CN109962902A - A kind of anti-network trace and the method and system for realizing Anonymous Secure access - Google Patents
A kind of anti-network trace and the method and system for realizing Anonymous Secure access Download PDFInfo
- Publication number
- CN109962902A CN109962902A CN201711435017.XA CN201711435017A CN109962902A CN 109962902 A CN109962902 A CN 109962902A CN 201711435017 A CN201711435017 A CN 201711435017A CN 109962902 A CN109962902 A CN 109962902A
- Authority
- CN
- China
- Prior art keywords
- self
- built
- routing
- routing node
- internet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0421—Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention relates to anti-network trace and the method and system of realization Anonymous Secure access, which comprises self-built routing directory server and the self-built routing node of creation is created, to form the self-built onion routing region with internet onion routing zone isolation;Self-built routing directory server indexes self-built routing node and internet routing node, provides index service for self-built routing node;User terminal is by self-built routing directory server obtained from building routing node and internet routing node;User terminal accesses Internet resources by the anonymous communications between self-built routing node and internet routing node.The present invention solves the problems, such as onion routing network exit node honey jar, the routing node or LIST SERVER that the person that can prevent network attack has been controlled using it implement network trace, reduce user's privacy leakage problem caused by terminal operating system and due to the safety of browser, the security risk of anonymous access is reduced, the anti-trace ability of user is promoted.
Description
Technical field
The present invention relates to internet data security technology areas, and in particular to a kind of anti-network trace and realizes Anonymous Secure
The method and system of access.
Background technique
New Network Technique continuously emerged in recent years, the development of eavesdropping and tracer technique, so that tracking of the hacker to user
More and more with the means of acquisition of information, therefore, network security, secret protection and anti-tracking become for research hotspot, anonymous
Theory is one of the theory of most effective protection network security, can protect the privacy and safety of user well, it passes through one
Fixed method is hidden the correspondence in communication stream, makes attacker that can not know one side of relationship or communication of communicating pair
Identity, prevent eavesdropping and flow analysis.
Existing anonymity technology has mainly used public key cryptography and Reroute techniques, and Mix network receives a certain number of
After data packet, to these data packets carry out code conversion and it is randomly ordered after, message is exported in batch, to eliminate input data
It wraps and being associated between output data packet.In this set system, although attacker knows sender and recipients, but can not determine
Connection between the data packet that sender sends and the data packet that recipient receives, also can not just speculate sender and recipient it
Between communication relations.
But Mix has centrality, Mix system is the center of this network, such as the communication system based on agency
Fruit Mix is controlled by attacker, just cannot achieve anonymity.For this problem, can be saved in wherein setting no less than 2 Mix
Point, all Mix nodes that information is passed through from sender to recipient constitute sender's heavy-route, first node in network
Only know the information of sender, the last one node in network only knows the information of last recipient, and intermediate node is only known
The information of two neighboring node, sender and recipients can not be associated.
It realizes in multiple Mix nodes in anonymous network, according to the difference of approach to cooperation between node, and can divide
At:
1.Mix network: all Mix is all mutual independence, and attacker is difficult to know the entrance of sender and transmission path,
This mode anonymity is preferable.
Cascade: a string of Mix of 2.Mix constitutes a paths, and path immobilizes, and in this case, attacker knows
The entrance and exit and the node on path of path.
Onion routing is a kind of anonymous communication system based on transport layer TCP designed according to MIX principle, can be effectively
The privacy of identities for protecting the network user, is made of onion routing client, LIST SERVER, ONION ROUTER.Onion routing visitor
Family end is the local program operated on subscriber's main station, referred to as onion agency (Onion Proxy, OP), is responsible for user's structure
It builds anonymous path and encapsulates data into the data cell (Cell) of length and transmitted;LIST SERVER mainly stores onion road
By nodal information, including node descriptor, public-key cryptography etc.;ONION ROUTER (Onion Router, OR) is responsible for composition and hides
Name circuit carries out heavy-route to user data, and Tor defaults an anonymous path and is made of 3 OR, respectively Ingress node
(Entry Node), intermediate node (Middle Node) and Egress node (Exit Node).
To resist flow analysis attack, the data cell (Cell) that application layer data is packaged into equal length by Tor is carried out
Transmission, and some controls are also filled to same length with administration order, to improve the safety of whole system.The number of Tor
It is divided to two kinds of control unit (Control Cell) and relay unit (Relay Cell) according to unit, length is fixed as 512 bytes,
It is divided into head and load two parts.Wherein, head includes circuit identifier (CircID) field and 1 byte of 2 bytes
Order (CMD) field, head will not be encrypted in transmission process, therefore the OR node relayed can check that head is believed
Breath.Since the data cell of different communication both sides is possible to transmit in same TLS connection, circuit identifier is for recording this
Anonymous circuit (Circuit) belonging to data cell, same onion routing client and onion routing node or onion routing section
Point onion routing node between anonymous circuit identifier it is different, OR node establishes routing table and accordingly using circuit identifier
Data cell is forwarded.Data cell can be divided into control unit and relay unit according to command field, wherein control is single
Member is responsible for transmitting management information, the creation of such as anonymous circuit with safeguard, by receive OP the or OR node of the data cell into
Row processing;Relay unit is then responsible for transmitting communication data end to end, and payload segment is negotiated by establishing in anonymous circuitry processes
Symmetric key encrypt layer by layer, only Egress node could completely ciphertext data obtain information in plain text.For relay unit, except mark
Outside quasi- head, in payload segment, there are one additional heads, for recording the relevant information of end-to-end data.Entire load
Part carries out encryption and decryption using AES counter mode (AES in counter mode, AES-CTR), will be bright at Egress node
Literary data pass to final recipient.
Since the algorithm of onion routing LIST SERVER makes attacker still can be by itself huge Internet resources
Numerous Egress nodes that controllable sniff is added in LIST SERVER, steal user's privacy;Attacker can also be by right
The loophole of user's system for use in carrying and browser is attacked, and the identity information of user is directly obtained.LIST SERVER exposure
Under public network environment, there are security risks when user attempts to obtain routing node list.
Therefore, it is necessary to provide a kind of method and system of anti-network trace and realization Anonymous Secure access newly.
Summary of the invention
To solve the shortcomings of the prior art, the present invention provides a kind of anti-network trace and Anonymous Secure access is realized
Method, include the following steps:
Step S1: self-built routing directory server is created;
Step S2: self-built routing node is created;
Step S3: self-built routing node connects self-built routing directory server and registers;
Step S4: self-built routing directory server connection interconnection path by LIST SERVER, self-built routing directory server with from
Build the self-built onion routing region of routing node formation and internet onion routing zone isolation;
Step S5: self-built routing directory server provides index service for self-built routing node;
Step S6: user terminal is by self-built routing directory server obtained from building routing node and internet routing node;
Step S7: user terminal accesses internet money by the anonymous communications between self-built routing node and internet routing node
Source.
Wherein, in the step S4, self-built onion routing region is different from the communication protocol in internet onion routing region,
The communication protocol difference includes that the package of communication protocol is different and encryption method is different.
Wherein, in the step S2, the personal identification method of the self-built routing node and internet routing node that are created
Difference, the personal identification method difference include that signature algorithm is different and packet structure is different.
Wherein, in the step S5, the self-built routing directory server that is created is by by self-built routing node and interconnection
Net routing node is indexed and is stored respectively, provides index service for self-built routing node.
Wherein, in the step S5, when self-built routing directory server index interconnection path is by LIST SERVER, by such as
Lower step carries out:
Step S51: by self-built onion routing region and interconnection path, the network where LIST SERVER carries out network communication;
Step S52: mirror image interconnection path by LIST SERVER content.
Wherein, in the step S5, self-built routing directory server leads to when providing index service to self-built routing node
The communication between self-built routing node and the internet routing node trusted with self-built routing directory server is crossed, is observed
Internet routing node, and internet routing node is screened.
Wherein, in the step S5, when observed interconnection path by nodal information includes its IP address, stable operation
Between, signature, nodal properties and whether modify to the data packet forwarded by target.
Wherein, in the step S5, self-built routing directory server leads to when providing index service to self-built routing node
Cross countries and regions, parallel-adder settle-out time, nodal properties and Egress node the country in which it is located where self-built routing node and ground
Self-built routing node is screened in area.
Wherein, in the step S1, the content for creating self-built routing directory server includes:
Step S11: creation signature algorithm, so that self-built routing directory server can provide index clothes for self-built routing node
Business;
Step S12: modification catalogue Voting Algorithm, so that interconnection path can not link self-built routing by the client of LIST SERVER
LIST SERVER, to achieve the purpose that private is isolated.
Wherein, in the step S2, the content for creating self-built routing node includes:
Step S21: modifying self-built routing node internal server signature algorithm, calculates it with the signature created in step S11
Method matching;
Step S22: it modifies self-built routing node and jumps Encryption Algorithm;
Step S23: the address of self-built routing node internal server is modified.
Invention additionally provides a kind of anti-network trace and the systems for realizing Anonymous Secure access, comprising:
Self-built onion routing region is present under public network environment with internet onion routing region, but mutually isolated;
It wherein, include self-built routing directory server and multiple self-built routing nodes in self-built onion routing region;Internet ocean
It include internet onion routing LIST SERVER and multiple internet routing nodes in green onion Routing Area;
Self-built routing directory server can pass through the network between self-built onion routing region and internet onion routing region
Communication, the content in mirror image internet onion routing region obtain user terminal to provide index service for self-built routing node
It is derived from and builds routing node and interconnection path by nodal information, and by logical between self-built routing node and internet routing node
Letter, anonymous access Internet resources.
Wherein, the self-built onion routing region is different from the communication protocol in internet onion routing region, and described is logical
Letter agreement difference includes that the package of communication protocol is different and encryption method is different.
Wherein, the self-built routing node is different from the personal identification method of internet routing node, and the identity is known
Other method difference includes that signature algorithm is different and packet structure is different.
Wherein, the self-built routing directory server is when providing index service to self-built routing node, to interconnection path
The mode screened by node are as follows: pass through self-built routing node and the interconnection trusted with self-built routing directory server
Communication between net routing node observes internet routing node, to realize the screening of internet routing node.
Wherein, observed interconnection path includes its IP address, parallel-adder settle-out time, signature, node spy by nodal information
Property and whether modify to the data packet forwarded by target.
Wherein, the self-built routing directory server is when providing index service to self-built routing node, by from road construction
As where node countries and regions, parallel-adder settle-out time, nodal properties and Egress node the country in which it is located and area to self-built
Routing node is screened.
Anti- network trace provided by the invention and the method and system for realizing Anonymous Secure access, pass through creation and internet
The self-built onion routing region of onion routing zone isolation, and by realizing self-built routing directory server and self-built routing node
Controllability, solve the problems, such as onion routing network exit node honey jar, the routing that the person that can prevent network attack utilizes it to control
Node or LIST SERVER implement network trace, reduce user's privacy caused by terminal operating system and due to the safety of browser
Leakage problem reduces the security risk of anonymous access, promotes the anti-trace ability of user.
Detailed description of the invention
Fig. 1: the implementation flow chart of anti-network trace and the method for realizing Anonymous Secure access of the invention;
Fig. 2: the self-built onion routing area based on anti-network trace constructed by method of the invention and realization Anonymous Secure access
Domain implementation flow chart;
Fig. 3: the implementation flow chart of anti-network trace and one embodiment of method for realizing Anonymous Secure access of the invention.
Description of symbols
10 self-built onion routing regions
11 self-built routing directory servers
12 self-built routing nodes
20 internets onion routing region
21 interconnection paths are by LIST SERVER
22 internet routing nodes
30 user terminals
40 servers.
Specific embodiment
In order to have further understanding to technical solution of the present invention and beneficial effect, it is described in detail with reference to the accompanying drawing
Technical solution of the present invention and its beneficial effect of generation.
Fig. 1 is based on anti-network trace of the invention and to realize anti-network trace constructed by the method for Anonymous Secure access
And realize the structural schematic diagram of the system of Anonymous Secure access, as shown in Figure 1, anti-network trace provided by the present invention and realization
The method of Anonymous Secure access, implementation method are as follows.
Step S1: creating self-built routing directory server 11, since self-built routing directory server 11 is to be aftermentioned
Self-built routing node index service is provided, the present invention passes through creation during creating self-built routing directory server 11
Signature algorithm realizes this purpose;Meanwhile by modifying catalogue Voting Algorithm, so that client of the interconnection path by LIST SERVER 21
End can not link self-built routing directory server 11, to achieve the purpose that private is isolated.
Step S2: creating self-built routing node 12, likewise, the index function in order to realize self-built routing directory server 11
Can, the present invention can make itself and self-built routing directory server by modifying self-built 12 internal server signature algorithm of routing node
11 signature algorithm matching, also, during creating self-built routing node 12, the present invention modifies its internal server simultaneously
Address and node jump Encryption Algorithm, with achieve the purpose that be isolated private.
In the present invention, the self-built routing node 12 created is different from the personal identification method of internet routing node 22,
The personal identification method difference includes that signature algorithm is different and packet structure is different.
Step S3: self-built routing node 12 connects self-built routing directory server 11 and registers.
Step S4: the self-built connection of routing directory server 11 interconnection path is by LIST SERVER 21, so far, self-built routing mesh
It records server 11 and forms the self-built onion routing region being isolated with internet onion routing region 20 with self-built routing node 12
10;Also, self-built onion routing region 10 is directed to user terminal 30, and internet onion routing region 20 is directed to server 40.From
Build that onion routing region 10 is different from the communication protocol in internet onion routing region 20, the communication protocol difference includes logical
Believe that the package of agreement is different and encryption method is different.
Step S5: self-built routing directory server 11 is that self-built routing node 12 provides index service, so that user terminal
30 it is subsequent can by be obtained from build routing node 12 realize anonymous access.
Specifically, index service provided by self-built routing directory server 11, by by self-built routing node 12 and mutually
Networking routing node 12 indexes respectively and stores realization, and self-built routing directory server 11 indexes interconnection path by LIST SERVER
When 21, carry out as follows:
Step S51: network is carried out by 21 place network of LIST SERVER by self-built onion routing region 10 and interconnection path and is led to
Letter;
Step S52: mirror image interconnection path by LIST SERVER 21 content, to complete to index.
Step S6: user terminal obtained from building routing node 12, and then is obtained mutual by self-built routing directory server 11
Networking routing node 22.
Step S7: user terminal is accessed by the anonymous communications between self-built routing node 12 and internet routing node 22
Internet resources.
In the present invention, self-built routing directory server 11 needs pair when providing index service to self-built routing node 12
Self-built routing node 12 and internet routing node 22 are screened, and when screening to self-built routing node 12, reference is self-built
Countries and regions, parallel-adder settle-out time, nodal properties and Egress node the country in which it is located and area etc. where routing node 12
Information;When being screened to internet routing node 22, by self-built 12 He of routing node, with self-built routing directory server 11
The communication between internet routing node 22 trusted observes the nodal information of internet routing node 22 to be sieved
Choosing, these information include interconnection path by the IP address of node 22, parallel-adder settle-out time, signature, nodal properties and to passing through
Whether the data packet of target forwarding modifies.
Fig. 2 is the self-built onion road based on anti-network trace constructed by method of the invention and realization Anonymous Secure access
By region implementation flow chart, as shown in Fig. 2, in order to create the self-built onion routing area that completely can be realized isolation purpose
Domain, realization process include the following steps:
Step 100: by self-built routing directory server 11, for client provide self-built routing node 12 and interconnection path by
22 index service of node, when creating self-built LIST SERVER 11, built-in LIST SERVER signature algorithm.
Step 101: modification catalogue Voting Algorithm, so that the corresponding client in internet onion routing region 20 can not link
Server in self-built onion routing region 10 achievees the purpose that private is isolated.
Step 102: internal server signature algorithm is modified in self-built routing node 12, to match self-built routing directory service
The signature algorithm of device 11.
Step 103: jumping Encryption Algorithm in the modification of self-built routing node 12.
Step 104: modifying internal directory servers address in self-built routing node 12.
Step 105: self-built routing node 12 connects self-built routing directory server 11 and is registered, and makes self-built routing directory
Server 11 is isolated with interconnection path by LIST SERVER 21, and the onion routing user of Internet site is not available self-built routing
LIST SERVER 11.
Step 106: self-built routing directory server 11 connects interconnection path by LIST SERVER 21.
Step 107: modification user terminal 30, the dangerous function such as filtering JS script execution.
Step 108: the inside socket communication of self-built route agent being added in user terminal 30, so that browser only leads to
It crosses self-built routing node 12 and accesses internet.
In the present invention, so-called user terminal can be trusted operating system or secure browser.
Fig. 3 is the implementation flow chart of anti-network trace and one embodiment of method for realizing Anonymous Secure access of the invention,
As shown, using anti-network trace of the invention and the method for realizing Anonymous Secure access one substantially the realization process includes:
Step 200: self-built routing directory server is disposed in public network.
Step 201: in the dispersion self-built routing node of place deployment, each self-built routing node is using different public network IPs
Location.
Step 202: user terminal is by self-built routing directory server obtained from building routing node and interconnection path by saving
Point information.
Step 203: user terminal is communicated by self-built routing node and internet routing node.
Step 204: user terminal passes through self-built routing node anonymous access Internet resources.
It is so-called " onion acts on behalf of (Onion Proxy, OP) " in the present invention, it is mainly responsible for and constructs anonymous path for user
And the data cell (Cell) for encapsulating data into length is transmitted.
It is so-called " ONION ROUTER (Onion Router, OR) " in the present invention, be mainly responsible for the anonymous circuit of composition to
User data carries out heavy-route.
Anti- network trace provided by the invention and the method and system for realizing Anonymous Secure access, pass through self-built and internet
The self-built onion routing region of onion routing zone isolation, and by realizing self-built routing directory server and self-built routing node
Controllability, solve the problems, such as onion routing network exit node honey jar, the routing that the person that can prevent network attack utilizes it to control
Node or LIST SERVER implement network trace, reduce user's privacy caused by terminal operating system and due to the safety of browser
Leakage problem reduces the security risk of anonymous access, promotes the anti-trace ability of user.
Although the present invention is illustrated using above-mentioned preferred embodiment, the protection model that however, it is not to limit the invention
It encloses, anyone skilled in the art are not departing within the spirit and scope of the present invention, and opposite above-described embodiment carries out various changes
It is dynamic still to belong to the range that the present invention is protected with modification, therefore protection scope of the present invention subjects to the definition of the claims.
Claims (16)
1. a kind of anti-network trace and the method for realizing Anonymous Secure access, it is characterised in that include the following steps:
Step S1: self-built routing directory server is created;
Step S2: self-built routing node is created;
Step S3: self-built routing node connects self-built routing directory server and registers;
Step S4: self-built routing directory server connection interconnection path by LIST SERVER, self-built routing directory server with from
Build the self-built onion routing region of routing node formation and internet onion routing zone isolation;
Step S5: self-built routing directory server provides index service for self-built routing node;
Step S6: user terminal is by self-built routing directory server obtained from building routing node and internet routing node;
Step S7: user terminal accesses internet money by the anonymous communications between self-built routing node and internet routing node
Source.
2. anti-network trace as described in claim 1 and the method for realizing Anonymous Secure access, which is characterized in that the step
In S4, self-built onion routing region is different from the communication protocol in internet onion routing region, the communication protocol difference packet
Package difference and the encryption method for including communication protocol are different.
3. anti-network trace as described in claim 1 and the method for realizing Anonymous Secure access, which is characterized in that the step
In S2, the self-built routing node created the identification side different, described from the personal identification method of internet routing node
Method difference includes that signature algorithm is different and packet structure is different.
4. anti-network trace as described in claim 1 and the method for realizing Anonymous Secure access, which is characterized in that the step
In S5, the self-built routing directory server created is by indexing and depositing respectively self-built routing node and internet routing node
Storage, provides index service for self-built routing node.
5. anti-network trace as claimed in claim 4 and the method for realizing Anonymous Secure access, which is characterized in that the step
In S5, when self-built routing directory server indexes internet routing node, carry out as follows:
Step S51: by self-built onion routing region and interconnection path, the network where LIST SERVER carries out network communication;
Step S52: mirror image interconnection path by LIST SERVER content.
6. anti-network trace as described in claim 1 and the method for realizing Anonymous Secure access, which is characterized in that the step
In S5, self-built routing directory server to self-built routing node provide index service when, by self-built routing node and with
Internet routing node is observed in the communication between internet routing node that self-built routing directory server has been trusted, and right
Internet routing node is screened.
7. anti-network trace as claimed in claim 6 and the method for realizing Anonymous Secure access, which is characterized in that the step
In S5, observed interconnection path includes its IP address, parallel-adder settle-out time, signature, nodal properties and right by nodal information
Whether modified by the data packet that target forwards.
8. anti-network trace as described in claim 1 and the method for realizing Anonymous Secure access, which is characterized in that the step
In S5, self-built routing directory server is when providing index service to self-built routing node, by where self-built routing node
Countries and regions, parallel-adder settle-out time, nodal properties and Egress node the country in which it is located and area carry out self-built routing node
Screening.
9. anti-network trace as described in claim 1 and the method for realizing Anonymous Secure access, which is characterized in that the step
In S1, the content for creating self-built routing directory server includes:
Step S11: creation signature algorithm, so that self-built routing directory server can provide index clothes for self-built routing node
Business;
Step S12: modification catalogue Voting Algorithm, so that interconnection path can not link self-built routing by the client of LIST SERVER
LIST SERVER, to achieve the purpose that private is isolated.
10. anti-network trace as claimed in claim 9 and the method for realizing Anonymous Secure access, which is characterized in that the step
In rapid S2, the content for creating self-built routing node includes:
Step S21: modifying self-built routing node internal server signature algorithm, calculates it with the signature created in step S11
Method matching;
Step S22: it modifies self-built routing node and jumps Encryption Algorithm;
Step S23: the address of self-built routing node internal server is modified.
11. a kind of anti-network trace and the system for realizing Anonymous Secure access, characterized by comprising:
Self-built onion routing region is present under public network environment with internet onion routing region, but mutually isolated;
It wherein, include self-built routing directory server and multiple self-built routing nodes in self-built onion routing region;Internet ocean
It include Web Directory server and multiple internet routing nodes in green onion Routing Area;
Self-built routing directory server can pass through the network between self-built onion routing region and internet onion routing region
Communication, the content in mirror image internet onion routing region obtain user terminal to provide index service for self-built routing node
It is derived from and builds routing node and interconnection path by nodal information, and by logical between self-built routing node and internet routing node
Letter, anonymous access Internet resources.
12. anti-network trace as claimed in claim 11 and the system for realizing Anonymous Secure access, it is characterised in that: it is described from
Build that onion routing region is different from the communication protocol in internet onion routing region, the communication protocol difference includes communication protocols
The package of view is different and encryption method is different.
13. anti-network trace as claimed in claim 11 and the system for realizing Anonymous Secure access, it is characterised in that: it is described from
Build that routing node is different from the personal identification method of internet routing node, the personal identification method difference includes that signature is calculated
Method is different and packet structure is different.
14. anti-network trace as claimed in claim 11 and the system for realizing Anonymous Secure access, it is characterised in that: it is described from
Routing LIST SERVER is built when providing index service to self-built routing node, the mode screened to internet routing node
Are as follows: by self-built routing node and, the communication between internet routing node trusted with self-built routing directory server,
Internet routing node is observed, to realize the screening of internet routing node.
15. anti-network trace as claimed in claim 14 and the system for realizing Anonymous Secure access, it is characterised in that: observed
Interconnection path by nodal information include its IP address, parallel-adder settle-out time, signature, nodal properties and to by target forward
Data packet whether modify.
16. anti-network trace as claimed in claim 11 and the system for realizing Anonymous Secure access, it is characterised in that: it is described from
Routing LIST SERVER is built when providing index service to self-built routing node, passes through country where self-built routing node and ground
Self-built routing node is screened in area, parallel-adder settle-out time, nodal properties and Egress node the country in which it is located and area.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711435017.XA CN109962902A (en) | 2017-12-26 | 2017-12-26 | A kind of anti-network trace and the method and system for realizing Anonymous Secure access |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711435017.XA CN109962902A (en) | 2017-12-26 | 2017-12-26 | A kind of anti-network trace and the method and system for realizing Anonymous Secure access |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109962902A true CN109962902A (en) | 2019-07-02 |
Family
ID=67022382
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711435017.XA Pending CN109962902A (en) | 2017-12-26 | 2017-12-26 | A kind of anti-network trace and the method and system for realizing Anonymous Secure access |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109962902A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113098865A (en) * | 2021-03-31 | 2021-07-09 | 广州锦行网络科技有限公司 | Browser fingerprint acquisition method and device, electronic equipment and storage medium |
| CN115277054A (en) * | 2022-06-08 | 2022-11-01 | 北京邮电大学 | Directory service method and system in anonymous network |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102664881A (en) * | 2012-04-13 | 2012-09-12 | 东南大学 | Method for positioning hidden service under hypertext transfer protocol 1.1 |
| WO2014009301A1 (en) * | 2012-07-09 | 2014-01-16 | Thomson Licensing | Path selection in an anonymity network |
| CN103825969A (en) * | 2013-10-29 | 2014-05-28 | 电子科技大学 | DNS query method based on anonymous network |
| CN104539598A (en) * | 2014-12-19 | 2015-04-22 | 厦门市美亚柏科信息股份有限公司 | Tor-improved safety anonymous network communication system and method |
| CN105471883A (en) * | 2015-12-10 | 2016-04-06 | 中国电子科技集团公司第三十研究所 | Tor network tracing system and tracing method based on web injection |
| CN106605421A (en) * | 2014-09-16 | 2017-04-26 | 诺基亚技术有限公司 | Method and apparatus for anonymous access and control of a service node |
-
2017
- 2017-12-26 CN CN201711435017.XA patent/CN109962902A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102664881A (en) * | 2012-04-13 | 2012-09-12 | 东南大学 | Method for positioning hidden service under hypertext transfer protocol 1.1 |
| WO2014009301A1 (en) * | 2012-07-09 | 2014-01-16 | Thomson Licensing | Path selection in an anonymity network |
| CN103825969A (en) * | 2013-10-29 | 2014-05-28 | 电子科技大学 | DNS query method based on anonymous network |
| CN106605421A (en) * | 2014-09-16 | 2017-04-26 | 诺基亚技术有限公司 | Method and apparatus for anonymous access and control of a service node |
| CN104539598A (en) * | 2014-12-19 | 2015-04-22 | 厦门市美亚柏科信息股份有限公司 | Tor-improved safety anonymous network communication system and method |
| CN105471883A (en) * | 2015-12-10 | 2016-04-06 | 中国电子科技集团公司第三十研究所 | Tor network tracing system and tracing method based on web injection |
Non-Patent Citations (1)
| Title |
|---|
| 杨伟伟,刘胜利,蔡瑞杰,陈嘉勇: "一种Tor 匿名通信系统的改进方案", 《信息工程大学学报》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113098865A (en) * | 2021-03-31 | 2021-07-09 | 广州锦行网络科技有限公司 | Browser fingerprint acquisition method and device, electronic equipment and storage medium |
| CN113098865B (en) * | 2021-03-31 | 2022-03-08 | 广州锦行网络科技有限公司 | Browser fingerprint acquisition method and device, electronic equipment and storage medium |
| CN115277054A (en) * | 2022-06-08 | 2022-11-01 | 北京邮电大学 | Directory service method and system in anonymous network |
| CN115277054B (en) * | 2022-06-08 | 2023-11-10 | 北京邮电大学 | Directory service method and system in anonymous network |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP7042875B2 (en) | Secure dynamic communication networks and protocols | |
| CN106375493B (en) | Cross-network communication method and proxy server | |
| CN104067595B (en) | For the system and method for the creative management of Transport Layer Security session ticket in a network environment | |
| Oniga et al. | Analysis, design and implementation of secure LoRaWAN sensor networks | |
| Bang et al. | An iot inventory before deployment: a survey on iot protocols, communication technologies, vulnerabilities, attacks, and future research directions | |
| CN105306483B (en) | A kind of Anonymizing networks communication means and system safely and fast | |
| Kadhim et al. | Security threats in wireless network communication-status, challenges, and future trends | |
| CN114844730A (en) | Network system constructed based on trusted tunnel technology | |
| CN114584386B (en) | Global multistage encryption network communication method | |
| Gao et al. | A review of P4 programmable data planes for network security | |
| CN105978909A (en) | Transport layer encapsulation-based data transmission method, and data transmission apparatus and system | |
| Kabulov et al. | Security Threats and Challenges in Iot Technologies | |
| Puthal et al. | Decision tree based user-centric security solution for critical IoT infrastructure | |
| Fujdiak et al. | Security in low-power wide-area networks: State-of-the-art and development toward the 5G | |
| CN109962902A (en) | A kind of anti-network trace and the method and system for realizing Anonymous Secure access | |
| Chen et al. | Neuronet: An adaptive infrastructure for network security | |
| Seidel et al. | Deep en-route filtering of constrained application protocol (coap) messages on 6lowpan border routers | |
| Kwon et al. | Mondrian: Comprehensive Inter-domain Network Zoning Architecture. | |
| CN117375862A (en) | Message forwarding method, system, network device, storage medium and program product | |
| Yu et al. | SymBiosis: Anti-censorship and anonymous Web-browsing ecosystem | |
| Niewolski et al. | Security architecture for authorized anonymous communication in 5G MEC | |
| Raheem et al. | A secure authentication protocol for IP-based wireless sensor communications using the Location/ID Split Protocol (LISP) | |
| CN114629667A (en) | Link dynamic change method based on IP large-range transformation | |
| Tayade et al. | Quantum based flexible secure authentication protocol (SAP) for device to device (D2D) communication | |
| Ji et al. | Security analysis of shadowsocks (r) protocol |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| AD01 | Patent right deemed abandoned | ||
| AD01 | Patent right deemed abandoned |
Effective date of abandoning: 20211022 |