检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:张玲 卫传征 林臻彪 段琳琳[2] Zhang Ling;Wei Chuanzheng;Lin Zhenbiao;Duan Linlin(Beijing Cyber XingAn Technology Co.,Ltd.,Beijing 102200,China;School of Information Engineering,Zhengzhou University,Zhengzhou 450001,China)
机构地区:[1]北京赛博兴安科技有限公司,北京102200 [2]郑州大学信息工程学院,河南郑州450001
出 处:《电子技术应用》2021年第4期54-58,共5页Application of Electronic Technique
摘 要:Tor是一种基于洋葱路由通信协议建立的隐蔽加密通信系统。该系统基于互联网现有路由、数据加密等协议,构建了一套保护通信实体的身份隐匿机制,使得经过Tor网络传播的数据难以被有效追踪和分析。然而近年来这项隐蔽通信技术被罪犯大量使用,已成为网络犯罪和非法交易的温床。为有效应对该问题,提出一项基于机器学习的Tor网络识别检测技术,通过主动生成Tor网络流量,基于机器学习技术实施流特征提取与检测,从而发现参与Tor通信的网络实体及其通信类型,进而检出潜在的恶意暗网用户。实验表明,该方法可有效识别Tor通信实体以及通信行为,如电子邮件和FTP应用等。Tor is an anonymous Internet communication system based on onion routing network protocol.Network traffics generated by normal applications become hard to trace when they are delivered by Tor system.However,an increasing number of cyber criminals are utilizing Tor to remain anonymous while carrying out their crimes or make illegal transactions.As a countermeasure,this paper presents a method able to identify Tor traffics and thereby recognize related Tor hosts.The method proposes several groups of features extracted from network traffic and resort to machine learning algorithm to evaluate feature effectiveness.Experiments in real world dataset demonstrate that the proposed method is able to distinguish Tor flows from normal traffics as well as recognize the kind of activity in Tor generated by different normal applications.
分 类 号:TN918[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.15