通信学报
• 网络安全 • 上一篇 下一篇
朱玉娜,韩继红,袁 霖,陈韩托,范钰丹
出版日期:
发布日期:
基金资助:
Online:
Published:
摘要: 针对分布在多个相关流中的多方安全协议会话问题,提出了多方安全协议会话的3个启发式的主体行为特征——邻接主机行为、主体角色行为以及主机消息行为,给出了主体行为特征检测原理,提出了多方安全协议会话识别方法。针对3个典型的多方安全协议,分别在3种会话运行场景下进行实验,结果表明该方法识别率在90%以上,误报率和漏报率在6%以下,能够有效地识别协议会话。
关键词: 安全协议;协议识别;会话识别;主体行为
Abstract: Aiming at the problem of session identification for muti-party secure protocol, three characters were presented, i.e., neighboring-host-behavior(NHB), host-role-behavior(HRB) and principal-message-behavior (PMB), to explore the correlation among multiple flows employed in a same session. Then a session identification approach was proposed using these features. Finally, the approach was evaluated on three classical multi-party secure protocols in three scenes. The experimental results indicate the identification precision is above 90%, and the false negatives rate and false positives rate are below 6%.
Key words: security protocol; protocol identification; session identification; principal behavior
朱玉娜,韩继红,袁 霖,陈韩托,范钰丹. 基于主体行为的多方安全协议会话识别方法[J]. 通信学报, doi: 10.11959/j.issn.1000-436x.2015273.
0 / / 推荐
导出引用管理器 EndNote|Reference Manager|ProCite|BibTeX|RefWorks
链接本文: https://www.infocomm-journal.com/txxb/CN/10.11959/j.issn.1000-436x.2015273
https://www.infocomm-journal.com/txxb/CN/Y2015/V36/I11/190
