计算机工程与应用 ›› 2019, Vol. 55 ›› Issue (21): 99-103.DOI: 10.3778/j.issn.1002-8331.1808-0370

• 网络、通信与安全 • 上一篇    下一篇

SSH匿名流量网站指纹攻击方法

王凯,陈立云,李昊鹏   

  1. 1.陆军工程大学 装备模拟训练中心,石家庄 050003
    2.中国人民解放军 32151部队
  • 出版日期:2019-11-01 发布日期:2019-10-30

Website Fingerprinting Attack Method Against SSH Anonymous Traffic

WANG Kai, CHEN Liyun, LI Haopeng   

  1. 1.Equipment Simulation and Training Centre, Army Engineering University, Shijiazhuang 050003, China
    2.Unit 32151 of PLA, China
  • Online:2019-11-01 Published:2019-10-30

摘要: SSH匿名通信系统是保护信息安全和用户隐私的一种有效手段,但SSH匿名通信也有可能被用于网络犯罪活动,针对SSH匿名通信被滥用难以监管的问题,提出一种基于一维卷积神经网络的SSH匿名流量网站指纹攻击方法。该方法将特征工程与预测分类步骤整合,避免了传统指纹攻击方法中的特征提取、选择与组合的手工过程,将下行网络流按字节转换为相应数值并归一化,然后使用深度一维卷积神经网络提取高维流量指纹特征并预测分类,通过实验对100个网站目标进行指纹攻击,准确率达到92.03%,表明该方法能够对SSH匿名通信进行有效指纹攻击。

关键词: 网站指纹攻击, 匿名通信, 流量分析, 卷积神经网络, SSH协议

Abstract: SSH anonymous communication system is an effective means to protect information security and user’s privacy, but SSH anonymous communication may also be used for cybercrime activities. For the problem of SSH anonymous communication system being abuse is difficult to supervise, a website fingerprinting attack method against SSH anonymous traffic based on one-dimensional convolution neural network is proposed. The method integrates the feature engineering and the classification prediction step, and avoids the manual process of feature extraction, selection and combination in the traditional fingerprinting attack method. The method converts the downlink network stream into corresponding numeric values and normalizes them, then extracts the high-dimensional trafficfingerprint features and predicts the classification using the depth one-dimensional convolutional neural network. Through the experiment, using fingerprinting attack on 100 website targets, the accuracy rate reaches 92.03% and it indicates that the method can effectively attack the SSH anonymous communication.

Key words: website fingerprinting attack, anonymous communication, traffic analysis, convolutional neural network, SSH protocol