主动网络流水印技术研究进展

doi:10.3969/j.issn.1000-436x.2014.07.022

Abstract

Abstract:

In face of confirming user communication relationship in anonymous network, tracing botmaster and detecting stepping stones, traditional intrusion detection and flow correlation methods which mainly rely on passive traffic analysis have shown many drawbacks obviously, such as high space costs, poor real-time, low accuracy, poor flexibility, fail in dealing with encrypted traffic and so on. However, the active network flow watermark(ANFW) which combined the idea of digital watermarking and active traffic analysis can overcome the drawbacks above effectively. ANFW has aroused extensive attention of scholars at home and abroad. Firstly, the general model of ANFW is presented, and the classifica-tion of existing proposals and roles involved in ANFW are summarized. Then, several representative ANFW approaches using distinct network flow characteristics are presented and compared in detail. Finally, threats against existing ANFW technology and their corresponding countermeasures are overviewed, also some future research directions about ANFW are discussed.

Key words: network security, active traffic analysis, network flow watermark, network flow characteristics, anonymous communication, stepping stones, botnet

Xiao-jun GUO,Guang CHENG,Chen-gang ZHU,Dinh-Tu TRUONG,Ai-ping ZHOU. Progress in research on active network flow watermark[J]. Journal on Communications, 2014, 35(7): 178-192.

Figures/Tables 15

References 58

[59]	樊昌信，曹丽娜 . 通信原理（第6版）[M]. 北京：国防工业出版社， 2006. FAN C X , CAO L N . Communication Principles(6th Edition)[M]. Beijing: National Defence Industry Press, 2006.
[60]	BALDINI A , DE C L , RISSO F . Increasing performances of TCP data transfers through multiple parallel connections[A]. Proc of the 2009 IEEE Symposium on Computers and Communications[C]. Sousse, Tunisia, 2009. 630-636.
[61]	IHM S , PAI V S . Towards understanding modern web traffic[A]. Proc of the 2011 ACM SIGCOMM on Internet Measurement Conference (IMC'11)[C]. Berlin, Germany, 2011. 295-312.
[62]	RAO A , LEGOUT A , LIM Y S , et al. Network characteristics of video streaming traffic[A]. Proc of the 7th Conference on Emerging Networking Experiments and Technologies(CoNEXT'11)[C]. Tokyo, Japan, 2011.
[63]	XI B W , CHEN H , CLEVELAND W S , et al. Statistical analysis and modeling of Internet VoIP traffic for network engineering[J]. Electronic Journal of Statistics, 2010,4:58-116.
[64]	RATTI S , HARIRI B , SHIRMOHAMMADI S . A survey of First-Person shooter gaming traffic on the Internet[J]. IEEE Internet Computing, 2010,14(5):60-69.
[65]	ARCHIBALD R , GHOSAL D . A covert timing channel based on Fountain Codes[A]. Proc of the 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom'12)[C]. Liverpool, UK, 2012. 970-977.
[66]	ROY S D , LI X , SHOSHAN Y , et al. Hardware implementation of a digital watermarking system for video authentication[J]. IEEE Trans-actions on Circuits and Systems for Video Technology, 2013,23(2):289-301.
[67]	HOLUB V , FRIDRICH J . Digital image steganography using universal distortion[A]. Proc of the 1st ACM Workshop on Information Hiding And Multimedia Security[C]. Montpellier, France, 2013. 59-68.
[68]	FATEMEH D , SAEED M . Watermarking in binary document images using fractal codes[J]. Pattern Recognition Letters, 2014,35:120-129.
[69]	钱玉文，赵邦信，孔建寿等. 一种基于Web的可靠网络隐蔽时间信道的研究 [J]. 计算机研究与发展， 2011,48(3):423-431. QIAN Y W , ZHAO B X , KONG J S , et al. Robust covert timing channel based on web[J]. Journal of Computer Research and Devel-opment, 2011,48(3):423-431.
[70]	SEBASTIAN Z , GRENVILLE A , PHILIP B . Stealthier inter-packet timing covert channels[A]. Proc of the 10th International IFIP TC 6 Networking Conference[C]. Valencia, Spain, 2011. 458-470.
[71]	FURON T , BAS P . A new measure of watermarking security applied on QIM[A]. Proc of 14th International Conference on Information Hiding(IH'12)[C]. Berkeley, USA, 2012. 207-223.
[72]	Trusted computer system evaluation criteria (TCSEC)[EB/OL]. , WIKIPEDIA. 2013.
[1]	YLONEN T . The secure shell (SSH) protocol architecture[EB/OL]. , http://www.ietf.org/rfc/rfc4251.txt, 2006.
[2]	IPSEC WORKING GROUP. IP security protocol(IPSec)[EB/OL]. , http://datatracker.ietf.org/wg/ipsec/, 1995.
[3]	ZHANG Y , PAXSON V . Detecting stepping stones[A]. Proc of the 9th USENIX Security Symposium[C]. Denver, Colorado, 2000. 171-184.
[4]	BLUM A , SONG D , VENKATARAMAN S . Detection of interactive stepping stones: algorithms and confidence bounds[A]. Proc of the 7th International Symposium on Recent Advances in Intrusion Detec-tion[C]. Sophia Antipolis, France, 2004. 258-277.
[73]	MOHAN D , JUSTIN S RENATA T , et al. Fathom: a browser-based network measurement platform[A]. Proc of the 2012 ACM conference on Internet Measurement Conference(IMC'12)[C]. Boston, USA, 2012. 73-86.
[74]	SNOEREN A C , PARTRIDGE C , SANCHEZ L A , et al. Single-packet IP traceback[J]. IEEE/ACM Transactions on Networking, 2002,10(6):721-734.
[5]	HE T , TONG L . Detecting encrypted stepping stone connections[J]. IEEE Transactions on Signal Processing, 2007,55(4):1612-1623.
[6]	ROBERT S , JIE C , PING J , et al. A survey of research in step-ping-stone detection[J]. International Journal of Electronic Commerce Studies, 2011,2(2):103-126.
[7]	DINGLEDINE R , MATHEWSON N , SYVERSON P . Tor: the second-generation onion router[A]. Proc of the 13th USENIX Security Symposium[C]. San Diego, USA, 2004. 303-320.
[8]	REITER M K , RUBIN A D . Anonymous Web transactions with crowds[J]. Communications of the ACM, 1999,42(2):32-38.
[75]	LIN I H , PENG S H . A probabilistic packet marking scheme with LT code for IP traceback[J]. Journal of Internet Technology, 2013,14(2):189-202.
[76]	BATES A , MOOD B , PLETCHER J , et al. Detecting co-residency with active traffic analysis techniques[A]. Proc of the 2012 ACM Workshop on Cloud Computing Security Workshop[C]. Raleigh, USA, 2012. 1-12.
[9]	FREEDMAN M J , MORRIS R . Tarzan: a peer-to-peer anonymizing network layer[A]. Proc of the 9th ACM Conference on Computer and Communications Security[C]. Washington DC, USA, 2002. 193-206.
[10]	PASSERINI E , PALEARI R , MARTIGNONI J , et al. FluXOR: de-tecting and monitoring fast-flux service networks[A]. Proc. of the 5th Detection of Intrusions and Malware, and Vulnerability Assessment[C]. Paris, France, 2008. 186-206.
[77]	罗军舟，吴文甲，杨明 . 移动互联网：终端、网络与服务[J]. 计算机学报， 2011,34(11):2029-2051. LUO J Z , WU W J , YANG M . Mobile Internet: terminal devices, networks and services[J]. Chinese Journal of Computers, 2011,34(11):2029-2051.
[78]	周昌令，钱群，赵伊秋等. 校园无线网用户群体的移动行为聚集分析[J]. 通信学报， 2013,34(Z2):111-116. ZHOU C L , QIAN Q , ZHAO Y Q , et al. Modularity analysis of users' mobile behavior in campus wireless network[J]. Journal on Commu-nications, 2013,34(Z2):111-116.
[11]	江健，诸葛建伟，段海新等. 僵尸网络机理与防御技术[J]. 软件学报， 2012,23(1):82-96. JIANG J , ZHUGE J W , DUAN H X , et al. Research on botnet mechanisms and defenses[J]. Journal of Software, 2012,23(1):82-96.
[12]	HOLZ T , GORECKI C , RIECK K , et al. Measuring and detecting fast-flux service networks[A]. Proc of the 15th Network and Distrib-uted System Security Symposium (NDSS'08)[C]. San Diego, USA, 2008.
[13]	YODA K , ETOH H . Finding a connection chain for tracing intrud-ers[A]. Proc of the 6th European Symposium on Research in Com-puter Security[C]. Toulouse, France, 2000. 191-205.
[14]	ZHU Y , FU X W , GRAHAM B , et al. On flow correlation attacks and countermeasures in mix networks[A]. Proc of 2004 Privacy Enhancing Technologies(PET'04)[C]. Toronto, Canada, 2004. 207-225.
[15]	DONOHO D L , FLESIA A G , SHANKAR U , et al. Multiscale step-ping-stone detection: detecting pairs of jittered interactive streams by exploiting maximum tolerable delay[A]. Proc of the 5th International Symposium on Recent Advances in Intrusion Detection[C]. Zurich,Switzerland, 2002. 17-35.
[16]	WANG X , REEVES D , WU S F . Inter-packet delay based correlation for tracing encrypted connections through stepping stones[A]. Proc of the 7th European Symposium on Research in Computer Security[C]. Zurich,Switzerland, 2002. 244-263.
[17]	COX J , MILLER L , BLOOM J , et al. Digital watermarking[M]. San Francisco:Morgan-Kaufmann, 2001.
[18]	程光，龚俭 . 互联网流测量[M]. 南京：东南大学出版社， 2008. CHENG G , GONG J . Internet Flow Measurement[M]. Nanjing: South-east University Press, 2008.
[79]	NDN Testbed[EB/OL]. , http://named-data.net/ndn-testbed/, 2013-11.
[80]	AFANASYEV A , MOISEENKO I , ZHANG L X . NDNSIM: NDN Simulator for NS-3[R]. NDN Technical Report NDN-0005, 2012.
[19]	HOUMANSADR A , KIYAVASHY N , BORISOV N . Rainbow: a robust and invisible non-blind watermark for network flows[A]. Proc of the 16th Network and Distributed System Security Symposium (NDSS'09)[C]. San Diego,USA, 2009.
[20]	PARK Y H , REEVES D S . Adaptive watermarking against deliberate random delay for attack attribution through stepping stones[A]. Proc of the 9th International Conference on Information and Communica-tions Security[C]. Zhengzhou, China, 2007.
[21]	YU W , FU X W , GRAHAM S , et al. DSSS-based flow marking tech-nique for invisible traceback[A]. Proc of the 2007 IEEE Symposium on Security and Privacy[C]. Oakland, USA, 2007. 18-32.
[22]	傅翀，钱伟中，赵明渊等. 匿名通信系统时间攻击的时延规范化防御方法[J]. 东南大学学报(自然科学版)， 2009,39(4):738-741. FU C , QIAN W Z , ZHAO M Y , et al. Delay normalization method of defending against timing-based attacks on anonymous communication systems[J]. Journal of Southeast University (Natural Science Edition), 2009,39(4):738-741.
[23]	RAMSBROCK D , WANG X Y , JIANG X Z . A first step towards live botmaster traceback[A]. Proc of the 11th International Symposium on Recent Advances in Intrusion Detection[C]. Cambridge, USA, 2008. 59-77.
[24]	王小刚 . 基于网络流水印的入侵追踪技术研究[D]. 南京：东南大学， 2012. WANG X G . Research on Intrusion Traceback Exploiting Network Flow Watermarking[D]. Nanjing: Southeast University, 2012.
[25]	WANG X Y , REEVES D S , WU S F , et al. Sleepy watermark tracing:an active network-based intrusion response framework[A]. Proc of the IFIP TC11 16th Annual Working Conference on Information Security:Trusted Information: the New Decade Challenge[C]. Paris, France, 2001. 369-384.
[26]	ZHAO Q J , LU H T . A PCA-based watermarking scheme for tam-per-proof of Web pages[J]. Pattern Recognition, 2005,38(8):1321-1323.
[27]	HUANG H J , WANG Y J , XIE L L , et al. An active anti-phishing solution based on semi-fragile watermark[J]. Information Technology Journal, 2013,12(1):198-203.
[28]	HUANG J W , PAN X , FU X W , et al. Long PN code based DSSS watermarking[A]. Proc of the IEEE INFOCOM 2011[C]. Shanghai, China, 2011. 2426-2434.
[29]	FU X W , ZHU Y , GRAHAM B , et al. On flow marking attacks in wireless anonymous communication networks[A]. Proc of the 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05)[C]. Columbus, USA, 2005. 493-503.
[30]	WANG X Y , REEVES D S . Robust correlation of encrypted attack traffic through stepping stones by manipulation of interpacket de-lays[A]. Proc of the 10th ACM Conference on Computer And Com-munications Security[C]. Washington DC, USA, 2003. 20-29.
[31]	WANG X Y , CHEN S P , JAJODIA S S . Tracking anonymous peer-to-peer VoIP calls on the internet[A]. Proc of the 12th ACM Con-ference on Computer And Communications Security[C]. Alexandria, USA, 2005. 81-91.
[32]	ZHANG L , LUO J Z , YANG M . An improved DSSS-based flow marking technique for anonymous communication traceback[A]. Proc of the 2009 Symposia and Workshops on Ubiquitous, Autonomic and Trusted Computing(UIC-ATC'09)[C]. Brisbane, Australia, 2009. 563-567.
[33]	张连成，王振兴，徐静 . 一种新的隐形流水印技术[J]. 应用科学学报， 2012,30(5):524-530. ZHANG L C , WANG Z X , XU J . A novel invisible and private flow watermarking scheme[J]. Journal of Applied Sciences, 2012,30(5):524-530.
[34]	WANG X Y , CHEN S P , JAJODIA S S . Network flow watermarking attack on low-latency anonymous communication systems[A]. Proc of the 2007 IEEE Symposium on Security and Privacy[C]. Oakland, USA, 2007. 116-130.
[35]	WANG X G , LUO J Z , YANG M . A double interval centroid-based watermark for network flow traceback[A]. Proc of the 14th Interna-tional Conference on Computer Supported Cooperative Work in De-sign[C]. Shanghai, China, 2010. 146-151.
[36]	LUO J Z , WANG X G , YANG M . An interval centroid based spread spectrum watermarking scheme for multi-flow traceback[J]. Journal of Network and Computer Applications, 2012,35(1):60-71.
[37]	PYUN Y J , PARK Y H , WANG X Y , et al. Tracing traffic through intermediate hosts that repacketize flows[A]. Proc of IEEE INFO-COM 2007[C]. Anchorage, USA, 2007. 634-642.
[38]	JIA W J , TSO F P , LING Z , et al. Blind detection of spread spectrum flow watermarks[A]. Proc of the IEEE INFOCOM 2009[C]. Rio de Janeiro,Brazil, 2009. 2195-2203.
[39]	RTAI T . Real time application interface(RTAI)[EB/OL]. , http://www.rtai.org, 2012. 08 23
[40]	张璐，罗军舟，杨明 . 基于正交流量特征的多维流水印技术[A]. 2010年全国通信安全学术会议论文集[C]. 昆明，中国， 2010. 243-248. ZHANG L , LUO J Z , YANG M . Orthogonal flow characteristics based multi-dimensional flow watermarking technique[A]. Proc of the 2010 China Communication Security Symposium[C]. Kunming, China, 2010. 243-248.
[41]	KIYAVASH N , HOUMANSADR A , BORISOV N . Multi-flow attacks against network flow watermarking schemes[A]. Proc of the 17th conference on USENIX Security Symposium[C]. San Jose, USA, 2008. 307-320.
[42]	HOUMANSADR A , BORISOV N . SWIRL: a scalable watermark to detect correlated network flows[A]. Proc of the 18th Network and Dis-tributed System Security Symposium 2011[C]. San Diego, USA, 2011.
[43]	EVANS N S , DINGLEDINE R , GROTHOFF C . A practical conges-tion attack on Tor using long paths[A]. Proc of the 18th Conference on USENIX Security Symposium[C]. Montreal, Canada, 2009. 33-50.
[44]	LIN Z , HOPPER N . New attacks on timing-based network flow wa-termarks[A]. Proc of the 21th Conference on USENIX Security Symposium[C]. Bellevue, USA, 2012. 1-16.
[45]	张连成，王振兴，徐静 . 一种基于包序重排的流水印技术[J]. 软件学报， 2011,22(2):17-26. ZHANG L C , WANG Z X , XU J . Flow watermarking scheme based on packet reordering[J]. Journal of Software, 2011,22(2):17-26.
[46]	ANGRISANI L , CAPRIGLIONE D , FERRIGNO L , et al. Packet jitter measurement in communication networks: a sensitivity analysis[A]. Proc of the IEEE International Workshop on Measurement and Net-working 2011[C]. Anacapri, Italy, 2011. 146-151.
[47]	BREGNI S , BARUFFALDI A , PATTAVINA A . Active measurement and time-domain characterization of IP packet jitter[A]. Proc of the IEEE Latin-American Conference on Communications 2009[C]. Medellin, Columbia, 2009. 1-6.
[48]	ALLMAN M , PAXSON V . TCP congestion control[EB/OL]. , http://tools.ietf.org/html/rfc5681, 2009.
[49]	POSTEL J . Transmission control Protocol[EB/OL]. , http://www.ietf.org/rfc/rfc793.txt, 1981.
[50]	PENG P , NING P , REEVES D S . On the secrecy of timing-based active watermarking trace-back techniques[A]. Proc of the 2006 IEEE Symposium on Security and Privacy[C]. Oakland, USA, 2006. 334-349.
[51]	WANG X G , LUO J Z , YANG M . An efficient sequential watermark detection model for tracing network attack flows[A]. Proc of the 16th IEEE International Conference on Computer Supported Cooperative Work in Design[C]. Wuhan, China, 2012. 236-243.
[52]	LUO X P , ZHANG J J , PERDISCI R , et al. On the secrecy of spread-spectrum flow watermarks[A]. Proc of the European Sympo-sium on Research in Computer Security 2010[C]. Athens, Greece, 2010. 232-248.
[53]	LUO X P , ZHOU P , ZHANG J J , et al. Exposing invisible tim-ing-based traffic watermarks with BACKLIT[A]. Proc of the 27th Annual Computer Security Applications Conference[C]. Orlando, USA, 2011. 197-206.
[54]	PENG P , NING P , REEVE D S , et al. Active timing-based correlation of perturbed traffic flows with chaff packets[A]. Proc of the 25th In-ternational Conference on Distributed Computing Systems Work-shops[C]. Columbus, USA, 2005. 107-113.
[55]	WANG X G , YANG M , LUO J Z . A novel sequential watermark de-tection model for efficient traceback of secret network attack flows[J]. Journal of Network and Computer Applications, 2013,36(6):1660-1670.
[56]	ZHANG L C , WANG Z X , WANG Q L , et al. MSAC and multi-flow attacks resistant spread spectrum watermarks for network flows[A]. Proc of the 2nd IEEE International Conference on Information and Financial Engineering[C]. Chongqing, China, 2010. 438-441.
[57]	HOUMANSADR A , KIYAVASH N , BORISOV N . Multi-flow attack resistant watermarks for network flows[A]. Proc of the 2009 IEEE In-ternational Conference on Acoustics, Speech and Signal Processing[C]. Taipei, China, 2009. 1497-1500.
[58]	GONG X , RODRIGUES M , KIYAVASH N . Invisible flow water-marks for channels with dependent substitution, deletion, and bursty insertion errors[EB/OL]. , http://arxiv.org/pdf/1302.5734v1.pdf, 2013.

Metrics

Recommended 0

No Suggested Reading articles found!

方法	隐蔽性	水印容量	时空开销	提取难度	NW/BW	顽健性	实用性
DSSS-W^[21]	★★★☆☆☆	★★☆☆☆☆	★★☆☆☆☆	★★☆☆☆☆	BW	★★☆☆☆☆	★★★☆☆☆
WBIPD^[30]	★★★☆☆☆	★★★☆☆☆	★★★★☆☆	★★★☆☆☆	BW	★★★☆☆☆	★★★★★☆
Ref.^[31]	★★★★★★	★★★☆☆☆	★★★☆☆☆	★★★★☆☆	BW	★★★★☆☆	★★★★☆☆
RAINBOW^[19]	★★★★★☆	★★★★★★	★★★★★★	★☆☆☆☆☆	NW	★★☆☆☆☆	★☆☆☆☆☆
ICBW^[34]	★★★★☆☆	★★★★☆☆	★★★☆☆☆	★★★★☆☆	BW	★★★★★☆	★★★★★☆
DICBW^[35]	★★★★★☆	★★★☆☆☆	★★★★☆☆	★★★★★☆	BW	★★★★★★	★★★★☆☆
ICBSSW^[36]	★★★★★☆	★★☆☆☆☆	★★★★★☆	★★★★☆☆	BW	★★★★★★	★★★★☆☆
IBW^[37]	★★☆☆☆☆	★★★☆☆☆	★★★★★☆	★★★☆☆☆	BW	★★★☆☆☆	★★★☆☆☆
SWIRL^[42]	★★☆☆☆☆	★★★☆☆☆	★★★★★★	★★★★★☆	BW	★★★★☆☆	★★☆☆☆☆
PROFW^[45]	★★★☆☆☆	★★☆☆☆☆	★★★★☆☆	★★★☆☆☆	BW	★★☆☆☆☆	★☆☆☆☆☆

安全问题分类	攻击名称	影响的ANFW	防范措施
	分组延迟	ALL	N/A
I型安全问题	分组变换	ALL	参见文献[54]
	ESWD探测^[51]
	FQZQ探测^[22]	基于分组间隔特征	N/A
II型安全问题	SWDM探测^[55]
	MSAC攻击^[38]	基于DSSS-W^[21]方法及其改进	参见文献[56]
	LZPL探测^[52]		N/A
	MFA攻击^[41]	ICBW^[34]＆IBW^[37]＆Multiple Offsets/Positions^[41]	参见文献[57,58]
	BACKLIT攻击^[53]	DSSS-W^[21]	N/A
	LH攻击^[44]	RAINBOW^[19]＆SWIRL^[42]	参见文献[44]
注：ALL：基于分组间隔特征、流速率和流时隙分割的ANFW；N/A：防范措施目前暂不存在。

Progress in research on active network flow watermark

RichHTML

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

Figures/Tables 15

References 58

Related Articles 15

Metrics

Recommended 0

[1]	Shiqi ZHAO, Xiaohong HUANG, Zhigang ZHONG. Research and implementation of reputation-based inter-domain routing selection mechanism [J]. Journal on Communications, 2023, 44(6): 47-56.
[2]	Haiyan KANG, Molan LONG. Research on network attack analysis method based on attack graph of absorbing Markov chain [J]. Journal on Communications, 2023, 44(2): 122-135.
[3]	Futai ZOU, Yue TAN, Lin WANG, Yongkang JIANG. Botnet detection based on generative adversarial network [J]. Journal on Communications, 2021, 42(7): 95-106.
[4]	Hongbin ZHANG, Yan YIN, Dongmei ZHAO, Bin LIU. Network security situational awareness model based on threat intelligence [J]. Journal on Communications, 2021, 42(6): 182-194.
[5]	Tengfei ZHANG, Shunzheng YU. Research prospects of user information detection from encrypted traffic of mobile devices [J]. Journal on Communications, 2021, 42(2): 154-167.
[6]	Xu CHENG, Yingying WANG, Nianjie ZHANG, Zhangjie FU, Beijing CHEN, Guoying ZHAO. Multi-level loss object tracking adversarial attack method based on spatial perception [J]. Journal on Communications, 2021, 42(11): 242-254.
[7]	Tao HUANG, Jiang LIU, Shuo WANG, Chen ZHANG, Yunjie LIU. Survey of the future network technology and trend [J]. Journal on Communications, 2021, 42(1): 130-150.
[8]	Zhiyong LUO,Xu YANG,Jiahui LIU,Rui XU. Network intrusion intention analysis model based on Bayesian attack graph [J]. Journal on Communications, 2020, 41(9): 160-169.
[9]	Hanxun ZHOU,Chen CHEN,Runze FENG,Junkun XIONG,Hong PAN,Wei GUO. Mobile malware traffic detection approach based on value-derivative GRU [J]. Journal on Communications, 2020, 41(1): 102-113.
[10]	JIANG Lyu,ZHANG Hengwei,WANG Jindong. Optimal strategy selection method for moving target defense based on signaling game [J]. Journal on Communications, 2019, 40(6): 128-137.
[11]	Hui ZHAO, Liangmin WANG. Hybrid anonymous channel for recipient untraceability via SDN-based node obfuscation scheme [J]. Journal on Communications, 2019, 40(10): 55-66.
[12]	Zhiyong LUO, Xu YANG, Guanglu SUN, Zhiqiang XIE, Jiahui LIU. Finite automaton intrusion tolerance system model based on Markov [J]. Journal on Communications, 2019, 40(10): 79-89.
[13]	Di WU,Binxing FANG,Xiang CUI,Qixu LIU. BotCatcher:botnet detection system based on deep learning [J]. Journal on Communications, 2018, 39(8): 18-28.
[14]	Shirui HUANG,Hengwei ZHANG,Jindong WANG,Ruiyu DOU. Network security threat warning method based on qualitative differential game [J]. Journal on Communications, 2018, 39(8): 29-36.
[15]	Xiaodong ZANG,Jian GONG,Xiaoyan HU. Detecting malicious domain names based on AGD [J]. Journal on Communications, 2018, 39(7): 15-25.