计算机科学 ›› 2018, Vol. 45 ›› Issue (6A): 323-327.
石志凯1,朱国胜1,2,雷龙飞1,陈胜1,镇佳1,吴善超1,吴梦宇1
SHI Zhi-kai1,ZHU Guo-sheng1,2,LEI Long-fei1,CHEN Sheng1,ZHEN Jia1,WU Shan-chao1,WU Meng-yu1
摘要: 网络地址转换NAT对外网隐藏了内网的结构,这一方面给非法终端隐匿接入提供了便利,对网络造成潜在威胁;另一方面,用户也可通过NAT私自共享网络,直接损害网络运营者的利益。有效检测NAT设备,对网络安全管控、运营管理具有重要作用。文中对现有NAT检测技术进行了分析与比较,阐述了各自的优缺点和适用条件;提出了一种利用上层应用的特征和训练数据构建C5.0决策树的NAT设备检测方法。真实网络环境下的实验表明,所提方法能有效识别NAT设备。
中图分类号:
[1]STATISTA.Internet of Things (IoT) connected devices in- stalled base worldwide from 2015 to 2025 (in billions)[OL]. [2017-05-14].https://www.statista.com/statistics/471264/iot-numberof-connected-devices-worldwide. [2]Internet Live Stats.Internet Users[OL]. [2017-0514].http://www.internetlivestats.com/ internet-users/#trend. [3]NESSETT D M,GRABELSKY D,BORELLA M S,et al.Me- thod and system for locating network services with distributed network address translation:U.S. Patent 6,055,236.2000-4-25. [4]BELLOVIN S M.A technique for counting NATted hosts[C]∥Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment.ACM,2002:267-272. [5]STRAKA K,MANES G. Passive detection of nat routers and client counting∥Advances in Digital Forensics II.Springer,Boston,MA,2006:239-246. [6]MAIER G,SCHNEIDER F,FELDMANN A.NAT usage in residential broadband networks[C]∥International Conference on Passive and Active Network Measurement.Springer,Berlin,Heidelberg,2011:32-41. [7]MONGKOLLUKSAMEE S,FUKUDA K,PONGPAIBOOL P.Counting NATted hosts by observing TCP/IP field behaviors[C]∥2012 IEEE International Conference on Communications (ICC).IEEE,2012:1265-1270. [8]ZHANG B,GUAN Y,NIU W,et al.A hybrid packet clustering approach for NAT host analysis[C]∥2015 IEEE International Conference on Communication Software and Networks(ICCSN).IEEE,2015:432-438. [9]RUI L,HONGLIANG Z,YANG X,et al.Remote NAT detect algorithm based on support vector machine[C]∥2009 International Conference on Information Engineering and Computer Science.2009. [10]ABT S,DLETZ C,BAIER H,et al.Passive remote source nat detection using behavior statistics derived from netflow[C]∥IFIP International Conference on Autonomous Infrastructure,Management and Security.Springer,Berlin,Heidelberg,2013:148-159. [11]GOKCEN Y,FOROUSHANI V A,HEYWOOD A N Z.Can we identify NAT behavior by analyzing Traffic Flows?[C]∥Security and Privacy Workshops (SPW),2014 IEEE.IEEE,2014:132-139. [12]KOMREK T,GRILL M,PEVNY T.Passive NAT detection using HTTP access logs[C]∥2016 IEEE International Workshop on Information Forensics and Security (WIFS).IEEE,2016:1-6. [13]BI J,ZHAO L,ZHANG M.Application presence fingerprinting for NAT-aware router[C]∥Knowledge-Based Intelligent Information and Engineering Systems.Springer Berlin/Heidelberg,2006:678-685. [14]The Bro Network Security Monitor[OL].http://www.bro. org. [15]HOLMES G,DONKIN A,WITTEN I H.Weka:A machine learning workbench∥Proceedings of the 1994 Second Australian and New Zealand Conference on Intelligent Information Systems.IEEE,1994:357-361. |
[1] | 王卓薇,程良伦,肖红. 一种基于GPU的高精度体系结构级功耗模型 High-precision Architecture-level Power Model Based on GPU 计算机科学, 2016, 43(11): 30-35. https://doi.org/10.11896/j.issn.1002-137X.2016.11.006 |
[2] | 徐伟,朱帅,叶春豪. 面向中小企业的低成本Web服务负载均衡器的设计 Design for SMEs of Low Cost Web Server Load Balancer 计算机科学, 2013, 40(Z11): 57-59. |
[3] | 赵 培,李国徽. Multi-bank闪存文件系统的一种I/O调度机制 Efficient I/O Scheduler over Multi-bank Flash Memory File Systems 计算机科学, 2012, 39(4): 287-292. |
[4] | 李杰. 基于ORM的轻量级数据持久化技术研究及应用 Research and Application of Lightweight Data Persistence Technology Based on ORM 计算机科学, 2010, 37(9): 190-193. |
[5] | . 基于UDP交换路由的NAT互联技术研究 计算机科学, 2008, 35(9): 119-122. |
[6] | . 一种基于图的异常入侵检测新算法 计算机科学, 2008, 35(11): 78-82. |
[7] | . 网络层析成像研究综述 计算机科学, 2006, 33(9): 12-17. |
[8] | 陈晓铭 吴中福 陈蕾. 基于ICE方式H.323信令穿越Symmetric NAT技术研究 计算机科学, 2006, 33(8): 82-85. |
[9] | 白伟华 李吉桂. NAT技术及其穿越方案研究 计算机科学, 2005, 32(8): 44-45. |
[10] | 无. 第十一届联合国际计算机会议(JICC2005)征文通知 计算机科学, 2005, 32(4): 231-231. |
[11] | 逯鹏 吕良双 高庆一. Native XML数据库技术综述 计算机科学, 2004, 31(4): 84-88. |
[12] | 时曦 苏思妮 等. 多点UDP互连的透明代理 计算机科学, 2001, 28(12): 122-123. |
[13] | 郭立峰 郭耀. NATO软件复用标准导论 计算机科学, 1999, 26(5): 5-16. |
|