网络隐蔽信道关键技术研究综述  被引量：25

作　　者：李彦峰[1,2] 丁丽萍 吴敬征[4,5] 崔强 刘雪花[1,2] 关贝[4,7] 王永吉[4,7] LI Yan-Feng;DING Li-Ping;WU Jing-Zheng;CUI Qiang;LIU Xue-Hua;GUAN Bei;WANG Yong-Ji(Laboratory of Parallel Software and Computational Science, Institute of Software, Chinese Academy of Sciences, Beijing 100190, China;University of Chinese Academy of Sciences,Beijing 100049,China;Digital Forensics Laboratory, Institute of Software Application Technology, Guangzhou & Chinese Academy of Sciences (GZIS), Guangzhou 511458, China;State Key Laboratory of Computer Science (Institute of Software),Chinese Academy of Sciences,Beijing 100190,China;Intelligent Software Research Center,Institute of Software,Chinese Academy of Sciences, Beijing 100190,China;Laboratory for Internet Software Technologies, Institute of Software, Chinese Academy of Sciences, Beijing 100190, China;Collaborative Innovation Center, Institute of Software,Chinese Academy of Sciences,Beijing 100190,China)

机构地区：[1]中国科学院软件研究所并行软件与计算科学实验室,北京100190 [2]中国科学院大学,北京100049 [3]广州中国科学院软件应用技术研究所电子数据取证实验室,广东广州511458 [4]计算机科学国家重点实验室(中国科学院软件研究所),北京100190 [5]中国科学院软件研究所智能软件研究中心,北京100190 [6]中国科学院软件研究所互联网软件技术实验室,北京100190 [7]中国科学院软件研究所协同创新中心,北京100190

出　　处：《软件学报》2019年第8期2470-2490,共21页Journal of Software

基　　金：国家重点研发计划(2016QY01W0200);国家自然科学基金(61772507);广东省省级科技计划(2017B050506002);羊城创新创业领军人才支持计划(2016008);广州市科技计划(201802020015)~~

摘　　要：网络隐蔽信道是在网络环境下违反通信限制规则进行隐蔽信息传输的信息通道,为网络信息安全带来了新的挑战,也为数据传输的安全性和隐私性带来了新的研究方向.首先介绍了网络隐蔽信道的定义、分类、能力维度等基本概念;进而从码元设计、信息编码和信道优化这3个方面归纳分析了存储型和时间型两类网络隐蔽信道的构建技术,从隐蔽性、鲁棒性和传输效率这3个方面总结了网络隐蔽信道评估方法,从消除、限制、检测这3个方面梳理了网络隐蔽信道的对抗技术;最后,对未来的研究方向进行了展望.Network covert channel is the information channel that carries on covert information transmission in violation of the communication restriction rules under the network environment. It brings new challenges to the network information security and provides new research point for ensuring the security and privacy of data transmission. Firstly, the basic concepts of network covert channel are introduced, such as definition, classification, capability dimension. Then, network covert storage channel and network covert timing channel construction technologies are sorted out from three aspects of symbol design, information coding and channel optimization. Then the evaluation methods of network covert channel are summarized from three aspects of covertness, robustness, and transmission efficiency. Furthermore, the countermeasure technology of network covert channel is sorted from three aspects of elimination, restriction, and detection. Finally, some future research directions are prospected.

关 键 词：网络隐蔽信道 信息隐藏 网络隐蔽信道构建 网络隐蔽信道对抗 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]