China)
机构地区:[1]中国科学院信息工程研究所,北京100093 [2]中国科学院大学网络空间安全学院,北京100049
出 处:《软件学报》2018年第10期3205-3222,共18页Journal of Software
基 金:国家重点研发计划(2017YFB0801801);国家科技重大专项(2017ZX03001019-003)~~
摘 要:流量混淆技术是目前审查规避系统常用技术之一.为了提升网络流量识别精度和监管能力,针对混淆流量的识别和追踪技术也备受关注.通过深入分析随机化、拟态和隧道这3类主流的流量混淆技术,对比了其技术框架、隐蔽性、易用性和应用场景;分析了深度包检测、机器学习等两类识别技术,对比了其识别精度;分析对比了被动关联、主动关联两类流量追踪技术.最后给出了流量混淆、识别和追踪技术的发展趋势.Traffic obfuscation technology is one of the most commonly used techniques in censorship-circumvention systems. In order to improve the recognition accuracy and supervisory ability of network traffic, much attention has been paid to the recognition and tracking of obfuscated traffic. Through in-depth analysis of three main traffic confusion technologies, such as randomization, mimicry and tunneling, this paper compares the technical framework, concealment, ease of use and application scenarios of the traffic confusion technologies. In addition, the paper reviews two types of recognition technology: deep packet inspection and machine learning, and compares their recognition accuracy. Furthermore, it analyzes and compares two types of traffic tracing technology: passive and proaetive correlation. Finally, it discusses the identification and trace technology development trends of obfuscation traffic.
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.3