计算机科学

计算机科学 ›› 2015, Vol. 42 ›› Issue (1): 164-169.doi: 10.11896/j.issn.1002-137X.2015.01.038

• 信息安全 • 上一篇    下一篇

基于游程检测与快速傅里叶变换的加密比特流识别

邢萌,吴杨,王韬,李进东   

  1. 军械工程学院信息工程系 石家庄050003,军械工程学院信息工程系 石家庄050003,军械工程学院信息工程系 石家庄050003,军械工程学院信息工程系 石家庄050003
  • 出版日期:2018-11-14 发布日期:2018-11-14
  • 基金资助:
    本文受军内科研资助

Identification of Encrypted Bit Stream Based on Runs Test and Fast Fourier Transform

XING Meng, WU Yang, WANG Tao and LI Jin-dong   

  • Online:2018-11-14 Published:2018-11-14

PDF (PC)

513

摘要: 为获得链路层中的加密与未加密比特流样本,首先提出了基于游程检测方法的链路层加密比特流识别方案,解决了未知网络环境下的加密与未加密比特流样本获取问题。同时,采用快速傅里叶变换分别对加密与未加密比特流样本进行处理,根据最大差异原则确定了快速傅里叶变换结果的特征点位置,并基于正态分布原理确定了特征点的取值,建立了特征模板。最后,以某无线网络链路层加密比特流为识别对象,对提出的方案的有效性进行了验证。结果表明,该方案对链路层加密与未加密比特流的识别率均可达到95%以上。

关键词: 加密比特流,游程检测,快速傅里叶变换

Abstract: To obtain samples of encrypted data and plaintext in data link layer,an encrypted data identification scheme was provided based on the run test,meanwhile,and the fast Fourier transform was used to process the encrypted data and plaintext.Based on the principle of maximum difference,the characteristic point of the result of the fast Fourier transform was determined.Then the value of the characteristic point and the feature template were determined using the principle of normal distribution.Finally,the identification rate of the proposed scheme was verified,taking a wireless network data as the identification object.The experimental results demonstrate that the rate of the proposed scheme achieves 95% both for the encrypted data and the plaintext.

Key words: Encrypted bit stream,Runs test,Fast Fourier transform

[1] 龙文,马坤,辛阳,等.适用于协议特征提取的关联规则改进算法[J].电子科技大学学报,2010,9(2):302-305
[2] Charles V W,Fabian M,Gerald M M.On inferring application protocol behaviors in encrypted network traffic[J].Journal of Machine Learning Research,2006,7(12):2745-2769
[3] Sun Guang-lu,Xue Yi-bo,Dong Ying-fei,et al.A Novel Hybrid Method for Effectively Classifying Encrypted Traffic[C]∥Proceedings of Communications and Systems Security,2010, GLOBECOM 2010.Miami USA,2010 IEEE,2010:1-5
[4] Talieh S T,Mostafa A,Fakhri K,et al.Machine Learning-Based Classification of Encrypted Internet Traffic[C]∥8th International Conference,MLDM 2012.Berlin,Germany,2012:578-592
[5] Zhang Meng,Zhang Hong-li,Zhang Bo.Encrypted Traffic Classification Based on an Improved Clustering Algorithm[C]∥International Conference,ISCTCS 2012.Beijing,China,2012:124-131
[6] Du Ye,Zhang Ru-hui.Design of a method for encrypted P2P traffic identification using K-means algorithm [J].Telecommunication Systems,2013,53(1):163-168
[7] 赵博,郭虹,刘勤让,等.基于加权累积和检验的加密流量盲识别算法[J].软件学报,2013,24(6):1334-1345
[8] Menezes A J,Van O P C,Vanstone S A.应用密码学手册 [M].胡磊,王鹏,等译.北京:电子工业出版社,2005:1-4
[9] NIST FIPS PUB 140-2-2001.Security Requirements for Cryptographic Modules[S].Washington DC,USA:National Institute of Standards and Technology,2001
[10] NIST SP800-22.A Statistical Test Suite for Random and Pseu-dorandom Number Generators for Cryptographic Applications Revision 1a[S].Washington DC,USA:National Institute of Standards and Technology,2010
[11] 徐晶,于向军.基于FFT算法的震动信号分析[J].工业控制计算机,2005,18(12):8-9
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发