{"title":"对关键任务应用程序的流量模式进行匿名规范化","authors":"Dongxi Liu, Chi-Hung Chi, Ming Li","doi":"10.1109/SIMSYM.2004.1299494","DOIUrl":null,"url":null,"abstract":"Intruders often want to analyze traffic pattern to get information for his some malicious activities in ultra-secure network. This work presents a general approach to prevent traffic pattern of IP-based network from being analyzed. It is an isolated scheme which can be used to prevent traffic analysis in overall network by achieving the same goal in each network segment independently. On each network segment, complementary traffic is generated according to its real traffic, and the combination of these two kinds of traffic constitutes the normalized traffic on each link. Main advantages of our approach are, from the performance viewpoint, 1) complementary traffic does not compete on the bandwidth with real traffic actively, and 2) complementary traffic does not consume the bandwidth of other network segment at all. In addition, by encrypting source and destination IP addresses of each packet, anonymous communication can be achieved and anonymous normalized traffic loses its value for the analysis of eavesdropped traffic by intruders.","PeriodicalId":152455,"journal":{"name":"37th Annual Simulation Symposium, 2004. Proceedings.","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":"{\"title\":\"Normalizing traffic pattern with anonymity for mission critical applications\",\"authors\":\"Dongxi Liu, Chi-Hung Chi, Ming Li\",\"doi\":\"10.1109/SIMSYM.2004.1299494\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Intruders often want to analyze traffic pattern to get information for his some malicious activities in ultra-secure network. This work presents a general approach to prevent traffic pattern of IP-based network from being analyzed. It is an isolated scheme which can be used to prevent traffic analysis in overall network by achieving the same goal in each network segment independently. On each network segment, complementary traffic is generated according to its real traffic, and the combination of these two kinds of traffic constitutes the normalized traffic on each link. Main advantages of our approach are, from the performance viewpoint, 1) complementary traffic does not compete on the bandwidth with real traffic actively, and 2) complementary traffic does not consume the bandwidth of other network segment at all. In addition, by encrypting source and destination IP addresses of each packet, anonymous communication can be achieved and anonymous normalized traffic loses its value for the analysis of eavesdropped traffic by intruders.\",\"PeriodicalId\":152455,\"journal\":{\"name\":\"37th Annual Simulation Symposium, 2004. Proceedings.\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2004-04-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"13\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"37th Annual Simulation Symposium, 2004. Proceedings.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SIMSYM.2004.1299494\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"37th Annual Simulation Symposium, 2004. Proceedings.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SIMSYM.2004.1299494","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Normalizing traffic pattern with anonymity for mission critical applications
Intruders often want to analyze traffic pattern to get information for his some malicious activities in ultra-secure network. This work presents a general approach to prevent traffic pattern of IP-based network from being analyzed. It is an isolated scheme which can be used to prevent traffic analysis in overall network by achieving the same goal in each network segment independently. On each network segment, complementary traffic is generated according to its real traffic, and the combination of these two kinds of traffic constitutes the normalized traffic on each link. Main advantages of our approach are, from the performance viewpoint, 1) complementary traffic does not compete on the bandwidth with real traffic actively, and 2) complementary traffic does not consume the bandwidth of other network segment at all. In addition, by encrypting source and destination IP addresses of each packet, anonymous communication can be achieved and anonymous normalized traffic loses its value for the analysis of eavesdropped traffic by intruders.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
