CN102664904A - Hidden file transfer service positioning method in passive mode - Google Patents
Hidden file transfer service positioning method in passive mode Download PDFInfo
- Publication number
- CN102664904A CN102664904A CN2012101529297A CN201210152929A CN102664904A CN 102664904 A CN102664904 A CN 102664904A CN 2012101529297 A CN2012101529297 A CN 2012101529297A CN 201210152929 A CN201210152929 A CN 201210152929A CN 102664904 A CN102664904 A CN 102664904A
- Authority
- CN
- China
- Prior art keywords
- node
- ftp
- hidden
- service
- tor
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a hidden file transfer service positioning method in a passive mode. The method mainly solves the problem that a hidden file transfer protocol (FTP) service provided by an anonymous communication system Tor is positioned in the passive access mode, and is used for reviewing and forbidding illegal FTP service and providing necessary technical means for supervision of network crimes. The method comprises the following steps of: supposing occupying an entry node of a suspicious anonymous circuit, triggering specific traffic characteristics in the anonymous circuit through a special access mode of an FTP client by using the characteristics of an FTP, and associating the time of accessing the hidden service and the time of detecting the specific traffic characteristics, wherein if the association result is larger than the set threshold value and the front node of a node of which the traffic characteristics are detected is not the onion router node of Tor, the front jump node of the node is a hidden server; and thus completing positioning of the hidden FTP service.
Description
Technical field
The present invention relates to particularly anonymous communication field of network security, is a kind of regulation technique of anonymous communication specifically, utilizes the characteristics of File Transfer Protocol that the service of hiding is positioned, to follow the trail of and to ban illegal FTP service.
Background technology
At first the abbreviation of using among the present invention is defined:
OP (Onion Proxy): onion agency;
OR (Onion Router): ONION ROUTER;
HS (Hidden Service): hide service;
HSA (Hidden Service Authority): hide service authority;
RP (Rendezvous Point): convergent point;
InP (Introduction Point): service imports point;
AES (Advanced Encryption Standard): Advanced Encryption Standard;
AES-CTR (AES in counter mode): AES counter mode;
FTP (File Transfer Protocol): FTP;
Tor is a kind of anonymous communication system based on transport layer TCP according to the MIX principle design, protecting network user's privacy of identities effectively.A complete Tor network is made up of client, LIST SERVER, ONION ROUTER and application server.Client is the local program that operates on the subscriber's main station, and (Onion Proxy OP), is responsible for the user and makes up anonymous path and become the data cell (Cell) of length to transmit data encapsulation to be referred to as the onion agency; LIST SERVER is mainly stored the nodal information of onion route, comprises node descriptor, public-key cryptography etc.; ONION ROUTER (Onion Router; OR) be responsible for forming anonymous circuit user data is carried out heavy-route; Anonymous path of Tor acquiescence is made up of 3 OR, is respectively Ingress node (Entry Node), intermediate node (Middle Node) and Egress node (Exit Node); Application server then provides concrete TCP application service, like FTP etc.
Except that domestic consumer is provided the anonymous service, Tor also protects the anonymity of Internet Service Provider, is referred to as to hide service (Hidden Service; HS); It comprises five parts, be respectively the user, hide service authority (Hidden Service Authority, HSA), hidden server, convergent point (Rendezvous Point; RP) and service import point (Introduction Point, InP).Hidden server imports some registration service information in service; The user hides the information that the service of autumn server imports point from hiding service authority acquisition; Then connect with convergent point, through importing point to the hidden server initiation request, server is set up the anonymous channel with convergent point simultaneously.Like this, will set up anonymous a connection between user, convergent point and hidden server, and provide service will can not expose ISP's true identity and position through this connection.
Attack for resisting flow analysis, Tor transmits the data cell (Cell) that application layer data is packaged into equal in length, and some are controlled and administration order also is filled to same length, to improve the fail safe of whole system.The data cell of Tor is divided two kinds of control unit (Control Cell) and TU Trunk Units (Relay Cell), and length all is fixed as 512 bytes, is divided into head and load two parts.Wherein, head comprises circuit identifier (CircID) field of one 2 byte and order (CMD) field of one 1 byte, and head can be not encrypted in transmission course, so the OR node of relaying can be checked header information.Because different communication both sides' data cell might be transmitted in same TLS connects; Circuit identifier is used to write down the affiliated anonymous circuit (Circuit) of this data cell; Anonymous circuit identifier between same OP-OR or OR-OR has nothing in common with each other, and the OR node utilizes circuit identifier to set up routing table and also in view of the above the data unit transmitted.Can data cell be divided into control unit and TU Trunk Unit according to command field, wherein control unit is responsible for transmitting management information, like the establishment of anonymous circuit and maintenance etc., is handled by OP that receives this data cell or OR node; TU Trunk Unit then is responsible for transmitting communication data end to end, and its payload segment is encrypted by setting up the symmetric key of consulting in the anonymous circuitry processes layer by layer, has only Egress node data decryption acquired information plaintext fully.For TU Trunk Unit, except that the head of standard, also have an extra head at payload segment, be used to write down the relevant information of end-to-end data.Whole payload segment adopts the AES counter mode, and (AES in counter mode AES-CTR) carries out encryption and decryption, at the Egress node place clear data is passed to final recipient.
Summary of the invention
The objective of the invention is to have brought opportunity when having guaranteed ISP's privacy, also for illegal service in order to overcome the service of hiding; Hidden file transmission service positioning method under a kind of Passive Mode has been proposed; Solved in the orientation problem of hiding the FTP service; With to illegal FTP service examine and ban, be the supervision of the network crime means that provide the necessary technical.
The technical scheme that the present invention adopts is: the hidden file transmission service positioning method under a kind of Passive Mode may further comprise the steps:
1) ONION ROUTER or the Bridge node of configuration right quantity:
(Hidden Server HS) is connected, so it can obtain the IP address of HS, if the regulator can control this Ingress node, then can accomplish the location of serving hiding easily because the Ingress node of anonymous circuit is directly with hidden server.Because the OR node of Tor aspiration provides, the Tor software of any configurable its operation per capita makes it become the OR node, so the regulator can utilize this characteristic in the Tor network, to insert some OR nodes that receive its control.When making up anonymous circuit; Tor adopts the bandwidth method of weighting to select the OR node; But bandwidth information is only reported by each node and does not verify; Therefore regulator OR node can be lied about it and had the maximum bandwidth 50MB/s that Tor allows, and is chosen as the node that makes up anonymous circuit thereby obtain bigger probability than normal OR node.In addition, also the antiblocking of Tor capable of using mechanism is accomplished occupying anonymous circuit Ingress node through the mode that Bridge is provided.After occupying Ingress node, the regulator supposes that at first its previous dive node is hidden server, through following steps it is verified subsequently and gets rid of wrong report;
2) regulator starts the Tor client and is connected into the Tor network, utilizes ftp client to visit in a particular manner and hides the FTP service:
The regulator moves the Tor client and is connected into the Tor network on local host, the configuration ftp client utilizes the Tor visit to hide service.The regulator visits the purpose of the service of hiding except that obtaining its content, also will cause specific flowed fluctuation in the anonymous circuit through special access mode, and the node of controlling for the regulator detects.Tor transmits all data encapsulation in Cell, intermediate node can't be known particular content wherein, unique available be the quantity that statistics is transmitted Cell.File Transfer Protocol has initiatively and passive dual mode, and is as shown in Figure 1, but because Tor is the agency of a transport layer in essence, therefore can not opens port according to active mode and supply ftp server to connect, and therefore can only adopt passive mode through Tor visit FTP.For under passive, causing detectable traffic characteristic, the present invention has designed following two kinds of methods:
21) after ftp client and server are set up TCP and are connected, send a series of orders carrying out corresponding file operation through this connection, like: change current directory, set up new directory, deleted file etc., can detect flow through the number of order.Because the data among the Tor are to encrypt to transmit, OR can only not be encapsulated among the same Cell for making different commands through the quantity identification flow of Cell, need reserve corresponding interval when sending order;
22) when downloading a certain file first, need utilize the required Cell quantity of OP record transmission this document of Tor, after transmission is accomplished, download identical file once more, and detect flowed fluctuation through the mode that detects Cell quantity;
3) on ONION ROUTER that the regulator controlled or Bridge, detect specific traffic characteristic; According to step 2); Being characterized as of required detection passes in the certain hour window to unidirectional Cell quantity; As if big or small consistent (according to the different access modules) of its number with order quantity of sending or file in download, then decidable detects particular flow rate, notes corresponding IP address and time;
4) repeating step 2 repeatedly) and 3), the time that the FTP service is hidden in the time that detects the particular flow rate characteristic and visit carries out related, alternative relevant parameter comprises relative coefficient etc.;
5) for the object of association results greater than setting threshold, judge whether it is ONION ROUTER or Bridge node, if all do not meet, then decidable its be hidden server:
Because the traffic characteristic of all nodes in the anonymous circuit of whole hiding service is identical, therefore need confirm to detect the accurate position of the node of particular flow rate.Because the circuit length of Tor is defaulted as 3 and jumps; Therefore if detect direct and convergent point (the Rendezvous Point of the OR of correlative flow; RP) link to each other, then decidable its be Egress node, previous dive can not be a hidden server; Need to cut off anonymous circuit this moment, and rebulid the detection of circuit continued at hidden server; Otherwise, check whether LIST SERVER is disclosed OR node with the previous dive node of judging current OR node, if not, then set up one one circuit of jumping and connect the previous dive node, if can not connect, then it is a hidden server.
Beneficial effect: the present invention utilizes the characteristics of File Transfer Protocol, through making discernible flowed fluctuation and detecting, has realized under Passive Mode to hiding the location of FTP service, for illegal supervision of serving provides the necessary technology means.
Description of drawings
Fig. 1 is the comparison diagram of File Transfer Protocol dual mode of the present invention.
Embodiment
Below in conjunction with embodiment the present invention is described further:
1. dispose the ONION ROUTER or the Bridge node of right quantity, to occupy the Ingress node of anonymous circuit:
(Hidden Server HS) is connected, so it can obtain the IP address of HS, if the regulator can control this Ingress node, then can accomplish the location of serving hiding easily because the Ingress node of anonymous circuit is directly with hidden server.Because the OR node of Tor aspiration provides, the Tor software of any configurable its operation per capita makes it become the OR node, so the regulator can utilize this characteristic in the Tor network, to insert some OR nodes that receive its control.When making up anonymous circuit; Tor adopts the bandwidth method of weighting to select the OR node; But bandwidth information is only reported by each node and does not verify; Therefore regulator OR node can be lied about it and had the maximum bandwidth 50MB/s that Tor allows, and is chosen as the node that makes up anonymous circuit thereby obtain bigger probability than normal OR node.In addition, also the antiblocking of Tor capable of using mechanism is accomplished occupying anonymous circuit Ingress node through the mode that Bridge is provided.
According to pertinent literature, the probability that occupies Ingress node is except that closely related with bandwidth, and is also relevant with the scale of monitor node, under the situation that resource allows, also can occupy more Ingress node through the quantity that increases monitor node.After occupying Ingress node, the regulator supposes that at first its previous dive node is hidden server, verifies it through following steps subsequently;
2. service is hidden in visit, generates particular flow rate and detects related:
A) carry out association according to the FTP order quantity of sending:
(1) setting up FTP connects and obtains listed files.After regulator Tor client and hidden server are set up anonymous path, be visit FTP, ftp client sends the TCP connection request.Therefore; Client OP will send a RELAY_BEGIN TU Trunk Unit; Hidden server then returns a RELAY_CONNECTED TU Trunk Unit and representes that TCP connects foundation and accomplishes, and client OP sends order through a RELAY_DATA TU Trunk Unit and obtains listed files subsequently.In this process, the OR node on the anonymous circuit is not known the specific instructions of TU Trunk Unit, has sent two TU Trunk Units but can detect to the hidden server direction, and between two TU Trunk Unit, rightabout has returned a TU Trunk Unit.
(2) send the FTP order.After obtaining the current directory tabulation, ftp client can continue to send order and carry out various file operations, as switching current directory, setting up new directory, deleted file etc., until the order of sending file in download.The time interval that regulator's control is given an order is so that for each order, client OP all can send an independent RELAY_DATA TU Trunk Unit to the hidden server direction.The regulator notes order number of sending and the concrete time of sending.
(3) detect flow rate mode.OR node on the anonymous circuit can't be known the specific instructions of TU Trunk Unit, is TU Trunk Unit or command unit but can distinguish data cell, and knows the circuit identifier under the data cell.Be regarded as a traffic characteristic assembly (Characteristic Component) if will " send a TU Trunk Unit → hidden server to hidden server and return a TU Trunk Unit → send a TU Trunk Unit " to hidden server; Send m order altogether after supposing to obtain directory listing; Then in whole process, will produce 1 traffic characteristic assembly on the anonymous circuit and follow m TU Trunk Unit that mails to the hidden server direction thereafter, be to set up new TCP connection to send a features component once more when file in download.Visit in the process of the service of hiding the regulator, the data cell on every anonymous circuit of the OR nodes records of its control if in these data cells, detect above-mentioned m+2 pattern just, is then thought to detect the particular flow rate that the visit service of hiding is produced.Regulator's record detects the time and the corresponding anonymous circuit previous dive IP addresses of nodes of particular flow rate.
(4) communication flows is related.Regulator's repeating step 1-3 hides FTP service and file in download through repeatedly visiting, and detects the traffic characteristic of its generation respectively.For the testing result that records identical ip addresses, calculate the relevance of hiding between service access and the communication flows fluctuation.The present invention adopts coefficient correlation (correlation coefficient) expression relevance, and its computational methods are:
Wherein, X representes to begin the time of file in download; Y representes to detect the time of specific access flow;
and
representes the mean value of x and y respectively, and i representes the number of times of repetition.As the ρ that calculates
X, yValue is during greater than prior preset threshold, thinks that behavior and detected flowed fluctuation that service is hidden in visit have relevance.
B) carry out association according to the size of file:
(1) file in download.The regulator hides the FTP service through the ftp client visit, downloads certain file.The regulator utilizes the required RELAY_DATA TU Trunk Unit quantity of this file of transmission in the OP record page of revising.Suppose to transmit this document and need k RELAY_DATA TU Trunk Unit altogether
(2) download this document once more.The regulator downloads this document once more after obtaining this document, record obtains the time of this document for the second time and informs that the value of the RELAY_DATA TU Trunk Unit that regulator OR node transmission this document is required is k.
(3) detect flow rate mode.The RELAY_DATA TU Trunk Unit quantity that the OR nodes records of regulator control is transmitted on every anonymous circuit after the file in download again; In the regular hour window; If the quantity of RELAY_DATA TU Trunk Unit equals k, then think to detect the particular flow rate that the visit service of hiding is produced.Regulator's record detects the time and the corresponding anonymous circuit previous dive IP addresses of nodes of particular flow rate.
(4) communication flows is related.Regulator's repeating step 1-3 through a plurality of different files, detects the traffic characteristic of its generation respectively.For the testing result that records identical ip addresses, same formula calculates and hides the relevance of service access between fluctuating with communication flows in utilizing a).
3. for the object of association results, judge whether it is ONION ROUTER or Bridge node greater than setting threshold, if all do not meet, then decidable its be hidden server:
Because the traffic characteristic of all nodes in the anonymous circuit of whole hiding service is identical, therefore need confirm to detect the accurate position of the node of particular flow rate.Because the circuit length of Tor is defaulted as 3 and jumps; Therefore if detect direct and convergent point (the Rendezvous Point of the OR of correlative flow; RP) link to each other, then decidable its be Egress node, previous dive can not be a hidden server; Need to cut off anonymous circuit this moment, and rebulid the detection of circuit continued at hidden server; Otherwise, check whether LIST SERVER is disclosed OR node with the previous dive node of judging current OR node, if not, then set up one one circuit of jumping and connect the previous dive node, if can not connect, then it is a hidden server.Should be pointed out that for those skilled in the art, under the prerequisite that does not break away from the principle of the invention, can also make some improvement and retouching, these improvement and retouching also should be regarded as protection scope of the present invention.The all available prior art of each part not clear and definite in the present embodiment realizes.
Claims (4)
1. the transmission of the hidden file under Passive Mode service positioning method is characterized in that: may further comprise the steps:
1) ONION ROUTER or the Bridge node of configuration right quantity:
Because the Ingress node of anonymous circuit directly is connected with hidden server HS, so it can obtain the network ip address of HS, and the regulator controls this Ingress node, promptly accomplishes the location of serving hiding easily; Second generation onion route system Tor follows the bandwidth weighting algorithm when selecting Ingress node; It is big more to be that the high more ONION ROUTER OR of bandwidth becomes the probability of anonymous circuit Ingress node; The regulator disposes some OR nodes and reports its maximum bandwidth 50MB/s that allows, and then has very big possibility to occupy the Ingress node of anonymous circuit; In addition, also utilize the antiblocking mechanism of Tor, accomplish occupying anonymous circuit Ingress node through the mode that Bridge is provided;
2) be connected into the Tor network, utilize the ftp client visit to hide the FTP service, ftp client is that generation and record particular flow rate are taked special visit behavior and mode:
The regulator moves the Tor client and is connected into the Tor network on local host, the configuration ftp client utilizes the Tor visit to hide service; Because every the FTP order all needs a data unit to transmit, institute's downloaded files size also is not quite similar in addition, therefore sends the number of order or the file of transmission through control, in hiding ftp server and Tor network, generates specific flow;
3) on ONION ROUTER that the regulator controlled or Bridge, detect specific traffic characteristic, i.e. FTP number of commands and file size, it forms different data cell numbers on anonymous circuit;
The time that 4) will detect the particular flow rate characteristic carries out related with the time that the FTP service is hidden in visit;
5) for the object of association results, carry out affirmation work, judge whether it is ONION ROUTER or Bridge node greater than setting threshold, if all do not meet, then decidable its be hidden server:
Because the traffic characteristic of all nodes in the anonymous circuit of whole hiding service is identical; Therefore need confirm to detect the accurate position of the node of particular flow rate, specifically can whether link to each other and whether the previous dive node is that open OR node or Bridge judge according to this node with convergent point RP.
2. the hidden file transmission service positioning method under the Passive Mode according to claim 1 is characterized in that: said step 2), ftp client is the special access behavior and the mode that generate and the record particular flow rate is taked:
1) ftp client connects the ftp server of hiding; And send a FTP at regular intervals and order; Like switch operating catalogue, demonstration remote directory file and subdirectory tabulation; Through the transmitting time of order is controlled, so that it is distributed in the different data cells, so that it is detected;
2) Tor client records ftp client is downloaded the required data cell Cell quantity of a certain file, behind the certain hour interval, downloads this document again.
3. according to the hidden file under the said Passive Mode of claim 1 transmission service positioning method, it is characterized in that: in the said step 3), on ONION ROUTER that the regulator controlled or Bridge, detect the method for specific traffic characteristic:
1) because ftp client sends a FTP order at regular intervals, and each order is all transmitted through a data unit, node detects particular flow rate and writing time according to the quantity of the data cell of the sensing hidden server direction of transmitting;
2) because the size of file in download is fixed, whether the node basis is to download the particular flow rate that certain file produced from the quantity detection of the data cell of hidden server end return data.
4. according to the transmission of the hidden file under the said Passive Mode of claim 1 service positioning method, it is characterized in that: in the said step 5), for the object of association results greater than setting threshold; Carry out affirmation work, concrete grammar is: if node is connected with RP, then previous dive can not be a hidden server; Otherwise; Check the LIST SERVER of Tor, judge whether the previous dive node is disclosed OR node, or set up whether the anonymous circuit judges previous dive of single-hop node is Bridge; If all be false, then previous dive must be hidden server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210152929.7A CN102664904B (en) | 2012-05-16 | 2012-05-16 | Hidden file transfer service positioning method in passive mode |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210152929.7A CN102664904B (en) | 2012-05-16 | 2012-05-16 | Hidden file transfer service positioning method in passive mode |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102664904A true CN102664904A (en) | 2012-09-12 |
| CN102664904B CN102664904B (en) | 2015-04-15 |
Family
ID=46774314
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210152929.7A Expired - Fee Related CN102664904B (en) | 2012-05-16 | 2012-05-16 | Hidden file transfer service positioning method in passive mode |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102664904B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103458046A (en) * | 2013-09-13 | 2013-12-18 | 中国科学院信息工程研究所 | Data secrete sharing system and method based on core network |
| CN104580475A (en) * | 2015-01-13 | 2015-04-29 | 华为技术有限公司 | Remote control method, terminal equipment, management server and remote control system |
| CN108494769A (en) * | 2018-03-21 | 2018-09-04 | 广州大学 | The source tracing method of service is hidden in a kind of Tor Anonymizing networks |
| CN114051236A (en) * | 2022-01-12 | 2022-02-15 | 华东交通大学 | Anonymous communication method, system, medium and electronic device based on rerouting mechanism |
| CN115242674A (en) * | 2022-07-25 | 2022-10-25 | 上海交通大学 | Hidden service tracking system based on Tor protocol time sequence characteristics |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1564508A (en) * | 2004-03-22 | 2005-01-12 | 西安电子科技大学 | Anonymous connection method of broadband radio IP network |
| CN101577644A (en) * | 2009-06-16 | 2009-11-11 | 华中师范大学 | Peer-to-peer network application traffic identification method |
| CN101599968A (en) * | 2009-06-29 | 2009-12-09 | 北京航空航天大学 | Reliable anonymous transmission method and system |
| CN101714974A (en) * | 2008-10-08 | 2010-05-26 | 华为技术有限公司 | Method and network equipment for improving anonymity degree in anonymous network |
| CN102664881A (en) * | 2012-04-13 | 2012-09-12 | 东南大学 | Method for positioning hidden service under hypertext transfer protocol 1.1 |
-
2012
- 2012-05-16 CN CN201210152929.7A patent/CN102664904B/en not_active Expired - Fee Related
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1564508A (en) * | 2004-03-22 | 2005-01-12 | 西安电子科技大学 | Anonymous connection method of broadband radio IP network |
| CN101714974A (en) * | 2008-10-08 | 2010-05-26 | 华为技术有限公司 | Method and network equipment for improving anonymity degree in anonymous network |
| CN101577644A (en) * | 2009-06-16 | 2009-11-11 | 华中师范大学 | Peer-to-peer network application traffic identification method |
| CN101599968A (en) * | 2009-06-29 | 2009-12-09 | 北京航空航天大学 | Reliable anonymous transmission method and system |
| CN102664881A (en) * | 2012-04-13 | 2012-09-12 | 东南大学 | Method for positioning hidden service under hypertext transfer protocol 1.1 |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103458046A (en) * | 2013-09-13 | 2013-12-18 | 中国科学院信息工程研究所 | Data secrete sharing system and method based on core network |
| CN103458046B (en) * | 2013-09-13 | 2016-09-07 | 中国科学院信息工程研究所 | A kind of data secret shared system based on core network and method |
| CN104580475A (en) * | 2015-01-13 | 2015-04-29 | 华为技术有限公司 | Remote control method, terminal equipment, management server and remote control system |
| CN104580475B (en) * | 2015-01-13 | 2018-03-09 | 华为技术有限公司 | Long-range control method, terminal device, management server and tele-control system |
| CN108494769A (en) * | 2018-03-21 | 2018-09-04 | 广州大学 | The source tracing method of service is hidden in a kind of Tor Anonymizing networks |
| CN108494769B (en) * | 2018-03-21 | 2020-01-14 | 广州大学 | Tracing method for hidden service in Tor anonymous network |
| CN114051236A (en) * | 2022-01-12 | 2022-02-15 | 华东交通大学 | Anonymous communication method, system, medium and electronic device based on rerouting mechanism |
| CN115242674A (en) * | 2022-07-25 | 2022-10-25 | 上海交通大学 | Hidden service tracking system based on Tor protocol time sequence characteristics |
| CN115242674B (en) * | 2022-07-25 | 2023-08-04 | 上海交通大学 | Hidden service tracking system based on Torr protocol time sequence characteristic |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102664904B (en) | 2015-04-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102664881B (en) | Method for positioning hidden service under hypertext transfer protocol 1.1 | |
| CN110996318B (en) | Safety communication access system of intelligent inspection robot of transformer substation | |
| Yazdinejad et al. | Energy efficient decentralized authentication in internet of underwater things using blockchain | |
| JP5370592B2 (en) | Terminal, control apparatus, communication method, communication system, communication module, program, and information processing apparatus | |
| CN101300806B (en) | System and method for processing secure transmissions | |
| Li et al. | Distributed network intrusion detection system in satellite-terrestrial integrated networks using federated learning | |
| CN102664904B (en) | Hidden file transfer service positioning method in passive mode | |
| Ji et al. | A novel covert channel based on length of messages | |
| US8190764B2 (en) | Method and system for an intercept chain of custody protocol | |
| CN101714974A (en) | Method and network equipment for improving anonymity degree in anonymous network | |
| US20120300781A1 (en) | Packet Routing in a Network | |
| CN110366153A (en) | A kind of method of bluetooth ad hoc network | |
| CN113141365B (en) | Distributed micro-service data transmission method, device, system and electronic equipment | |
| Ntareme et al. | Security and performance aspects of bytewalla: A delay tolerant network on smartphones | |
| CN110855707A (en) | Internet of things communication pipeline safety control system and method | |
| CN108933763A (en) | A kind of data message sending method, the network equipment, control equipment and network system | |
| CN115118756A (en) | Method and device for designing safety interaction protocol in energy internet scene | |
| Zhao et al. | ESLD: An efficient and secure link discovery scheme for software‐defined networking | |
| Khalid et al. | An improved biometric based user authentication and key agreement scheme for intelligent sensor based wireless communication | |
| Geng et al. | A software defined networking-oriented security scheme for vehicle networks | |
| CN105703997B (en) | A kind of tunnel control method and device | |
| CN106936615A (en) | A kind of message processing method and device | |
| CN109962902A (en) | A kind of anti-network trace and the method and system for realizing Anonymous Secure access | |
| Sarala et al. | Enhanced packet routing queuing model in optical burst switching network using queue-based dynamic optical route scheduling | |
| US20210195418A1 (en) | A technique for authenticating data transmitted over a cellular network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20150415 Termination date: 20190516 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |