{"title":"基于组密钥协议的物联网加密流量检测方案","authors":"Zhongqi Fan, Yong Zeng, Xiao-yan Zhu, Jianfeng Ma","doi":"10.1145/3417312.3432093","DOIUrl":null,"url":null,"abstract":"In CCS 2019, the privacy-preserving deep package inspection (PrivDPI) was proposed to detect anomalies and suspicious activities in encrypted network traffic, which is a provably secure and highly efficient approach for the end-to-end communication model. However, PrivDPI cannot be applied directly on the scenarios of the Internet of Things (IoT) due to its one/many-to-many communication model in which key agreement will bring giant power consumption. In this paper, we propose a group key agreement based encrypted traffic detection scheme for the Internet of Things (GKA_DPI) to solve it. In GKA_DPI, we still use BlindBox for traffic detection, which was used in PrivDPI and Sherry's scheme. The difference is that we use a dynamic group key agreement to replace the original key agreement protocol to reduce power consumption. Then we can perform deep traffic detection over encrypted packages on the widely used protocol Message Queuing Telemetry Transport (MQTT) of IoT. GKA_DPI can detect encrypted traffic without decrypting transmitted messages and find out malicious traffic to ensure the security of sensor network communication. Finally, we prove the forward and backward secrecy of proposed GKA_DPI.","PeriodicalId":361484,"journal":{"name":"Proceedings of the 1st ACM International Workshop on Security and Safety for Intelligent Cyber-Physical Systems","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A group key agreement based encrypted traffic detection scheme for Internet of Things\",\"authors\":\"Zhongqi Fan, Yong Zeng, Xiao-yan Zhu, Jianfeng Ma\",\"doi\":\"10.1145/3417312.3432093\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In CCS 2019, the privacy-preserving deep package inspection (PrivDPI) was proposed to detect anomalies and suspicious activities in encrypted network traffic, which is a provably secure and highly efficient approach for the end-to-end communication model. However, PrivDPI cannot be applied directly on the scenarios of the Internet of Things (IoT) due to its one/many-to-many communication model in which key agreement will bring giant power consumption. In this paper, we propose a group key agreement based encrypted traffic detection scheme for the Internet of Things (GKA_DPI) to solve it. In GKA_DPI, we still use BlindBox for traffic detection, which was used in PrivDPI and Sherry's scheme. The difference is that we use a dynamic group key agreement to replace the original key agreement protocol to reduce power consumption. Then we can perform deep traffic detection over encrypted packages on the widely used protocol Message Queuing Telemetry Transport (MQTT) of IoT. GKA_DPI can detect encrypted traffic without decrypting transmitted messages and find out malicious traffic to ensure the security of sensor network communication. Finally, we prove the forward and backward secrecy of proposed GKA_DPI.\",\"PeriodicalId\":361484,\"journal\":{\"name\":\"Proceedings of the 1st ACM International Workshop on Security and Safety for Intelligent Cyber-Physical Systems\",\"volume\":\"14 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-11-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 1st ACM International Workshop on Security and Safety for Intelligent Cyber-Physical Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3417312.3432093\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 1st ACM International Workshop on Security and Safety for Intelligent Cyber-Physical Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3417312.3432093","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A group key agreement based encrypted traffic detection scheme for Internet of Things
In CCS 2019, the privacy-preserving deep package inspection (PrivDPI) was proposed to detect anomalies and suspicious activities in encrypted network traffic, which is a provably secure and highly efficient approach for the end-to-end communication model. However, PrivDPI cannot be applied directly on the scenarios of the Internet of Things (IoT) due to its one/many-to-many communication model in which key agreement will bring giant power consumption. In this paper, we propose a group key agreement based encrypted traffic detection scheme for the Internet of Things (GKA_DPI) to solve it. In GKA_DPI, we still use BlindBox for traffic detection, which was used in PrivDPI and Sherry's scheme. The difference is that we use a dynamic group key agreement to replace the original key agreement protocol to reduce power consumption. Then we can perform deep traffic detection over encrypted packages on the widely used protocol Message Queuing Telemetry Transport (MQTT) of IoT. GKA_DPI can detect encrypted traffic without decrypting transmitted messages and find out malicious traffic to ensure the security of sensor network communication. Finally, we prove the forward and backward secrecy of proposed GKA_DPI.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
