网络与信息安全学报 (Feb 2023)
Multiple redundant flow fingerprint model based on time slots
Abstract
With the increasingly widespread use of the Internet, various network security problems are frequently exposed, while the “patching” style security enhancement mechanisms cannot effectively prevent the growing security risks.The researchers in the field of network security believe that the future Internet architecture should take security as a basic attribute to provide the native security support which is also called as endogenous safety and security.In order to support the data trustworthiness of endogenous security, a time-slot based multiple redundant flow fingerprint model was designed and implemented based on the research of the watermark (or fingerprint) mechanism.The proposed model used only three time slot intervals and operated the packets within the specified time slots, so that the fingerprint can be embedded without conflicting with the adjacent bit operations.Redundant coding was introduced to improve the fingerprint robustness, and the behaviors such as jitter or malicious disruptions by attackers in the network were considered.Furthermore, the impacts of delayed interference, spam packet interference and packet loss interference were analyzed.The analytical results show that the robustness of the fingerprint model improves with increasing redundant bits when the packet distribution in the network stream is given.Besides, in order to reduce the consumption of time and space and improve the efficiency and accuracy of packet operations, a flow fingerprinting prototype system was designed and implemented based on the kernel, and its efficiency and robustness were evaluated.The experimental result show that the model has high robustness.Additionally, the application scenario of the model was elaborated, which can effectively detect man-in-the-middle attacks and prevent network identity spoofing with the help of the flow fingerprinting model.
