计算机科学 ›› 2022, Vol. 49 ›› Issue (11): 351-359.doi: 10.11896/jsjkx.220400285
何源, 邢长友, 张国敏, 宋丽华, 余航
HE Yuan, XING Chang-you, ZHANG Guo-min, SONG Li-hua, YU Hang
摘要: 网络指纹探测作为一种重要的网络侦察手段,可以被攻击者用于获取目标网络的指纹特征,进而为后续开展有针对性的攻击行动提供支持。指纹混淆技术通过主动修改响应分组中的指纹特征,能够让攻击者形成虚假的指纹视图,但现有的混淆方法在应对攻击者策略性探测分析方面仍存在不足。为此,提出了一种面向网络侦察欺骗的差分隐私指纹混淆机制(Differential Privacy based Obfuscation of Fingerprinting,DPOF)。DPOF参考数据隐私保护的思想,首先建立了效用驱动的差分隐私指纹混淆模型,通过差分隐私指数机制计算不同效用虚假指纹的混淆概率,在此基础上进一步设计了资源约束下的指纹混淆决策方法,并实现了基于粒子群优化的混淆策略求解算法。仿真实验结果表明,相比现有的典型指纹混淆方法,DPOF在不同问题规模和预算情况下均具有更优的指纹混淆效果,且能够以更快的速度获得更好的近似最优策略。
中图分类号:
| [1]LYON G F.Nmap network scanning:The official Nmap project guide to network discovery and security scanning[M].US:Insecure,2008. [2]AUFFRET P.SinFP,unification of active and passive operating system fingerprinting[J].Journal in Computer Virology,2010,6(3):197-205. [3]KOHNO T,BROIDO A,CLAFFY K C.Remote physical device fingerprinting[J].IEEE Transactions on Dependable and Secure Computing,2005,2(2):93-108. [4]BRYANT B D,SAIEDIAN H.A novel kill-chain framework for remote security log analysis with SIEM software[J].Computers &Security,2017,67:198-210. [5]ZHU M,ANWAR A H,WAN Z L,et al.A survey of defensive deception:Approaches using game theory and machine learning[J].IEEE Communications Surveys & Tutorials,2021,23(4):2460-2493. [6]AKSOY A,LOUIS S,GUNES M H.Operating system finger-printing via automated network traffic analysis[C]//2017 IEEE Congress on Evolutionary Computation(CEC).IEEE,2017:2502-2509. [7]HAGOS D H,YAZIDI A,KURE Ø,et al.A Machine-Learning-Based Tool for Passive OS Fingerprinting With TCP Variant as a Novel Feature[J].IEEE Internet of Things Journal,2020,8(5):3534-3553. [8]HAGOS D H,LØLAND M,YAZIDI A,et al.Advanced PassiveOperating System Fingerprinting Using Machine Learning and Deep Learning[C]//2020 29th International Conference on Computer Communications and Networks(ICCCN).IEEE,2020:1-11. [9]YE D Y,ZHU T Q,SHEN S,et al.A differentially private gametheoretic approach for deceiving cyber adversaries[J].IEEE Transactions on Information Forensics and Security,2020,16:569-584. [10]SCHLENKER A,THAKOOR O,XU H F,et al.Deceiving cyber adversaries:A game theoretic approach[C]//International Conference on Autonomous Agents and Multiagent Systems.2018:892-900. [11]ALBANESE M,BATTISTA E,JAJODIA S.A deception based approach for defeating OS and service fingerprinting[C]//2015 IEEE Conference on Communications and Network Security(CNS).IEEE,2015:317-325. [12]WANG Y L,GUO J,ZHANG J C,et al.Moving OS fingerprint adaptively in SDN network[C]//2017 3rd IEEE International Conference on Computer and Communications(ICCC).IEEE,2017:438-442. [13]SHI Y,ZHANG H G,WANG J,et al.Chaos:An SDN-based moving target defense system[J].arXiv:1704.01482,2017. [14]PAWLICK J,COLBERT E,ZHU Q Y.A game-theoretic taxo-nomy and survey of defensive deception for cybersecurity and privacy[J].ACM Computing Surveys(CSUR),2019,52(4):1-28. [15]LIU J W,LIU J J,LU Y L,et al.Optimal Defense Strategy Selection Method Based on Network Attack-Defense Game Model[J].Computer Science,2018,45(6):117-123. [16]LI S H,ZHANG G M,SONG L H,et al.Incomplete Information Game Theoretic Analysis to Defend Fingerprinting[J].Computer Science,2021,48(8):291-299. [17]JAJODIA S,PARK N,PIERAZZI F,et al.A probabilistic logic of cyber deception[J].IEEE Transactions on Information Forensics and Security,2017,12(11):2532-2544. [18]RAHMAN M A,HASAN M G M M,MANSHAEI M H,et al.A game-theoretic analysis to defend against remote operating system fingerprinting[J].Journal of Information Security and Applications,2020,52:102456. [19]PAWLICK J,COLBERT E,ZHU Q Y.Modeling and analysis of leaky deception using signaling games with evidence[J].IEEE Transactions on Information Forensics and Security,2018,14(7):1871-1886. [20]BILINSKI M,FERGUSON-WALTER K,FUGATE S,et al.You only lie twice:A multi-round cyber deception game of questionable veracity[C]//International Conference on Decision and Game Theory for Security.Cham:Springer,2019:65-84. [21]SUN P Y,ZHANG H W,MA J Q,et al.A Selection Strategy for Network Security Defense Based on a Time Game Model[C]//2021 International Conference on Digital Society and Intelligent Systems(DSInS).IEEE,2021:223-228. [22]WAN Z L,CHO J H,ZHU M,et al.Foureye:Defensive Deception Against Advanced Persistent Threats via Hypergame Theory[J].IEEE Transactions on Network and Service Management,2021,19(1):112-129. [23]DWORK C.Differential privacy[C]//International Colloquium on Automata,Languages,and Programming.Berlin:Springer,2006:1-12. [24]HASSAN M U,REHMANI M H,CHEN J J.Differential privacy techniques for cyber physical systems:a survey[J].IEEE Communications Surveys & Tutorials,2019,22(1):746-789. [25]WEI K,LI J,DING M,et al.Federated learning with differential privacy:Algorithms and performance analysis[J].IEEE Transa-ctions on Information Forensics and Security,2020,15:3454-3469. [26]JIANG B,LI J Q,YUE G H,et al.Differential Privacy for Industrial Internet of Things:Opportunities,Applications,and Challenges[J].IEEE Internet of Things Journal,2021,8(13):10430-10451. |
| [1] | 汤凌韬, 王迪, 张鲁飞, 刘盛云. 基于安全多方计算和差分隐私的联邦学习方案 Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy 计算机科学, 2022, 49(9): 297-305. https://doi.org/10.11896/jsjkx.210800108 |
| [2] | 高春刚, 王永杰, 熊鑫立. MTDCD:一种对抗网络入侵的混合防御机制 MTDCD:A Hybrid Defense Mechanism Against Network Intrusion 计算机科学, 2022, 49(7): 324-331. https://doi.org/10.11896/jsjkx.210600193 |
| [3] | 黄觉, 周春来. 基于本地化差分隐私的频率特征提取 Frequency Feature Extraction Based on Localized Differential Privacy 计算机科学, 2022, 49(7): 350-356. https://doi.org/10.11896/jsjkx.210900229 |
| [4] | 王美珊, 姚兰, 高福祥, 徐军灿. 面向医疗集值数据的差分隐私保护技术研究 Study on Differential Privacy Protection for Medical Set-Valued Data 计算机科学, 2022, 49(4): 362-368. https://doi.org/10.11896/jsjkx.210300032 |
| [5] | 孔钰婷, 谭富祥, 赵鑫, 张正航, 白璐, 钱育蓉. 基于差分隐私的K-means算法优化研究综述 Review of K-means Algorithm Optimization Based on Differential Privacy 计算机科学, 2022, 49(2): 162-173. https://doi.org/10.11896/jsjkx.201200008 |
| [6] | 时坤, 周勇, 张启亮, 姜顺荣. 基于联盟链的能源交易数据隐私保护方案 Privacy-preserving Scheme of Energy Trading Data Based on Consortium Blockchain 计算机科学, 2022, 49(11): 335-344. https://doi.org/10.11896/jsjkx.220300138 |
| [7] | 王修君, 莫磊, 郑啸, 高云全. 面向数据流滑动窗口的自适应直方图发布算法 Adaptive Histogram Publishing Algorithm for Sliding Window of Data Stream 计算机科学, 2022, 49(10): 344-352. https://doi.org/10.11896/jsjkx.210700242 |
| [8] | 董晓梅, 王蕊, 邹欣开. 面向推荐应用的差分隐私方案综述 Survey on Privacy Protection Solutions for Recommended Applications 计算机科学, 2021, 48(9): 21-35. https://doi.org/10.11896/jsjkx.201100083 |
| [9] | 孙林, 平国楼, 叶晓俊. 基于本地化差分隐私的键值数据关联分析 Correlation Analysis for Key-Value Data with Local Differential Privacy 计算机科学, 2021, 48(8): 278-283. https://doi.org/10.11896/jsjkx.201200122 |
| [10] | 李少辉, 张国敏, 宋丽华, 王秀磊. 基于不完全信息博弈的反指纹识别分析 Incomplete Information Game Theoretic Analysis to Defend Fingerprinting 计算机科学, 2021, 48(8): 291-299. https://doi.org/10.11896/jsjkx.210100148 |
| [11] | 张学军, 杨昊英, 李桢, 何福存, 盖继扬, 鲍俊达. 融合语义位置的差分私有位置隐私保护方法 Differentially Private Location Privacy-preserving Scheme withSemantic Location 计算机科学, 2021, 48(8): 300-308. https://doi.org/10.11896/jsjkx.200900198 |
| [12] | 陈天荣, 凌捷. 基于特征映射的差分隐私保护机器学习方法 Differential Privacy Protection Machine Learning Method Based on Features Mapping 计算机科学, 2021, 48(7): 33-39. https://doi.org/10.11896/jsjkx.201200224 |
| [13] | 王乐业. 群智感知中的地理位置本地化差分隐私机制:现状与机遇 Geographic Local Differential Privacy in Crowdsensing:Current States and Future Opportunities 计算机科学, 2021, 48(6): 301-305. https://doi.org/10.11896/jsjkx.201200223 |
| [14] | 彭春春, 陈燕俐, 荀艳梅. 支持本地化差分隐私保护的k-modes聚类方法 k-modes Clustering Guaranteeing Local Differential Privacy 计算机科学, 2021, 48(2): 105-113. https://doi.org/10.11896/jsjkx.200700172 |
| [15] | 刘亚群, 邢长友, 高雅卓, 张国敏. TopoObfu:一种对抗网络侦察的网络拓扑混淆机制 TopoObfu:A Network Topology Obfuscation Mechanism to Defense Network Reconnaissance 计算机科学, 2021, 48(10): 278-285. https://doi.org/10.11896/jsjkx.210400296 |
|
||
首页