本文選題：匿名網(wǎng)絡(luò) + 流量分析��； 參考：《北京郵電大學(xué)》2014年碩士論文

【摘要】：信息溯源是指采用一系列的方法和技術(shù)手段將內(nèi)容、網(wǎng)絡(luò)行為以及應(yīng)用行為等追溯到其發(fā)起者。一般情況下可以通過數(shù)據(jù)連接的四元組判斷信息的來源或者發(fā)起者,但是當(dāng)信息發(fā)送者采用一定的手段隱藏這種關(guān)系時,如何發(fā)現(xiàn)信息的來源變成了一項富有挑戰(zhàn)性的工作。 匿名通信服務(wù)隱藏通信實體的地址、通信關(guān)系等,保護用戶隱私。但與此同時,匿名網(wǎng)絡(luò)也被用于掩蓋網(wǎng)絡(luò)罪犯的行蹤,如何針對匿名網(wǎng)絡(luò)的流量進行信息溯源,具有非常重要的實際意義。已有的針對匿名網(wǎng)絡(luò)流量的信息溯源方法,在實際的應(yīng)用中大都具有一定的局限性。本文針對匿名通信網(wǎng)絡(luò),提出一種在獲取匿名網(wǎng)絡(luò)的入口流量和出口流量的情況下,對匿名網(wǎng)絡(luò)用戶間的通信關(guān)系進行去匿名化分析,達到追蹤溯源的效果的方法。本文選取匿名網(wǎng)絡(luò)Tor做為研究對象,針對Tor的流量開展了一系列的基于流量的分析溯源工作。 、首先,為了了解匿名網(wǎng)絡(luò)流量的特征,我們針對Tor的流量進行了深入的分析與測量,通過提取并對比入口流量和對應(yīng)出口的流量,分析Tor流量的特征。我們同時測量了Tor網(wǎng)絡(luò)目的節(jié)點的國家分布以及流量長度分布等,為后續(xù)量化實驗驗證提供了依據(jù)。 二、考慮到Tor數(shù)據(jù)采用SSL進行加密,而基于SSL的網(wǎng)絡(luò)應(yīng)用逐漸增多,從背景數(shù)據(jù)流中識別出Tor流量可以提高溯源的準確性,并且減少系統(tǒng)的計算量。在對Tor協(xié)議和流量進行深入研究的基礎(chǔ)上,選取了數(shù)據(jù)包長度作為特征,以SVM分類算法作為Tor流量識別的算法。在離線環(huán)境下,使用該方法實現(xiàn)了對Tor流量進行分類識別,分類的準確率與召回率均可以到達90%以上。 三、在以上工作的基礎(chǔ)上設(shè)計并實現(xiàn)基于流量分析的信息溯源系統(tǒng)。選用k-means算法,對于匿名網(wǎng)絡(luò)的入口流量和出口流量,按照選取的特征向量進行多元關(guān)聯(lián)分析,以獲取兩部分流量之間的對應(yīng)關(guān)系。并在真實網(wǎng)絡(luò)環(huán)境下,對系統(tǒng)的準確性進行了評估和驗證。當(dāng)數(shù)據(jù)流的字節(jié)數(shù)大于200K1B時,信息溯源的準確率可以達到90%以上。
[Abstract]:Information traceability refers to the use of a series of methods and techniques to trace the content, network behavior and application behavior to its initiators.In general, the information source or initiator can be judged by the quaternion of data connection, but how to find the source of information becomes a challenging task when the sender uses certain means to hide the relationship.Anonymous communication service hides the address of communication entity, communication relation and so on, protects user's privacy.But at the same time, anonymous network is also used to cover up the whereabouts of network criminals. How to trace the traffic of anonymous network is of great practical significance.Most of the existing information traceability methods for anonymous network traffic have some limitations in practical applications.In this paper, we propose a method to analyze the communication relationship between anonymous network users by means of de-anonymity analysis under the condition of obtaining the inlet and outlet traffic of anonymous network, so as to achieve the effect of tracing the source.In this paper, anonymous network Tor is selected as the research object, and a series of traceability based on traffic analysis for Tor traffic are carried out.Firstly, in order to understand the characteristics of anonymous network traffic, we analyze and measure the traffic of Tor in depth, and analyze the characteristics of Tor traffic by extracting and comparing the incoming traffic and the corresponding flow.At the same time, we measure the national distribution and the flow length distribution of the destination nodes in Tor network, which provides the basis for the subsequent quantization experiments.Secondly, considering that the Tor data is encrypted by SSL, and the network application based on SSL is increasing, identifying the Tor traffic from the background data stream can improve the accuracy of traceability and reduce the calculation of the system.Based on the in-depth study of Tor protocol and traffic, the packet length is selected as the feature, and the SVM classification algorithm is used as the Tor traffic recognition algorithm.In the off-line environment, the method is used to classify and identify the Tor traffic. The classification accuracy and recall rate can reach more than 90%.Thirdly, the information traceability system based on traffic analysis is designed and implemented based on the above work.In order to obtain the corresponding relationship between the two parts of traffic, the k-means algorithm is used to analyze the inlet and outlet traffic of anonymous network according to the selected eigenvector.In the real network environment, the accuracy of the system is evaluated and verified.When the number of bytes in the data stream is greater than 200K1B, the accuracy of traceability can reach more than 90%.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2014
【分類號】：TP393.06

【共引文獻】

相關(guān)期刊論文 前10條

1 于炯;曹元大;宋榮功;;自管理機密網(wǎng)絡(luò)的分布式匿名路由協(xié)議[J];北京理工大學(xué)學(xué)報;2007年11期

2 施榮華;伍瑩;郭迎;曾貴華;;Quantum Distributed Ballot Scheme Based on Greenberger-Horne-Zeilinger State[J];Communications in Theoretical Physics;2010年08期

3 陸慶,周世杰,傅彥;匿名通信技術(shù)分析[J];電子科技大學(xué)學(xué)報;2004年02期

4 吳艷輝;王偉平;陳建二;;重路由匿名通信研究進展與展望[J];電信科學(xué);2006年05期

5 趙福祥,趙紅云,王育民,楊世平;一個采用分段驗證簽密隱蔽路由的設(shè)計與實現(xiàn)[J];電子學(xué)報;2002年07期

6 陶志紅,Hans KleineBu，

本文編號：1736924