摘要
在网络空间安全领域,一个协议可以把自己伪装成其他协议达到避免被发现或者逃避监管的目的.借鉴生物拟态的机制,提出网络协议拟态系统的技术框架.该框架由协议拟态客户端和网桥两部分组成,其中协议拟态客户端包括环境感知、拟态决策、拟态实施处理、发送和接收处理5个部分;网桥分为环境感知、数据接收、恢复和发送4个部分.全面研究和评估已有的几个具有拟态特征的协议,包括SkypeMorgh、StegoTorus、CensorSpoofer及Format-TransformingEncryption系统,从认证机制、拟态变换和加密技术及流量控制技术等方面进行对比和分析,提出协议拟态的基本科学问题供进一步研究.
In the field of cyberspace security, a protocol can be disguised as another protocol to a- void being detected. Draw on the theory of biological mimicry, the technical framework of net- work protocol mimicry system is proposed. The framework includes client and bridge. The client contains environment perception, mimicry decision, mimicry implementation process, sending and reception.The bridge contains environment perception, receiving, sending and recovery mod- ules.Then some existing protocol mimicry systems including SkypeMorgh, StegoTorus, Censor- Spoofer and Format-Transforming Encryption are comprehensively analyzed and evaluated from the perspective of authentication, imitation, encryption and flow control etc. Finally, the pro- posed basic scientific problems of protocol mimicry could be used for further research study.
出处
《北京交通大学学报》
CAS
CSCD
北大核心
2016年第5期1-8,共8页
JOURNAL OF BEIJING JIAOTONG UNIVERSITY
基金
国家自然科学基金资助项目(61402035)
关键词
协议拟态
匿名通信
加密认证
流量控制
protocol mimicry
anonymous communication
encryption authenticated
traffic con- trol
