计算机工程与应用 ›› 2018, Vol. 54 ›› Issue (17): 103-109.DOI: 10.3778/j.issn.1002-8331.1708-0365

• 网络、通信与安全 • 上一篇    下一篇

适用于NAT环境的隐蔽通道构建方法

李  卫,嵩  天   

  1. 北京理工大学 计算机学院,北京 100081
  • 出版日期:2018-09-01 发布日期:2018-08-30

Covert channel applying to NAT environment

LI Wei, SONG Tian   

  1. School of Computer Science and Technology, Beijing Institute of Technology, Beijing 100081, China
  • Online:2018-09-01 Published:2018-08-30

PDF

摘要: 针对存在NAT(Network Address Translation,网络地址转换)情况下信息传输行为和内容的强隐蔽需求,提出了一种适用于NAT环境的隐蔽通道构建方法。该方法首先将待发送信息进行编码,核心在于利用传输层UDP数据包源端口号的序列变换实现隐蔽数据通信。该隐蔽通道能够有效适用于NAT环境,实现由内网地址向公网地址隐蔽的传递信息。在不同的NAT环境下对该方法进行了真实实验,验证了该方法在隐蔽传输方面的可行性,并对其传输速率、隐蔽性和鲁棒性进行了分析,实验结果表明该隐蔽信道在网络条件良好的情况下,能够达到2 kbit/s的传输速度。

关键词: 隐蔽通道, 网络地址转换, 源端口号, 序列编码

Abstract: According to requirement of hiding the sending behavior and content in network transmission, this paper proposes a method using the transport layer source port to construct covert channel. This method sends the encoding information through these quential coding of UDP source port number. The covert channel can effectively apply to the NAT environment and construct a covert channel for transmitting the covert information from the inside local IP address to the outside global IP address. Through the experiments, the paper verifies the feasibility of this method and analyzes its data rate, stealthiness, and robustness. The covert channel can achieve 2 Kbit/s transmission speed when the network condition is nice.

Key words: covert channel, Network Address Translation(NAT), source port, sequential coding

京ICP备13024262号-1
Copyright © 《计算机工程与应用》编辑部
技术支持:北京玛格泰克科技发展有限公司
总访问量
今日访问
在线人数