计算机应用 ›› 2015, Vol. 35 ›› Issue (3): 704-711.DOI: 10.11772/j.issn.1001-9081.2015.03.704

• 信息安全 • 上一篇    下一篇

基于自适应流特征的半脆弱流指纹编码方案

雷程1,2, 张红旗1,2, 孙奕1, 杜学绘1   

  1. 1. 信息工程大学, 郑州 450001;
    2. 河南省信息安全重点实验室(信息工程大学), 郑州 450001
  • 收稿日期:2014-10-14 修回日期:2014-11-21 出版日期:2015-03-10 发布日期:2015-03-13
  • 通讯作者: 雷程
  • 作者简介:雷程(1989-),男,北京人,硕士研究生,主要研究方向:网络信息安全、数据安全交换;张红旗(1962-),男,河北遵化人,教授,博士生导师,博士,主要研究方向:网络安全、等级保护;孙奕(1979-),女,河南郑州人,讲师,博士研究生,主要研究方向:信息安全、数据安全交换
  • 基金资助:

    国家973计划项目(2011CB311801);国家863计划项目(2012AA012704);郑州市科技领军人才项目(131PLKRC644)

Semi-fragile net-flow fingerprint coding scheme based on adaptive net-flow characteristic

LEI Cheng1,2, ZHANG Hongqi1,2, SUN Yi1, DU Xuehui1   

  1. 1. Information Engineering University, Zhengzhou Henan 450001, China;
    2. Henan Provincial Key Laboratory of Information Security (Information Engineering University), Zhengzhou Henan 450001, China
  • Received:2014-10-14 Revised:2014-11-21 Online:2015-03-10 Published:2015-03-13

摘要:

针对流交换中网络抖动和流变换导致的流指纹不可用、不可信问题,提出了基于自适应流特征的半脆弱流指纹编码方案(ACSF)。首先,采用流特征参数作为生成哈希消息验证码(HMAC)密钥、确定HMAC置乱方式以及选择伪噪声(PN)码初始相位的依据,将密钥空间提高到O((k+1)·(S·O(KEN))),增加了敌手穷举的计算复杂度;同时,增加流指纹自适应性,将解码计算复杂度降低到O(k2·l·nf),提高了解码效率。其次,采用直接序列扩频(DSSS)技术,在多流互扰强度达到66.7%时,解码正确率可以达到90%以上,实现了过滤非恶意处理;而且,采用HMAC技术,使得篡改定位准确率为98.3%以上,使指纹具有半脆弱性。最后,对ACSF的安全性、篡改定位能力和抗干扰能力进行了理论分析和实验验证。

关键词: 流交换, 流特征, 自适应, 篡改定位, 抗干扰能力, 半脆弱流指纹

Abstract:

Aiming at unavailability and unreliability of net-flow fingerprint caused by net-flow transformation and network jitter, a semi-fragile net-flow fingerprint coding scheme based on adaptive net-flow characteristic (ACSF) was proposed. Firstly, ACSF generated Hash Message Authentication Code (HMAC) encryption key, determined HMAC scrambling method and chose the initial phase of the Pseudo-Noise (PN) code in accordance with net-flow characteristic parameters.The space of secret key was enlarged to O((k+1)·(S·O(KEN))), so as to increase computational complexity of compromising. Besides, net-flow fingerprint was made to have the capability of self-adaption. It decreased the computational complexity of decoder to O(k2·l·nf), which enhanced the efficiency of decoding. Secondly, in order to be semi-fragile net-flow fingerprint, Direct Sequence Spread Spectrum (DSSS) was used to filter non-malicious disposing. It can reach more than 90% correctness under the condition of 66.7% multi-flow disturbance rate. Besides, HMAC was used to locate malicious tamper, which could correctly locate malicious tamper at least 98.3%. Finally, the security, accuracy of tamper localization and resisting disturbance capability of ACSF were analyzed and verified by experiments.

Key words: net-flow exchange, net-flow characteristic, self-adaption, temper localization, resisting disturbance capability, semi-fragile net-flow fingerprint

中图分类号: